Archive for August 2013

Fall Security Seminar 2013

The Utah chapter of the ISSA is pleased to announce our Fall Security Seminar.


Presentations from the Event:

pdf 2013-Fall_Enterprise-Vulnerabilties-Mgmt-Best-Practices_Qualys

pdf 2013-Fall_Too-Much-Security_Nelson

pdf 2013-Fall_Securing-the-Virtual-Environment_OPS-CSM1209_Ottenheimer


pdf  Full Event Details Here

Registration is closed.


When: Thursday, 26 September 2013; 9:00 am – 1:00 pm

(check-in starts at 8:30 am) ISSA and ISACA

Cost: members: $35, Non-members: $50,
Limited seating – register today!

Where: LDS Riverton Office Building (see map for directions).
Note: Those who register online prior to the event, are not required to provide photo id at the door.

Credit: 3 CPE Credits

Join ISSA: To join the ISSA at General membership annual fee is $110; student fee $45 per year.


Featured Speakers

Grant Johnson & Jeff Buzzella, of QUALYS

“Best Practices, Audit & Control of a Enterprise Vulnerability Management Program”

  • What is Enterprise Vulnerability Management (EVM)?
  • What are the Key elements of the EVM program?
  • IT Inventory – Risks and Control Tests.
  • Vulnerability Scope and Risk evaluation – Risks and Control Testing.
  • Vulnerability Scanning – Things to be aware of…
  • Remediation Process /Tickets/ Risk and Control Testing.
  • Exception Process – What you choose to ignore can bite you!


Davis A. Nelson, Jr., Founder of Integrity Technology Systems.

“IT Risk Management: Because You Can Have too Much Security”

Dave will show how using proper IT risk management techniques can help organizations prioritize information security expenditures to get the best ROI.


Matthew Wallace, Director, Product Development, VIAWEST.

“Securing the Virtual Environment: How to Defend the Enterprise Against Attack.”

This presentation offers a broad look across virtualization used in various industries as well as a narrow view of vulnerabilities in virtual environments. Examines the difference in a virtual model versus traditional computing models and the appropriate technology and procedures to defend it from attack:

  1. Dissects and exposes attacks targeted at the virtual environment and the steps necessary for defense;
  2. Covers information security in virtual environments: building a virtual attack lab, finding leaks, getting a side-channel, denying or compromising services, abusing the hypervisor, forcing an interception, and spreading infestations;
  3. The state of security and compliance in the cloud.

How Do I Join ISSA?

Glad you asked!  Just visit the National ISSA Website for all the info.

The URL for new member sign up is