ISACA CyberSecurity All Day Event. October 17, 2014

Size: px
Start display at page:

Download "ISACA CyberSecurity All Day Event. October 17, 2014"

Transcription

1 ISACA CyberSecurity All Day Event October 17, 2014

2 7:30 AM 8:00 AM 8:00 AM 8:15 AM Agenda Registration, Hot Breakfast Buffet and Networking Introductions 8:15 AM 10:00 AM Session 1 Preparing for Cybergeddon: Building a Risk Based Cybersecurity Program Key Note Speaker: Shawna M Flanders CRISC, CISM, CISA, CSSGB, SSBB 10:00 AM 10:15 AM Break 1 10:15 AM 11:05 AM Session 2 Shellshock Lee Mangold, GuidePoint Senior Security Engineer 11:05 AM 11:55 AM Session 3 This is Not a Compliance Checkbox Mark Stanford, Senior Sales Engineering Manager, FireEye, Inc 12:05 PM 1:15 PM - Lunch Lunch Buffet and break 1:15 PM 2:05 PM Session 4 Responding to Cyberattacks: The Hidden Costs of a Large Data Breach Hayden McKaskle - Director - Cyber Security and Data Breach Notification 2:05 PM 2:55 PM -- Session 5 Speaker Panel: Shawna Flanders, Lee Mangold, Mark Stanford, Hayden McKaskle 2:55 PM 3:10 PM Break 3 3:10 PM 4:45 PM Session 6 Vendor Demos FireEye; Apcon; CO3; Proofpoint Closing Session - 4:45 PM 5:00 PM Closing Remarks

3 Session Overview Key Note Speaker - Shawna M Flanders CRISC, CISM, CISA, CSSGB, SSBB Session 1 - Preparing for Cybergeddon: Building a Risk Based Cybersecurity Program A Typical Day What is Cybersecurity How does it differ from traditional security Cybersecurity Prevention 101: What can companies do to reduce the impact of cyber attack Tools and Associations CSX - by ISACA

4 Session Overview Speaker - Lee Mangold, GuidePoint Senior Security Engineer Session 2 - Shellshock "Shellshock is the latest surprise to come along in computer security, affecting nearly every IT-enabled organization to some degree. In this talk, GuidePoint Senior Security Engineer Lee Mangold, will show how Shellshock might affect your organization through live exploitation and example. The talk will conclude with a discussion on the best-practices that should be employed to limit the effects of Shellshock, and future undiscovered or undisclosed software bugs."

5 Speaker - Mark Stanford, FireEye, Inc Session 3 - This is NOT a compliance checkbox Session Overview Abstract: Often times, in the great rat race of enterprise IT, checkboxes are the quickest way to measure efficiency/effectiveness, and plans are laid around these checkboxes to ensure a framework that the industry has embraced. While IT Security regulations/compliance can be more complex and cover larger topics, it s no different these guidelines are there to help steer enterprises in the right direction, and they offer good pointers. Compliance speaks of things like firewalls, anti-virus, IPS/IDS, etc but when it comes to protecting against zero days and the sophisticated methods attackers use to penetrate high value, drive by and springboard targets, those measures of compliance, when deployed alone, have been known to allow companies to land on the front page of the evening breach news. In this presentation, we ll discuss some examples of this breach news and how FireEye can, by identifying the unknowns, looking for the knowns, containing the threat and utilizing the industry s best intelligence, help mitigate risks, operationalize security practices and provide piece of mind.

6 Session Overview Speaker: Hayden McKaskle, Kroll Director - Cyber Security and Data Breach Notification Session 4 - Responding to Cyber-attacks - The Hidden Costs of a Large Data Breach Many organizations do a good job with incident response planning. Table top exercises also go a long way toward helping an organization prepare for the dreaded large event. Unfortunately, until your organization experiences such an event, the old adage You don t know what you don t know applies. This presentation will explore real world experiences with large PII and PHI data breaches and the hidden and unexpected impacts on the affected organizations.

7 Session Overview Session 5 - Speaker Panel CyberSecurity Discussion Shawna Flanders Lee Mangold Mark Stanford Hayden McKaskle

8 Session Overview Session 6 - Vendor Demonstrations FireEye Apcon CO3 Proofpoint

9 Presenters Biographies

10 Presenter BIOs Shawna M Flanders CRISC, CISM, CISA, CSSGB, SSBB ISACA West Florida Chapter CISM & CRISC Coordinator, Research Director and CSX Liaison Founder and CEO, Business Technology Guidance Associates, LLC., a consulting firm that believes in collaborative innovation between business and technology - offering your technology and business partners with a unique collection of real world training and consulting services tailored to your organizations unique needs and expectations. My passion rests firmly on three pillars: 1. Enriching companies in building and improving their strategies, programs and underlying processes (primarily within technology, Technology Internal Audit, IT GRC, Technology Related Risk Management, Information Security, BCP/DR, Project Management and Process Reengineering); 2. Mentoring individuals: both in the topics above as well as aiding in their quest for ISACA certifications; 3. Enhancing and developing curriculum and other publications to improve the profession. With nearly 29 years of experience in the financial services sector, Shawna brings her real world experience to every engagement. Shawna has completed certificate programs in Risk Management from Kaplan University and Six Sigma Green & Lean/Black Belt from Villanova University, and has earned the Life Operations Management Association Associate of Customer Service designation as well as holding certifications in CRISC, CISM, CISA and CSSGB. Shawna has been a chapter, conference and onsite trainer for various organizations since She designs her own course content and also has contributed and/or reviewed multiple publications including ISACA CRISC and CISM Review Manuals; Risk IT and COBIT 5 for Risk. She has also participated in development of the Risk Management and Assurance ISACA Training Week courses.

