Upcoming Tulsa Meetings:

Registration is now open for the December 2017 ISACA Tulsa chapter meeting. This will be a joint meeting with Information Systems Security Association (ISSA).

Date:
Thursday, December 7, 2017 (Registration deadline is Tuesday, December 5.)

Add to Calendar

Add to Calendar 12/07/2017 11:30 AM 12/07/2017 05:00 PM America/Chicago ISACA-Tulsa Meeting Description of the event Skelly Field at H.A Chapman Stadium

Time:
Registration - 11:15am, Meeting - 11:30am-1:00pm

Cost:
$10 for members and non-members

For registrants who forego pre-payment using PayPal: No-show registrants WILL be invoiced for the full luncheon amount. To avoid this fee, you may send a replacement attendee or simply email a Board member two days prior to the luncheon and ask to be removed from the registration list.

Note New Venue:
Skelly Field at H.A Chapman Stadium
Tulsa University
3112 East 8th Street (enter off of 8th Street onto Thomas Plaza, and enter The Atrium and take elevator to the 2nd floor)
Tulsa, OK 74104

Applying experiences from Nuclear Engineering and Intelligence Analyses to IT and Information Security.

Sal Aurigemma will present on some of the most impactful lessons learned during his past careers as a nuclear engineer, intelligence officer, and IT engineer for the DoD that apply to the interplay between organizational oversight and information security. Building off of the shared belief that "Security is a process, not a product", he will discuss the need for acknowledging and embracing the differences between those that "do" infosec on a daily basis and those that focus on policy and regulation compliance, why both are absolutely necessary, and the importance of a common language and understanding of information security fundamentals. Lastly, Sal will briefly discuss the University of Tulsa's new Masters of Science in CyberSecurity degree program designed for working professionals.

Sal Aurigemma, Ph.D.

Dr. Sal Aurigemma teaches Telecommunications, Information Security, and Business Programming Concepts for the Collins College of Business School of Accounting and Computer Information Systems. A Navy veteran of 20+ years and with over a decade of experience in the Information Technology field, his research explores employee information security policy compliance, improving end-user and small business information security practices, and end-user computing focusing on business spreadsheet error detection. He has published in Computers & Security, Information and Computer Security, Decision Support Systems, the Journal of Organizational and End User Computing, and the Journal of Information Systems Security and was awarded the Collins College of Business Mayo Teaching Excellence Award for 2015-2016.

Register here to attend the meeting.

Previous Meetings:

