Baton Rouge Information Systems Security Association

Calendar of Events

Event: 7th Annual Executive Women’s Forum
Wednesday - September 23, 2009, 8:00 am
Location: Hyatt Regency at Gainey Ranch-Scottsdale, AZ
Duration: 0 hours

The Executive Women's Forum
September 23 - 25, 2009

Scottsdale, AZ

“Pragmatic Risk Solutions for Changing Times:

Achieving More With Less”

*ISSA Members Receive a $200 Discount*

The Executive Women’s Forum national conference brings together more than 200 women of influence, power and intelligence to share ideas and build relationships.

•Earn 17 CPE Credits

• Build a Network of the Most Dynamic Women in Our Industry

• Take Home Tools, Templates & Solutions to Achieve Success

• Expand Your Expertise & Capabilities

The EWF Conference is a trusted venue exclusively for senior-level women in Info Security, Risk Management & Privacy.

Panels Include:

Winning Mind Share—Writing Effective Proposals

Tie IT investments to business drivers, calculate ROI based on your project and lower the overall risk to your company.

Compliance Globalization Framework Workshop

Develop requirements and controls to multiple obligations, create a unified approach, and consider the benefits and costs.

Emerging Technologies Workshop: Cloud Storage & Computing, Web 2.0 and Mobility

Work in groups to discuss and then present the current state, architecture, risks, rewards & tools used to evaluate them.

Gaining Efficiencies Through Vendor Risk Management

Discuss third party relationship life cycles and take away a risk assessment framework

The Future Privacy Landscape

In our desire to collaborate, how do we maintain basic privacy?

REGISTER HERE! Enter EWF2009ISSA at checkout to receive the $200 discount.

Visit us at www.ewf-usa.com.

PASS THIS ALONG TO EXECUTIVE WOMEN IN YOUR NETWORK!

Joyce Brocaglia, CEO

Alta Associates, Inc.

Founder, Executive Women's Forum

908-806-8442

www.altaassociates.com

www.infosecuritywomen.com

Event: ISACA/Infragard Cyber Security SIG meeting
Thursday - September 10, 2009, 12:00 pm
Location: East Jefferson Regional Library meeting room(Either Napoleon or Jefferson Room)- 4747 West Napoleon, Metairie, LA
Duration: 3 hours

Reminder of ISACA/Infragard Cyber Security SIG meeting this THURSDAY

Discussion and update on ACH fraud (attachment to previous email). Find out how Web 2.0 is involved in perpetrating this fraud. Infragard general meeting September 24, 2009 5:30pm FBI building on Leon C. Simon.

====================================================
====================================================

TOPIC 1: A Web 2.0 Applicaton: Second Life in Business and Education
SPEAKER: Dr. Kay McLennan, Professor, Tulane University

TOPIC 2: What You Need to Know about Web 2.0 Security
SPEAKER: Lydia Lourbacos, CISSP, CISM, CISA, CAP, GCIH, GCFA

RSVP: PLEASE reply to this email if you will attend

Bring your lunch (or there is a cafe in the library but it takes 15-20 minutes to fill an order)

Event: NO ISACA- PCI Compliance
Thursday - June 11, 2009, 12:00 pm
Location: East Jefferson Regional Library 4747 West Napoleon Ave., Metairie, LA 70001
Duration: 1.5 hours

TOPIC: PCI Compliance

· What is PCI and the PCI-DSS?
· Where PCI stands now
· Challenges
· What works, what doesn't (Technically and from a controls perspective)
· The Programmatic approach
· Recent Breaches and breach characteristics
· Responding to a Breach
· What’s Next for PCI DSS

SPEAKER: Joe Marsh, Deloitte & Touche LLP

COST: No charge (bring your own lunch or call the café in the library in advance of arriving)

RSVP: send email to Lydia Lourbacos at president@isaca-nola.org by COB Wednesday, June 10

