September 20, 2017 CPE Luncheon

Topic: GDPR/Data Privacy

Join us for this presentation by Michael Siegrist, RSA

Time and Location: September 20th, at Boise Plaza, 1111 West Jefferson @ 11:30 AM to 1:00 PM.

There will be no cost for this month’s CPE Event!

Presentation Summary: 

Michael Siegrist is a seasoned Governance, Risk and Compliance (GRC) veteran specializing in industries including Retail, Manufacturing and Technology. He began his career as an attorney representing multinational corporations in the areas of labor, employment and international law and regulatory compliance. About eight years ago he transitioned from traditional law practice to working with global corporations to help them leverage software to build compliance programs for regulatory reporting and risk management. Recently, he has held senior positions at companies such as LRN, LockPath and MetricStream developing enterprise solutions in areas such as IT Risk and IT Compliance, Environmental Sustainability, Ethics, Data Privacy, and Anti-Corruption Compliance.

Michael has a BGS in Economics and Juris Doctor from the University of Kansas. He resides in Dallas, Texas with this wife Tiffany, two sons and his hound, Shakey.

INTERFACE Boise 2017

The Boise ISACA chapter will again have a booth at the INTERFACE conference to be held on Sept. 14 at the Boise Centre.  Board members will man the booth to provide attendees information on the organization, its benefits and offered certifications.

If you plan to attend INTERFACE this year, please remember to register using the below link exclusive to the Boise ISACA Chapter.

http://www.interfacetour.com/evites/boi/isaca-boise.htm

Conference Details

INTERFACE Boise – Sep 14, 2017

F2F Events, Inc. (F2F) produces CPE-accredited educational conferences for IT professionals focusing on the latest developments in information security, IT infrastructure and communications. F2F’s INTERFACE conference series is dedicated to providing both attending delegates and sponsors a strong return on their investment of time and resources.

As a key-influencer on the evaluation of IT solutions, INTERFACE was developed for you. An educational symposium addressing today’s most critical IT challenges:

  • Business Continuance & Recovery
  • Network & Data Security
  • Enterprise Communications

With a “by invitation-only” format, cutting-edge content, interactive labs & exhibits, and other complimentary delegate benefits (coffee, lunch, cocktails; etc.) INTERFACE has earned the reputation as “THE technology conference” for IT professionals across the country.

Included in your INTERFACE Experience:

  • 20 Educational Seminars
  • Keynote Speaker
  • Lunch Buffet
  • 55 Vendor Exhibits
  • Hosted Reception

May 2017 AGM Luncheon Event – Membership and CPE Meeting

Please join us, enjoy some very interesting sessions and earn CPE credits. We are excited to announce our Annual General Membership Meeting (AGM).

Date: May 23rd

Location:  Cottonwood Grille, 913 W River St, Boise, ID 83702

  • 11:30 – Arrival, sign-in, networking
  • 12:00Lunch Served
  • 12:15 – 12:45 – Welcome, Announcements, Board Position Intros, Elections, Scholarships, Updates, Member Recognition
  • 12:45 – 1:00 Break
  • 1:00 – 1:50 Cyber Security Insurance, Herman Doering
  • 1:50 – 2:00 – Break 
  • 2:00 – 2:50 – AICPA’s new Cybersecurity Risk Framework Attestation, Anders Erickson
  • 2:50 – 3:00 – Break 
  • 3:00 – 3:50 – WannaCry Ransomware Analysis, Capt Kyle “Reno” Erickson
  • 4:00 – Social Hour

Cyber Security Insurance, Herman Doering

Biography of Herman Doering, HIPAA SME:
In February, 2009, joined St. Luke’s Health System as the corpor
ate Information Systems Security Officer responsible for HIPAA and PCI Compliance and the HIPAA Security policies and procedures utilized throughout St. Luke’s. Is also responsible for HIPAA Security training. Is a member of the Idaho Health Data Exchange (IHDE) Privacy and Security subcommittee of the IHDE Board. 
Previously served as Sr. Consultant and HIPAA Subject Matter Expert (SME) with BEST Consulting; Venturi  Technology Partners; and COMSYS from 1999 – 2009. Provided consulting on Transactions and Code Sets, the Privacy Rule and the Security Rule. Conducted HIPAA educational seminars for healthcare  entities in Boise, Salt Lake City, Portland, Olympia, Sacramento, and Reno.  Was a charter member of the HIMSS HIPAA SIG. Established and hosted the monthly Boise HIPAA Council. Was a member of the Idaho Medical Association (IMA) HIPAA Coordinating Council and conducted numerous IMA HIPAA Privacy andSecurity seminars.  Spoke at the Idaho Hospital Association on how to conduct and implement a HIPAA Security program. Assisted HIPAA attorneys, such as Kevin West of Hall Farley Oberrecht &; Blanton, PA, and Kim Stanger of Holland & Hart, LLP. Have also provided HIPAA or security consulting to the State of California – Alcohol and Drug Programs, The SEGAL Company in New York, Saltzer Medical Group and Saint Alphonsus Regional Medical Center in Idaho.

