JOINT EVENT WITH IIBA-LA. Trends & Best Practices in. Cybersecurity for networks, cloud computing and mobile



Similar documents
C13 - Establishing a Windows Baseline Mike Villegas

San Francisco Chapter. Presented by Mike O. Villegas, CISA, CISSP

SECURITY CONSIDERATIONS FOR LAW FIRMS

Information Systems Security Certificate Program

Financial Implications of Cybercrime Meeting the Information Security Management Challenge in the Cyber-Age

How To Build A Cybersecurity Company

Educa&onal Event Spring Cyber Security - Implications for Records Managers Art Ehuan

Career Survey. 1. In which country are you based? 2. What is your job title? 3. Travel budget. 1 of 28. Response Count. answered question 88

Payment Card Industry Data Security Standard (PCI DSS) v1.2

NNIT Cybersecurity. A new threat landscape requires a new approach

How-To Guide: Cyber Security. Content Provided by

Cyber Security. John Leek Chief Strategist

Contents. Facts. Contact. Company Biography...4. Qualifications & Accolades...5. Executive Leadership Team...6. Products & Services...

Security Transcends Technology

Cybercrime & Cybersecurity: the Ongoing Battle International Hellenic University

If you have any questions at all about the summit or to register by fax, contact us at (702) or

Legislative Council Panel on Information Technology and Broadcasting. Information Security

PCI Compliance The Road Ahead. October 2012 Hari Shah & Parthiv Sheth

What s Lurking in Your Network & The Business Impact of Data Breaches. Colby Clark Director of Incident Management FishNet Security

The Emergence of the ISO in Community Banking Patrick H. Whelan CISA IT Security & Compliance Consultant

Is your Organization SAFE?

The Top Ten of Information Security - For 2015

SPSP Phase III Recruiting, Selecting, and Developing Secure Power Systems Professionals: Job Profiles

Over 20 years experience in Information Security Management, Risk Management, Third Party Oversight and IT Audit.

Compliance, audit, risk, security what s the difference and why do we need it?

SINGAPORE HEALTHCARE ENTERPRISE RISK MANAGEMENT CONGRESS Data Breach : The Emerging Threat to Healthcare Industry

DON T BE A VICTIM! IS YOUR ORGANIZATION PROTECTED FROM CYBERSECURITY THREATS?

Time Is Not On Our Side!

Director, IT Security District Office Kern Community College District JOB DESCRIPTION

KEY TRENDS AND DRIVERS OF SECURITY

An Accelerated Pathway to Careers in Cybersecurity for Transitioning Veterans. NICE Annual Conference November 2015

Managing Cyber Threats Risk Management & Insurance Solutions. Presented by: Douglas R. Jones, CPCU, ARM Senior Vice President & Principal

PCI Policy Compliance Using Information Security Policies Made Easy. PCI Policy Compliance Information Shield Page 1

2014 Technology Conference

HP Cyber Security Control Cyber Insight & Defence

North Texas ISSA CISO Roundtable

Hacking and Hardware: Understanding the Threats, Compliance Obligations, and Cybersecurity Solutions for Utilities

Cyber Risks in the Boardroom

CESG Certification of Cyber Security Training Courses

Cyber Resilience Implementing the Right Strategy. Grant Brown Security specialist,

Cybersecurity: Considerations for Internal Audit. IIA Atlanta Chapter Meeting January 9, 2015

Table of Contents EXECUTIVE SUMMARY ACKNOWLEDGEMENT AND DISCLAIMERS ENGAGEMENT SCOPE AND OBJECTIVES EXECUTIVE SUMMARY OF ASSESSMENT RESULTS

THE WORLD IS MOVING FAST, SECURITY FASTER.

