Upcoming Tulsa Meetings:

Registration is now open for the February 2018 ISACA Tulsa chapter meeting.

Thursday, February 15, 2018 (Registration deadline is Tuesday, February 13.)

Add to Calendar

Add to Calendar 02/15/2018 11:30 AM 02/15/2018 01:00 PM America/Chicago ISACA-Tulsa Meeting Description of the event Room 140 North Hall Building, OSU-Tulsa

Registration - 11:15am, Meeting - 11:30am-1:00pm

$25 for members, $30 for non-members

For registrants who forego pre-payment using PayPal: No-show registrants WILL be invoiced for the full luncheon amount. To avoid this fee, you may send a replacement attendee or simply email a Board member two days prior to the luncheon and ask to be removed from the registration list.

Room 140 - North Hall Building
Oklahoma State University (OSU) - Tulsa
700 N. Greenwood Ave
Tulsa, OK 74106

Forensic Data Mining

Fraud can wreak havoc on organization financial performance and undermine business objectives. No business is immune from the risks associated with fraud. With stories from the trenches and often overlooked prevention tips, you will be simultaneously educated and entertained during this fast-paced program designed for those with or without an accounting background. Detection of fraud can be a difficult issue, but forensic data mining is a cutting-edge method of detection combining behavioral analytics, mathematical models, analytical tools, and data visualization to identify unusual patterns and “red flags”, particularly in accounts payable, vendor and payroll data – but also in textual data such as email, social media, internet activity, hotline data, and performance reviews.

Learning Objectives:

  • Evaluate organizational fraud risk, and new developments and trends in fraud and embezzlement schemes
  • Understand why fraud detection and risk management fails so often
  • Discover how the characteristics of textual data make it a powerful weapon in identifying fraud and risk
  • Develop fraud prevention & detection methodologies

Lanny W. Morrow, EnCE®, CTFI® - Senior Data Scientist, Forensics & Valuation Services and Big Data & Analytics Services at BKD.

A 21-year veteran at BKD, Lanny is the Senior Data Scientist and testifying expert in digital forensics and advanced forensic data mining for BKD’s Forensic & Valuation Services division. He is a frequent speaker and writer on both topics, including contributions to university textbooks and the Association of Certified Fraud Examiners’ Fraud Magazine publication.

Forensic Data Analytics and Artificial Intelligence Lanny has developed proprietary artificial intelligence used to uncover patterns and relationships in structured and textual data. His technology allows BKD’s fraud investigators to rapidly identify relevant content in emails, documents, social media, and other sources early in an investigation. This technology also assesses the overall emotional state of communications, identifies hidden relationship networks among subjects in an investigation, and traces the evolution of topics, concepts and emotional states over time. Lanny also has developed numerous data analytics deliverables using the Visual Basic and Python programming languages, and specializes in the design and use of complex analytical databases using the SQL platform.

Digital Forensics Lanny received his EnCase® Certified Examiner (EnCE®) in 2002, a designation awarded to digital forensics professionals. He specializes in the collection, preservation, and analysis of digital evidence and has conducted numerous investigations involving the Foreign Corrupt Practices Act, theft of intellectual property, public corruption, corporate espionage, fraud and white collar crimes, merger and acquisition due diligence, incident response, and identity theft. He is a testifying expert in administrative, state, and federal jurisdictions and has worked extensively for attorneys representing clients in the banking, health care, transportation, insurance, and retail/manufacturing industries.

Cybersecurity Risk Management and Incident Response Lanny is also a member of BKD’s Cybersecurity Incident Response team, and is credentialed as a Cyber Threat Forensic Investigator (CTFI®). Lanny has experience in cybersecurity investigations such as ransomware, business email compromise (BEC), data theft, and wire/ACH fraud. He also consults with clients in incident response planning, incident preparedness training, and conducts investigations of cyber incidents, and post-incident analysis and reporting.

Statistical Modeling and Complex Systems Lanny also performs statistical analysis functions for litigation, investigation and in regulatory/compliance matters, including sample design, regression analysis, machine learning, and review of opposing expert reports. His work in cybersecurity, data loss prevention, and complex systems also incorporates agent based modeling simulations and other stochastic modeling techniques, as well as root-cause and path dependency analysis.

Note: For ISACA members, you can access your CPE certificate for the previous meeting by using this link below:

Register here to attend the meeting.