11 Presenter BIOs Lee Mangold, GuidePoint Senior Security Engineer Lee Mangold is a researcher, author, student, entrepreneur and self-professed information security evangelist. Through his work in both private and public organizations, Lee has built a diverse profile of high-tech projects and security solutions. He currently a senior researcher and network operations manager for a US Department of Defense contractor, the vice-president of the Central Florida Cyber Security Community of Practice, and a private security consultant. As a researcher and a doctoral student, Lee is interested in methods of effectively training information security to the masses. His research explores the concepts of adaptive training in which the student receives information security training that is automatically tailored to their position and experience.

12 Presenter BIOs Mark Stanford, Senior Sales Engineering Manager, FireEye, Inc Mark has worked in the security space for over 17 years, having held roles not just in the vendor space, but also on the customer and channel side. Cryptography is his official trade, having cut his teeth as a crypto engineer for F- Secure, Inc. He s led Southeastern/Mid-Atlantic teams at Blue Coat Systems (where he was also a Sr. Engineer), f5 (Southeast, Mid-Atlantic and for a time strategic) and WebSense (Southeast & Federal). Mark is no stranger to startups either, having been at Top Layer, Mirage Networks and 8e6 (now TrustWave). Building communication/collaboration platforms specifically for SE orgs, training/enabling teams (partner and internal), and working with customers and company leadership strategically to ensure success, enablement and growth are things that Mark has focused on over the past several years in management, but his heart has always been in pure security: malware analysis, building better security architectures and methodologies, and security-focused education for the masses. At FireEye, Inc., Mark leads a team of 11 extremely skilled, well-rounded engineers. He enjoys the privilege of speaking at security events about APTs/advanced threats, listening to customer challenges and keeping track of emerging threat trends when he s not doing that, he s spending time with his wife and four children doing any number of things in the great city of Atlanta!

13 Presenter BIOs Hayden McKaskle, Director Kroll Hayden is Director of Cyber Security and Breach Notification Services in the Southeast for Kroll. He also provides commercial leadership for the healthcare channel nationally for the company and is based in Nashville, TN. Hayden brings over 25 years of experience in business development, consulting, and management within Healthcare and other industries including positions at IBM, Siemens, and HealthStream. While most of his career has been IT centric, Hayden has also consulted with hospital and system leadership on such areas as Value Based Purchasing, physician alignment, nurse engagement, and patient satisfaction or HCAHPS. Hayden comes from a healthcare family and is passionate about helping hospitals and making a difference in Healthcare. He has served on the boards of a number of charitable organizations including Patient Advocate Ministries, Community Health Charities, and other groups.

14 CyberSecurity Day Sponsors GuidePoint Security FireEye - Visit the Vendor Table CloudPassage - Visit the Vendor Table Fortinet - Visit the Vendor Table

TRAINING SEMINAR COURSE OUTLINE October

TRAINING SEMINAR COURSE OUTLINE October TRAINING SEMINAR COURSE OUTLINE October 10-12 2016 FACILITATOR S BIOGRAPHY SHAWNA M FLANDERS CRISC, CISM, CISA, CSSGB, SSBB Shawna is the Founder and CEO of Business Technology Guidance Associates, LLC.,

More information

ISACA MOSCOW CHAPTER Chapter meeting 22 September 2016

ISACA MOSCOW CHAPTER Chapter meeting 22 September 2016 ISACA MOSCOW CHAPTER Chapter meeting 22 September 2016 Introduction Special guest speaker ISACA Audit committee member, Rosemary Amato Open dialog Wrap-up and close Special guest speaker CISA, CMA, CPA,

More information

CYBERSECURITY HOW IT IS TRANSFORMING THE IT ASSURANCE FIELD

CYBERSECURITY HOW IT IS TRANSFORMING THE IT ASSURANCE FIELD CYBERSECURITY HOW IT IS TRANSFORMING THE IT ASSURANCE FIELD December 2014 KEVIN GROOM ISACA Involvement (Middle Tennessee Chapter) Treasurer (2009 2011) Vice President (2011 2013) President (2013 present)

More information

CYBER FRAUD & DATA BREACHES 16 CPE s May 16-17, 2018

CYBER FRAUD & DATA BREACHES 16 CPE s May 16-17, 2018 CYBER FRAUD & DATA BREACHES 16 CPE s May 16-17, 2018 Cyber fraud attacks happen; they can t all be stopped. The higher order question must be how can we, as fraud examiners and assurance professionals,

More information

Operations & Technology Seminar. Tuesday, November 8, 2016 Crowne Plaza Monroe, Monroe Township, NJ

Operations & Technology Seminar. Tuesday, November 8, 2016 Crowne Plaza Monroe, Monroe Township, NJ Operations & Technology Seminar Tuesday, November 8, 2016 Crowne Plaza Monroe, Monroe Township, NJ Operations & Technology Roundtable Crowne Plaza Monroe, Monroe Township, NJ Tuesday, November 8, 2016

More information

A Global Look at IT Audit Best Practices

A Global Look at IT Audit Best Practices A Global Look at IT Audit Best Practices 2015 IT Audit Benchmarking Survey March 2015 Speakers Kevin McCreary is a Senior Manager in Protiviti s IT Risk practice. He has extensive IT audit and regulatory

More information

MY CERTIFICATION HELPED ME GET HERE. MY MEMBERSHIP HELPS KEEP ME HERE.

MY CERTIFICATION HELPED ME GET HERE. MY MEMBERSHIP HELPS KEEP ME HERE. MY CERTIFICATION HELPED ME GET HERE. MY MEMBERSHIP HELPS KEEP ME HERE. TIMO HEIKKINEN, CISA, CGEIT SENIOR AUDIT SPECIALIST, NORDEA HELSINKI, FINLAND ISACA MEMBER SINCE 1999 ABOUT US BE MORE INFORMED, VALUED

More information

BRING EXPERT TRAINING TO YOUR WORKPLACE.

BRING EXPERT TRAINING TO YOUR WORKPLACE. BRING EXPERT TRAINING TO YOUR WORKPLACE. ISACA s globally respected training and certification programs inspire confidence that enables innovation in the workplace. ISACA s On-Site Training brings a unique

More information

Volume 2014, Number 4. Volunteers Needed!

