ISACA New England is proud to present a full day seminar in Portland, Maine on a variety of Information Technology, Audit, and Security Sessions.
** Register as a group of 5 or more and receive a $10 discount! **
The conference will include both a light breakfast and lunch.
WHEN: Thursday, May 15, 2014
TIME: 8:30AM-4PM (Registration + Light Breakfast Opens at 8:00AM)
PRICE: ISACA Members $110; Non-members $135; Students $20 (Student ID & Proof of Full Time Status is required at check-in)
LOCATION: University of Southern Maine - Abromson Center, 88 Bedford Street, Portland, ME 04101
Topics to include:
Keynote Presentations (8:30-10:00AM):
“A Modern Security Operation” - Presented by Matthew McCormack (RSA-EMC)
“Security and Compliance in Modern Healthcare” – Presented by Christopher Claudio (Winxnet) and including CIO/CISO panelists Tony Converse (Spectrum Medial Group), Ande Smith (Deer Brook Associates), and Barb Armstrong (Maine Medical Center)
Description: This session will commence with Matthew presenting various security models and methodologies seen in his role as CTO of RSA, the Security Division of EMC. Transitioning from Matthew’s presentation, Chris will be moderating a discussion with a panel of 3 experienced healthcare CIO/CISOs that have faced many of the challenges presented in the first segment of this session.
- Matthew McCormack is Chief Technical Officer (CTO) of RSA Global Public Sector at RSA, the Security Division of EMC. In his role as CTO, McCormack is spearheading technical strategy and partner relationships with the United States federal government, state and local governments, critical infrastructure organizations, and international public sector organizations.
- Christopher Claudio, Chief Executive Officer and co-founder of Winxnet, is primarily responsible for corporate direction, business development and sales. Winxnet is an IT outsourcing and consulting firm with offices across New England and the Southeast, working with corporations, healthcare organizations, non-profits and public sector entities of all sizes. We believe that providing IT services is about more than just keeping information secure and systems and devices operational. Our business is based on establishing relationships with our clients, understanding the challenges and then helping solve even the most complex of problems.
- Tony Converse, CIO, Spectrum Medical Group has worked for a wide range of companies, including Johnson Controls and several Fortune 50 corporations. His early career was primarily focused on directory and metadirectory services, as he led integration projects for environments ranging into millions of objects. Through this work, Tony was exposed to and developed a strong interest in the way technology is deployed to address business needs. Expanding on this experience, Tony continues to engage with organizations today to understand their overarching goals and build and implement technology strategies that enable them to succeed.
- Ande Smith is President of Deer Brook Consulting. Deer Brook provides legal and consulting services to businesses, with its principal focus in information security, privacy, and compliance. Ande personally provides advice in the areas of data breach response, assessments, and sustainable security and privacy program development and enhancements. Ande possesses diverse leadership experience, from serving as a Submarine Officer in the US Navy, to serving as the Director of Information Security and HIPAA Security Officer for the US division of a multi-national corporation, during which time he led a team of 16 people, with programmatic responsibility for more than 100,000 associates, 1,600 retail locations, and three data centers. Ande also served as COO and General Counsel for Tilson Technology Management, with its core focus in the telecommunications and IT consulting industries across a range of clients. Ande has practiced law for more than a decade, with experience both in private practice and as in-house counsel. Having attained the rank of Captain in the US Navy, he currently serves as the Director for Undersea Warfare Operations for the Submarine Force Reserve Component, with oversight of nearly 800 officer and enlisted sailors across the United States and delivering ready warfighters anytime, around the globe.
- Barb Armstrong, CISA, CISM, MSA, is Director, Information Privacy and Security at Maine Medical Center/MaineHealth. Barb’s team has responsibility for both Privacy and Information Security at Maine Medical Center and partners with other MaineHealth organizations in support of their Privacy and Security programs and processes. Her team supports technical information security, core EHR application security, privacy responsibilities, and network account security management for a number of locations. Prior to joining Maine Medical Center, Barb worked at L.L.Bean for many years in both technical and leadership roles covering Information Security, Compliance, and Information Systems Auditing. She started her career at Coopers and Lybrand (back then, one of the ‘big six’) out of Boston working as both a financial and systems auditor.
Session 1 (10:10-11:00AM): “Security On A Budget”
* Presented by Eugene Slobodzian (Winxnet)
Description: Many small to medium-sized business owners think that the likelihood of an information breach affecting their business is low, and therefore choose not to invest in a complex information security management system. What we will show you is that the cost of implementing basic security measures can be surprisingly affordable, especially when compared to the cost of a security breach. It is only through the understanding of the potential threats and the resulting cost of inaction that leaders can fully appreciate the need for a proactive approach to information security.
This session will discuss the fundamentals of information security, tips about the most-bang-for-your-buck security tools, and how to effectively minimize your risk with limited resources in a small business environment.
Speaker: Eugene V. Slobodzian, PhD, CISSP, CSSLP, VP of Security, Winxnet leads the information security division which combines expertise, expert software and proven processes to ensure results. With 17 years of experience in information security, Eugene is recognized as one of the most accomplished security experts in the region. He is a Certified Information Security Systems Professional (CISSP, 2004), has served on the executive committee of the Information Security Foundation (ISF), and holds an advanced degree in Physics from the University of Maine.
