Congratulations! You’ve been working hard for years and your employer has finally seen your potential. You’ve now been promoted to being the only person responsible for starting and managing an Information Security Program for a $1B+/yr company. With nobody there to help you and a minuscule budget, where do you start? How do you determine where the issues lie and prioritize how to fix them? At what point do you grow your team and how do you justify it? This vendor-agnostic talk will cover what you need to know in order to build an efficient, cost-effective, and relevant security program for your company.