AICPA’s new Cybersecurity Risk Framework Attestation, Anders Erickson

Anders Erickson is the Director of Cyber Security Services at Eide Bailly, LLP and has over 15 years of experience providing IT risk and security solutions within the private and public sectors. Anders assists clients in establishing a culture of security within their organization. He leads organizations through the process of identifying their cyber security risks and brings practical solutions to help manage and mitigate those risks. Anders is a Certified Information Systems Security Professional, Certified Information Systems Auditor as well as Certified in Risk and Information Systems Control. He graduated from Brigham Young University with a Masters of Information Systems Management.
The AIPCA has recently released a framework that provides companies with a method to describe and report on their cybersecurity risk management program.  This framework requires a CPA to attest to the controls that implement that program.  The purpose of this report is to boost stakeholder’ confidence in the organization’s management of cybersecurity risks.  
In this session, we will discuss the following:
* Applying the AICPA framework for cybersecurity reporting.
* Key elements of description criteria.
* Value and key aspects of the reports.
* Preparing for cybersecurity examinations.

WannaCry Ransomware Analysis, KYLE “Reno” ERICKSON, Capt, ID ANG

I am the Chief of Weapons and Tactics for the 224 Cyber Operations Squadron in the Idaho Air National Guard.  As the Chief of Weapons and Tactics, it is my responsibility to ensure the members of my unit are trained on the most current tactics, techniques, and procedures on the systems that we use and those of our adversaries. The 224 COS mobilizes using the United States Cyber Command’s Cyber Protection Team construct to protect mission partner networks using a methodology to identify mission requirements, identify security vulnerabilities, and provide proactive defense.
Prior to my current assignment, I was an instructor at the Cyber Warfare Operations, Weapons Instructor Course at Nellis AFB, Nevada teaching defensive and offensive cyber operations.  I have a Bachelor’s of Science in Computer Science from the University of Texas at Dallas and a Masters of Information Security from Western Governors University.
I will be presenting an analysis of the WannaCry malware.  This will include functionality of the malware and its exploitation mechanisms and the fallout it has created.

ISACA NJ Chapter Exam Preparatory Classes

The ISACA NJ Chapter is offering exam preparatory classes for CISA, CISM, and CRISC over 3 Saturdays in the April/May/June 2017 time frame, each to prepare the attendees for the official ISACA certification exam.

All classes are broadcasted live and are very cost effective. Instructor Jay Ranade, is a well-known instructor who has been teaching these classes all over the world since 2006.

CISM Exam Review Webinar – (3 days, live broadcast webinar) Saturday, May 6May 13May 20 / 2017 9:00 AM – 5:00 PM (EST).
http://www.cvent.com/d/p5qjg4

CISA Exam Review Class (onsite & live broadcast webinar) – (3 days) Saturdays, May 27,  June 3, and June 10, 2017 9:00 AM – 5:00 PM (EST). http://www.cvent.com/d/x5qj4b

April 19, 2017 CPE Luncheon

Topic: IT Focus Areas- PCAOB Inspections

Join us for this presentation by Kanika Saraiya, Advisory Manager KPMG

Time and Location: April 19th, at Boise Plaza, 1111 West Jefferson @ 11:30 AM to 1:00 PM.

There will be no cost for this month’s CPE Event!

Presentation Summary: PCAOB Inspections and key changes in new SSAE 18 over SSAE16.

Kanika Saraiya is an Advisory Manager in KPMG’s US Portland office with close to 9 years of experience in advising clients on Business Process Analysis, IT Strategy, Outsourcing, IT Governance, IT restructuring, IT Project Advisory, ERP Advisory, SOX Advisory, SOX 404 testing, SOC attestation and IT reviews, Risk Assessments, Internal and External Audits. Kanika has served industries internationally ranging from Oil and Gas, Automobile, Telecommunications, Healthcare, Retail, Hi-tech, Manufacturing to IT and ITES. Kanika has international experience of working on clients in Europe, China, India and USA.