Five Questions With...
Brian Schaeffer, CISA, CISSP
Brian Schaeffer, CISA, CISSP, is senior vice president and chief
information officer (CIO) at Liberty Bell Bank. Schaeffer has 17
years of experience in IT and information security within financial
services, health care, publishing and the public sector. Schaeffer
has served as CIO for Liberty Bell Bank since 2002, building the
bank from its inception to a US $170 million asset-size community
bank supporting a four-branch operation in southern New Jersey,
USA. He is currently the president of the Philadelphia Chapter of
InfraGard, an information-sharing and analysis effort between
the US government and an association of businesses, academic
institutions, and state and local law enforcement agencies.
Q you are an active member of both ISACA and Infragard Member Alliance (IMA)
( www.infragardmembers.org). As an ISACA
member, what particular value do you find in
IMA? How do you see the two organizations
correlating, and how does IMA provide value to
you as an ISACA member?
Q As an entrepreneur and founding officer of a bank, what unique challenges have you
encountered in your role as chief technology/
A As an ISACA member, I think InfraGard provides me an opportunity to broaden my
professional horizons. Besides having access to law
enforcement professionals, the knowledge I gain
from attending InfraGard meetings has helped
me to round out what I have learned through
ISACA. Certain events, especially those that are
cyberrelated, transcend both groups. Being able
to hear two perspectives really helps to round out
the important aspects of a given issue. Beyond
that, what I find helpful in being a member of both
organizations is having access to smart people with
diverse knowledge. In my experience, it is generally
who you know, not what you know, that gets you
out of a tough situation.
A Well, in the beginning, you are doing everything. One moment you are drawing
out the network on a white board, the next you are
unboxing and configuring servers and routers. It is
both extremely exciting and tremendously stressful.
You have to be able to stomach the ups and downs
of entrepreneurial life. You also find yourself
working on things outside your realm of expertise.
There were many regulatory things I had to do as
well as help the chief financial officer (CFO) with
some of the public accounting reporting. One thing
is sure, there is never a dull moment.
Do you have something
to say about
Visit the Journal
pages of the ISACA
web site ( www.isaca.
org/journal), find the
article, and choose
the Comments tab to
share your thoughts.
Go directly to the article:
Q How do you believe the certifications you have attained have advanced or enhanced your
career? What certifications do you look for
when hiring new members of your team?
Q After having served as a systems administrator and chief technology officer (CTO) for many
years, you expanded into security. Did you find
this to be a natural progression and do you find
your administrator background of value?
A Information security is woven into a large part of systems administration. Each
operations system or application has its own
set of permissions and controls that need to be
configured. You also have to be knowledgeable
about how networks work and how business
functions. All of this knowledge served as
a foundation for building and evaluating
information security in the enterprise. So, the
transition was natural and extremely useful.
A I believe my certifications have enhanced my career. Their biggest value was in
dealing with the bank regulators. Regulators
are always trying to ensure that the person
leading the project is appropriately qualified.
My certifications, in conjunction with my work
experience, have helped me to build confidence
with bank regulators. When looking for
candidates I like to see certain certifications,
such as Certified Information Systems Auditor®
(CISA®) and Certified Information Systems
Security Professional (CISSP). With certifications
that require continuing education credits, it is
easy to verify whether someone is staying current
in the profession. This also shows some initiative,
a trait all employers like to see in a candidate.