Into the cybersecurity breach

Certification Programs

Law Firm Cyber Risk Conference: Addressing the Issues from the Top Down

Cyber Liability Insurance:

Seminar on Unfair Competition Enforcement in the United States and Supply Chain Cybersecurity Issues. Palace Hotel Saigon, HCMC, November 19 th 2014

carahsoft Florida Department of Management Services CARAHSOFT S RESPONSE TO THE REQUEST FOR INFORMATION

DoD Directive (DoDD) 8570 & GIAC Certification

Cyber Security 2014 SECURE BANKING SOLUTIONS, LLC

CYBERSECURITY: ISSUES AND ISACA S RESPONSE

Cyber Security and Information Assurance Controls Prevention and Reaction NOVEMBER 2013

A MULTIFACETED CYBERSECURITY APPROACH TO SAFEGUARD YOUR OPERATIONS

Oil & Gas Cybersecurity

11/27/2015. Cyber Risk as a Component of Business Risk: Communicating with the C-Suite. Conflict of interest. Learning Objectives

Information Security Specialist Training on the Basis of ISO/IEC 27002

Auditing After a Cyber Attack JAX IIA Chapter Meeting Cybersecurity and Law Enforcement

Executive Cyber Security Training. One Day Training Course

Guided HIPAA Compliance

Meeting the Information Security Management Challenge in the Cyber-Age

IT Senior Audit Leader

CYBER LIABILITY RISKS SEMINAR Programme overview. THURSDAY 1 OCTOBER am 1.00pm Green Park Conference Centre, Reading

White Paper September 2013 By Peer1 and CompliancePoint PCI DSS Compliance Clarity Out of Complexity

Cyber Security and Privacy Services. Working in partnership with you to protect your organisation from cyber security threats and data theft

Health & Life sciences breach security program. David Houlding MSc CISSP CIPP Healthcare Privacy & Security Lead Intel Health and Life Sciences

PERSONAL HISTORY AND PROFESSIONAL QUALIFICATIONS (2015)

ISACA Tools Help Develop Cybersecurity Expertise

MANAGING Cybersecurity Risk AND DISCLOSURE OBLIGATIONS

Risky Business. Is Your Cybersecurity in Cruise Control? ISACA Austin Chapter Meeting May 5, 2015

SecurityMetrics. history products expertise team awards

MSc Cyber Security. identity. hacker. virus. network. information

HOW SECURE IS YOUR PAYMENT CARD DATA?


Newsletter Editor: Professor Louis Roy. September 2014, Volume 1

CYBER SECURITY MANAGEMENT: THE NEW C-SUITE RESPONSIBILITY

Job Market Intelligence: Cybersecurity Jobs, Burning Glass Technologies

Cybersecurity: What CFO s Need to Know

Consolidated Audit Program (CAP) A multi-compliance approach

Hackers are here. Where are you?

CSIS Academy Be Better

PCI Compliance in Multi-Site Retail Environments

Cybersecurity The role of Internal Audit

Cybersecurity: Protecting Your Business. March 11, 2015

What is Management Responsible For?

ISSA SOUTH TEXAS CHAPTER NEWSLETTER

Certification Programs

Information Security Management System (ISMS) Overview. Arhnel Klyde S. Terroza

About Our 2015 WTA Cyber Security Speakers and Sessions

Application for Membership

Cyber Security Awareness Workshop

Internet Gaming: The New Face of Cyber Liability. Presented by John M. Link, CPCU Cottingham & Butler

Compliance Guide ISO Compliance Guide. September Contents. Introduction 1. Detailed Controls Mapping 2.

DON T BE A VICTIM! IS YOUR INVESTMENT PROGRAM PROTECTED FROM CYBERSECURITY THREATS?

