Scott Laliberte is a Managing Director in the Philadelphia office of Protiviti providing clients with Information Systems Security and IT Audit Services. In addition to managing engagements across all of Protiviti’s Security and Privacy service lines, Scott serves as Protiviti’s Global leader for Cyber Security and Privacy. He also leads the Global Technical Security Assessment segment and oversee all of Protiviti’s Global Security Labs. Scott has delivered high quality security and IT audit services to a variety of clients in financial services, retail, hospitality, healthcare, life sciences, and other industries. He has led and managed many security and privacy assessment, implementation, and management projects.
Scott is a published author, accomplished speaker, and quoted subject matter expert in the area information systems security. Scott co-authored a book about penetration testing and information security called HACK I.T.. Scott's second book Defend I.T. is a collection of case studies in information security. He has spoken on information security topics for a variety of audiences and industries including NACD, IAPP, ISACA, ISSA, NAFSA, IIA, and HCCA. He has been quoted as a security expert in the Financial Times, Securities Industries News, and other publications. Prior to becoming a consultant, Scott was an Information Systems Security Officer for the United States Coast Guard.
Numerous Security Assessments, including GLBA, GDPR, NY DFS, FFIEC CAT, HIPAA, PCI, ISO 27001, NIST CSF, and Penetration Testing engagements. These projects included assessment of threats and vulnerabilities leading to a prioritization of risks and the development of a Security "roadmap". Tools used in the engagements included a combination of commercial licensed software, freeware tools, and self-developed scripts. Performed PCI assessments and strategy projects to help clients including large, complex hospitality companies become and maintain PCI compliance.
Performed security assessments for global clients to align and recommend security controls appropriate to business risks posed by the threats and vulnerabilities facing the IT environment.
Organized all Global labs to a common methodology and approach. Developed Protiviti’s penetration testing qualification and certification processes. Performs QA on numerous Penetration tests and technical assessments.
Developed and overseen Protiviti’s PCI ASV processes for over 10 years.
Implemented a number of security solutions including intrusion detection systems, firewalls, VPN’s, vulnerability scanning tools, and systems hardening programs.
Forensics & Incident Response
M.B.A. Renssalaer Polytechnic Institute
B.S. – Math and Sciences U.S. Coast Guard Academy
Certified Information Systems Security Professional (CISSP)
Certified Information Systems Manager (CISM)
Certified Network Professional
PCI Qualified Security Assessor (QSA)
PCI Certified Authorized Scan Vendor (ASV)
Certified in Risk and Information Systems Control (CRISC)
Information Systems Audit and Control Association (ISACA)
Information Systems Security Association (ISSA) – President Delaware Valley Chapter