[ISN] IT security industry mourns loss of Robert Garigue

From: InfoSec News (alerts@private)
Date: Mon Jan 15 2007 - 23:30:16 PST


http://www.itbusiness.ca/it/client/en/Home/News.asp?id=41850

By Shane Schick
1/15/2007

Robert Garigue, a veteran member of the IT industry who used his 
expertise in data security to develop technology strategies for some of 
Canada's largest public sector organizations and corporate enterprises, 
died suddenly last week. He was 55.

In a career that spanned the worlds of financial services, 
telecommunications and the military, Garigue was an unusually 
high-profile IT executive who was eager to discuss the ways Canadians 
need to protect information and the dangers to which it can be exposed.

"You have to make the debate less technical and talk about privacy, 
regulatory compliance and show that security is there to catch you," he 
told Computing Canada in 2003. "It's a doctor's role . . . you try to 
encourage a healthy lifestyle, but then sometimes it's, 'Go to the 
hospital.'"

Friends and colleagues described Garigue as a man of exceptional 
intelligence and humour, who was as good at articulating a vision as he 
was at bringing the best out of a team.

He had what I would call constructive irreverence -- he was always 
pushing the envelope in terms of the status quo, said Jim Robbins, 
president of Electronic Warfare Associates-Canada in Ottawa. He had an 
understanding of the impact of technology. He was one of the visionaries 
who could see what needed to be done as opposed to following the 
conventional path.

Robbins said he first encountered Garigue when the latter was serving in 
the Canadian Forces, establishing the Network Vulnerability Assessment 
Team (NVAT). Occasionally referred to as information protection cops, 
NVATs members recommended patches, changes in configuration and 
procedures to system managers. It has since been renamed the Strategic 
Network Vulnerability Analysis Centre.

To be able to share that vision with the senior leadership and establish 
that team -- any time youre breaking new ground within an organization 
that can be steeped in history, thats a considerable achievement, said 
John Weigelt, who also met Garigue during this period and later led IT 
strategy at Treasury Board Secretariat. Even years afterwards, he was 
always keen to see what had become of his organization and provide 
advice and guidance.

Garigue moved on to become assistant deputy minister in the Office of 
Information Technology for the Province of Manitoba, but his biggest 
project as CTO there was to organize the National Public Sector CIO 
Council sub-committee on Information Protection.

The nickname for that group was the Tiramisu working group, Robbins 
said, referring to a desert whose Italian name means pick me up but 
which he said Garigue translated as pulling up by your bootstraps to 
inspire the council.  It was a message to provinces Dont wait for a 
handout from Ottawa, we have to do this on your own.

Weigelt, who left the government to lead security strategy at Microsoft 
Canada, said the fluently bilingual Garigue had a flair for visual 
language and coining terms that were later adopted by others in the 
industry.

He referred to toxic data within an organization if data is released 
inadvertently, that toxic data can really have a detrimental effect, he 
said. In another research paper, Garigue referred to computers as 
epistemological exploration machines.

Though he was most recently working as vice-president of information 
integrity and security at Bell Canada, Garigue spent much of his private 
sector career as CISO for the Bank of Montreal. There, he dealt with one 
of the most public IT security incidents in the banks history: a pair of 
recycled BMO servers that had client information that could have 
potentially been disclosed which turned up on eBay. BMO only learned of 
the servers after those who found them on eBay contacted the Toronto 
Star.

Wherever he worked, he had genuine desire to improve how security was 
handled in Canada generally, Weigelt said. Robbins agreed, noting that 
Garigue was appointed as a delegate for two G8 conference s on 
cyber-crime in Berlin and Toyko.

A graduate from the University of Montreal in Quantitative Analysis and 
Master of Science in Computer and Information Systems from the Claremont 
Graduate University in Los Angeles, Garigue also completed a Ph.D. in 
knowledge discovery at Carleton University. In addition to his other 
industry affiliations, he was also past chairman for the Canadian 
Bankers Associations Financial Service Industry Computer Incident 
Response Team organization (CFI-CIRT).

Funeral services for Garigue, who passed away in Montreal on Jan. 10, 
have been arranged for 11:00 a.m. on Tuesday at Tubman Funeral Homes, 
3440 Richmond Road, Nepean. An online guest book to offer tributes has 
been set up at Legacy.com.


_____________________________
Subscribe to InfoSec News
http://www.infosecnews.org/mailman/listinfo/isn
 



This archive was generated by hypermail 2.1.3 : Mon Jan 15 2007 - 23:40:59 PST