Volume 2014, Number 4. Volunteers Needed! Volume 2014, Number 4 Volunteers Needed! Volunteering for NJ ISACA is a great opportunity to expand your professional contacts and your IT knowledge base. NJ ISACA needs talented professionals like you

More information

BECOME TOMORROW S LEADER, TODAY. SEE WHAT S NEXT, NOW

BECOME TOMORROW S LEADER, TODAY. SEE WHAT S NEXT, NOW BECOME TOMORROW S LEADER, TODAY. SEE WHAT S NEXT, NOW BECOME AN ISACA MEMBER TODAY. Nearing its 50th year, ISACA is a global association helping individuals and enterprises achieve the positive potential

More information

DUNS CAGE 5T5C3

DUNS CAGE 5T5C3 Response to Department of Management Services Cyber Security Assessment, Remediation, and Identity Protection, Monitoring and Restoration Services Request For Information 131 Guilford Road, Bloomfield

More information

ISACA Enterprise. Solutions and Resources

ISACA Enterprise. Solutions and Resources ISACA Enterprise Solutions and Resources About ISACA Global association serving 140,000 members and certification holders Members in 180+ countries; 210+ chapters worldwide Developed and maintains the

More information

2017 PORT SECURITY SEMINAR & EXPO. ISACA/CISM Information Security Management Training for Security Directors/Managers

2017 PORT SECURITY SEMINAR & EXPO. ISACA/CISM Information Security Management Training for Security Directors/Managers 2017 PORT SECURITY SEMINAR & EXPO ISACA/CISM Information Security Management Training for Security Directors/Managers Agenda Introduction ISACA Information security vs. cybersecurity CISM certification

More information

Memphis Chapter. President s Message. This annual event is designed to provide students with a

Memphis Chapter. President s Message. This annual event is designed to provide students with a Memphis Chapter F E B R U A R Y 2 0 1 5 Remember: Update your IIA profile for the most up-to-date news. RSVP for the Annual Student Day February 24, 2015 This annual event is designed to provide students

More information

Cybersecurity Panel: Cutting through Cybersecurity Hype with Practical Tips to Protect your Bank

Cybersecurity Panel: Cutting through Cybersecurity Hype with Practical Tips to Protect your Bank Cybersecurity Panel: Cutting through Cybersecurity Hype with Practical Tips to Protect your Bank NJ Bankers Association Annual Convention May 19, 2017 Presented by: Jeremy Burris, Principal, S.R. Snodgrass,

More information

How NSFOCUS Protected the G20 Summit. Guy Rosefelt on the Strategy, Staff and Tools Needed to Ensure Cybersecurity

How NSFOCUS Protected the G20 Summit. Guy Rosefelt on the Strategy, Staff and Tools Needed to Ensure Cybersecurity How NSFOCUS Protected the G20 Summit Guy Rosefelt on the Strategy, Staff and Tools Needed to Ensure Cybersecurity SPONSORED BY Rosefelt is responsible for developing NSFOCUS threat intelligence and web

More information

Designing and Building a Cybersecurity Program

Designing and Building a Cybersecurity Program Designing and Building a Cybersecurity Program Based on the NIST Cybersecurity Framework (CSF) Larry Wilson lwilson@umassp.edu ISACA Breakfast Meeting January, 2016 Designing & Building a Cybersecurity

More information

Operationalizing Cybersecurity in Healthcare IT Security & Risk Management Study Quantitative and Qualitative Research Program Results

Operationalizing Cybersecurity in Healthcare IT Security & Risk Management Study Quantitative and Qualitative Research Program Results Operationalizing Cybersecurity in Healthcare - - 2017 IT Security & Risk Management Study Quantitative and Qualitative Research Program Results David S. Finn, CISA, CISM, CRISC Health IT Officer, Symantec

More information

FTA 2017 SEATTLE. Cybersecurity and the State Tax Threat Environment. Copyright FireEye, Inc. All rights reserved.

FTA 2017 SEATTLE. Cybersecurity and the State Tax Threat Environment. Copyright FireEye, Inc. All rights reserved. FTA 2017 SEATTLE Cybersecurity and the State Tax Threat Environment 1 Agenda Cybersecurity Trends By the Numbers Attack Trends Defensive Trends State and Local Intelligence What Can You Do? 2 2016: Who

More information

IT in Healthcare Day

IT in Healthcare Day San Francisco ISACA Chapter Proudly Presents IT in Healthcare Day A Day-Long, Multi-Session Event, being held in Walnut Creek! Where: Walnut Creek Marriott - 2355 North Main Street Walnut Creek, CA 94596

More information

IT SECURITY OFFICER. Department: Information Technology. Pay Range: Professional 18

IT SECURITY OFFICER. Department: Information Technology. Pay Range: Professional 18 Pierce County Classification Description IT SECURITY OFFICER Department: Information Technology Job Class #: 634900 Pay Range: Professional 18 FLSA: Exempt Represented: No Classification descriptions are

More information

FDIC InTREx What Documentation Are You Expected to Have?

FDIC InTREx What Documentation Are You Expected to Have? FDIC InTREx What Documentation Are You Expected to Have? Written by: Jon Waldman, CISA, CRISC Co-founder and Executive Vice President, IS Consulting - SBS CyberSecurity, LLC Since the FDIC rolled-out the

More information

Hearing Voices: The Cybersecurity Pro s View of the Profession

Hearing Voices: The Cybersecurity Pro s View of the Profession SESSION ID: AST2-W02 Hearing Voices: The Cybersecurity Pro s View of the Profession Jon Oltsik Senior Principal Analyst and ESG Fellow Enterprise Strategy Group @joltsik Candy Alexander, CISSP CISM International

More information

Forging a Stronger Approach for the Cybersecurity Challenge. Session 34, February 12, 2019 Tom Stafford, VP & CIO, Halifax Health

Forging a Stronger Approach for the Cybersecurity Challenge. Session 34, February 12, 2019 Tom Stafford, VP & CIO, Halifax Health Forging a Stronger Approach for the Cybersecurity Challenge Session 34, February 12, 2019 Tom Stafford, VP & CIO, Halifax Health 1 Speaker Introduction Tom Stafford, Vice President & CIO Education: Bachelors

