On May 5-6, a large group of IT security experts will convene for the 2014 Central Ohio InfoSec Summit put on jointly by the Central Ohio ISSA, Central Ohio Infragard, and Central Ohio ISACA. Due to the diversity of attendees, there will be five tracks at the event:
With 5 tracks, an attendee has their pick from over 40 different sessions. Here’s just a sampling of what you can expect next week at the show:
Learning From the Data of Others: Verizon Breach Report
Jay Jacobs, Senior Data Analyst and co-author of Verizon’s Breach report, Verizon
Tuesday, May 6, 8:30-9:30am (Keynote)
Over the last few months, we have collected and analyzed over 63,000 security incidents from 50 organizations around the world. Hidden within those incidents are practical lessons we can apply back to our own environments. Join the lead data analyst on the 2014 Data Breach Investigations Report from Verizon and explore what higher education can learn from the data loss of others.
Top Legal Issues we see in Cloud Service Agreements
Dino Tsibouris, Founding Principal, Tsibouris & Associates, LLC.
Tuesday, May 6, 9:45-10:30am (Track 4)
Topics to be explored within this session include:
Are You Really PCI DSS Compliant? Case Studies of PCI DSS Failure!
Jeff Foresman, Founding Partner, Pondurance
Tuesday, May 6, 2:10-2:55pm (Track 2)
Many organizations have achieved PCI DSS compliance but as past breaches have shown, some companies are not really compliant. This presentation is a case study covering many years of assessing companies that thought they were compliant, but did not meet the requirements as they believed. We will review failures in scoping, segmentation, storage of cardholder data, security testing, logging and development. We will also discuss problems organizations will face with implementing the new PCI DSS v3. Each case study will include what should have been done to meet compliance.
If you’ll be at the Central Ohio InfoSec Summit, come say hello to us at the Online Tech booth. We’ll be speaking on May 5th at 3:20pm:
Securing the Cloud in a Regulated World – April Sage, Director, Healthcare Vertical
Securing the cloud for one organization is hard enough. A cloud architecture that can fit within the performance, security, and compliance constraints across many organizations and industries requires a few novel approaches – and investments. For one, a positive partnership with auditors. Second, security and compliance driven culture, not checkboxes. Third, serious technology investments to enable key functions like encryption and remote backup to play nicely together. This presentation will share a behind the scenes look into the architectural decisions behind a cloud capable of protecting sensitive data in the healthcare, banking, and other regulated industries.
We will be present the whole show, exhibiting our secure hosting solutions. Hope to see you there!
Ready to attend? Register here.
Otava provides the secure, compliant hybrid cloud solutions demanded by service providers, channel partners and enterprise clients in compliance-sensitive industries. By actively aggregating best-of-breed cloud companies and investing in people, tools, and processes, Otava’s global footprint continues to expand. The company provides its customers in highly regulated disciplines with a clear path to transformation through its effective solutions and broad portfolio of hybrid cloud, data protection, disaster recovery, security and colocation services, all championed by an exceptional support team. Learn more at www.otava.com.