Hors d’oeuvres to be served: Cheese Sticks, Chicken Fingers,
Spinach Artichoke Dip, Classic Potato Skins

2 drinks free and Cash bar available.

Prize drawings hourly and potential members welcome!

WHEN:
December 14th 2011 (Wednesday) from 5:00-8:00pm

WHERE:
Fox and Hound (Click for Map)
302 Bullitt Lane
Louisville, KY 40222
502-394-7620

COST: FREE – 1 Hour of CPE (Lunch Included)
Please RSVP to meetings@isacaky.org before October 19, 2011 at 5pm.

About the Speaker:
How does your company conduct remote access? Are you only required to enter a username and password? Do you have to enter any other information? If the answer to these questions are no, you may be at risk to having credentials stolen. Multifactor authentication is a solution to help secure remote access. In this meeting, PhoneFactor, a leading vendor of multifactor authentication will present the case for multifactor authentication.

Jonathan Wood from PhoneFactor
http://www.phonefactor.com/

COST: FREE – 1 Hour of CPE (Lunch Included)
Please RSVP to meetings@isacaky.org before September 20, 2011 at 5pm.

About the Speaker:

Grant Murphy is Vice President of Enterprise Solutions managing worldwide sales for the Barracuda Web Application Firewall and the Web Filtering products at Barracuda Networks. Murphy brings significant experience in the Web proxy/cache market and how these technologies can be used to secure employee’s Internet Access as well as the sites they are accessing.  He has been a frequent speaker at many security industry events worldwide over the past four years.  Prior to joining Barracuda, he was responsible for sales of McAfee’s Web and Email filtering products.   Murphy earned his CISSP accreditation in March of 2006.

Please join us for our July monthly meeting, which will be a joint meeting with ISSA held on July 1st from 11:30 AM to 1:00 PM. Our guest speaker will be Mitchell Greenfield, Information Security Architect for Humana Enterprise Information Security. The title of Mitchell’s presentation is “How Humana re-engineered the SDLC to include security.”
This talk was focus on how Humana, a Fortune 100 company, re-engineered their Software Development LifeCycle to begin the march down the path to software security assurance. Mitch Greenfield of Humana Enterprise Information Security will discuss the challenges of incorporating software security assurance best-practice into a large, diverse technology-driven organization which builds, buys and acquires applications at a rapid pace to meet business demand.

This talk will focus on how a business-driven approach to software security assurance can succeed, and discuss the challenges of redesigning existing project release processes, building the business case for software security assurance, incorporating additional training for developers, code scanning technology, and how the creation of a new role – the FSA (Functional Security Analyst) fit into the technology organization.
Mitch will provide practical lessons learned from Humana’s ongoing maturation process into a culture recognizing security as a fundamental building block of software quality. Mitch will discuss how, through the partnership with HP’s Application Security Center, Humana was able to modify processes, create a new functional security role, and build business value based on delivering software security.

BIO: Mitchell Greenfield is currently an Information Security Architect for Humana Enterprise Information Security. He conducts ethical hacking and penetration testing for Humana, including business partners and acquisitions. Mitch is a Certified Ethical Hacker (CEH), Certified Security Analyst (ECSA), Licensed Penetration Tester (LPT) and Certified Information Security Auditor (CISA). Mitch is currently the VP of Programming for the Kentuckiana chapter of ISACA and holds an MS in Information Systems and a BS in Informatics from Indiana University – Bloomington.

Register Now

WHEN:
Friday May 20, 2011
11:30 – 12:00 Networking
12:00 – 1:00 Discussion

WHERE:
Yum Brands!, Inc
1441 Gardiner Lane
Louisville, KY 40213
View Map

DIAL IN: 1-866-340-2757 code: 4398752

COST: FREE – 1 Hour of CPE (Lunch Included)
Please RSVP to meetings@isacaky.org before May 19, 2011 at 5pm.

About the Speaker:
Mark Martin, Senior Sales Engineer for Application Security, Inc. has been in I.T. for 28 years. He has worked on the vendor side for the past thirteen years where he has provided application and database background expertise to developers. Mark has worked in Financial Services for First Data, Chase and Brown Brother Harriman, Insurance Guardian and Blue Cross, and on the Vendor side for Micro Focus Cobol, NEuVis (Java Development tool), and Embarcadero specializing in Database tools.

Brief Description:

The ISACA Louisville is organizing a discussion/seminar on the upcoming transition of the SAS No.70 standard to SSAE No. 16. Angela (Angie) Shifflete, Director, Risk Assurance at PwC’s Columbus Office is the Third Party Assurance Lead for the region and will be hosting this discussion with a goal to clarify concepts and answer any of your questions as a group.