October 2017 Architecture Governance in Agile Development ? How Much is Enough?
M. Todd Gamble, Ph.D
August 2017 Evolution of the IT Risk Assessment
John MacDonald, Risk Advisory Services - Manager, RSM US LLP
June 2017 Building a Strong Data Governance Program
Jean Golka, Principal Consultant, RSA
April 2017 Cybersecurity Examination: Raising the Bar for Cyber Risk Management Oversight and Reporting
Rumy Jaleel Khan and Amanda Lobin, Deloitte Advisory Senior Managers
February 2017 Managing Third-party Risk in the Age of Now
Justine Lowe, Executive Director, Executive Advisory, Optiv
December 2016 Control Responsibilities in the Cloud
Aaron Garcia, Director, PricewaterhouseCoopers (PwC) LLP Dallas
October 2016 Managing Technology as a Business Risk
David Maberry, Managing Director, Information Technology Audit Solutions
August 2016 Cyber-terrorism and IA?s Role in Combating It
Jared Joels, Advisory, Technology Risk ? Cyber Risk Services, Deloitte & Touche LLP
June 2016 Minimizing the Attack Surface through Identity Management Practices
Paul Tucker, Director, Information Security, BOK Financial
April 2016 City of OKC ? Designing, Deploying and Implementing the City of Oklahoma City?s Cyber-Security Framework
Ian Anderson, IT Security Manager for the City of Oklahoma City
February 2016 FBI Briefing - Current State of Cyber Crime
Preston Ackerman, Supervisory Special Agent (SSA)
December 2015 Disaster Recovery and Business Continuity Planning
Jennifer Brandt, Principal with Stinnett & Associates
October 2015 Threat Landscape, Doing Security Right
Michael Oglesby, Security Principal with True Digital Security
August 2015 Building and Implementing a Cyber Security Framework ? Corporate implementation vs. ICS (SCADA)
Brett Edgar and Jeff Bewley, Information Security Architects with ONEOK
June 2015 Industrial Control Systems (ICS) Security
Tauseef Ghazi, Senior Manager with McGladrey
April 2015 The Endpoint Security Anomaly
Critt Golden, Senior Solutions Architecture with Accuvant Security
February 2015 Prioritizing Defenses with Critical Security Controls
James Tarala, Principal with Enclave Security
December 2014 Electronic Audit Evidence (EAEs)/Application Controls
Alex Islamov, Manager, Information Technology Risk and Assurance, Ernst & Young
October 2014 Managing Shadow IT ? Cloud Visibility and Control
Rob Davis, Managing Principal of Critical Start
August 2014 Attacking the Current Threat Landscape
Andrew Weidenhamer, Security and Privacy Manager, McGladrey, LLP
June 2014 Records Information Management: Seven Habits of an Effective RIM Program
Dave Foley, Director of Records Information Management, ONEOK
April 2014 Bizarre Architecture Exploitation: Tales from the Trenches
Nate Keltner, Partner and Chief Hacker, Atredis Partners
February 2014 Managing Electronic Information from A to Zettabyte
Fred Menge, CISA, CISM, Magnir Group, LLC
December 2013 Cyber Attacks ? Beyond the Compliance Checkbox
Rob Davis, Managing Principal of Critical Start
October 2013 Don?t Just Talk, Communicate!
Jennifer Roberson, Stinnett & Associates
August 2013 Physical Security
Randy Nason, Vice President/Manager of the Security Consulting Group, Guernsey
June 2013 Ten Key IT Considerations for IA
Stacey Moore, Senior Manager, Advisory Services, Ernst & Young
April 2013 Data Analytic Tools and Techniques
Brent Hinds and Mark Funck, Stinnett & Associates
February 2013 Getting the Most Value from Your Next Network Penetration Test
Jerry Dawkins, Ph.D., CEO and Founder, True Digital Security
December 2012 A Day in the Life
Jon Williams, Lead IT Auditor, WPX Energy, Inc.
October 2012 Getting the Right Fit from Service Organization Controls (SOC) Reports
George Galindo, Managing Director, PwC
August 2012 TAFT! (This Ain?t Freakin? Texas): A Case Review of How the Failure to Manage Assumptions Has Cost Companies Millions in Overruns
Bill Fournet, President and CEO, The Persimmon Group
June 2012 PM Unusual
Kris Reynolds, Project Management Practice Leader, The Persimmon Group
April 2012 Letting the CAAT Out of the Bag
Jennifer Goines, Continuous Auditor, Cherokee Nation
February 2012 Mobile Device Security
Joe Krull, Mobile Security and Privacy SME, PwC Risk Assurance, IT Risk and Security Assurance
December 2011 Application Security: Current Landscape, Maturity, and Landscape Trends
Michael Oglesby, Director of Technical Security Services, True Digital Security
October 2011 IT Governance, Risk and Compliance
Tommy Thompson, Director of Program Development Services, True Digital Security
August 2011 Incident Response, Current Cyberthreat Picture, and Addressing Malicious Network Traffic
Matt Harper, Special Agent, FBI
June 2011 If Hackers Don't Kill You, Litigation Will
Dr. Gavin Manes, President and CEO, Avansic
April 2011 What is Data? Code Sheets, Error Levels and Endians Oh My!
Ben Davies, Ben Davies, CISSP, CISA, CM, CSM, ITILv3
The Persimmon Group
February 2011 Auditing the Enterprise Database
Mark Trinidad, Product Manager, Application Security, Inc.
Download the presentation.
December 2010 The Deadliest Catch: Risk Identification
Bill Fournet
The Persimmon Group
October 2010 Auditing the Enterprise Database
Rob Barnes, CISA, Application Security, Inc.
August 2010 The Cloud Computing Train has Left the Station. Is Your Technology Risk Management Program on Board?
Paul Tucker, CISSP, CISA, ITIL V3
Information Security Manager, Williams Information Technology (Williams Co.)
June 2010 IT Audit Implications of Carbon Accounting
Brian Yarbrough, PricewaterhouseCoopers LLP
April 2010 Common Compromises: How Modern Companies Get Hacked
Nathan Keltner, Security Consultant
February 2010 Application Security
Clint Pollock, Veracode
December 2009 Security Vulnerabilities and IT Security
Dr. John Hale, Director of the Institute for Information Security, University of Tulsa
October 2009 Business Service Management using ITIL
Jared DeShields, Williams
August 2009 Business Continuity and Disaster Recovery
Mahlon Pitt, President, Titan
June 2009 The Role of Digital Data in Legal Proceedings
Gavin Manes, Ph.D.
Avansic
April 2009 Password Vaulting
Gene Scheckel, CISA, Richard Leonard, CISSP, CISA, and Glenn Davis
ConocoPhillips
February 2009 Hackers and Hacking
Rodney Kocot
K3DES and Systems Control and Security Incorporated
December 2008 Moving into the 21st Century
Steve Burrage
October 2008 OSI Model
Ben Davies
August 2008 Data Security
Alex Pezold
June 2008 Oracle Database Controls and Security
Grant Thornton LLP
April 2008 Web Application Penetration Testing
Jerald Dawkins, Ph.d
February 2008 Vitual Machine Ware
Eric Vogelpohl, PWC Manager
December 2007 Mayor Kathy Taylor
October 2007 Unix Security and Control
Tim Fawcett, PWC Manager
April 2007 Forum on Sarbanes Oxley
February 2007 Forum on Disaster Recovery
Sandy Comish, Williams Inc., Jack Campbell, Magellan, LLP., Steve Bourke, Level 3
Dec 2006 Joint Forum on Leadership
with IIA, Tulsa Chapter Oklahoma Society of CPAs, Financial Executives International, Institute of Management Accountants, American Society of Woman CPAs, Oklahoma Business Ethics Consortium, and Association of Certified Fraud Examinars