Previous Meetings:

December 2017 Applying experiences from Nuclear Engineering and Intelligence Analyses to IT and Information Security
Sal Aurigemma, Ph.D.
October 2017 Architecture Governance in Agile Development ? How Much is Enough?
M. Todd Gamble, Ph.D
August 2017 Evolution of the IT Risk Assessment
John MacDonald, Risk Advisory Services - Manager, RSM US LLP
June 2017 Building a Strong Data Governance Program
Jean Golka, Principal Consultant, RSA
April 2017 Cybersecurity Examination: Raising the Bar for Cyber Risk Management Oversight and Reporting
Rumy Jaleel Khan and Amanda Lobin, Deloitte Advisory Senior Managers
February 2017 Managing Third-party Risk in the Age of Now
Justine Lowe, Executive Director, Executive Advisory, Optiv
December 2016 Control Responsibilities in the Cloud
Aaron Garcia, Director, PricewaterhouseCoopers (PwC) LLP Dallas
October 2016 Managing Technology as a Business Risk
David Maberry, Managing Director, Information Technology Audit Solutions
August 2016 Cyber-terrorism and IA?s Role in Combating It
Jared Joels, Advisory, Technology Risk ? Cyber Risk Services, Deloitte & Touche LLP
June 2016 Minimizing the Attack Surface through Identity Management Practices
Paul Tucker, Director, Information Security, BOK Financial
April 2016 City of OKC ? Designing, Deploying and Implementing the City of Oklahoma City?s Cyber-Security Framework
Ian Anderson, IT Security Manager for the City of Oklahoma City
February 2016 FBI Briefing - Current State of Cyber Crime
Preston Ackerman, Supervisory Special Agent (SSA)
December 2015 Disaster Recovery and Business Continuity Planning
Jennifer Brandt, Principal with Stinnett & Associates
October 2015 Threat Landscape, Doing Security Right
Michael Oglesby, Security Principal with True Digital Security
August 2015 Building and Implementing a Cyber Security Framework ? Corporate implementation vs. ICS (SCADA)
Brett Edgar and Jeff Bewley, Information Security Architects with ONEOK
June 2015 Industrial Control Systems (ICS) Security
Tauseef Ghazi, Senior Manager with McGladrey
April 2015 The Endpoint Security Anomaly
Critt Golden, Senior Solutions Architecture with Accuvant Security
February 2015 Prioritizing Defenses with Critical Security Controls
James Tarala, Principal with Enclave Security
December 2014 Electronic Audit Evidence (EAEs)/Application Controls
Alex Islamov, Manager, Information Technology Risk and Assurance, Ernst & Young
October 2014 Managing Shadow IT ? Cloud Visibility and Control
Rob Davis, Managing Principal of Critical Start
August 2014 Attacking the Current Threat Landscape
Andrew Weidenhamer, Security and Privacy Manager, McGladrey, LLP
June 2014 Records Information Management: Seven Habits of an Effective RIM Program
Dave Foley, Director of Records Information Management, ONEOK
April 2014 Bizarre Architecture Exploitation: Tales from the Trenches
Nate Keltner, Partner and Chief Hacker, Atredis Partners
February 2014 Managing Electronic Information from A to Zettabyte
Fred Menge, CISA, CISM, Magnir Group, LLC
December 2013 Cyber Attacks ? Beyond the Compliance Checkbox
Rob Davis, Managing Principal of Critical Start
October 2013 Don?t Just Talk, Communicate!
Jennifer Roberson, Stinnett & Associates
August 2013 Physical Security
Randy Nason, Vice President/Manager of the Security Consulting Group, Guernsey
June 2013 Ten Key IT Considerations for IA
Stacey Moore, Senior Manager, Advisory Services, Ernst & Young
April 2013 Data Analytic Tools and Techniques
Brent Hinds and Mark Funck, Stinnett & Associates
February 2013 Getting the Most Value from Your Next Network Penetration Test
Jerry Dawkins, Ph.D., CEO and Founder, True Digital Security
December 2012 A Day in the Life
Jon Williams, Lead IT Auditor, WPX Energy, Inc.
October 2012 Getting the Right Fit from Service Organization Controls (SOC) Reports
George Galindo, Managing Director, PwC
August 2012 TAFT! (This Ain?t Freakin? Texas): A Case Review of How the Failure to Manage Assumptions Has Cost Companies Millions in Overruns
Bill Fournet, President and CEO, The Persimmon Group
June 2012 PM Unusual
Kris Reynolds, Project Management Practice Leader, The Persimmon Group
April 2012 Letting the CAAT Out of the Bag
Jennifer Goines, Continuous Auditor, Cherokee Nation
February 2012 Mobile Device Security
Joe Krull, Mobile Security and Privacy SME, PwC Risk Assurance, IT Risk and Security Assurance
December 2011 Application Security: Current Landscape, Maturity, and Landscape Trends
Michael Oglesby, Director of Technical Security Services, True Digital Security
October 2011 IT Governance, Risk and Compliance
Tommy Thompson, Director of Program Development Services, True Digital Security
August 2011 Incident Response, Current Cyberthreat Picture, and Addressing Malicious Network Traffic
Matt Harper, Special Agent, FBI
June 2011 If Hackers Don't Kill You, Litigation Will
Dr. Gavin Manes, President and CEO, Avansic
April 2011 What is Data? Code Sheets, Error Levels and Endians Oh My!
Ben Davies, Ben Davies, CISSP, CISA, CM, CSM, ITILv3
The Persimmon Group
February 2011 Auditing the Enterprise Database
Mark Trinidad, Product Manager, Application Security, Inc.
Download the presentation.
December 2010 The Deadliest Catch: Risk Identification
Bill Fournet
The Persimmon Group
October 2010 Auditing the Enterprise Database
Rob Barnes, CISA, Application Security, Inc.
August 2010 The Cloud Computing Train has Left the Station. Is Your Technology Risk Management Program on Board?
Paul Tucker, CISSP, CISA, ITIL V3
Information Security Manager, Williams Information Technology (Williams Co.)
June 2010 IT Audit Implications of Carbon Accounting
Brian Yarbrough, PricewaterhouseCoopers LLP
April 2010 Common Compromises: How Modern Companies Get Hacked
Nathan Keltner, Security Consultant
February 2010 Application Security
Clint Pollock, Veracode
December 2009 Security Vulnerabilities and IT Security
Dr. John Hale, Director of the Institute for Information Security, University of Tulsa
October 2009 Business Service Management using ITIL
Jared DeShields, Williams
August 2009 Business Continuity and Disaster Recovery
Mahlon Pitt, President, Titan
June 2009 The Role of Digital Data in Legal Proceedings
Gavin Manes, Ph.D.
April 2009 Password Vaulting
Gene Scheckel, CISA, Richard Leonard, CISSP, CISA, and Glenn Davis
February 2009 Hackers and Hacking
Rodney Kocot
K3DES and Systems Control and Security Incorporated
December 2008 Moving into the 21st Century
Steve Burrage
October 2008 OSI Model
Ben Davies
August 2008 Data Security
Alex Pezold
June 2008 Oracle Database Controls and Security
Grant Thornton LLP
April 2008 Web Application Penetration Testing
Jerald Dawkins, Ph.d
February 2008 Vitual Machine Ware
Eric Vogelpohl, PWC Manager
December 2007 Mayor Kathy Taylor
October 2007 Unix Security and Control
Tim Fawcett, PWC Manager
April 2007 Forum on Sarbanes Oxley
February 2007 Forum on Disaster Recovery
Sandy Comish, Williams Inc., Jack Campbell, Magellan, LLP., Steve Bourke, Level 3
Dec 2006 Joint Forum on Leadership
with IIA, Tulsa Chapter Oklahoma Society of CPAs, Financial Executives International, Institute of Management Accountants, American Society of Woman CPAs, Oklahoma Business Ethics Consortium, and Association of Certified Fraud Examinars