More information

Defensible Security DefSec 101

Defensible Security DefSec 101 Defensible Security DefSec 101 Security Day November 2017 Information Security Branch Paul Falohun Senior Security Analyst Dan Lathigee Senior Project Manager Content 1 Introduction 2 DefSec for PSO 3

More information

ISACA International Perspective

ISACA International Perspective ISACA International Perspective 11 th October 2013 Allan Boardman ISACA International Vice President and Board Director Member of ISACA s Strategic Advisory Council Member of the IT Governance Institute

More information

WELCOME TO ISACA Claudio CILLI, CISA, CISM, CRISC, CGEIT

WELCOME TO ISACA Claudio CILLI, CISA, CISM, CRISC, CGEIT WELCOME TO ISACA 2015 Claudio CILLI, CISA, CISM, CRISC, CGEIT cilli@di.uniroma1.it http://dsi.uniroma1.it/~cilli WHO IS ISACA? ABOUT ISACA The trusted source of guidance, networking and career development

More information

MANAGING CYBER RISK: THE HUMAN ELEMENTS OF CYBERSECURITY

MANAGING CYBER RISK: THE HUMAN ELEMENTS OF CYBERSECURITY 19 MAY 2016 MANAGING CYBER RISK: THE HUMAN ELEMENTS OF CYBERSECURITY CHRIS FURLOW PRESIDENT RIDGE GLOBAL cfurlow@ridgeglobal.com www.ridgeglobal.com ABOUT RIDGE GLOBAL Ridge Global is the risk management

More information

Les joies et les peines de la transformation numérique

Les joies et les peines de la transformation numérique Les joies et les peines de la transformation numérique Georges Ataya CISA, CGEIT, CISA, CISSP, MSCS, PBA Professor, Solvay Brussels School of Economics and Management Academic Director, IT Management Education

More information

Could the BIGGEST Threat to Your Business be INSIDE Your Company?

Could the BIGGEST Threat to Your Business be INSIDE Your Company? Could the BIGGEST Threat to Your Business be INSIDE Your Company? Presented By: Cheryl W. Snead, Banneker Industries, Inc. Rick Avery, Securitas Security Inc. Cheryl W. Snead President/CEO/Facility Security

More information

building for my Future 2013 Certification

building for my Future 2013 Certification I am building for my Future 2013 Certification Let ISACA help you open new doors of opportunity With more complex IT challenges arising, enterprises demand qualified professionals with proven knowledge

More information

May 14, :30PM to 2:30PM CST. In Plain English: Cybersecurity and IT Exam Expectations

May 14, :30PM to 2:30PM CST. In Plain English: Cybersecurity and IT Exam Expectations May 14, 2018 1:30PM to 2:30PM CST In Plain English: Cybersecurity and IT Exam Expectations Options to Join Webinar and audio Click on the link: https://www.webcaster4.com/webcast/page/584/24606 Choose

More information

Cybersecurity is a Journey and Not a Destination: Developing a risk management culture in your business. Thursday, May 21, 2015

Cybersecurity is a Journey and Not a Destination: Developing a risk management culture in your business. Thursday, May 21, 2015 Cybersecurity is a Journey and Not a Destination: Developing a risk management culture in your business. Thursday, May 21, 2015 Cybersecurity is a Journey and Not a Destination: Developing a risk management

More information

Information Security Officer (ISO) Education

Information Security Officer (ISO) Education Information Security Officer (ISO) Education October 16, 2018 TBA Barrett Training Center Nashville, Tenn. Information Security Officer (ISO) Education October 16, 2018 TBA Barrett Training Center Nashville,

More information

TRAINING WEEK COURSE OUTLINE May RADISSON HOTEL TRINIDAD Port of Spain, Trinidad, W.I.

TRAINING WEEK COURSE OUTLINE May RADISSON HOTEL TRINIDAD Port of Spain, Trinidad, W.I. TRAINING WEEK COURSE OUTLINE May 9-13 2016 RADISSON HOTEL TRINIDAD Port of Spain, Trinidad, W.I. Page2 FACILITATOR S BIOGRAPHY John Tannahill, CA, CISM, CGEIT, CRISC is a management consultant specializing

More information

CYBERSECURITY AND THE MIDDLE MARKET

CYBERSECURITY AND THE MIDDLE MARKET CYBERSECURITY AND THE MIDDLE MARKET The Importance of Cybersecurity and How Middle Market Companies Manage Cyber Risks IN COLLABORATION WITH 2 Concerns about cybersecurity are not matched by plans. IMPORTANCE

More information

Training + Information Sharing: Pillars of enhancing cybersecurity posture

Training + Information Sharing: Pillars of enhancing cybersecurity posture Training + Information Sharing: Pillars of enhancing cybersecurity posture Welland Chu VP, Professional Development & Secretary ISACA China Hong Kong Chapter June 2018 www.isaca.org Reported cyber incidents

More information

Achieving Cyber-Readiness through Information Sharing Analysis Organizations (ISAOs)

Achieving Cyber-Readiness through Information Sharing Analysis Organizations (ISAOs) Achieving Cyber-Readiness through Information Sharing Analysis Organizations (ISAOs) Florida Hospital Association Welcome! John Wilgis Director, Emergency Management Services Florida Hospital Association

More information

Sage Data Security Services Directory

Sage Data Security Services Directory Sage Data Security Services Directory PROTECTING INFORMATION ASSETS ENSURING REGULATORY COMPLIANCE FIGHTING CYBERCRIME Discover the Sage Difference Protecting your business from cyber attacks is a full-time

More information

Cyber Risk Program Maturity Assessment UNDERSTAND AND MANAGE YOUR ORGANIZATION S CYBER RISK.

