From: InfoSec News (alertsinfosecnews.org)
Date: Tue Jan 16 2007 - 01:30:16 CST

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

http://www.itbusiness.ca/it/client/en/Home/News.asp?id=41850

By Shane Schick
1/15/2007

Robert Garigue, a veteran member of the IT industry who used his
expertise in data security to develop technology strategies for some of
Canada's largest public sector organizations and corporate enterprises,
died suddenly last week. He was 55.

In a career that spanned the worlds of financial services,
telecommunications and the military, Garigue was an unusually
high-profile IT executive who was eager to discuss the ways Canadians
need to protect information and the dangers to which it can be exposed.

"You have to make the debate less technical and talk about privacy,
regulatory compliance and show that security is there to catch you," he
told Computing Canada in 2003. "It's a doctor's role . . . you try to
encourage a healthy lifestyle, but then sometimes it's, 'Go to the
hospital.'"

Friends and colleagues described Garigue as a man of exceptional
intelligence and humour, who was as good at articulating a vision as he
was at bringing the best out of a team.

He had what I would call constructive irreverence -- he was always
pushing the envelope in terms of the status quo, said Jim Robbins,
president of Electronic Warfare Associates-Canada in Ottawa. He had an
understanding of the impact of technology. He was one of the visionaries
who could see what needed to be done as opposed to following the
conventional path.

Robbins said he first encountered Garigue when the latter was serving in
the Canadian Forces, establishing the Network Vulnerability Assessment
Team (NVAT). Occasionally referred to as information protection cops,
NVATs members recommended patches, changes in configuration and
procedures to system managers. It has since been renamed the Strategic
Network Vulnerability Analysis Centre.

To be able to share that vision with the senior leadership and establish
that team -- any time youre breaking new ground within an organization
that can be steeped in history, thats a considerable achievement, said
John Weigelt, who also met Garigue during this period and later led IT
strategy at Treasury Board Secretariat. Even years afterwards, he was
always keen to see what had become of his organization and provide
advice and guidance.

Garigue moved on to become assistant deputy minister in the Office of
Information Technology for the Province of Manitoba, but his biggest
project as CTO there was to organize the National Public Sector CIO
Council sub-committee on Information Protection.

The nickname for that group was the Tiramisu working group, Robbins
said, referring to a desert whose Italian name means pick me up but
which he said Garigue translated as pulling up by your bootstraps to
inspire the council. It was a message to provinces Dont wait for a
handout from Ottawa, we have to do this on your own.

Weigelt, who left the government to lead security strategy at Microsoft
Canada, said the fluently bilingual Garigue had a flair for visual
language and coining terms that were later adopted by others in the
industry.

He referred to toxic data within an organization if data is released
inadvertently, that toxic data can really have a detrimental effect, he
said. In another research paper, Garigue referred to computers as
epistemological exploration machines.

Though he was most recently working as vice-president of information
integrity and security at Bell Canada, Garigue spent much of his private
sector career as CISO for the Bank of Montreal. There, he dealt with one
of the most public IT security incidents in the banks history: a pair of
recycled BMO servers that had client information that could have
potentially been disclosed which turned up on eBay. BMO only learned of
the servers after those who found them on eBay contacted the Toronto
Star.

Wherever he worked, he had genuine desire to improve how security was
handled in Canada generally, Weigelt said. Robbins agreed, noting that
Garigue was appointed as a delegate for two G8 conference s on
cyber-crime in Berlin and Toyko.

A graduate from the University of Montreal in Quantitative Analysis and
Master of Science in Computer and Information Systems from the Claremont
Graduate University in Los Angeles, Garigue also completed a Ph.D. in
knowledge discovery at Carleton University. In addition to his other
industry affiliations, he was also past chairman for the Canadian
Bankers Associations Financial Service Industry Computer Incident
Response Team organization (CFI-CIRT).

Funeral services for Garigue, who passed away in Montreal on Jan. 10,
have been arranged for 11:00 a.m. on Tuesday at Tubman Funeral Homes,
3440 Richmond Road, Nepean. An online guest book to offer tributes has
been set up at Legacy.com.

_____________________________
Subscribe to InfoSec News
http://www.infosecnews.org/mailman/listinfo/isn
 

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]