Joe Marsh is a Manager in the Deloitte Security and Privacy Services practice in Houston, Texas. He has over 11 years of experience in privacy, data security and identity theft assessments and remediation, Payment Card Industry Data Security Standards (PCI-DSS) controls planning, security training and curriculum development, incident response, and network design and implementation. Mr. Marsh has worked with many Fortune 500 companies to assess their readiness for PCI-DSS compliance activities, or to plan compliance remediation. He has particular expertise in bridging communications gaps between business, IT, and audit teams to assist in developing cost-effective controls that satisfy the largest acquiring bank operations in the world. In his previous capacities, Mr. Marsh served in various IT Security roles including Corporate Security Administrator, Information Assurance Manager, Lead Technical Administrator and VPN Specialist for Equifax, Honeywell, Michelin and various other institutions.

Event: ISACA MEETING
Tuesday - June 09, 2009, 12:00 pm
Location: East Jefferson Regional Library 4747 West Napoleon Ave., Metairie, 70001
Duration: 3 hours

TOPIC: Cloud Computing

Gary Geddes from Microsoft who spoke to ISACA in 2007 is returning to New Orleans and will speak on Cloud Computing July 9.

Event: The New Orleans Chapter of the IIA's Next Meeting
Thursday - May 21, 2009, 12:00 pm
Location: Palace Café, 605 Canal Street, New Orleans
Duration: 1 hour

Time: 12:00 – 1:00 pm, registration begins at 11:30 am

Topic: Protecting Personal Information - Internal Controls Best Practices

Description:

RED FLAG RULES, HIPAA, GLBA, ARRA, LOUISIANA SECURITY BREACH ACT, PCI-DSS....numerous laws, regulations, and contractual provisions now require businesses, organizations, and governmental agencies to safeguard the personal information that belongs to their employees, customers and constituents. Non-compliance can result in significant fines and even jail time, in addition to thousands of dollars in operational and legal expenses. This session will provide:

Part 1: Overview of laws and regulations that require the protection of personal information, with specific attention to the Red Flags Rules

Part 2: Steps and Strategies for Developing a Data Security Plan

Part 3: Preparing for and Responding to Data Breaches

Part 4: Developing an Internal Controls Data Security Audit Plan

Speaker: Tony Brooks, Director of I.T. Assurance and Risk Services, HORNE LLP

Attendance Incentive: $50 cash prize to a Member (non-members are not eligible), must be present to win, selected by random drawing from the entire membership listing.

Parking: $5 validated at the Marriott

Cost: $35 members or non-members, $20 students

Payment Method: PAYMENT BY CASH OR CHECK PAYABLE TO IIA-NEW ORLEANS CHAPTER IS REQUIRED THE DAY OF THE MEETING. CREDIT CARDS ARE NOT ACCEPTED. Corporations may arrange for billing by contacting Patti Levie, Treasurer, at patricialevie@gulfbank.com or at 504-412-2037.

FIRST COURSE:

Crabmeat Cheesecake - A palace favorite! Baked in a pecan crust with a wild mushroom saute and creole meuniere sauce

SECOND COURSE: (Choice of - please specify at online registration):

Pasta St. Charles - Tender Gulf shrimp and andouille sausage in a green onion Creole mustard cream, with penne pasta and grated Romano cheese; or

Roasted Chicken Pontalba - Roasted Chicken Breast, house seasoned and served on a bed of sauteed green onions, ham, mushrooms, garlic and brabant potatoes topped with bearnaise sauce

THIRD COURSE:

Palace Cafe Pecan Pie - Louisiana pecans baked with a rich cane sugar custard in a flaky crust topped with caramel and sweet double cream

**You must register online by noon on Monday, May 18th. Cancellations must be received by noon on Monday, May 18th. No shows will be billed.**

For registration and additional information, visit our website at www.theiia.org/chapters/neworleans and click the Events tab.

If you have questions about registration, please contact David Brien, President, @ dbrien@ochsner.org or Shannon Stafford, RSVP Coordinator, @ sstaffo@entergy.com.

