James Arlen is Leviathan's Director of Risk and Advisory Services and a Contributing Analyst at Securosis. He is responsible for the development and delivery of Leviathan's professional services, assisting executive clients to develop and implement their information security policies and strategic plans. Over the past twenty years, James has delivered information security solutions to Fortune 500, TSE 100, and major public-sector organizations. In both a consultant and staff member role, James has led business and technical teams of professionals in both tactical short-term projects and multi-year organizational change initiatives. James has held key contributor roles, including both being the CISO of a publicly traded financial institution and being the Information Security Coordinator at a large-scale power utility. Among other major technical accomplishments, James has architected and built multi-million dollar security infrastructure, handled incident response and event containment, written multiple policy and standards suites, and completed penetration testing activities as both a leader and as a team member. James is involved in information security policy, process, and procedure improvements for internationally-known manufacturing and financial organizations. James is also a frequent speaker at industry conferences, and his commentary can often be found in trade publications. James is a prolific contributor to standards bodies, having been an author for the Cloud Security Alliance's CloudAudit, Guidance for Critical Areas of Focus in Cloud Computing, and Certificate of Cloud Security Knowledge (CCSK) training and testing material; he also serves as one of the CCSK instructor trainers. He was also a contributor to the ISACA-published whitepaper "Guiding Principles for Cloud Computing Adoption and Use." In addition to being a Certified Information Systems Auditor (CISA), James has been Certified in Risk and Information Systems Control (CRISC) by ISACA. James also holds the Certified Information Systems Security Professional (CISSP) credential.