KPMG

May 10, 2018 ISACA Luncheon - "Executing a Security Strategy for a High Transaction Digital Environment: Lessons from the Trenches"

Speaker: LJ Johnson, NIKE Information Security Sr. Director (Retired)

With a career spanning more than three decades, LJ Johnson is a well known security industry leader within the local Portland community. For the past 20 years, LJ has held several roles within NIKE’s Information Security organization as well as holding leadership positions in Business Operations, Organizational Change Management, and Global Supply Change Management. LJ’s more recent experience was building an Information Security Program for NIKE’s digital commerce organization.

Having a holistic background in both business operations and technology delivery provided LJ with the credibility and experience to create an information security service designed for high transaction activities and emerging technologies. Come listen to LJ as she shares lessons from the trenches in building an adaptable and sustainable information security program from a digital commerce perspective.

Speaker: Hadas Cassorla, JD, CISSP, MBA, CIPT, IT Security Director, Kindercare Education

Come hear the Director of IT Security from Kindercare Education discuss tactics and approaches for IT security that leverage flexibility and quick thinking skills developed from experience of local acting and improvisation. Learn how Kindercare has changed it's approach to IT security through continued maturity of understanding its customer and recognizing the importance of protecting it's most important assets. Learn how creative thinking and an artistic approach from acting has changed the IT security strategy for Kindercare.

ISACA Luncheon Event: Security Container Adoption in Enterprise Environments

Across the world, organizations are using containerization technologies such as Docker and Kubernetes as a security boundary without a strong understanding of the underlying design. These technologies are often misconfigured, which can provide attackers with a means to gain a foothold within an organization, elevate privileges, or spread laterally throughout a modern enterprise network. During this presentation, we will analyze common use cases for a containerization environment and demonstrate tools these technologies provide to protect the host from an attacker within the container. We will discuss in detail the common threats facing these environments, as well as technical and administrative controls to detect and protect against attacks on containerization infrastructure.

Speaker: Lucas Rosvar, NCC Group Lucas Rosevear has been a Security Consultant at NCC Group since September, 2015, working from NCC's Seattle, WA office. Through projects at NCC Group, Lucas has performed a range of testing, including: - Network Penetration Testing - Web Application Penetration Testing - Blackbox and Config-assisted Container Reviews - AWS Config Reviews

Prior to NCC Group, Lucas became an OSCP and a member of the Phi Theta Kappa Honor Society.

Cost: ISACA Members: $25.00 Guests and Non-Members: $30.00

We expect this event to sell out. Attendance will be limited to the first 70 registrations. Do not delay, and register today!