Session 2 (11:10AM-12:00PM): “The Explosion of Cybercrime - The 5 Ways IT May Be an Accomplice”
* Presented by Mark Villinski (Kaspersky Lab)
Description: Mobile devices, social media sites, and the exponential growth of cybercriminals are threatening your users and your data every day. Can your IT department become an unwitting accomplice to cybercrime? This session sheds light on the growing challenges facing IT today and discusses the 5 ways that IT departments may be unknowingly enabling cybercrime in their organizations. During this session, you will hear:
Speaker: Mark Villinski brings more than 15 years of technology sales, marketing experience and channel leadership to Kaspersky Lab. As Senior Manager, Field Marketing, Mark is responsible for field marketing efforts in the United States and for increasing awareness of Kaspersky Lab as a thought leader in the online security industry. Prior to joining Kaspersky Lab, Mark served as Director Worldwide Channel Operations at Enterasys Networks. Mark has presented at several industry conferences across North America addressing audiences on the challenges facing IT departments today and discussing ways organizations can protect themselves from the current threat landscape.
Session 3 (1:00-1:50PM): “Enterprise Security, Where Do We Go From Here?
* Presented by Roy Panting & Peter Dwyer (IBM)
Description: Enterprise security has evolved over the years to include firewalls, DMZ's, and access control applications. In today's environment these methods are just not adequate. Factors that are complicating enterprise security include mobile access, cloud computing, regulatory requirements and big data. Based on what we are seeing recently, the need for effective enterprise wide security has to be managed and controlled from a risk vs. cost perspective. During this presentation we will focus on how the enterprise security model has changed, how it can be applied today and more importantly where we think it may be heading in the future.
- Roy Panting is a Technical Sales Engineer with the IBM Center of Excellence group supporting Guardium on System z on a worldwide basis. He works out of the IBM Littleton, MA office. He has over thirty years of experience in a variety of technical areas spanning application programming, application testing, project management, systems programming, and pre-sales support. Roy has spent several years being directly involved with the IBM mainframe from both a software and hardware perspective. He has extensive experience with the z/OS operating system and the supporting subsystems including database management systems, security systems, communications systems and several integration products. Roy is a co-author of an IBM Redbook titled “Enabling z/OS Applications for SOA”.
- Peter Dwyer is a Principal Technologist and Sales Engineer with IBM Corporation. Peter has a passion for protecting “Sensitive Data”. His expertise is in RDBMS’s and database computing environments with over 20 years of experience, with a background in hardware and system design. He currently supports the IBM InfoSphere Guardium product including technical sales efforts. Peter was formerly a principal of the Certainty Group. There he focused on High Availability Systems and resolving Performance Challenges. His years as Chief Database Architect at EMC Corporation’s Advanced Internet Solutions Center added to his flexibility and depth in related areas such as: hardware & software design, project management, staff management and sales support. Mr. Dwyer has spoken at many professional conferences. Papers and presentations have made him known internationally in the field of databases and systems consulting. Peter is conversant in English, German, Portuguese & Spanish.
http://www-03.ibm.com/security/?lnk=mprSO-secu-usen - IBM Security
http://www-03.ibm.com/software/products/en/subcategory/data-protection - IBM Data Protection
Session 4 (2:00-2:50PM): “It Takes A Community”
* Presented by Sari Greene (Sage Data Security)
Description: Collectively, we have a civic duty to protect our citizens’ information, our critical infrastructure, how we work and how we play. Protecting our families, companies, communities, and country requires the participation of every user, decision maker, developer and designer. Instead of telling organizations what they should do, let’s inspire to do what they can do.
Speaker: Sari Stern Greene, CRISC, CISSP CISM NSA/IAM is the founder and currently serves as Managing Director of Sage Data Security. Sari specializes in Cyber Security Incident Preparation, Detection and Response. She works closely with the security community, law enforcement, and victims of cybercrime. She provided expert witness testimony in the groundbreaking PATCO v. Ocean National Bank case. She is the author of “Security Programs and Policies: Principles and Practices,” which has become a standard in undergraduate and graduate programs worldwide. Since 2010, she has served as the chair of Sage’s annual CyberCrime Symposium held in Portsmouth, NH.
Session 5 (3-3:50PM): “Cyber Security From The Tech Perspective”
* Presented by Mark Benton and Douglas Sax (Systems Engineering)
Description: Address your information security and compliance needs within the framework of the SANS Top 20 Critical Security Controls. Additionally, the proliferation of Distributed Denial of Service (“DDoS”) attacks over the past two years make this an essential topic.
- Mark Benton has been with Systems Engineering since 2010 as product manager to bring together customer, engineering and sales requirements around our products and services. Prior to joining SE, Mark managed the software-as-a-service "SaaS" operation for a software company servicing the pharmaceutical, aerospace and energy industries.
- Doug Sax, CISSP, has been with Systems Engineering since 2000 joining the managed services team and now is the lead engineer for our Managed Security (SIEM) service. Prior to joining SE, Doug worked in network and security administration at the Brunswick Naval Air Station.
Thursday, May 15, 2014 8:30 AM - 4:00 PM
University of Southern Maine - Abromson Center88 Bedford StreetPortland, Maine 04101
Cvent Online Event Registration Software | Copyright © 2000-2014 Cvent Inc. All rights reserved.