**If you would like to be removed from distribution, please let me know.

Sheri Mahoney
Communications Coordinator, IIA - New Orleans Chapter
Internal Audit Services
Entergy Services, Inc.
639 Loyola Avenue
L-ENT-13A
New Orleans, LA 70113
(Tel) 504-576-6645 or (internal) 8-576-6645
(Fax) 504-576-4351 or 504-576-4466

Event: GNO ISACA's Annual General Meeting
Thursday - May 14, 2009, 12:00 pm
Location: East Jefferson Regional Library, 4747 W. Napoleon Ave., Metairie, 70001; free parking
Duration: 3 hours

Mark your calendar for GNO ISACA's annual general meeting on May 14!
The annual general meeting is our last meeting for the 2008-09 year. Thanks to all the members and volunteers for a wonderful year. We've made some excellent progress during the last year- the chapter offered 21 free CPE credits, steady membership growth, and earned a website award!

Thank you 2008-09 volunteers-
Lydia Lourbacos - Vice President
John Diasselliss - Treasurer
Jeffrey Wagar - Secretary
Elizabeth Bourgeois - Education Chair
Tom Cheek - Webmaster
Becky Hammond - Certification Coordinator
Ron Marlow - Marketing Director
Anna Odenthal - Assistant Treasurer
Nathalie Villafana - Membership Coordinator
There's still time to volunteer for our chapter. Volunteers earn 10 CPE credits per year! Please let me know if you're interested. We'll elect the new board at the May 14 meeting.

Lisa Horzelski from LaPorte Sehrt Romig and Hand volunteered for the auditor position. Thank you Lisa for helping us out!

Candidates for the 2009-10 year
Lydia Lourbacos - President
Jeffrey Wagar - Vice President
Anna Odenthal - Treasurer
John Pouey - Secretary
ISACA member incentive - the first 10 ISACA members to RSVP for this event will receive a $10 credit for lunch at the meeting! Reply to this email to reserve your seat.

TOPIC: The New Orleans FBI CyberProgram and how cybercrimes affect us
SPEAKER: Kristine Z. Green, FBI Special Agent
DATE: May 14, 2009
TIME: 12:00 pm - 3:00 pm
COST: FREE, 3 CPE credits
RSVP: reply to this email by Wednesday, May 13
LOCATION: East Jefferson Regional Library, 4747 W. Napoleon Ave., Metairie, 70001; free parking
DETAILS: Computer intrusions, child exploitation, Internet fraud and copying of software, songs, movies and other intellectual property is a growing problem in the United States. The FBI CyberProgram investigates these and other computer and Internet crimes. Special Agent Kristine Green, supervisor of the local New Orleans FBI Cyber Program will present a three-hour CPE talk on the work they do and the crime affecting us both locally and on a national level. She will discuss the special issues related to cyber crime investigations with examples of the laws involved.

Come and find out some of the simple things she recommends that IT security professionals and managers can do to protect their business and what individuals can do to prevent their families from becoming victims or from ending up involved in an FBI investigation. This is a unique opportunity to get details and an inside perspective on a growing problem from someone defending us on the front lines!

SPEAKER BIO: Ms. Green has been a Special Agent with the FBI for over 13 years. She worked in public corruption from 1996 - 2000, when she was assigned to the cyber crime squad. Since then, she has been involved with investigating criminal and national security cyber cases. In 2006, she became supervisor of the New Orleans FBI Cyber Squad and the CyberProgram Coordinator for the FBI in Louisiana. She holds a bachelor's from Emory University, a law degree fromTemple University and is licensed to practice law in South Carolina.

Please see attached newsletter for more announcements. Let me know if you would like to be removed from our mailing list.
<>
John Pouey CIA, CISA, CISM
President GNO ISACA
504.569.3463 office

Event: ISACA: E-discovery: Key Technology and Operational Issues
Thursday - February 19, 2009, 12:00 pm
Location: Ralph’s on the Park, New Orleans
Duration: 1 hour

Location: ralphsonthepark.com in New Orleans, LA.

$35 for members/non-members; payment accepted through PayPal

The presentation will discuss the issues companies face with the production of electronic evidence and will provide practical tips on how implement data retention and evidence production plans that will improve response times, minimize costs, and comply with electronic evidence rules.

