—< NORTHEAST OHIO INFORMATION SECURITY FORUM MEETING
—< Wednesday January 18, 2017
—< 6:30 PM – 8:00 PM
—< Pizza and social start 6:00 PM
—< Location: OEC at 4205 Highlander Pkwy Richfield, OH 44286
—< Open to everyone and free as always
The Northeast Ohio Information Security Forum will hold our monthly meeting at the above date and time.
What to Expect When Your Applications Are Being Pentested
by: Mike Woolard
This will be an open discussion on the top steps to prepare your organization for a third-party pentest of your applications. What are some of the pitfalls companies fall into when scoping the engagement, what to do while the test is going on, and preparing your company to respond to the results in a timely manner.
- Mike is a security analyst who has worked in the IT field for 16+ years. 14 of those years were spent in various IT roles including SysAdmin, SysEngineer, DBA, and NetEngineer. That experience has helped him in his current role, where Michael plays an integral part in all areas of the organization to help secure the processes and procedures. Michael manages risk assessments and pentests of the various web applications OEC builds, and leads the security awareness & education program where he designed many workshops and puts on many events. Mike has worked towards various certifications including the CISSP and CEH and is a contributing member of many local security organizations including Infragard, NEOISF, Clevesec and the Information Security Summit.
How to Win at Compliance, and Influence Auditors
by: Tom Kopchak
If you’re here, your organization inevitably is responsible for managing and conforming to numerous regulatory and compliance requirements. All too often, you will find yourself at the mercy of an individual auditor’s interpretation of these compliance requirements. As security professionals, helping our customers meet compliance requirements through the use of security reporting tools, we can definitely relate to this scenario.
This presentation will focus on various interpretations of compliance requirements that we have seen from different customers working with different auditors across a wide range of industries. Our intent will be to draw attention to these differences, and seek to ultimately encourage compliance efforts to be less subjectively and more objectively focused.
- Tom Kopchak is the Director of Technical Operations at Hurricane Labs, where he pretends to manage a team of network and system engineers, but is still an engineer and technology geek at heart. He holds a Master’s degree in Computing Security from the Rochester Institute of Technology, and has spoken at numerous infosec conferences around the country. When he is not working with computers, Tom enjoys composing, music improvisation (Acts of Music), and playing both the piano and organ.
Don’t forget to come early, starting at 6:00 PM, for food and soda, sponsored by TrustedSec.
Another great meeting from NEO Info Sec Forum – we hope to see you there!
– NEOISF Board –