We are attending, speaking, and sponsoring information security events throughout 2019. Let’s make plans to meet — we look forward to seeing you!
CyberNext Summit 2019 – KuppingerCole Analysts
When: October 8, 2019 - October 10, 2019
Description: Cybersecurity is shifting toward more distributed and dynamic models. Decentralized security infrastructure brings its challenges and opportunities. CyberNext Summit (#CNS19) summit will focus on the capabilities needed to achieve security in such a distributed environment, especially in the context of ever-increasing security threats.
SPEAKER: Chris Cronin
CISO of the Year Award Breakfast
When: October 15, 2019 - August 15, 2019
Description: This award has been established to publicly recognize top senior information security leaders through nominations, judges and support from within the local community. The award will be presented on October 15th at a Breakfast Ceremony at the Metropolitan Club of Chicago.
Health Management Academy – Risk Analysis 2.0, Health Care Data Security in the Age of Risk
When: October 17, 2019 - October 17, 2019
Description: • Discussion of HIPAA’s risk analysis and risk mitigation plan requirements
• How risk assessment frameworks are evolving, including the Duty of Care Analysis (DoCRA)
• How duty of care risk analysis builds consensus from the board room to the court room
• How best to prepare and respond to regulatory investigations and plaintiffs’ lawsuits
• How IT and Compliance can be enablers of the organization's mission
CAMP IT Leadership Strategies: How to Secure the Budget You Truly Need – Translating Technology Costs to Business Value
When: October 17, 2019 - October 17, 2019
Description: SPEAKER: Jim Mirochnik Have you found yourself in front of the Board or senior leadership team, requesting a larger budget or more resources - frustrated that no one understands the real risk at hand? Do you receive the budget and resources you need to cover your responsibilities, or do you have to fit into an existing budget that may have little to do with what is actually needed?Too often, IT and the Business are speaking different languages. IT speaks the language of risks and costs, while Business speaks the language of investment and revenue. The lack of a common language leads to frustration on both sides. This session demonstrates, using real-life examples, how Duty of Care Risk Analysis (DoCRA) can translate technology initiatives to business value and help secure the budget you truly need!
Institute of Real Estate Management (IREM) Cybersecurity Webinar: Safekeeping Your Online Accounts – How to stop hackers from taking your money and information.
When: October 22, 2019 - October 22, 2019
Description: Safekeeping Your Online Accounts - How to stop hackers from taking your money and information. Security professionals get asked all of the time "What are the top things that I should be doing right now to keep my online accounts safe?" There are many "attack paths" that bad actors take to attempt to get to your money. Knowing what these attacks are - and what to do to protect your online accounts is the answer to the question asked above.
This session will cover how the attacks are planned and carried out, and the keys to protect your accounts and data. Some topics include the concepts of phishing, spear-phishing, call fraud, scareware, extortion and the ways to protect against them, such as password approach, protecting email, devices and social media accounts.
After attending this session, participants will be able to:
• Understand the various attack paths that bad actors take to get to user accounts.
• What users generally do wrong that helps the bad actors win.
• Be aware of the key things to do to protect online accounts.
(ISC)² Security Congress: The Questions a Judge Will Ask You After a Data Breach – What is Reasonable
When: October 30, 2019 - October 30, 2019
Where: Orlando, FL
Description: What is “reasonable” security? If you are breached and your case goes to litigation, you will be asked to demonstrate “due care.” This is the language judges use to describe “reasonable.” Organizations must use safeguards to ensure that risk is reasonable to the organization and appropriate to other interested parties at the time of the breach. This presentation references case law, regulatory oversight and the Center for Internet Security Risk Assessment Method (CIS RAM), with a discussion on the future implications of this approach toward defining reasonableness. CIS RAM is based on the Duty of Care Risk Analysis standard (DoCRA.org) and is recognized by attorneys, regulators and interested parties for its ability to demonstrate reasonable implementation of controls. SPEAKERS: Terry Kurzynski, DoCRA Council and Aaron DeMaster, Rexnord Learning Objectives:
Define risk assessment criteria so they allow for comparison, reflect the organization’s values and will hold up to public scrutiny.
Model and select threats that are relevant to information assets and controls.
Estimate the likelihood of risks.
When: November 12, 2019 - November 12, 2019
Where: Milwaukee, WI
Description: MCSA Meeting
AHLA Fundamentals of Health Law Conference Questions a Judge Will Ask You After A Data Breach
When: November 19, 2019 - November 19, 2019
Where: Chicago, IL
Description: SPEAKERS: Terry Kurzynski, HALOCK Security Labs & Jennifer Rathburn, Foley & Lardner
Infosecurity ISACA North America conference: Duty of Care Risk Assessment (DoCRA)
When: November 20, 2019 - November 20, 2019
Where: New York
Description: A discussion of the new Duty of Care Risk Assessment methodology (DoCRA) for infosecurity also known as the Center for Internet Security Risk Assessment Method (CIS RAM) Discuss what sets this method apart and why it is an important business tool. After this session you will be able to: Understand what sets the Duty of Care Risk Assessment apart from all others.
Understand what regulators are looking for in a complete and thorough risk assessment and how the Duty of Care Risk Assessment fulfills those regulations and standards.
Understand what basic questions are asked during litigation after a breach and how the Duty of Care Risk Assessment answers those questions.
Understand how to complete a Duty of Care Risk Assessment along with where to get the free tools to successfully complete the assessment. SPEAKER: Tod Ferran, CISSP, QSA, ISO 27001
Managing Consultant Infosecurity ISACA North America Conference