Sign-up

Event: IT Risk Management presented by Raj Mehta of Deloitte
Thursday - July 10, 2008, 11:30 am
Location: Jefferson Parish Library 4747 West Napoleon Avenue in Metairie between Clearview and Transcontinental
Duration: 3 hours

Reminder

Please mark your calendars for our next event!

TOPIC: IT Risk Management presented by Raj Mehta of Deloitte
DATE: July, 10, 2008
TIME: 11:30 - 2:30
LOCATION: Jefferson Parish Library 4747 West Napoleon Avenue in Metairie between Clearview and Transcontinental
COST: No charge; free lunch will be provided to GNO ISACA members
RSVP: Please send RSVP to vice-president@isaca-nola.org

Event: ISACA: Crash Course in Cryptography – The Art of “Secret Writing”
Thursday - June 12, 2008, 11:30 am
Location: 4747 W. Napoleon Ave., Metairie, LA 70001 in the Jefferson Room (right side parking lot).
Duration: 2 hours

Hello Everyone!

Our next meeting is a little over a week away! I'm sorry for the late notice but the originally scheduled speaker cancelled late last week. Chris Davis, who works for Forescout, has kindly offered to come this month instead of in August. He is a dynamic speaker, he has given presentations to the Dallas ISACA chapter (they regularly have hundreds at their meetings) and they have raved about him. From talking and emailing with him, he's a very warm, kind, funny guy who should be fascinating to listen to.

Please come next Thursday! NOTE NEW LOCATION! MEETINGS ARE NOW B.Y.O.L. (bring your own lunch--see below)

TOPIC: Crash Course in Cryptography – The Art of “Secret Writing”

SPEAKER: Chris Davis, CISA, CISSP, has trained and presented in information security, auditing, advanced computer forensic analysis, and hardware cryptographic design for corporate and government organizations and conferences. He is the author of three books: IT Audits: Using Controls to Protect Information Assets, Anti-Hacker Toolkit, 3rd Ed., and Hacking Exposed: Computer Forensics, and is a contributing author to other books and publications.

His contributions include projects and presentations for Gartner, Harvard, SMU, McCombs, SANS, BlackHat, 3GSM, and ISACA. He has enjoyed positions at McCombs Business School, Cisco Systems, E-Forensics, Microsoft Technology Center, Texas Instruments, and currently ForeScout Technologies. He holds a Bachelors Degree in Nuclear Engineering from Thomas Edison, and a Masters in Business from the University of Texas at Austin. Chris was a US Navy submariner, and served on the deep dive Submarine NR-1 and the ballistic missile OHIO class USS Nebraska, SSBN 739 (Go Big Red!).

TIME: 11:30-2:30pm, Thursday, June 12, 2008

CPE: 3

NEW LOCATION: All luncheon meetings for the rest of the year will be at the East Bank Regional Library at 4747 W. Napoleon Ave., Metairie, LA 70001 in the Jefferson Room (right side parking lot).

COST: No charge

FOOD: Bring your own lunch, or, Chateau Coffee Café in the Library lobby has drinks, salads and sandwiches for sale.

RSVP: All are welcome, bring a guest. Please RSVP so we have sufficient materials and seating for all attendees. ISACA members, who respond to this email before noon, June 11, will have free lunch provided for them.

ABSTRACT: The Art of “Secret Writing” – Cryptography – has been around for more than 3000 years, destroying nations, saving lives, and protecting our deepest secrets. Come join us on a journey to understand the fundamental truths you need to know about this ancient art that incredibly impacts our lives today. After a brief history of development of cryptographic systems, we will work real-world problems, discuss very cool technologies, with an open question and answer session..

CDs will be available with the speaker’s personal favorite tools and whitepapers. The core material of this discussion covers the fundamentals of CISSP Domain 04 – Cryptography.

Join ISACA: Membership benefits include 50% discount on SANS@Home courses; discounts on CISA, CISM, CGEIT, course materials, books and exams, eligibility for door prizes, and free lunch if you register before noon of the day before the regular meeting.

