Viewing 0 current events matching “Audit” by Date.

Sort By: Date Event Name, Location , Default
No events were found.

Viewing 7 past events matching “Audit” by Date.

Sort By: Date Event Name, Location , Default
Nov 8, 2017
2017 ISACA SALEM Cyber Security Symposium
Chemeketa Center for Business and Industry in Salem, OR

Collection of timely and relevant presentations to address Cyber Security Trends

8 CPE, 4 Sessions

Session 1: Complex Adaptive Systems: How real life interactions translate into loosely coupled systems design Presenter: Michael Adsitt, VP at Duff & Phelps

Session 2: Security Panel: Building and Navigating a Career in Information Security, Privacy and Compliance disciplines Presenters: Jayashree Srinivasan, Oregon Dept. of Revenue; Jeremy Lyon, ODS; Madeline Zamoyski, New Relic; Paul Speed, Columbia Sportswear

Session 3: GDPR Compliance: Preparing an Approach Presenter: Madeline Zamoyski, Product & Privacy Attorney, New Relic

Session 4: DOX’ing Yourself: How Hackers Find Personal Information about You Presenter: Paul Speed, Information Security Engineer, Columbia Sportswear

PRICING: Earlybird: Through 10/27/17 ISACA Members: $75 Non-Members: $125

After: 10/27/17 ISACA Members: $100 Non-Members: $150

November 2017 ISACA Luncheon - Security Containerization

ISACA Luncheon Event: Security Container Adoption in Enterprise Environments

Across the world, organizations are using containerization technologies such as Docker and Kubernetes as a security boundary without a strong understanding of the underlying design. These technologies are often misconfigured, which can provide attackers with a means to gain a foothold within an organization, elevate privileges, or spread laterally throughout a modern enterprise network. During this presentation, we will analyze common use cases for a containerization environment and demonstrate tools these technologies provide to protect the host from an attacker within the container. We will discuss in detail the common threats facing these environments, as well as technical and administrative controls to detect and protect against attacks on containerization infrastructure.

Speaker: Lucas Rosvar, NCC Group Lucas Rosevear has been a Security Consultant at NCC Group since September, 2015, working from NCC's Seattle, WA office. Through projects at NCC Group, Lucas has performed a range of testing, including: - Network Penetration Testing - Web Application Penetration Testing - Blackbox and Config-assisted Container Reviews - AWS Config Reviews

Prior to NCC Group, Lucas became an OSCP and a member of the Phi Theta Kappa Honor Society.

Cost: ISACA Members: $25.00 Guests and Non-Members: $30.00

We expect this event to sell out. Attendance will be limited to the first 70 registrations. Do not delay, and register today!

Feb 8
ISACA Luncheon Event: "Building and Sustaining a Threat Intelligence program"

Speaker: Chris Nolke, CISO, Portland General Electric (PGE)

Chris is an experienced information security leader with experience building and operating threat intelligence programs at Nike and more recently at SureID prior to joining Portland General in October.

With a passion for engineering and sports cars, Chris will share his lessons and perspectives on building and operating threat intelligence programs that are engineered for success without having to worry about changing the oil frequently.

Apr 18
Incident Response and Vulnerability Management Seminar
Oregon Department of Fish & Wildlife

Join ISACA and the Salem IIA on April 18, 2018 as we present an in-depth seminar on Incident Response and Vulnerability Management


Two industry practitioners, Russ McRee from Microsoft and Ousàma Lakhdar-Ghazal from Umqua Bank, will be sharing their experiences and best practices for prevention, detection and responding to critical incidents, as well as discussing managing vulnerabilities.

Russ McRee is the principal security group program manager of the Blue Team for Microsoft’s Windows & Devices Group. He writes toolsmith, a monthly column for information security practitioners, and has written for other publications including Information Security, (IN)SECURE, SysAdmin, and Linux Magazine. Russ has spoken at events such as DEFCON, Derby Con, BlueHat, Black Hat, SANSFIRE, RSA, and is a SANS Internet Storm Center handler. He serves as a joint forces operator and planner on behalf of Washington Military Department’s cyber and emergency management missions. Russ advocates for a holistic approach to the practice of information assurance as represented by

Ousama Lakhdar-Ghazal is currently the technology risk officer for Umpqua Bank, managing risk and coordinating risk coverage for technology. Prior to joining Umpqua, Ousama was a compliance manager for Nike Inc., and prior to that a manager at Deloitte in their Cyber Risk Services group.

Pricing: $45 members (ISACA or IIA) $55 non-members and guests

Details: Afternoon Refreshments will be provided. Parking: Free Parking at the venue. No pass required.

May 10
ISACA Luncheon - "Executing a Security Strategy for a High Transaction Digital Environment

May 10, 2018 ISACA Luncheon - "Executing a Security Strategy for a High Transaction Digital Environment: Lessons from the Trenches"

Speaker: LJ Johnson, NIKE Information Security Sr. Director (Retired)

With a career spanning more than three decades, LJ Johnson is a well known security industry leader within the local Portland community. For the past 20 years, LJ has held several roles within NIKE’s Information Security organization as well as holding leadership positions in Business Operations, Organizational Change Management, and Global Supply Change Management. LJ’s more recent experience was building an Information Security Program for NIKE’s digital commerce organization.

