DATE: Thursday March 11, 2010
TIME: 12:00pm - 3:00pm (3 CPE) (bring your lunch)
COST: No charge - RSVP required
LOCATION: East Jefferson Regional Library, 4747 W. Napoleon Ave, Metarie 70001
RSVP: Please RSVP to president@isaca-nola.org by Wednesday March 10 if you will attend
SUMMARY: The session will discuss:
(1) Understanding Cyber Assets in Critical Infrastructure (CI)
(2) Example CI Cyber Incidents
(3) Continued Cyber Threats and Vulnerabilities
(4) Responding to Events of Interest (Incident Handling)
After the session, during the basic table-top exercise, a described scenario will be provided to the participants. Participants are briefed on the event that has occurred or is in progress, and are asked to apply their knowledge, skills and organization’s IRP to a list of problems presented. The complexity of navigating your own organization’s IRP, the variety of organizations attending and the scenario itself typically creates an incredible educational atmosphere.
The tabletop exercises are modularly designed. Issues addressed in the table-top exercises typically include:
Adverse effects arising from the implementation of a security patch
Alarms indicating a door, gate or window has been opened without authorization
Alerts for detected cyber security incidents
Discovery of malware
Establishing ports and services for emergency operations
Reporting to the sector’s Information Sharing and Analysis Center (ISAC)
Retention of audit trails of system events
Unauthorized access attempt to the physical security perimeter
Unauthorized access to sensitive cyber security or reliability data
Unauthorized access to shared system accounts
SPEAKER: Matt Luallen, Encari
Matthew E. Luallen is a well-respected information security professional, researcher, instructor and author. Mr. Luallen serves as a Co-Founder of Encari, a critical infrastructure information security consulting company. He consults with both governmental and commercial sectors, including a multi-client base of public utilities and other power market organizations, national laboratories, financial institutions, and law enforcement. He has written, consulted and trained extensively on process control and SCADA security issues. He has worked extensively with electric utilities on compliance with the cybersecurity regulations of the North American Electric Reliability Corporation (NERC). Prior to incorporating Encari, Mr. Luallen provided strategic guidance for Argonne National Laboratory, U.S. Department of Energy, within the Information Architecture and Cyber Security Program Office.
In an effort to promote education and collaboration in information security, Mr. Luallen is an instructor and faculty member at several institutions. Mr. Luallen is adjunct faculty for DePaul University instructing the Computer Information and Network Security Masters degree capstone course. He is also a certified instructor and CCIE for Cisco Systems instructing security technologies such as firewalls, intrusion prevention, virtual private networks and general secure information architecture. As a certified instructor for the SANS Institute Mr. Luallen teaches infrastructure architecture, wireless security, web application security, regulatory and standards compliance, and security essentials. Mr. Luallen is a graduate of National Technological University with a Master's Degree in Computer Science. Mr. Luallen also holds a Bachelor of Science degree in Industrial Engineering from the University of Illinois, Urbana.
Past presentation
************GNO ISACA APRIL MEETING**************
TOPIC: "Taking Control of Your User Accounts"
WHOM SHOULD ATTEND: 1st hour for Directors and CIOs looking for greater control over cost/security and subsequent 2hr tutorial for security/sysadmins and auditors.
DATE: Thursday April 8, 2010
TIME: 12:00pm - 3:00pm (3 CPE) (bring your lunch)
COST: No charge RSVP required
LOCATION: East Jefferson Regional LIbrary, 4747 W. Napoleon Ave, Metarie 70001
RSVP: Please RSVP to president@isaca-nola.org by Wednesday April 7 if you will attend
SPEAKER: Dustin Puryear, Baton Rouge Puryear Inc.
SUMMARY:
Please help ISACA researchers by filling out these questionaires:
1. Karen Quagliata (member of St Louis, MO chapter and doctoral student at University of Fairfax) (10-15 min): Survey on Critical Components of Information Security:
http://www.surveymonkey.com/s/QDWSJV6
March 24, Wednesday 11:30am-1:00pm "Managing 3rd Party Application Security Risk" by Erik Peterson, Sullivans Steakhouse more info
April 8, Thursday -- GNO ISACA Monthly Meeting: "Taking Control of Your User Accounts" by Dustin Puryear. 1st hour for Directors and CIOs looking for greater control over cost/security and subsequent 2 jr tutoral for security/sysadmins.
April 16, Friday --IIA New Orleans Seminar "Today's Internal Audit Leader; Conflict Resolution and Problem Solving" with speaker Ed Robinson. 8am-5pm 8 CPE $125 IIA members $150 non-members http://isaca-nola.org/files/IIAApril.pdf
April 23-25: Tiger Trap http://tigertrap.org for more information. This is a capture the flag exercise sponsored by Baton Rouge Infragard and BR ISACA.
April 27, Tuesday -- IIA/ISACA Baton Rouge present: Practical Stats: Statistical Sampling for Auditors 8:30-4:30 at BCBS Mail Campus $125 Link to more information at http://isaca-nola.org
May 13: Annual General Meeting (board election) Please consider volunteering for a position on the board!
_______________________________________________
See this link for the Nov 24, 6pm WWL-TV news story on spear phishing and ACH Fraud http://www.wwltv.com/news/Hackers-Go-Spear-Phising-72999427.html
FROM SATURDAY 9/26/09: PODCAST-Excelling with Liz: Online Bank Fraud:http://lizreyes.com/?page_id=2 WGSO 990am 1pm. Click Infragard Cyber Security SIG Announcements link at left for detailed suggestions mentioned on the show.
Also see ABC26 10pm News October 21 for ISACA/Infragard interview about online banking fraud.
What's New -- Last Updated 3/5/2010