Cyber Risk Program Maturity Assessment UNDERSTAND AND MANAGE YOUR ORGANIZATION S CYBER RISK. Cyber Risk Program Maturity Assessment UNDERSTAND AND MANAGE YOUR ORGANIZATION S CYBER RISK. In today s escalating cyber risk environment, you need to make sure you re focused on the right priorities by

More information

Cybersecurity Guidance for Small Firms Thursday, November 8 9:00 a.m. 10:00 a.m.

Cybersecurity Guidance for Small Firms Thursday, November 8 9:00 a.m. 10:00 a.m. Cybersecurity Guidance for Small Firms Thursday, November 8 9:00 a.m. 10:00 a.m. It is crucial that small financial firms take proper cybersecurity measures to protect their customers and their firm. During

More information

CYBERSECURITY IN THE POST ACUTE ARENA AGENDA

CYBERSECURITY IN THE POST ACUTE ARENA AGENDA CYBERSECURITY IN THE POST ACUTE ARENA AGENDA 2 Introductions 3 Assessing Your Organization 4 Prioritizing Your Review 5 206 Benchmarks and Breaches 6 Compliance 0 & Cybersecurity 0 7 Common Threats & Vulnerabilities

More information

Thirtieth Annual. Electrical & Computer Engineering Day

Thirtieth Annual. Electrical & Computer Engineering Day \ Thirtieth Annual Electrical & Computer Engineering Day Thursday, November 10, 2016 Villanova Room, Connelly Center Activities are scheduled from 3:00 PM to 7:00 PM ECE DAY 16 The 30th annual ECE Day

More information

FDA & Medical Device Cybersecurity

FDA & Medical Device Cybersecurity FDA & Medical Device Cybersecurity Closing Keynote, February 19, 2017 Suzanne B. Schwartz, M.D., MBA Associate Director for Science & Strategic Partnerships Center for Devices and Radiological Health US

More information

Department of Management Services REQUEST FOR INFORMATION

Department of Management Services REQUEST FOR INFORMATION RESPONSE TO Department of Management Services REQUEST FOR INFORMATION Cyber-Security Assessment, Remediation, and Identity Protection, Monitoring, and Restoration Services September 3, 2015 250 South President

More information

CYBERSECURITY TRAINING EXERCISE KMU TRAINING CENTER NOVEMBER 7, 2017

CYBERSECURITY TRAINING EXERCISE KMU TRAINING CENTER NOVEMBER 7, 2017 CYBERSECURITY TRAINING EXERCISE KMU TRAINING CENTER NOVEMBER 7, 2017 Sponsored by: Kansas Municipal Utilities Kansas Municipal Energy Agency Kansas Power Pool CYBERSECURITY TRAINING EXERCISE DATE November

More information

The Twenty- Sixth National HIPAA Summit. HIPAA Summit Day II Morning Plenary Session: HIPAA Security

The Twenty- Sixth National HIPAA Summit. HIPAA Summit Day II Morning Plenary Session: HIPAA Security The Twenty- Sixth National HIPAA Summit HIPAA Summit Day II Morning Plenary Session: HIPAA Security March 30, 2017 John Parmigiani Summit Co-Chair President John C. Parmigiani & Associates, LLC Agenda

More information

Tim Heagarty, CISA CISSP - (859) Lexington, KY

Tim Heagarty, CISA CISSP - (859) Lexington, KY Tim Heagarty, CISA CISSP Tim@Heagarty.com - (859) 285-9050 Lexington, KY Summary I ve come from microcomputer sales in the early 80 s to Manager of IT Security in the mid 90 s and now Security Services

More information

Cybersecurity Conference Presentation North Bay Business Journal. September 27, 2016

Cybersecurity Conference Presentation North Bay Business Journal. September 27, 2016 Cybersecurity Conference Presentation North Bay Business Journal September 27, 2016 1 PRESENTER Francis Tam, CPA, CISM, CISA, CITP, CRISC, PCI QSA Partner Information Security and Infrastructure Practice

More information

News Flash: Some Things Actually Do Work in Security!!!

News Flash: Some Things Actually Do Work in Security!!! SESSION ID: STR-T07R News Flash: Some Things Actually Do Work in Security!!! John Pescatore Director, Emerging Security Trends SANS Institute @John_Pescatore Largest Breach Ever A Short Reality Break

More information

The Evolution of Data Governance Regulations and What IA Departments Need to Know FEBRUARY 27, 2018

The Evolution of Data Governance Regulations and What IA Departments Need to Know FEBRUARY 27, 2018 The Evolution of Data Governance Regulations and What IA Departments Need to Know FEBRUARY 27, 2018 Jamey Loupe Senior Manager, Risk Advisory Services Jessica Allen Director, Technology & Business Transformation

More information

Rethinking Information Security Risk Management CRM002

Rethinking Information Security Risk Management CRM002 Rethinking Information Security Risk Management CRM002 Speakers: Tanya Scott, Senior Manager, Information Risk Management, Lending Club Learning Objectives At the end of this session, you will: Design

More information

MAY. (Tue) Hong Kong. CYBERSECURITY & RISK MANAGEMENT How to preempt cybersecurity challenges in the digital world

MAY. (Tue) Hong Kong. CYBERSECURITY & RISK MANAGEMENT How to preempt cybersecurity challenges in the digital world 8 MAY 2018 (Tue) Hong Kong CYBERSECURITY & RISK MANAGEMENT How to preempt cybersecurity challenges in the digital world CYBERSECURITY AND RISK MANAGEMENT By HKUST Business School Executive Education Office

More information

Defensible and Beyond

Defensible and Beyond TELUS Defensible and Beyond Mike Vamvakaris Director and Head of Cyber Security Consulting November 2017 Digital transformation brings many benefits Communication and Collaboration Autonomous and Artificial

More information

Strengthening Capacity in Cyber Talent sans.org/cybertalent

Strengthening Capacity in Cyber Talent sans.org/cybertalent SANS Security Awareness Summit August 4th, 2016 Strengthening Capacity in Cyber Talent sans.org/cybertalent Cybersecurity: The Current State Skills Mismatch Emphasis on theory over practice Education focus

More information

A New Cyber Defense Management Regulation. Ophir Zilbiger, CRISC, CISSP SECOZ CEO

A New Cyber Defense Management Regulation. Ophir Zilbiger, CRISC, CISSP SECOZ CEO A New Cyber Defense Management Regulation Ophir Zilbiger, CRISC, CISSP SECOZ CEO Personal Background IT and Internet professional (since 1992) PwC (1999-2003) Global SME for Network Director Information

More information

Addressing Vulnerabilities By Integrating Your Incident Response Plans. Brian Coates Enaxis Consulting

Addressing Vulnerabilities By Integrating Your Incident Response Plans. Brian Coates Enaxis Consulting Addressing Vulnerabilities By Integrating Your Incident Response Plans Brian Coates Enaxis Consulting Contents Enaxis Introduction Presenter Bio: Brian Coates Incident Response / Incident Management in

More information

Cyber Security 2018: Building Resilience Now and For the Future Mar 1 2, 2018 Ottawa

Cyber Security 2018: Building Resilience Now and For the Future Mar 1 2, 2018 Ottawa Agenda and Speakers Cyber Security 2018: Building Resilience Now and For the Future Mar 1 2, 2018 Ottawa Thursday, March 01, 2018 7:30 am Registration and Continental Breakfast 8:00 am Opening Remarks

More information

Security and Privacy Governance Program Guidelines

Security and Privacy Governance Program Guidelines Security and Privacy Governance Program Guidelines Effective Security and Privacy Programs start with attention to Governance. Governance refers to the roles and responsibilities that are established by

More information

Surprisingly Successful: What Really Works in Cyber Defense. John Pescatore, SANS

Surprisingly Successful: What Really Works in Cyber Defense. John Pescatore, SANS Surprisingly Successful: What Really Works in Cyber Defense John Pescatore, SANS 1 Largest Breach Ever 2 The Business Impact Equation All CEOs know stuff happens in business and in security The goal is

More information

Managing Trust in e-health with Federated Identity Management

Managing Trust in e-health with Federated Identity Management ehealth Workshop Konolfingen (CH) Dec 4--5, 2007 Managing Trust in e-health with Federated Identity Management Dr. rer. nat. Hellmuth Broda Distinguished Director and CTO, Global Government Strategy, Sun

More information

Technology Risk Management in Banking Industry. Rocky Cheng General Manager, Information Technology, Bank of China (Hong Kong) Limited

Technology Risk Management in Banking Industry. Rocky Cheng General Manager, Information Technology, Bank of China (Hong Kong) Limited Technology Risk Management in Banking Industry Rocky Cheng General Manager, Information Technology, Bank of China (Hong Kong) Limited Change in Threat Landscape 2 Problem & Threats faced by Banking Industry

More information

Cybersecurity Overview

Cybersecurity Overview Cybersecurity Overview DLA Energy Worldwide Energy Conference April 12, 2017 1 Enterprise Risk Management Risk Based: o Use of a risk-based approach for cyber threats with a focus on critical systems where

More information

Introducing Maryville University s CYBER SECURITY ONLINE PROGRAMS. Bachelor of Science in Cyber Security & Master of Science in Cyber Security

Introducing Maryville University s CYBER SECURITY ONLINE PROGRAMS. Bachelor of Science in Cyber Security & Master of Science in Cyber Security Introducing Maryville University s CYBER SECURITY ONLINE PROGRAMS Bachelor of Science in Cyber Security & Master of Science in Cyber Security The cyber security industry is calling for more experts. And

More information

DFARS Compliance. SLAIT Consulting SECURITY SERVICES. Mike D Arezzo Director of Security Services. SLAITCONSULTING.com

DFARS Compliance. SLAIT Consulting SECURITY SERVICES. Mike D Arezzo Director of Security Services. SLAITCONSULTING.com DFARS Compliance SLAIT Consulting SECURITY SERVICES Mike D Arezzo Director of Security Services Introduction 18+ year career in Information Technology and Security General Electric (GE) as Software Governance

More information

THE LIFE AND TIMES OF CYBERSECURITY PROFESSIONALS

THE LIFE AND TIMES OF CYBERSECURITY PROFESSIONALS SESSION ID: AST3-R02 THE LIFE AND TIMES OF CYBERSECURITY PROFESSIONALS Jon Oltsik Senior Principal Analyst Enterprise Strategy Group @joltsik Candy Alexander, CISSP CISM International Board Director ISSA

More information

SALARY $ $72.54 Hourly $3, $5, Biweekly $8, $12, Monthly $103, $150, Annually

SALARY $ $72.54 Hourly $3, $5, Biweekly $8, $12, Monthly $103, $150, Annually SALARY $49.72 - $72.54 Hourly $3,977.88 - $5,803.27 Biweekly $8,618.75 - $12,573.75 Monthly $103,425.00 - $150,885.00 Annually ISSUE DATE: 03/21/18 THE POSITION DIRECTOR OF CYBER SECURITY OPEN TO THE PUBLIC

More information

CyberSecurity Internships The Path to Meeting Industry Need

CyberSecurity Internships The Path to Meeting Industry Need CyberSecurity Internships The Path to Meeting Industry Need Room Seacliff A Tuesday October 17 Bruce Maas Emeritus Vice Provost for IT and CIO University of Wisconsin-Madison Innovation Fellow Internet2

More information

2017 RIMS CYBER SURVEY

2017 RIMS CYBER SURVEY 2017 RIMS CYBER SURVEY This report marks the third year that RIMS has surveyed its membership about cyber risks and transfer practices. This is, of course, a topic that only continues to captivate the

More information

ISACA MADRID DECEMBER Robert E Stroud CEGIT CRISC International President December 2014

ISACA MADRID DECEMBER Robert E Stroud CEGIT CRISC International President December 2014 ISACA MADRID DECEMBER 2014 Robert E Stroud CEGIT CRISC International President December 2014 CHANGING DYNAMICS OF BUSINESS Source: http://www.securedgenetworks.com/secure-edge-networks-blog/bid/84023/10-ways-mobile-device-management-can-help-your-school