Spooks in the Machine

CASRO Digital Research Conference Data Security: Don t Risk Being the Weak Link

Introduction Auditing Internal Controls in an IT Environment SOx and the COSO Internal Controls Framework Roles and Responsibilities of IT Auditors

Computer Concepts And Applications CIS-107-TE. TECEP Test Description

October 24, Mitigating Legal and Business Risks of Cyber Breaches

Disaster Recovery & Strategic Planning: How alignment can reduce risk and cost

Transcription:

JOINT EVENT WITH IIBA-LA Trends & Best Practices in Cybersecurity for networks, cloud computing and mobile April 23 rd, 2015 Hands-on Experts Share Current Strategies to Manage Cybersecurity Today s enterprise security must constantly adapt to new realities, whether it s rapidly emerging consumer devices, BYOD, continued cloud adoption, new advanced threats, or compliance. These are daunting challenges. In this environment, we need to know how to: Effectively manage cybersecurity, mobile security, and cloud security Establish leadership in aligning security to the business Ensure the technology supply chain is secure Security in a managed services environment Address application security threats and data loss prevention Effectively communicate security strategy throughout the enterprise Not only are today s Information Security executives trusted with guarding enterprise information assets, they are increasingly expected to be risk advisors to the entire organization. Our panel of hands-on Managers of IT Security will share their views on trends and best practices to ensure enterprise security success. It will be a frank discussion on what issues they deal with, and what they do to keep their companies off the 11:00 PM news. MODERATOR - Mike Villegas - Vice President, K3DES, LLC SPEAKERS - David Alexander - Director Information Security, LA Dept. of Water and Power Dave Babcock - Senior Investigator of the Cyber Investigations Response Team (CIRT), LA County District Attorney's Office Beth Jones - Manager, Cybersecurity Management, Southern California Edison

Greg Nelson - Information Security Manager, Toyota Financial Services Come early at 5:30 pm for extra networking, and bring your business cards. Free PROCESSOR magazines are available. Come prepared with a brief announcement of any openings in your firm. Networking- 5:30-7PM Dinner and Announcements 7PM Panel Discussion and Q&A - 7:30 to 9PM LOCATION: Courtyard by Marriott LA Westside, 6333 Bristol Parkway, Culver City 90230 310-484-7000. Self- Parking at hotel ($6). REGISTRATION: sign up now at: https://www.eventbrite.com/e/trends-and-best-practices-in-enterprisesecurity-tickets-16198042782. DIRECTIONS: http://www.marriott.com/hotels/maps/travel/laxcv-courtyard-los-angeles-westside/ Going South on 405: Take 90 Fwy East; Slight right at West Slauson Ave; First right onto Bristol Parkway Going North on 405: Take exit 49B to merge onto Sepulveda toward Slauson Ave; Right at Green Valley Circle, then first right onto Bristol Parkway ABOUT OUR MODERATOR Miguel (Mike) O. Villegas, Vice President - K3DES, LLC Mike performs quality assurance and conducts Payment Card Industry Data Security Standard (PCI-DSS) and Payment Application Data Security Standard (PA-DSS) assessments for K3DES clients. He also manages the K3DES ISO/IEC 27001:2005 certification program. Mike has over 30 years of information systems security and IT audit experience. Previously Director of Information Security at Newegg, Inc. and Vice President & Technology Risk Manager for Wells Fargo Services where he was responsible for IT Regulatory Compliance. Prior to that, he served as a partner at both Arthur Andersen and Ernst & Young in their information systems security and IS audit groups over a span of nine years. Mike holds certifications as a Certified Information Systems Auditor (CISA), a Certified Information Systems Security Professional (CISSP), a GIAC Security Professional (GSEC), and a Certified Ethical Hacker (CEH). Also, he is a Payment Application Qualified Security Assessor (PA QSA). Additionally, Mike has taught CISA review courses for over 17 years.

