ISACA Kentuckiana Chapter

ISACA CHAPTER MEETING NOTICE (January 20, 2012)

cjohnson — Thu, 12 Jan 2012 20:04:02 +0000

Please join us for our January monthly meeting, which will be held on January 20th from 11:30 AM to 1:00 PM. Our guest speaker will be Mayur Shah from Cisco and this event is free to all members.

Do you know what computers are connected to your network? Are you sure staff aren’t bringing in laptops from home? What about the night cleaning crew? Without NAC you have no way to ensure that only your companies computers are connecting to the network. What happens when an unauthorized computer connects to the network? Could they get your latest patent details? Your patient information? Or your other corporate data?

Attend this ISACA meeting on Network Access Control, presented by Cisco, to learn more about the risks of not controlling your networks borders.

Where:
Humana
321 West Main Street10th Floor East Tower
Louisville, Kentucky 40202

About the Speaker:
Mayur Shah is a product manager responsible for the Cisco NAC product line. He has 16 years of IT experience mainly in Middleware, Security and Policy and prior to Cisco, he was at BEA Systems (Acquired by Oracle), working on Application Middleware and Security.

Jimmy John’s will be provided for lunch by Cisco.

There will also be a WebEx session available for this meeting so please select this ticket type if you would prefer to attend via WebEx. The WebEx link will be provided 1 day prior to the January, 20th meeting.

Register

ISACA 2011 Holiday Social and Annual General Meeting

cjohnson — Mon, 05 Dec 2011 21:18:30 +0000

You are invited to celebrate another great year with us at the 2011 Kentuckiana Holiday Social and Annual General Meeting. Come network with us in a casual and relaxed atmosphere.

Hors d’oeuvres to be served: Cheese Sticks, Chicken Fingers,
Spinach Artichoke Dip, Classic Potato Skins

2 drinks free and Cash bar available.

Prize drawings hourly and potential members welcome!

WHEN:
December 14th 2011 (Wednesday) from 5:00-8:00pm

WHERE:
Fox and Hound (Click for Map)
302 Bullitt Lane
Louisville, KY 40222
502-394-7620

ISACA CHAPTER MEETING NOTICE (October 21, 2011)

cjohnson — Wed, 12 Oct 2011 20:22:00 +0000

TOPIC: Multifactor Authentication

WHEN:
Friday October 21, 2011
11:30 – 12:00 Networking
12:00 – 1:00 Discussion

WHERE:
Mountjoy Chilton Medley
462 S. 4th Street
26th Floor
Louisville, KY 40203

DIAL IN: 1-866-340-2757 code: 4398752

COST: FREE – 1 Hour of CPE (Lunch Included)
Please RSVP to meetings@isacaky.org before October 19, 2011 at 5pm.

About the Speaker:
How does your company conduct remote access? Are you only required to enter a username and password? Do you have to enter any other information? If the answer to these questions are no, you may be at risk to having credentials stolen. Multifactor authentication is a solution to help secure remote access. In this meeting, PhoneFactor, a leading vendor of multifactor authentication will present the case for multifactor authentication.

Jonathan Wood from PhoneFactor
http://www.phonefactor.com/

Nashville InfoSec 2011

cjohnson — Fri, 26 Aug 2011 13:55:59 +0000

InfoSec 2011 co-hosted by the Nashville Technology Council (NTC) and the Middle TN ISSA chapter will be at the Nashville Convention Center again on September 15th. We expect over 400 attendees and ~30 sponsors again this year. We’ve kept pricing low again this year to encourage as many IT executives, staff, and cyber security minded business people to join us as possible, including corporate pricing of $75 per person for groups of 10 or more attendees and educational pricing of $50 for students and educators (breakfast, lunch, reception included). We have 3 stellar keynotes lined up including Richard Thieme (Defcon creator/speaker), Marc Maiffret (CTO eEye Security) and David Houlding (Healthcare Security & Privacy Lead Architect at Intel) and 18 different breakouts to choose from including our Platinum Sponsor this year Palo Alto/Prosys. It’s a fantastic lineup.

Don’t miss out on this full day of security education (CPE available), hands-on labs, new capture the flag (CTF) event and vendor partner technology sponsor showcase!