More information

EARN UP TO 18 CPE CREDITS

EARN UP TO 18 CPE CREDITS Join Us in Nashville, TN, USA 370 Stay at the Heart of the Conference Action! The Omni Nashville 250 5th Avenue South Nashville, TN 37203, USA Hotel Reservations: 615-782-5300 2018 Governance, Risk, and

More information

UNB S CYBERSECURITY PROGRAM

UNB S CYBERSECURITY PROGRAM UNB S CYBERSECURITY PROGRAM SEPTEMBER 7, 017 A fundamental step towards an advanced cybersecurity practice at UNB was taken recently when the Board of Governors approved the Information Security Policy,

More information

STUDENT LEARNING OUTCOMES Beacom College of Computer and Cyber Sciences

STUDENT LEARNING OUTCOMES Beacom College of Computer and Cyber Sciences STUDENT LEARNING OUTCOMES Beacom College of Computer and Cyber Sciences Undergraduate Programs - Bachelor B.S. Computer Game Design Upon completion of the B.S. degree in Computer Game Design, students

More information

Must Have Items for Your Cybersecurity or IT Budget in 2018

Must Have Items for Your Cybersecurity or IT Budget in 2018 Must Have Items for Your Cybersecurity or IT Budget in 2018 CBAO Regional Meeting Dan Desko (Senior Manager, IT Risk Advisory) Matt Dunn (Senior Security Analyst, IT Risk Advisory) Who is Schneider Downs?

More information

4A Healthcare Data Security & Privacy

4A Healthcare Data Security & Privacy 4A Healthcare Data Security & Privacy Symposium 2015 Banner Program Leaders Ben Goodman Developed in collaboration with Lisa Clark Conference Mission Health and medical regulators are promising audits

More information

Institute of Internal Auditors 2019 CONNECT WITH THE IIA CHICAGO #IIACHI

Institute of Internal Auditors 2019 CONNECT WITH THE IIA CHICAGO #IIACHI Institute of Internal Auditors 2019 CONNECT WITH THE IIA CHICAGO CHAPTER: @IIACHI #IIACHI WWW.FACEBOOK.COM/IIACHICAGO HTTPS://WWW.LINKEDIN.COM/GROUPS/1123977 1 CAE Communications and Common Audit Committee

More information

NERC Staff Organization Chart Budget 2018

NERC Staff Organization Chart Budget 2018 NERC Staff Organization Chart Budget 2018 President and CEO Associate Director to the Office of the CEO Senior Vice President and Chief Reliability Senior Vice President, General Counsel and Corporate

More information

Vice President and Chief Information Security Officer FINRA Technology, Cyber & Information Security

Vice President and Chief Information Security Officer FINRA Technology, Cyber & Information Security Plenary Session: Cybersecurity the Current Regulatory Environment: Insight from Regulators and Industry Experts Thursday, February 22 3:45 p.m. 4:45 p.m. With recent high-profile data breaches, cybersecurity

More information

Experience Security, Risk, and Governance

Experience Security, Risk, and Governance Experience Security, Risk, and Governance Agenda and recommended event path 26 28 March Vienna, Austria Contents 3 Welcome 4 Overview 5 Evening Programs 6 Sessions at-a-glance 11 Digital Transformation

More information

Escalated Threats to PHI Require a New Approach to Privacy and Security Wednesday, March 2, 2016

Escalated Threats to PHI Require a New Approach to Privacy and Security Wednesday, March 2, 2016 Escalated Threats to PHI Require a New Approach to Privacy and Security Wednesday, March 2, 2016 Kurt J. Long, CEO & Founder, FairWarning, Inc. Robert Rost, IT Operations Director of Defensive Services,

More information

How to Optimize Cyber Defenses through Risk-Based Governance. Steven Minsky CEO of LogicManager & Author of the RIMS Risk Maturity Model

How to Optimize Cyber Defenses through Risk-Based Governance. Steven Minsky CEO of LogicManager & Author of the RIMS Risk Maturity Model How to Optimize Cyber Defenses through Risk-Based Governance Steven Minsky CEO of LogicManager & Author of the RIMS Risk Maturity Model The Goal: Risk-Based Operationalization Incident Management IT/IS

More information

Balancing Compliance and Operational Security Demands. Nov 2015 Steve Winterfeld

Balancing Compliance and Operational Security Demands. Nov 2015 Steve Winterfeld Balancing Compliance and Operational Security Demands Nov 2015 Steve Winterfeld What is more important? Compliance with laws / regulations Following industry best practices Developing a operational practice

More information

2018 HIPAA One All Rights Reserved. Beyond HIPAA Compliance to Certification

2018 HIPAA One All Rights Reserved. Beyond HIPAA Compliance to Certification 2018 HIPAA One All Rights Reserved. Beyond HIPAA Compliance to Certification Presenters Jared Hamilton CISSP CCSK, CCSFP, MCSE:S Healthcare Cybersecurity Leader, Crowe Horwath Erika Del Giudice CISA, CRISC,

More information

Cybersecurity: Considerations for Internal Audit. Gina Gondron Senior Manager Frazier & Deeter Geek Week August 10, 2016

Cybersecurity: Considerations for Internal Audit. Gina Gondron Senior Manager Frazier & Deeter Geek Week August 10, 2016 Cybersecurity: Considerations for Internal Audit Gina Gondron Senior Manager Frazier & Deeter Geek Week August 10, 2016 Agenda Key Risks Incorporating Internal Audit Resources Questions 2 San Francisco

More information

Sales Presentation Case 2018 Dell EMC

Sales Presentation Case 2018 Dell EMC Sales Presentation Case 2018 Dell EMC Introduction: As a member of the Dell Technologies unique family of businesses, Dell EMC serves a key role in providing the essential infrastructure for organizations

More information

HIPAA Compliance is not a Cybersecurity Strategy

HIPAA Compliance is not a Cybersecurity Strategy HIPAA Compliance is not a Cybersecurity Strategy Presented by: Hector Rodriguez, WW Health CISO, Microsoft Jay Trinckes, Director, Coalfire Speaker Introductions Hector Rodriguez, WW Health CISO, Microsoft

More information

One Hospital s Cybersecurity Journey

One Hospital s Cybersecurity Journey MAY 11 12, 2017 SAN FRANCISCO, CA One Hospital s Cybersecurity Journey SanFrancisco.HealthPrivacyForum.com #HITprivacy Introduction Senior Director Information Systems Technology, Children s Mercy Hospital

More information

What Does the Future Look Like for Business Continuity Professionals?