ABOUT OUR PANELISTS David Alexander, Director - Information Security, LA Dept. of Water and Power The LADWP is the nation s largest municipal utility, but with a previously minimal enterprise Information Security Program. David has implemented a comprehensive Information Security Program at LADWP, utilizing his 18 years of IT and power operations experience, and extensive technical and business operations experience to apply sound IT Security practices while meeting the demanding business requirements of the power industry. Mr. Alexander is also responsible for the development and coordination of LADWP s strategic and tactical IT security planning initiatives to reduce risks, respond to incidents, and limit exposure to liability that may result in financial and corporate reputation loss to the utility. Additionally, Mr. Alexander is the President of the Los Angeles chapter of ISACA, an international professional association focused on IT Governance. Dave Babcock, Senior Investigator - LA County District Attorney's Office, Cyber Investigations Response Team (CIRT) Dave s unit investigates cyber-crimes and attacks, intellectual property thefts, and network intrusions against Los Angeles County government networks and technology assets. He has been the lead investigator on two of the largest security breaches, involving the theft of PII and PHI, in Los Angeles County history. He is also a member of the United States Secret Service Los Angeles Electronic Crimes Task Force (LAECTF). Before joining the LADA in 2005, Babcock was a Police Officer for the City of Glendale. Dave also served as a Non-Commissioned Officer in the United States Marine Corps. He is a graduate of Illinois Institute of Technology, with a Bachelor of Sciences degree in Chemical Engineering. He holds a Global Information Association Certification in Security Essentials (GSEC). Beth Jones, Manager - Cybersecurity Management, Southern California Edison Currently a Risk Assessment Manager at Southern California Edison, Beth leads a team that performs risk assessments to identify, assess and report on cybersecurity risk. She previously worked at SCE for nearly ten years as a senior internal auditor and audit project manager. Her audit projects included data and information management audits, application audits, information security best practices, Cybersecurity audits (PKI), general computer controls assessments, disaster recovery /business continuity, NERC and Sarbanes-Oxley (SOX) controls. Prior to SCE, Beth has led information security projects for over fifteen years at companies including Arco, Health Net and Security Pacific. She holds a Bachelors Degree from Johns Hopkins University. She received a Project Management Certificate from University of California Irvine Extension. She is a Certified Information Systems Auditor (CISA ). Beth originally hails from New Jersey. Greg Nelson, Information Security Manager - Toyota Financial Services Greg has led many information security programs in the financial services industry for over fifteen years. His current role at Toyota is management of the delivery of local and global solutions in the areas of anti-malware, application whitelisting, vulnerability and patch management, data loss prevention, email

encryption, intrusion detection, incident response, and security information and event management. Greg has recently earned an MBA in Finance from California State University, Fullerton. He spends his free time mountain biking, playing sports with his kids, and reading sci-fi. Stay Connected... Join our LinkedIn Group www.linkedin.com/groupsdirectory aitp-la Membership: Membership@aitp-la.org Email: info@aitp-la.org Subscribe to our newsletter: www.informationtechnologyzone.com Our newly designed website: http://www.aitp-la.org Twitter: @AITP_LA NEXT EVENTS: May 28 th - K.C. Choi, the VP of Hewlett Packard, will discuss The New Style of IT: The perfect storm implications of cloud, big data, mobility and security on next generation computing technologies and software defined data centers. How will these trends and innovations inform our next generation of IT talent and careers? HP s innovation to The Machine will describe HP s rethinking and reinvention of the computer. There will also be an update on HP s separation into two firms, and what s in it for customers. June 25 th - Mobile Strategy & Development. Mobile is no longer the latest new thing in technology, it s already a mainstay. Your organization should already have mobile functionality and a mobile presence. How should your company BEST address its mobile needs, or improve upon its existing mobile presence? Our panel on hands-on experts will discuss the impetus for going mobile, and how they executed upon this need. From analytics to standard requirements gathering, through developing technical specs and platform needs, to building teams (or farming out the development work), they will discuss how to build the best mobile solution to fit your needs. NEWS YOU CAN USE: Los Angeles CI0/CTO of the Year Awards Season! If you d like to be nominated for one of the several awards you can still apply through the AITP-LA LABJ

Committee, until April 6 th. This is a great opportunity to showcase yourself or a colleague, and your firm. Awards Reception will be held in early June, details TBA. Please email Publicity@aitp-la.org for further details and application forms. AITP-LA Member Benefit Reduced rate on LA Business Journal For verified current AITP-LA members, annual subscription to the weekly LA Business Journal is only $59.95, compared to the regular price of $129.99, a $70 discount, and includes the Book of Lists. Contact Membership@AITP-LA.org for details and signup.

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information