Willis Allen
President of Gilbreath's® Practical Solutions For Success
November 2006 Members Appreciation Night
Tulsa ISACA Chapter Members enjoyed a members only night at the Polo Grill, one of Tulsa's finest wine and dine restaurants.
Oct 2006 Joint Forum with ISSA - SCADA Security
Rick Belisle
Director for the X-Force Professional Security Services Southeast Region

Dr. Gavin W. Manes
President of Oklahoma Digital Forensics Professionals, Inc. (OKDFP) and a Research Assistant Professor of Computer Science

Dr. Mauricio Papa
Assistant Professor of Computer Science at the University of Tulsa
August 2006 Computer Forensics
Dr. Gavin W. Manes
President of Oklahoma Digital Forensics Professionals, Inc. (OKDFP) and a Research Assistant Professor of Computer Science
June 2006 Securing Wireless Networks
Dr. Jerald Dawkins
President of Digital Enteprise Security Associates (DESA) and a Research Associate at the University of Tulsa, Digital Enteprise Security Associates (DESA)
April 2006 Active Directory
Mr. Eric Vogelpool
Principle Microsoft-technologies consultant with Williams Companies.
February 2006 TU Cybercore
Dr. John Hale
Director Associate Professor of Computer Science, CIS
December 2005 Joint Meeting with IIA on Fraud
Mr. Irving Faught
Administrator of the Oklahoma Securities Commission.
October 2005 Current State of Credit Card Control Requirements
Ray Seefeldt
Consulting Director, RSM McGladrey, Inc.
August 2005 Sarbanes-Oxley IT Audit Testing - Internal vs. External Auditing
June 2005 Chapter Planning Meeting
Dec 2004 Stopping Corporate Fraud: Will Sarbanes-Oxley Help?
John Russell
Director, Fellers Snider Blankenship Bailey & Tippins, PC
Sep 2004 Computer Crimes
Sgt. Tim C. Stadler
Cybercrime Unit, Tulsa Police Department
May 2004 Sarbanes Oxley IT Audit Process
Mar 2004 Security Roundtable Discussion
Jan 2004 Wireless Networking Security
Donald L. Pipkin, CISSP, CISM
Halting the Hacker, LLC
Nov 2003 Active Directory
John Sivinski
CITGO Petroleum Corporation
Sep 2003 Internet Firewalls:
These Days We Just Can't Live Without Them

Rick Link, CISA, CISSP
Jefferson Wells International
Jul 2003 Sarbanes-Oxley 404:
How and to What Extent Does I.T. Fit In?