Register today
See full schedule/speakers

ISACAKY November Training Event

cjohnson — Mon, 22 Aug 2011 19:36:05 +0000

ISACAKY will be hosting a 2 day training event November 3-4 (8AM-5PM) covering the topic of linguistic lie detection. All class attendess will be receiving 16 CPE credits and breakfast,lunch, and snacks will be provided. The cost of this course is $350 for Members and $400 for Non-Members. A corporate rate is available for companies wanting to send more than 2 people to this class. Please act soon as the registration deadline for this class is Oct 20th and there is a limit of 40 total students allowed. To sign-up for this class please contact Mitch Greenfield. As part of the training we will be giving away a Acer Iconia tablet!

Gathering information is an integral part of any investigation or audit. Discover the most effective way to gather information for your investigation or inquiry. Learn the proper way to take a statement. Learn when to ask the questions, when to ask for the statement and how to obtain the most information. Of utmost importance, you will learn how to maintain a rapport with the person you are investigating without revealing what you know or don’t know about the case.

This 2-day session presents an overview of how statement analysis is used in business and investigative areas. Session participants learn the basics of information gathering and how to interpret the information they receive. In an interactive setting, attendees will be able to apply Statement Analysis basics to a variety of high profile media cases and see what the subject really meant. Information gathering basics will be covered in order assist the audit professional to gather necessary information for any investigative purpose. Session attendees will also analyze a complete statement and be able decipher the linguistic code within the body of the statement.

Learn what types of questions produce the most effective responses.
Discover how a truthful person speaks vs. an untruthful person.
Learn how to obtain the most information.

Instructor Bio

Nejolla Korris is CEO of InterVeritas Intl. which provides anti-corruption consulting, interviewing and interrogation training, investigative services, intelligence gathering, litigation support, linguistic statement analysis, employee audits and reference checks to corporations. Ms Korris is an international expert in the field of Linguistic Lie Detection. She is skilled in Scientific Content Analysis (SCAN), a technique that can determine whether a subject is truthful or deceptive.

Korris has analyzed documents for fraud, international security, arson, sexual assault, homicide and missing persons’ cases, causing some of her clients to dub her the “Human Lie Detector.” Korris has taught this methodology throughout North America, Europe, the Middle East, Brazil and South Africa. Her clients include corporations, government agencies, law enforcement and the military.

ISACA Member Training Fee Payment via PayPal

Where

Republic Bank & Trust

9600 Brownsboro Road

Louisville, KY 40241

View Larger Map

ISACA CHAPTER MEETING NOTICE (September 23, 2011)

cjohnson — Thu, 18 Aug 2011 18:32:45 +0000

TOPIC: The State of Web Application Security

WHEN:
Friday September 23, 2011
11:30 – 12:00 Networking
12:00 – 1:00 Discussion

WHERE:
Mountjoy Chilton Medley
462 S. 4th Street
26th Floor
Louisville, KY 40203

DIAL IN: 1-866-340-2757 code: 4398752

COST: FREE – 1 Hour of CPE (Lunch Included)
Please RSVP to meetings@isacaky.org before September 20, 2011 at 5pm.

About the Speaker:

Grant Murphy is Vice President of Enterprise Solutions managing worldwide sales for the Barracuda Web Application Firewall and the Web Filtering products at Barracuda Networks. Murphy brings significant experience in the Web proxy/cache market and how these technologies can be used to secure employee’s Internet Access as well as the sites they are accessing. He has been a frequent speaker at many security industry events worldwide over the past four years. Prior to joining Barracuda, he was responsible for sales of McAfee’s Web and Email filtering products. Murphy earned his CISSP accreditation in March of 2006.

COBIT 5 Exposure – 10 free CPEs!

cjohnson — Thu, 18 Aug 2011 17:53:05 +0000

ISACAKY chapter members have a wonderful—and rare—opportunity to have their voice heard, contribute to the profession and earn up to 10 free CPEs! Two COBIT 5 documents are available for public comment at COBIT 5 Exposure. The deadline for comments has been extended to 18 September 2011 so we can incorporate feedback from as many professionals as possible.

These comments are extremely important, as they help ISACA validate the quality and acceptability of the COBIT 5 development work, which is critical to its position as a generally accepted reference source. All levels of participation are welcome, so members of our chapter can choose to comment on all or specific parts of the draft documents.

