May 2015 - 5th Annual ISACA Kettle Moraine Spring Symposium

Learn in an open forum from a distinguished cast of IT Executives on current trends, innovations, security and leadership.

Topics and Speakers

Location
Hilton Garden Inn – Milwaukee Park Place
11600 W Park Pl, Milwaukee, WI 53224

Date
May 13th, 2015

Registration
Time: 7:30 AM to 8:00 AM

Session 1: Lessons Learned from Recent Data Breaches & Impact to Audit
Presenter(s): Jamin Miles – Sr. Manager - IT Audit (FIS Global)
Time: 8:00 AM to 8:50 AM

Summary:
The presentation will review details of recent data breaches including Target, Home Depot and Sony. We will discuss how the attackers got in, what controls failed, and what we should focus on when performing our audits.

Please follow this link to read the biography of the speaker.

Session 2: Automating and Modernization of z/OS Security Auditing and Compliance
Presenter(s): Doug Behrends – Sr. Professional Services Consultant (Vanguard)
Time: 9:00 AM to 9:50 AM

Summary:
Passing an audit does not necessarily mean you are secure. This presentation will focus on de-bunking the myth that the mainframe is secure. We’ll discuss some of the security best practices resources that can be found. We will also cover the top 10 critical security issues found by Vanguard from performing hundreds of security assessments over a broad client base.

Please follow this link to read the biographies of the speakers.

Session 3: CIO Roundtable
Presenter(s):
  Tim VanRyzin – Director, Security & IT Risk Management (Regal Beloit)  Bio »
  Darren Bornemeier – VP - Internal Audit (Rexnord)  Bio »
  Kathy Lang – CIO (Marquette University)  Bio »
  Steve Hyde – CIO (Schenck)  Bio »
  Scott Redlinger – Executive Director, Advisory Services (Ernst & Young)  Bio »
  Monte Nuckols – VP IT, ERP Deployment & Integrated Program Planning (Johnson Controls)  Bio »
  Sheldon Cuffie – VP Information Security (Northwestern Mutual)  Bio »
Time: 10:00 AM to 12:00 PM

Summary:
Learn in an open forum from a distinguished cast including Marquette University’s CIO and VP of Internal Audit from Rexnord.

Lunch
Time: 12:00 PM to 1:00 PM

Session 4: "Too Much for Anyone to Know" or why humans love war, conflict, and spy games
Presenter(s): Richard Thieme – Author/Professional Speaker
Time: 1:00 PM to 01:50 PM

Summary:
We built it and now we have to live with it. That is a non-trivial enterprise in the different worlds without walls we pretend to navigate in relative safety. Some prefer living in denial and ignorant bliss to a life on meds for anxiety attacks. Others take the red pill and plunge into a world that resembles an Escher etching ... but a world we can learn to inhabit to our advantage.

After a brief look at how we got where we don't really want to be, this keynote illuminates how the mind of society works these days, replacing sense data with "cognitive artifacts" and virtual worlds. The IT revolution has, after all, restructured relationships, careers, and the basic tenets of the worlds of security and intelligence. That means we have to look at "cyberwar," a word everyone seems to hate, but which is both real and fantastically unreal. That in turn means acknowledging the media-world we inhabit which is manipulated, distorted, and its own worst enemy, where truth itself is often the enemy and those who say it out loud are the disloyal opposition.

We need clarity and good strategies to know how to be mindful and vigilant and navigate these treacherous paths. Thieme doesn't pretend to have that all locked up, but he has a few suggestions that might be useful.

Please follow this link to read the biography of the speaker.

Session 5: Protecting Wisconsin From the Cyber Threat
Presenter(s): Byron Franz – Special Agent (FBI)
Time: 2:00 PM to 2:50 PM

Summary:
Special Agent Franz will speak about the very real threat of computer and mobile device compromise facing Wisconsin’s businesses, colleges, and government agencies. Recent cases such as the Sony computer intrusion and the indictment of five Chinese military hackers has shown why the U.S. may be losing up to $400 billion dollars a year from economic espionage. Special Agent Franz will discuss these threats, suggest possible mitigations, and describe the role of the FBI in investigating attempts to steal Wisconsin’s business secrets.

Please follow this link to read the biography of the speaker.

Session 6: Enterprise Risk Management – Improving Financial Performance, Governance, Risk and Compliance through a Structured Approach
Presenter(s): Fred Lutzeier – National Director (Experis Finance)
Time: 3:00 PM to 3:50 PM

Summary:
Enterprise Risk Management (ERM) has been gaining significant among a variety of industries as a comprehensive approach to managing risk and business performance. A proper implementation of ERM can provide comprehensive financial performance and governance, risk and compliance management though the disciplined implementation.

During this presentation, Fred Lutzeier, a National Director for Enterprise Risk Management Services with Experis Finance, will provide the group with an interactive discussion on ERM and some of the keys to implementation of ERM and its interaction with groups such as compliance, internal audit, business operations and other support functions.

The presentation will include:

  • Discussion of ERM Frameworks
  • ERM Maturity Model
  • ERM and the Three Lines of Defense
  • Tying ERM into Business Strategy
  • Risk Appetite and Risk Tolerance
  • Controls Monitoring
  • Governance Structures, etc.

Please follow this link to read the biographies of the speakers.

Social Hour
Time: 4:00 AM to 5:00 PM

Material

Enterprise Risk Management

zOS Security Audit Top Ten