IS THERE A FUTURE TOPIC YOU WANT TO HEAR ABOUT? Please tell me!

Event: ISACA NOLA's next meeting on May 8th
Thursday - May 08, 2008, 11:15 am
Location: Cafe East, 4628 Rye St, Metairie, LA 70006
Duration: 2 hours

SACA NOLA is pleased to announce our next Annual General Meeting (AGM) on May 8. Robert Cerasoli, New Orleans Inspector General and ISACA member, will present on "Ethics in Public Service" and provide us an update on the progress of his office. The press release is attached to this email.

Date: Thursday May 8, 2008
Location: Cafe East, 4628 Rye St, Metairie, LA 70006
Time: 11:30am registration, presentation 12pm - 2pm
Speaker: Robert Cerasoli
Topic: Ethics in Public Service and an update on the progress of his office
RSVP: by 5pm Monday May 5, 2008
Cost: $20 member, $25 non-members

The AGM in May marks the end of our year. We appreciate the support you provided for the chapter during the last year, and without you, we would not be able to provide monthly events. In addition, we would not be able to organize the events if it weren't for the chapter's volunteers. At the May AGM, we will elect the 2008-2009 board. Please consider volunteering. Positions are available for all levels of involvement. If you're interested, send me an email or call 504-569-3463.

Contact John at johnpouey@fidelityhomestead.com to attend.

Event: SANS Speaker!
Thursday - April 10, 2008, 8:30 am
Location: Tulane
Duration: 3 hours

Seth Misenar, SANS instructor and security team leader at Blue Cross Blue Shield of Mississippi, will discuss the importance of log management and the foundation of a strong logging infrastructure. Nearly every major regulation affecting cyber security demands or implies the need for continuous logging and effective log management.

Mr. Misenar's background includes penetration testing, vulnerability assessments, regulatory compliance efforts, security architecture design, as well as physical and network consulting for Fortune 100 companies. This session will cover topics from the SANS Perimeter Protection in Depth course. Please join us for this wonderful opportunity.

TOPIC: Log management
SPEAKER: Seth Misenar
DATE: April 10, 2008
TIME: Registration begins at 8:30am; presentation 9am - noon- 3 CPEs
COST: FREE - Breakfast and lunch will not be provided
LOCATION: Tulane University Elmwood Campus 800 E. Commerce Road, Harahan, LA 70123
RSVP: Please reply to this email to reserve your seat as space is limited.

EMAIL: johnpouey@fidelityhomestead.com

Event: Planning meeting
Thursday - February 21, 2008, 1:00 pm
Location: CCCC
Duration: 1 hour

1. Take a look at the new laptop.
2. Plot out ideas for our next set of meetings.

Directions:

From I-12:
1. Exit Sherwood Forest Blvd North Bound
2. Left on to Florida Blvd
3. Right onto Sharp Rd
4. Right onto Red Oak Drive

Building is on corner of Sharp and Red Oak, use east side door.

From Corporate Blvd:
1. Travel east on corporate blvd, cross airline and continue on to old hammond
2. Turn north (left) onto Sharp Rd.
3. Continue on Sharp across Florida Blvd.
4. Right onto Red Oak Drive

Building is on corner of Sharp and Red Oak, use east side door.

From the Mall of Louisiana
1. Travel North/East on Bluebonnet, cross Airline Hwy and continue on Coursey
2. Turn North/Left onto Cedar Crest
3. Continue on Cedar Crest to Old Hammond, continue north on
Sharp Rd.
4. Continue on Sharp across Florida Blvd.
5. Right onto Red Oak Drive
Building is on corner of Sharp and Red Oak, use east side door.

http://maps.google.com/maps?f=q&hl=en&geocode=&q=10120+Red+Oak+Drive,+Baton+R
ouge+LA&sll=37.0625,-95.677068&sspn=48.106236,81.738281&ie=UTF8&z=17&iwloc=ad
dr

10120 Red Oak Drive - 70815.
Enter on east side of building

Event: Technical Class
Thursday - January 17, 2008, 1:00 pm
Location: TBD
Duration: 1 hour

Using Group Policies to manage Windows security & restriction policies. Application methods, tools, troubleshooting and a brief look at software installation services.