COBIT 5 will be a major evolution of the globally recognized COBIT guidance, incorporating the most up-to-date thinking in enterprise governance and management techniques. This is a unique opportunity for our chapter members to be a vital part of guidance that is used and respected by many enterprises around the world.

The comments and contributions of our members help ensure that COBIT 5 will represent what professionals truly need and value.

We have tried to make the review and comment process as efficient as possible.
First, download the public exposure drafts for COBIT 5: The Framework and COBIT 5: Process Reference Guide at cobit5exposure.
After reviewing the documents, use the questionnaire on the same web page to provide feedback. To add more details, please use the feedback form on the same site.

ISACA CHAPTER MEETING NOTICE (JULY 1, 2011)

cjohnson — Fri, 24 Jun 2011 01:17:30 +0000

Joint ISACA/ISSA Kentuckiana Chapter July 2011 Meeting
Friday, July 1, 2011 from 11:30 AM – 1:00 PM

Please join us for our July monthly meeting, which will be a joint meeting with ISSA held on July 1st from 11:30 AM to 1:00 PM. Our guest speaker will be Mitchell Greenfield, Information Security Architect for Humana Enterprise Information Security. The title of Mitchell’s presentation is “How Humana re-engineered the SDLC to include security.”
This talk was focus on how Humana, a Fortune 100 company, re-engineered their Software Development LifeCycle to begin the march down the path to software security assurance. Mitch Greenfield of Humana Enterprise Information Security will discuss the challenges of incorporating software security assurance best-practice into a large, diverse technology-driven organization which builds, buys and acquires applications at a rapid pace to meet business demand.

This talk will focus on how a business-driven approach to software security assurance can succeed, and discuss the challenges of redesigning existing project release processes, building the business case for software security assurance, incorporating additional training for developers, code scanning technology, and how the creation of a new role – the FSA (Functional Security Analyst) fit into the technology organization.
Mitch will provide practical lessons learned from Humana’s ongoing maturation process into a culture recognizing security as a fundamental building block of software quality. Mitch will discuss how, through the partnership with HP’s Application Security Center, Humana was able to modify processes, create a new functional security role, and build business value based on delivering software security.

BIO: Mitchell Greenfield is currently an Information Security Architect for Humana Enterprise Information Security. He conducts ethical hacking and penetration testing for Humana, including business partners and acquisitions. Mitch is a Certified Ethical Hacker (CEH), Certified Security Analyst (ECSA), Licensed Penetration Tester (LPT) and Certified Information Security Auditor (CISA). Mitch is currently the VP of Programming for the Kentuckiana chapter of ISACA and holds an MS in Information Systems and a BS in Informatics from Indiana University – Bloomington.

ISACA CHAPTER MEETING NOTICE (MAY 20, 2011)

cjohnson — Tue, 14 Jun 2011 14:38:21 +0000

TOPIC: Managing Privileged Users

WHEN:
Friday May 20, 2011
11:30 – 12:00 Networking
12:00 – 1:00 Discussion

WHERE:
Yum Brands!, Inc
1441 Gardiner Lane
Louisville, KY 40213
View Map

DIAL IN: 1-866-340-2757 code: 4398752

COST: FREE – 1 Hour of CPE (Lunch Included)
Please RSVP to meetings@isacaky.org before May 19, 2011 at 5pm.

About the Speaker:
Mark Martin, Senior Sales Engineer for Application Security, Inc. has been in I.T. for 28 years. He has worked on the vendor side for the past thirteen years where he has provided application and database background expertise to developers. Mark has worked in Financial Services for First Data, Chase and Brown Brother Harriman, Insurance Guardian and Blue Cross, and on the Vendor side for Micro Focus Cobol, NEuVis (Java Development tool), and Embarcadero specializing in Database tools.

ISACA Iowa Chapter Seminars

cjohnson — Mon, 18 Apr 2011 18:34:32 +0000

The ISACA Iowa Chapter is hosting two Spring 2011 Seminars:
Virtualization Security and Audit – May 24 and 25,
Mobile Security and Control – May 26 and 27

Fee for ISACA Members: One Seminar $250, Both Seminars $450

CPE: Attendees will receive 16 CPEs per seminar with a maximum of 32 CPEs

Please see the following document for more information on attending the seminars.
2011 ISACA Iowa Chapter Spring Seminars