The Utah chapter of the ISSA is pleased to announce our Fall Security Seminar.
Presentations from the Event:
2013-Fall_Enterprise-Vulnerabilties-Mgmt-Best-Practices_Qualys
2013-Fall_Too-Much-Security_Nelson
2013-Fall_Securing-the-Virtual-Environment_OPS-CSM1209_Ottenheimer
Registration is closed.
(check-in starts at 8:30 am) ISSA and ISACA
Cost: members: $35, Non-members: $50,
Limited seating – register today!
Where: LDS Riverton Office Building (see map for directions).
Note: Those who register online prior to the event, are not required to provide photo id at the door.
Credit: 3 CPE Credits
Join ISSA: To join the ISSA at https://www.issa.org/Join.html. General membership annual fee is $110; student fee $45 per year.
Featured Speakers
Grant Johnson & Jeff Buzzella, of QUALYS
“Best Practices, Audit & Control of a Enterprise Vulnerability Management Program”
- What is Enterprise Vulnerability Management (EVM)?
- What are the Key elements of the EVM program?
- IT Inventory – Risks and Control Tests.
- Vulnerability Scope and Risk evaluation – Risks and Control Testing.
- Vulnerability Scanning – Things to be aware of…
- Remediation Process /Tickets/ Risk and Control Testing.
- Exception Process – What you choose to ignore can bite you!
Davis A. Nelson, Jr., Founder of Integrity Technology Systems.
“IT Risk Management: Because You Can Have too Much Security”
Dave will show how using proper IT risk management techniques can help organizations prioritize information security expenditures to get the best ROI.
Matthew Wallace, Director, Product Development, VIAWEST.
“Securing the Virtual Environment: How to Defend the Enterprise Against Attack.”
This presentation offers a broad look across virtualization used in various industries as well as a narrow view of vulnerabilities in virtual environments. Examines the difference in a virtual model versus traditional computing models and the appropriate technology and procedures to defend it from attack:
- Dissects and exposes attacks targeted at the virtual environment and the steps necessary for defense;
- Covers information security in virtual environments: building a virtual attack lab, finding leaks, getting a side-channel, denying or compromising services, abusing the hypervisor, forcing an interception, and spreading infestations;
- The state of security and compliance in the cloud.