By Mark Lappin/LMFJ

Lee Michaels Jewelers, Inc.
11314 Cloverland Avenue
Baton Rouge, LA 70809
Phone: 225-291-9094

Event: Earn 3 CPEs at the ISACA-NOLA meeting on Jan. 10
Thursday - January 10, 2008, 11:00 am
Location: New Orleans
Duration: 3 hours

Members of ISACA and the security, IT, and audit communities,

ISACA-NOLA's next general meeting will be presented by SANS instructor John Strand. His presentation will be based on the Hacker Techniques, Exploits, and Incident Handling course he will teach at SANS New Orleans in January 2008. SANS offers current, relevant, and well respected IT-related training. Our offer is an excellent way to sample one of their courses at a reasonable cost of $20! Also, we will provide lunch from Semolina's, three CPE hours, and the chance to win a door prize!

TOPIC: Hacker Techniques, Exploits and Incident Handling. The full course is available from SANS

AUDIENCE: IT Managers, IT technical staff, auditors, IT security staff, incident handling team members, penetration testers

DATE: Thursday, January 10, 2008
COST: $20.00 (lunch is included)
TIME: 11am (registration and networking), presentation 11:30-2:30pm (3 CPEs)
LOCATION: Postlethwaite & Netterville 2324 Severn Ave., Suite A, Metairie, LA 70001
RSVP: by 5:00pm Tuesday January 08, 2008 through PayPal at http://www.isaca-nola.org/Events_Services/events.htm

Event: Technical Class
Thursday - December 20, 2007, 1:00 pm
Location: Puryear IT - See Description for Address
Duration: 1 hour

Using Group Policies to manage Windows security & restriction policies. Application methods, tools, troubleshooting and a brief look at software installation services.

By Mark Lappin/LMFJ

Puryear IT, LLC
144 Maximilian St
Baton Rouge, LA 70802

Event: CANCELED: ISACA New Orleans - Issues in Encryption
Thursday - December 13, 2007, 11:30 am
Location: Cannon's at 4141 St. Charles
Duration: 1.5 hours

THIS CLASS IS CANCELED

*****
Topic: Issues in Encryption
Speaker: Chris Davis (Forescout Inc, Dallas Texas, and author of "IT Auditing: Using Controls to Protect Information Assets")
Date: Thursday, December 13, 2007
Time: Networking and Registration: 11:30-12:00
Luncheon: 12:00
Location: Cannon's at 4141 St. Charles (Free parking is available behind the restaurant)
Cost: $35
Registration link: http://www.isaca-nola.org/Events_Services/events.htm

Event: Technical Class
Thursday - November 15, 2007, 1:00 pm
Location: TBD
Duration: 1 hour

Part 2 of our Probe/Hardening Class.

Harden a LAMP server based on the probing results in Class 1/October.

Location:

Sparkhound
9352 Interline Drive
Baton Rouge, LA 70809

Event: Technical Class
Thursday - October 18, 2007, 1:00 pm
Location: Puryear IT
Duration: 1 hour

This meeting has NOTES. [View them].

Location: Puryear IT, 144 Maximillian St. Baton Rouge, LA 70809.

This will be our kick-off class, which we will have each month. Our plan is start off with a series dedicated to learning how to probe and harden your servers. We'll start off with:

Oct - Probe/scan for ports and vulnerabilities
Will scan: LAMP, IIS, SQL Server, MySQL
Nov - Harden LAMP
Dec - Harden Windows IIS
Jan - Harden Windows SQL Server and Linux MySQL

Event: Planning Meeting
Wednesday - September 12, 2007, 11:30 am
Location: Las Palmas on Jefferson
Duration: 1 hour

We will be having a "let's get this chapter going!" planning meeting Wed, 9/12/2007, at Las Palmas on Jefferson Highway. If you want to just pop in that's great! Just ask for the "ISSA".