|
| ||
|
ISSA Central
Plains Chapter | ||
|
|
| |
|
|
Central Plains
Chapter Meeting: "Managing
Change in Security Policy and Compliance", David Flinn
Many
organizations are in the process of establishing an automated approach to
security policy management. The initial step is Creating an
organization-wide security policy and the next is the Implementation of
the new process. Many organizations are focused on rolling out a new
process, thinking this is the final step in the automated process. To
achieve project success, including a Managing Change step is required in
order to maintain compliance with an evolving security policy and its
implementation. This talk will
discuss these issues and recommend a framework approach to not only create
and implement, but manage for change and
compliance. David Flinn is
a Senior System Engineer for Pedestal Software in Newton,
Massachusetts, providing consulting services for customers. Mr. Flinn has
sixteen years experience as a solutions architect for Data Security,
Internet commerce, Data Warehousing, relational databases, and UNIX
technologies. Prior to joining Pedestal, Mr. Flinn was a Practice Manger
in Genuity's eServices group. Also, he was a manager in the Electronic
Commerce and Data Warehousing practice at KPMG Peat
Marwick. Previously, Mr.
Flinn provided technical expertise for Sun Microsystems, utilizing his
thorough knowledge of Suns' hardware and software solutions. He was a
Member of the Technical Staff for Environmental Systems Research
Corporation (ESRI), where he contributed software engineering methodology
to a team tasked with implementing customized software applications. Mr.
Flinn was also a Member of the Technical Staff for The Analytic Sciences
Corporation, (TASC), involved in advanced system prototypes and
proof-of-concept software engineering. “Technical
Certifications and Information Security”, Harvey
Brown Many InfoSec
professionals are using vendor and industry certifications to distinguish
themselves in the InfoSec community.
There is a vast amount of certifications available for specific
products and general security knowledge. Finding the right track to best
suit your career goals and develop your skills can be difficult. In this talk
Harvey Brown will discuss the variety of available certifications. He will discuss the skills
demonstrated by each and the conventional wisdom regarding their
value. The information
provided should help you to find a combination of certifications that will
complement your experience, benefit your career path and broaden your
skills and knowledge.
Please bring
your own opinions and insight, as there are some vastly different opinions
about the value of IT certifications. If you are in a position to make
hiring or promotion decisions, we will be particularly interested in your
thoughts about the certifications you look for and the value they have to
your organization. | |
|
|
|
The Information Systems
Security Association (ISSA)® is a not-for-profit international
organization of information security professionals and practitioners. It provides education forums,
publications and peer interaction opportunities that enhance the
knowledge, skill and professional growth of its members. We hope the ISSA
will provide a chance to interface with other IT professionals and further
your awareness of security practices and
technologies. This meeting is open to the
general public with no expectations of
membership.
·
Welcome
from Chapter President ·
"Managing
Change in Security Policy and Compliance", David Flinn ·
“Technical Certifications and
Information Security”, Harvey Brown ·
Upcoming Events,
|
