Please join ISSA Portland for our monthly chapter meeting luncheon on the topic of: Breaches are inevitable – what can you do to prepare?

Please register online using the URL below to attend the event. Online sales will end 09/16/2014 at 10pm after which you will need to pay at the door. Seating is limited, so sign up today. http://www.eventbrite.com/e/chapter-meeting-breaches-are-inevitable-what-can-you-do-to-prepare-tickets-12427379627

When: Thursday, September 18, 2014 - Doors open at 11:30AM. The event will end at 1:00PM. Lunch will be provided.

Presentation:
Breaches are inevitable. You can implement strong security controls but breaches are a matter of when, not if it happens. The faster you respond to a breach of personally identifiable or sensitive information, the lower the operational, financial, or reputational impact to your organization. If your organization stores information such as social security numbers, driver’s license numbers and financial information, you need to be in a position to respond and notify because it’s sound business practice and it’s the law in the State of Oregon. The purpose of this presentation is to provide an overview of the regulatory requirements when it comes to breach notification and provide tools you can use in your own organizations to quickly respond to breaches when they occur, especially when you are required to notify your customers of such a breach.

This presentation is intended for security professionals, compliance officers, chief privacy officers and legal counsel who are or may be responsible for responding to security incidents that involves the unsecure breach of personally identifiable, protected, or sensitive information.

Presenter:
Chris Apgar, CISSP, CEO and President of Apgar & Associates, LLC, is a nationally recognized information security, privacy and electronic health information exchange expert. He has over 16 years of experience assisting health care organizations comply with HIPAA, HITECH and other privacy and security laws. Mr. Apgar has assisted healthcare, utilities and financial organizations implement privacy and security safeguards to protect against organizational harm and harm to consumers. Mr. Apgar served as a member of the Workgroup for Electronic Data Interchange Board of Directors for eight years. He currently is a member of the Oregon Prescription Drug Monitoring Advisory Commission. Mr. Apgar has been a Certified Information Systems Security Professional since 2002 and is a senior member of the Information Systems Security Association.

Price:
The chapter meeting is subsidized by chapter memberships and sponsors. There is a nominal fee of $10 (member) or $25 (non-member) for preregistered attendees. Walk in attendee’s are welcome but will be charged $30 cash at the door. If you wish to become a member, please visit http://portland.issa.org/join-issa-portland/

CPEs: The chapter maintains proof of attendance for members but it is the member’s responsibility to ensure that these CPE's are credited to their respective accounts. This luncheon will offer 1 CPE per hour of attendance.

Chapter Sponsors ISSA Portland would like to thank our program sponsors, who help make high quality programs like this possible.

Platinum Sponsor: Rapid7 Gold Sponsor: IBM Silver Sponsor: Sword & Shield Enterprise Security Silver Sponsor: Zscaler

Don't be a target - create a do-it-yourself plan instead...

If you use technology in your day to day operations (and who doesn't), join us on the morning of Wednesday, April 6th for its first of four events on mitigating the risks of business impacts through cybersecurity. Network with peers, learn from subject matter experts and walk away with the foundation for an incident response framework for yourself and your organization.

Our four-part series will include: -alignment to the NIST Cybersecurity Framework -guidance from Cybersecurity subject matter experts - representing both private and public sectors -individual support for customizing an incident response framework for you/your organization -connectivity to peers in a safe environment for building a scalable plan that will positively impact your entire organization

This event is the kickoff to a four-part series hosted by the Tech Leadership Community around the topic of Cybersecurity. Each event will provide building blocks to help guide a do-it-yourself incident response framework for your team and entire organization. Whether you attend one event by yourself, bring your peers to the entire series, or any other combination, the subject matter experts selected for each event will provide individual guidance on the final framework for you/your company.

Our first event will focus on scalable incident response with guidance from the following leads:

Subject Matter Experts: Jerry Holcombe, Online Business Systems Dennis Tomlin, Multnomah County

Incident Response Team: David Neufeld, Online Business Systems Lance Kidd, High Strategy Consulting, LLC

Thank you to our series sponsor, Neudesic!

Tickets available here: https://www.techoregon.org/events/build-your-incident-response-framework

If you use technology in your day to day operations (and who doesn't), join us on the morning of Wednesday, September 14th for our third of four events on mitigating the risks of business impacts through cybersecurity. Attendance of all 4 events is not required, so we encourage all IT professionals to join us on September 14th!

Cyber security incident management isn't just about a technical response to a breach or spill. Almost every business and government entity handles and stores regulated data and are subject to a complex tapestry of compliance requirements.

Understanding the nuance between events, incidents and breaches is key.

This Technology Leadership event explores incident response focused on compliance reporting. Subject matter experts from RADAR will engage attendees in: -Assessing an incident and the need for compliance reporting -Dinstinguishing between security and privacy incidents -Key components in building a culture of compliance into your organization's incident response