The quarterly ISSA Utah Chapter 1/2-Day security seminar. Includes breakfast and lunch.
1) Securing the Virtual Environment | How to Defend the Enterprise Against
Presenter: Matthew Wallace, Director of Product Development, ViaWest, Inc.
2) Best Practices, Audit and Control for an Enterprise Vulnerability Management Program
Presenters: Grant Johnson & Jeff Buzzella, Qualys
3) IT Risk Management: Because You Can Have Too Much Security
Presenter: David A. Nelson, Jr. CISSP, Founder of Integrity Technology Systems
White Collar Crime Seminar
Hosted by the Utah Area Chapter, Association of Certified Fraud Examiners
Thursday and Friday, October 17-18, 2013
Salt Lake Community College, Taylorsville Redwood Campus
(2-page seminar info flyer: 2013 Utah Area Chapter Seminar)
Topics & Presenters
The State’s Best Practices for Detection and Prevention
Governor Gary R. Herbert, Utah State Governor
Procurement Fraud: Finding The Smoking Gun
Brian Payne, Author: White Collar Crime — Vice Provost, Graduate/Undergraduate Academic Programs at Old Dominion University
Conducting Effective Suspect Interviews
Alan Peters, Special Agent, Retired — Federal Bureau of Investigations
Third-Party Risk Management: An Added Dimension in a Corporation’s Ethics and Compliance Program
Sheri Fitzpatrick, CEO — Perfect Home Living
The IRIS Database, a Tool to Prevent/Detect Fraud
Scott Morrill, Program Manager — Investigations Division, Utah Attorney General’s Office
Financial Statement Fraud
Heidi George, Securities Examiner — Utah Division of Securities
The Fight Against Fraud: a Reporter’s Perspective
Tom Harvey, Reporter — Salt Lake Tribune
CyberCrime: Uncovered
Antonio Pooe, CEO — Exactech Forensics
Tax Fraud 2013
Matthew Bird, Criminal Investigator, Internal Revenue Service
Media & Insurance Fraud Schemes
Frank Scafidi, Public Affairs Director, National Insurance Crime Bureau
The Future of Android Security
Presenters: Alex Geiger and John Gluth, Green Hills Inc.
The global enterprise Android mobility market is growing rapidly, yet Android security solutions are in their infancy. We’ll discuss emerging technologies to address secure boot, data-at-rest and in-transit encryption, user authentication, and dual persona (BYOD/EOD) in an Android environment that has proven fertile to hackers. We’ll also touch on the U.S. Government initiatives to build an ultra-secure smartphone using commercial off-the-shelf technology.”
Agenda:
3:00 Introduction of Speakers
3:05 Presentation
4:00 Question & Answer
4:15 Speakers Depart/ISC2 Chapter Business
4:30 Light Refreshments
5:00 Depart
Conference, September 16th
Keynote – Mark Weatherford, Principal, The Chertoff Group
Why Targeted ICS Threats Call for Intelligence? – Michael Assante, Director, ICS & SCADA, SANS Institute
Counterintelligence: A Seat At The Table – Ray Batvinis, Professor, The George Washington Unviersity, FBI Supervisory Special Agent (Ret.)
Why Building An Intelligence Team Is Important For Critical Infrastructure Asset Owners – Kristan Wheaton, Associate Professor of Intelligence Studies, Mercyhurst University
Situation Awareness: From Zero To Sector Scale – Ben Miller, Senior Cyber Security Specialist, ES-ISAC
Building Intelligence Infrastructure To Protect Your Critical Infrastructure – Meredith Wilson, Principal Consultant and Advisor, Emergent Risk International
Developing An Internal Threat Intelligence Function – Darin Olton, Principal, Threat & Vulnerability Management
Intel Analyst training, September 17th and 18th:
- Understanding the intelligence challenge for critical infrastructure
- Real time risk management
- Cyber defense competency model
- Intelligence and Situational Awareness
- Situational awareness and intelligence requirements generation and gap analysis
- Situational awareness and threat intelligence tools
- Using OSINT tools to satisfy intelligence requirements
- Getting inside the OODA loop
- Attack Planning and Targeting
- Attacker characterization
- Threat identification
- High value target identification
- OSINT targeting
- Targeting countermeasures
- Creating and Using Situational Awareness and Threat Intelligence
- Attack scenario generation
- Indicator list development
- Review of intelligence management tools
- Analyzing and actioning incoming intelligence
- Review of cyber intelligence providers
- Development of an internal security ontology
- Industrial Control Systems Cyber Threat Environment
- OSINT analysis using ICS knowledge
- OSINT walk-down for ICS-related threat information
- Information Sharing
- Comparison of information received through info-sharing organizations/initiatives
- Infrastructure I&A Competition