Ted Ipsen is an experienced executive-level manager with over 20 years of experience specializing in high-tech crime investigation, and the delivery and oversight of consulting and advisory services in the areas of information security, information risk management, IT governance, compliance, business continuity management, secure development, security assessment, and aligning strategic IT and security goals with business objectives.
Ted was recruited out of law enforcement by a global “Big 4” audit and professional services firm, after gaining unique experience gained as a law enforcement investigator specializing in computer forensics, high technology crime, and administration of sensitive systems and networks. At the “Big 4” firm, he managed a local staff of consultants and coordinated with 2,700 national resources to deliver advisory services in the areas of information security, information risk management, IT governance, regulatory compliance, business and IT process analysis, and business continuity management.
Ted has strong understanding and experience with strategically integrating security into organizational frameworks by obtaining management support, analyzing identified threats and vulnerabilities against the implementation of mitigating controls, leveraging security as a business enabler to support the organizations key business objectives, involving the entire organization through security awareness programs, and encouraging collaborative compliance through teamed audit efforts.
He has been responsible for the ongoing security of enterprise software applications for internal and external consumption. He has trained diverse development teams on secure development practices and periodic security assessments through code-review and penetration testing. Ted has led enterprise security incident response by performing investigation of malware, including reverse-engineering, and network traffic analysis. He has performed private-sector digital forensics examinations for HR, criminal, and civil matters.
Ted has worked with organizations across many industries, reviewing security and IT programs and procedures against industry leading practices and standards such as the ISO 27000 series, the NIST Cybersecurity Framework and SP800 series, COSO, ITIL, and CObIT, PCI DSS, as well as against regulatory frameworks such as HIPAA, Gramm-Leach-Bliley, and Sarbanes- Oxley legislation, and has served as the international practice leader for Governance, Risk-Management, and Compliance as well as Security Training services for multiple large consulting firms.