January ISSA Motor City Chapter Meeting - Thursday, 1/19/17

January ISSA Motor City Chapter Meeting - Thursday, 1/19/17

Mike Riley's picture

Thursday, January 19 2017 Happy New Year!
VisTaTech Center
Schoolcraft College
18600 Haggerty
Livonia, MI 48152
Signage will direct you to our meeting room.
Refreshments will be provided.

RSVP to bonnie.teegen@hpe.com

1st Speakers Mike Muha, Ph.D., CISM and
Mary Rowley, CISSP, CISA, CRISC, ISO 27001 LI, ISSA Fellow
Topic:What NOT to do When Implementing ISO 27001
Obtaining ISO 27001 certification is a long and tedious process. It requires support from upper management, commitment from the stakeholders, culture changes throughout the organization, and a lot of documentation. This presentation will highlight WorkForce Software’s experience, focusing on tips and tricks, misconceptions, and overall planning to guide you through the journey to certification and help you be better prepared come audit time.

Mike Muha bio:
Mike Muha, Ph.D., CISM, is the Director of Security & Privacy for WorkForce Software. Mike has over 25 years of experience with IT and SaaS infrastructure. In the last 10 years, Mike drove both the global expansion of WorkForce Software’s cloud-based workforce management products from one data center to eight across the US, Europe, Canada, and Australia, and directed all compliance efforts, starting with SAS 70 and moving onto SSAE 16, ISAE 3402, SOC 2, and ISO 27001 certifications. He also led certification efforts with US-EU Safe Harbor and more recently certified WorkForce with the new Privacy Shield Framework. He is currently leading the effort toward compliance with the new EU General Data Protection Regulation (GDPR). In the past year, Mike has moved into a dedicated role leading WorkForce Software’s security and privacy practice.
Mike holds a BA from Oberlin College and MA and Ph.D. from the University of Michigan.

Mary Rowley bio:
Mary Rowley, CISSP, CISA, CRISC, ISO 27001 LI, ISSA Fellow, is an information security professional with over 20 years of experience in identity and access management, risk assessments, third-party security evaluations, information security policies and procedures, and auditing of information security controls. As the IT Audit and Information Security Manager at WorkForce Software, Mary is responsible for ensuring that the appropriate security safeguards are in place to protect corporate and customer data, works with the external Auditors to provide evidence of these controls, and assists in the preparation of the company’s audit reports. Prior to joining WorkForce Software, Mary served as Vice President, Senior Information Security Risk Analyst for eight years at Comerica Bank performing risk assessments on internal and outsourced applications and worked as an Information Security Analyst at Henry Ford Health System managing access control, policy, and security awareness for over 10,000 users.

- - - - - - - - - -
2nd Speaker: Bobby Kuzma
Systems Engineer, Core Security

Bobby Kuzma is a CISSP, security geek, and retired IT consultant. If it processes data, he's probably tried to make it do bad things. He teaches, mentors, and explores (and occasionally explodes) things. When not spelunking through the infosec underworld, Bobby is a systems engineer with Core Security Technologies.
Topic: Embedded device hacking:
Join Core Security's Bobby Kuzma as he demonstrates techniques for analyzing embedded, network enabled devices for security vulnerabilities, and introduce the tools and methodologies for conducting effective security assessments on novel devices.
You'll learn the best tools to get started with, and learn from Bobby's extensive mistakes in getting started in hardware reverse engineering.