Having a holistic background in both business operations and technology delivery provided LJ with the credibility and experience to create an information security service designed for high transaction activities and emerging technologies. Come listen to LJ as she shares lessons from the trenches in building an adaptable and sustainable information security program from a digital commerce perspective.

May 21
2018 Spring Training: IT Security and Audit Symposium
through Clackamas Community College - Wilsonville

Spring Training

Day 1:

1) Keynote: Blockchain: More that Cryptocurrency: Michael Reed (Intel)

Presentation on the origin of blockchain technologies and its evolution to a key technology in pursuit of increased efficiencies and new business models. Is your enterprise ready for blockchain?

2) Micro Segmentation and Cloud-A blueprint for protecting your golden egg: Tyler Hardison (RedHawk Security) (EVENT SPONSOR)

3) Benefiting from PCI – Even if Compliance is Not Required: Bowe Hoy (Sword&Shield) and Mike Griffin (Circle K Stores, Inc.)

The Payment Card Industry Data Security Standard (PCI DSS) can be beneficial to your organization, even if compliance to it is not a requirement. PCI DSS features a number of valuable guidelines to help your organization improve its security posture, technology auditing, and business operations. This session will help you understand the key components of PCI DSS and how your organization can benefit from implementing it. You will receive practical lessons through case studies about organizations that have successfully implemented PCI DSS. Whether these organizations were required to comply with PCI DSS, or chose to adopt it – they became a better organization because of it. And you can learn how to do the same for your organization.

4) Certificate Security and Frameworks for a Public CA: Derek Thomas and Scott Perry

As the ubiquity of on-line shopping continues to amplify our digital environment, ensuring a trusted on-line transaction becomes critical to building the brand loyalty and experience once relished within the physical brick and mortar retailer. The ability to ensure a trusted and secure transaction is not new, however the scrutiny placed on that trust is at an all time high with significant changes in the issuing community and the scrutiny ensuing from the browser community for secure and reliable trusted certificates.

In this presentation, Scott Perry, Partner and Derek Thomas, Managing Director, of Scott Perry CPA, one of six licensed CPA firms performing Certificate Authority audits, will discuss the changing landscape of on-line transactional trust and the requirements of Certificate Authorities. The presentation will include a discussion and overview of an established but less known framework for evaluating and auditing the performance of Certificate Authority practices and considerations applied to evaluating the security of your on-line transactions.

Day 2: 5 Sessions: Various Presenters

5) Current Economics of Cyber: David Hobbs: Radware

Often we discuss the changing threat landscape from a pure technical or vulnerability picture, however this does an injustice to element of ease, cost and access to attacks. This presentation will provide attendees with an up-to-date picture of the rapidly changing landscape of attack tools and services, the buying criteria and locations for these the tools and ease of use. In addition, the presentation will provide an understanding of how the combination of the proliferation of these tools and their corresponding use has dramatically changed the dynamics of the return on defense strategies. This presentation will provide unique insight into the world of the Darknet, specific customer attack stories, new economic models of measuring security deployments and a refreshed look at how controls should be deployed going forward.

6) Cyber War Chronicles - Stories From the Virtual Trenches (ERT Report 2017): David Hobbs: Radware

From information shared by over 1250 companies on their top concerns, we talk about what happened in 2017 and predict the top trends of 2018 in cyber security. The first half of 2017 saw a continuation of some cyber-security threats, as well as the emergence of some attack types and trends. Ransom attacks, political hacks, and new dynamics around the accessibility and capability of attack tools have added even more challenges to security. This session will explore some of the latest evolutions of the threat landscape, through a combination of market intelligence, real-world case studies, and direct insights from those on the front lines of cyber-security.

7) OWASP Updated Top10: Alex Ivkin (ISACA Board)

 A detailed technical review of the OWASP top 10.

8) The Value of Cyber Certifications: Alex Ivkin (ISACA Board)

9) Fraud Audit in a Digital Environment: Sarah Dalton: E&Y



Regular Pricing: On or After 4/20/18:

ISACA or IIA Member: $185

Non-Member: $225

We hope to see you there!

Sep 26
Join us at ISACA Willamette Valley Chapter Networking Event
BridgePort Brewing Company

We are REALLY excited about this upcoming program year and would like to kick-off the season with our annual mixer.

Come learn about our 2018-2019 Program Year, our new Academic Outreach Program, and network with other IT, Security and Audit professionals in our area and enjoy a cold beverage.

Once again there will be an array of appetizers and a full hosted bar.

Networking activities, information about certifications and select door prizes will be part of the evening events.

Please take this opportunity to bring along a guest and showcase the value of ISACA membership and Certifications.

COST: The event is FREE, however, parking is not covered.