San Francisco, California
London, United Kingdom
A 7-8 CPE Event in Beaverton, Oregon focusing on Information Security, Prevention and Audit
Wednesday, April 16, 2014
Registration & Breakfast: 7:30 A.M.
Sessions: 8:30 A.M. - 5 P.M.
PCC Rock Creek
17705 NW Springville Rd. Portland, OR 97229
Early Bird Pricing: Before 2/10/14:
ISACA or IIA Member : $100
Non Member: $125
Regular Pricing: Begins 2/10/14:
ISACA or IIA Member : $150
Non Member: $175
Topics and Summary:
Featuring Nancy Young, Moss Adams
Do you know that organizations lose 5% of every dollar to fraud schemes in one form or another? Would you or your financial department know the opportunity points or fraud indicators? While the chances of fraud occurring in your organization —externally or employee perpetrated—may seem unlikely, it is a major economic obstacle costing billions each year in lost revenue and misappropriated assets, according to the US Department of Commerce.
Join Nancy Young, who will help you build a better understanding of:
Security Operations & Monitoring:
Featuring Russ McRee, Microsoft
If you’ve spent any time defending web applications as a security analyst, or perhaps as a developer seeking to adhere to SDLC practices, you have likely utilized or referenced the OWASP Top 10. Intended first as an awareness mechanism, the Top 10 covers the most critical web application security flaws via consensus reached by a global consortium of application security experts. The OWASP Top 10 promotes managing risk in addition to awareness training, application testing, and remediation. To manage such risk, application security practitioners and developers need an appropriate tool kit. This presentation will explore tooling, tactics, analysis, and mitigation.
Featuring Todd Weinman, The Weinman Group
The job market for IT Audit and GRC professionals is the strongest since we have seen since the glory days of SOX. Opportunities abound and competition for resources is fierce. This economic environment can be your best friend or your worst enemy. It is precisely this type of climate that leads to career management missteps that can follow you for your entire career. Whether you are trying to climb the corporate ladder or just trying to hang on until retirement now is the time to be particularly attentive to making the right decisions about your career.
Among topics to be discussed:
Featuring Andrew Plato, Anitian
If you want to build a secure community, you must have a foundation of trust. Trust is the language, currency, and fuel that powers security. Building trust begins with leaders whom you can trust. These leaders must not only inspire people to act, but also cultivate trust among the entire community. Because, inside high-trust environments people are naturally inclined to do the right things and follow security protocols.
Servant Leadership is a management concept that has been around for decades. It is a philosophical approach to management that not only makes organizations work better, it makes them significantly more secure. It accomplishes this through building high-trust relationships with employees which in turn fosters better security.
In this presentation, veteran information security leader, Andrew Plato will discuss how the concepts of Servant Leadership are applicable to Security Leadership, and how you can use these concepts to build a high-trust, high-security environment.
Advanced Malware - The Explosion of Cybercrime - The 5 Ways IT May Be an Accomplice:
Featuring Mark Villinski, Kaspersky Lab
Mobile devices, social media sites, and the exponential growth of cybercriminals are threatening your users and your data every day. Can your IT department become an unwitting accomplice to cybercrime? Mark Villinski, Kaspersky Lab Marketing Manager, sheds light on the growing challenges facing IT today and discusses the 5 ways that IT departments may be unknowingly enabling cybercrime in their organizations.
During this session, you will hear:
People - The Unpatchable Vulnerability:
Featuring Barrett Weisshaar, TrustWave
“Targeted,” “low-and-slow,” “advanced,” and “adaptive” are terms used to describe today’s advanced threats. Each depends on a patient individual applying their own ingenuity to various tools in order to reach their objective. In the same way, a realistic penetration test of an internal network requires the application of human ingenuity—tools, ratings, scores, and automation alone won’t cut it. The greatest tool in a penetration tester’s arsenal is his or her intelligence, resourcefulness and inventiveness. Automated tools alone are not capable of taking advantage of human fallibility in order to gain increasing levels of access to network assets.
Protecting Your Organization’s Most Critical Assets:
Featuring Robert Eggebrecht, BEW Global
Organizations are swimming in data and becoming more interconnected with partners and vendors on the “Global Electronic Nervous System” every day. Because of that, companies need to plan, implement and maintain a Critical Asset Protection Program that clearly defines what assets are deemed most important to the organization based on revenue, income, reputation and core operational impact. Key aspects of a Critical Asset Protection Program include assessing the human aspect; designing, building and maintaining an Information Security Management Systems (ISMS) based on quality management concepts, and finally evaluating technologies. Critical Asset Protection Programs need to balance people, process and technology to build and maintain an effective program.
Join BEW Global President/CEO, Robert Eggebrecht as he discusses the step-by-step process and methodology to building a risk-based, cost-effective program. This program defines the assets as well as the core attributes of the assets. These attributes include:
Schedule & Presenters:
7:30 AM - Registration, continental breakfast, and professional networking
8:30 AM - Nancy Young: Moss Adams
9:30 AM - Mark Villinski: Kaspersky Lab
10:30 AM - Russ McRee: Microsoft
11:30 AM - Buffet Lunch
12:30 PM - Todd Weimann: Weimann Group
2 PM - Robert Eggebrecht: BEW Global
3 PM - Andrew Plato: Anitian
4 PM - Barrett Weisshaar: TrustWave
We hope to see you there!
Looking for other upcoming events? Click here
When & Where
ISACA - Willamette Valley Chapter
The Willamette Valley Chapter of ISACA represents IT Security, Audit and Compliance Professionals in the Oregon/SW Washington region.
The chapter hosts luncheon programs and coordinates technical seminars designed to provide networking and professional education opportunities, and serves as a conduit for information from the International ISACA organization.