Historically, SAS No.70 has been the de facto standard for service organizations to report on their internal control. The statement issued is intended to demonstrate transparency to customers on internal control over the financial reporting that service organizations have implemented. However, as customer demands have changed, service organizations have needed to demonstrate this same level of transparency for other audiences and for other areas of their business.  There are a variety of reporting methods available under AICPA attestation standards that allow for comfort to be provided over internal control.  We will focus on SSAE 16, but will also discuss the need for other controls based reports.

WHEN:

Thursday April 7, 2011
11:30 – 12:00 Networking
12:00 – 1:00 Discussion

AGENDA:

• Where We’ve Been: Describe the framework of internal controls reports for service organization
• Where We are Going: Discuss the practical application of concepts and changes from SAS 70 to SSAE 16
• The Transition: Factors in determining whether it is time to receive an internal controls report. Identify where to find more information

WHERE:

Yum Brands!, Inc
1441 Gardiner Lane
Louisville, KY 40213
View Larger Map

DIAL IN: 1-866-340-2757 code: 4398752

COST: FREE – 1 Hour of CPE (Lunch Included)

Please RSVP to meetings@isacaky.org before April 6, 2011 at 5pm.

About the Speaker:

Angie Shifflette is a Director at PwC in the Risk Assurance practice.  She is based in the Columbus, Ohio office and has more than 12 years of experience in public accounting. She has served clients in the retail and financial services sectors. Over the past 10 years, Angie has spent much of her time focusing on both IT and financial related controls testing in support of SAS 70s. In addition to her client service role, Angie has participated on a number of PwC internal projects, including various training initiatives and developing consistent policies among PwC global territories for SAS 70 and the new SSAE 16 standard.

WHEN:

Friday, March 25, 2011
11:30 – 12:00 Networking
12:00 – 1:00 Discussion

WHERE:
Humana
321 W Main Street
East Tower – 10th floor
Louisville, Kentucky 40202

DIAL IN: 1-866-340-2757 code: 4398752

COST: FREE – 1 Hour of CPE (Lunch – Free Pizza!)

Please RSVP to meetings@isacaky.org before March 24, 2011 at 5pm.

About the Speaker:

Joe Sykora has more than 14 years experience in the network security industry. He is the Sr. Director  of AMERICAS Marketing at Fortinet and is responsible for executing the marketing strategy for Fortinet’s network security products throughout the U.S., Canada, Latin American, Australia and New Zealand. Prior to joining Fortinet, Joe was President of FN-SKY, a division of Graham Magnetics. He was also President and CEO of Fortress Network Security, a managed security  and Private Cloud Provider, and InterSpace Computers, an outsourcing IT provider specializing in virtualization and thin client applications.

In 2007 Joe was name “Entrepreneur of the Year” and his companies have been awarded “Fast 50 Business” and “Inc. Credible Business of the Year.” Joe attended the University of Toledo and studied Electrical Engineering

WHEN:
Thursday, February 24, 2011
11:30 – 12:00 Networking
12:00 – 1:00 Discussion

WHERE:
Moutnjoy Chilton Medley
462 S. 4th Street
26th Floor
Louisville, KY 40203

DIAL IN: 1-866-340-2757 code: 4398752

COST: FREE – 1 Hour of CPE (Lunch – Free Pizza!)

Please RSVP to meetings@isacaky.org before February 23, 2011 at 5pm.

About the Speaker:
Michael Hamelin, Chief Security Architect, Tufin
As Chief Security Architect, Hamelin identifies and champions the security standards and processes for Tufin. Bringing more than 16 years of security domain expertise to Tufin, Hamelin has deep hands-on technical knowledge in security architecture, penetration testing, intrusion detection, and anomalous detection of rogue traffic. He has authored numerous courses in information security and worked as a consultant, security analyst, forensics lead, and security practice manager. He is also a featured security speaker around the world widely regarded as a leading technical thinker in information security.

Hamelin previously held technical leadership positions at VeriSign, Cox Communications, and Resilience. Prior to joining Tufin he was the Principal Network and Security Architect for ChoicePoint, a LexisNexis Company. Hamelin received Bachelor of Science degrees in Chemistry and Physics from Norwich University, and did his graduate work at Texas A&M University.

TOPIC:

WHEN:
Friday, February 4, 2011

11:30 – 12:00 Networking
12:00 – 1:00 Discussion

WHERE:
The Council on Developmental Disabilities
1151 S. 4th Street (map)
Louisville, KY 40203
http://www.councilonmr.org/
(502) 582-1995

DIAL IN:
1-866-340-2757  code: 4398752

Parking is available across the street in the old Winn-Dixie lot.

COST:
FREE – 1 Hour of CPE (Lunch – Free Pizza!)

Please RSVP to meetings@isacaky.org before February 1, 2011 at 5pm.

About the Speaker: