Events
Let's Connect
Upcoming HALOCK Events
We are speaking at key cyber security events. Let’s make plans to connect at one of these sessions.
Past Information Security Presentations
ISC2 Silicon Valley: 5 things you can do now to survive a breach
When: March 12, 2024 - March 12, 2024
Where: San Jose
Description:
CypherCon: Risk Assessments & Ransomware
When: April 4, 2024 - April 5, 2024
Where: Milwaukee
Description: CIS and MITRE created a mapping of CIS Controls to MITRE’s ATT&CK model to help organizations see their weak spots against five threat types, including ransomware. Steve will show how CIS’ risk assessment method helps analysts determine risks associated with those weaknesses to prioritize fixes. SPEAKER: Steve Lawn
The Payments Academy: Understanding and Managing Requirement 12 in PCI DSS 4.0
When: May 5, 2024 - May 5, 2024
Where: Indianapolis, Indiana
Description: Requirement 12 in the PCI DSS applies in some way to all organizations validating compliance with the PCI DSS. The latest release of PCI DSS added 13 new requirements which include two types of Targeted Risk Analysis, changes to hardware and software maintenance, new PCI scoping requirements, updates to security awareness training and additions to the Incident Response Plan to help organizations maintain compliance. As well as the new third-party service provider requirements that should hopefully ease the burden merchants have previously seen to collecting third party service provider compliance evidence. This session offers a QSA’s interpretation and guidance on the requirements in section 12, as well as practical examples of how universities have addressed some of these challenges.
SPEAKERS: Justin Evans, MBA, PCIP, CPC, CPC-I, COC, Senior IT Security Analyst, University of Iowa and Viviana Wesley, PCI QSA, ISO 27001 Auditor, CISM, Principal Consultant, HALOCK Securities Labs
RSA Conference 2024: 5 Techniques to Evolve Risk Governance and Comply with SEC Cybersecurity Rule
When: May 7, 2024 - May 7, 2024
Where: San Francisco
Description: The SEC Cybersecurity Rule, PCI DSS 4.0 and NIST 2.0 are requiring us to evolve Risk Governance. This session will cover how to establish appropriate Risk Governance: 1. Is your program legally defensible 2. Define a “clear line of acceptable risk” 3. Define “total known risk” to your organization 4. A roadmap that reduces risk to an acceptable level 5. Justify budget requests in business terms
SPEAKER: Jim Mirochnik, Senior Partner, CEO, HALOCK Security Labs