Willis Allen
President of Gilbreath'sŪ Practical Solutions For Success
November 2006 Members Appreciation Night
Tulsa ISACA Chapter Members enjoyed a members only night at the Polo Grill, one of Tulsa's finest wine and dine restaurants.
Oct 2006 Joint Forum with ISSA - SCADA Security
Rick Belisle
Director for the X-Force Professional Security Services Southeast Region

Dr. Gavin W. Manes
President of Oklahoma Digital Forensics Professionals, Inc. (OKDFP) and a Research Assistant Professor of Computer Science

Dr. Mauricio Papa
Assistant Professor of Computer Science at the University of Tulsa
August 2006 Computer Forensics
Dr. Gavin W. Manes
President of Oklahoma Digital Forensics Professionals, Inc. (OKDFP) and a Research Assistant Professor of Computer Science
June 2006 Securing Wireless Networks
Dr. Jerald Dawkins
President of Digital Enteprise Security Associates (DESA) and a Research Associate at the University of Tulsa, Digital Enteprise Security Associates (DESA)
April 2006 Active Directory
Mr. Eric Vogelpool
Principle Microsoft-technologies consultant with Williams Companies.
February 2006 TU Cybercore
Dr. John Hale
Director Associate Professor of Computer Science, CIS
December 2005 Joint Meeting with IIA on Fraud
Mr. Irving Faught
Administrator of the Oklahoma Securities Commission.
October 2005 Current State of Credit Card Control Requirements
Ray Seefeldt
Consulting Director, RSM McGladrey, Inc.
August 2005 Sarbanes-Oxley IT Audit Testing - Internal vs. External Auditing
June 2005 Chapter Planning Meeting
Dec 2004 Stopping Corporate Fraud: Will Sarbanes-Oxley Help?
John Russell
Director, Fellers Snider Blankenship Bailey & Tippins, PC
Sep 2004 Computer Crimes
Sgt. Tim C. Stadler
Cybercrime Unit, Tulsa Police Department
May 2004 Sarbanes Oxley IT Audit Process
Mar 2004 Security Roundtable Discussion
Jan 2004 Wireless Networking Security
Donald L. Pipkin, CISSP, CISM
Halting the Hacker, LLC
Nov 2003 Active Directory
John Sivinski
CITGO Petroleum Corporation
Sep 2003 Internet Firewalls:
These Days We Just Can't Live Without Them

Rick Link, CISA, CISSP
Jefferson Wells International
Jul 2003 Sarbanes-Oxley 404:
How and to What Extent Does I.T. Fit In?