What Does the Future Look Like for Business Continuity Professionals? What Does the Future Look Like for Business Continuity Professionals? October 26, 2016 Brian Zawada, FBCI President, US Chapter of the Business Continuity Institute Agenda and Objectives Change Standards

More information

MANUAL OF UNIVERSITY POLICIES PROCEDURES AND GUIDELINES. Applies to: faculty staff students student employees visitors contractors

MANUAL OF UNIVERSITY POLICIES PROCEDURES AND GUIDELINES. Applies to: faculty staff students student employees visitors contractors Page 1 of 6 Applies to: faculty staff students student employees visitors contractors Effective Date of This Revision: June 1, 2018 Contact for More Information: HIPAA Privacy Officer Board Policy Administrative

More information

10 Cybersecurity Questions for Bank CEOs and the Board of Directors

10 Cybersecurity Questions for Bank CEOs and the Board of Directors 4 th Annual UBA Bank Executive Winter Conference February, 2015 10 Cybersecurity Questions for Bank CEOs and the Board of Directors Dr. Kevin Streff Founder, Secure Banking Solutions 1 Board of Directors

More information

Cyber Security in M&A. Joshua Stone, CIA, CFE, CISA

Cyber Security in M&A. Joshua Stone, CIA, CFE, CISA Cyber Security in M&A Joshua Stone, CIA, CFE, CISA Agenda About Whitley Penn, LLP The Threat Landscape Changed Cybersecurity Due Diligence Privacy Practices Cybersecurity Practices Costs of a Data Breach

More information

Sirius Security Overview

Sirius Security Overview Sirius Security Overview Rob Hoisington IT Security Consultant www.siriuscom.com 8/18/2017 1 Rob Hoisington IT Security Consultant - CISSP, GLEG, GCIH Robert.Hoisington@siriuscom.com - 757.675.0101 Rob

More information

CENTRAL TAKE THE STAGE REGIONAL CONFERENCE MAY 1 4, 2016 / NASHVILLE, TN

CENTRAL TAKE THE STAGE REGIONAL CONFERENCE MAY 1 4, 2016 / NASHVILLE, TN CENTRAL REGIONAL CONFERENCE MAY 1 4, 2016 / NASHVILLE, TN TAKE THE STAGE Members: Register by Feb. 29 to save US$100. Take the Stage The IIA and IIA Nashville Chapter are excited to host the 2016 Central

More information

GUIDELINES FOR SUBMITTING CONTINUING PROFESSIONAL EDUCATION (CPE) CREDITS

GUIDELINES FOR SUBMITTING CONTINUING PROFESSIONAL EDUCATION (CPE) CREDITS GUIDELINES FOR SUBMITTING CONTINUING PROFESSIONAL EDUCATION (CPE) CREDITS (ISC) 2 CISSP Recertification Guidelines (rev. 8-06) Page 1 of 16 CONTENTS Introduction... 3 CPE Record Keeping... 4 CPE Credit

More information

*** THIS DOCUMENT IS CLASSIFIED FOR PUBLIC ACCESS ***

*** THIS DOCUMENT IS CLASSIFIED FOR PUBLIC ACCESS *** Introduction and Bio CyberSecurity Defined CyberSecurity Risks NIST CyberSecurity Framework References *** THIS DOCUMENT IS CLASSIFIED FOR PUBLIC ACCESS *** Chapter 3. Framework Implementation Relationship

More information

TIPS FOR FORGING A BETTER WORKING RELATIONSHIP BETWEEN COUNSEL AND IT TO IMPROVE CYBER-RESPONSE

TIPS FOR FORGING A BETTER WORKING RELATIONSHIP BETWEEN COUNSEL AND IT TO IMPROVE CYBER-RESPONSE TIPS FOR FORGING A BETTER WORKING RELATIONSHIP BETWEEN COUNSEL AND IT TO IMPROVE CYBER-RESPONSE Association of Corporate Counsel NYC Chapter 11/1 NYC BDO USA, LLP, a Delaware limited liability partnership,

More information

2018 Government Professional Accounting Seminar

2018 Government Professional Accounting Seminar 2018 Government Professional Accounting Seminar Thursday September 6, 2018 7:30 a.m. - Registration and Networking 8:00 a.m. 4:50 p.m. (Early Registration by Tuesday, July 31, 2018; Regular by Friday,

More information

PROFESSIONAL MASTER S IN

PROFESSIONAL MASTER S IN I m in a new job I love. ERIC LAFONTAINE Service Operations Manager GE Healthcare Class of 2013 PROFESSIONAL MASTER S IN APPLIED SYSTEMS ENGINEERING GAIN A COMPETITIVE EDGE WITH A GEORGIA TECH DEGREE TODAY

More information

Cyber Risks in the Boardroom Conference

Cyber Risks in the Boardroom Conference Cyber Risks in the Boardroom Conference Managing Business, Legal and Reputational Risks Perspectives for Directors and Executive Officers Preparing Your Company to Identify, Mitigate and Respond to Risks

More information

Data Security and Breach Notification Legislative Update: What You Need to Know (SESSION CODE CRM001)

Data Security and Breach Notification Legislative Update: What You Need to Know (SESSION CODE CRM001) Data Security and Breach Notification Legislative Update: What You Need to Know (SESSION CODE CRM001) Speakers: James T. McIntyre Partner McIntyre & Lemon, PLLC Janice Ochenkowski International Director

More information