Upcoming Tulsa Meetings:

Registration is now open for the June 2018 ISACA Tulsa chapter meeting.

Date:
Thursday, June 21, 2018 (Registration deadline is Tuesday, June 19.)

Add to Calendar

Add to Calendar 06/21/2018 11:30 AM 06/21/2018 01:00 PM America/Chicago ISACA-Tulsa Meeting Continuous Monitoring and Compliance in the Cloud Room 140 North Hall Building, OSU-Tulsa

Time:
Registration - 11:15am, Meeting - 11:30am-1:00pm

Cost:
$25 for members, $30 for non-members

For registrants who forego pre-payment using PayPal: No-show registrants WILL be invoiced for the full luncheon amount. To avoid this fee, you may send a replacement attendee or simply email a Board member two days prior to the luncheon and ask to be removed from the registration list.

Venue:
Room 140 - North Hall Building
Oklahoma State University (OSU) - Tulsa
700 N. Greenwood Ave
Tulsa, OK 74106

Continuous Monitoring and Compliance in the Cloud

In today’s fast-paced, globally interconnected digital environment, ensuring ongoing security and meeting various compliance requirements is no simple feat. Ensuring consistent security controls across cloud environments requires new methodologies for security and auditing teams.

This presentation will explore how to incorporate continuous monitoring and compliance in the cloud to achieve full visibility, control and the compliance posture essential to your organization.

  • Transitioning a manual approach to an up-to-date view of the infrastructures through disparate cloud services.
  • Understanding the three tiers of cloud computing (SaaS, PaaS, and IaaS) and the requirements to ensure security and compliance between them.
  • How “continuous” should a continuous monitoring solution be?
There is no “one size fits all” answer.

Attend this highly interactive and demonstrative presentation to Learn why.

Jim Nowak, Senior Systems Engineer

Jim Nowak has 15+ years of leadership experience in IT Security sales engineering with Evident.io acquired by Palo Alto Networks, MobileIron – a mobile endpoint security solution, and IronPort Systems acquired Cisco. His experience ranges from securing iOS and Android mobile devices, to corporate anti-phishing, anti-malware solutions, and has grown his knowledge to include continuously monitoring and securing of modern public clouds. He has built and secured enterprise infrastructures for Fortune 500 companies his entire professional career over 25 years. He also is responsible for architecting Risk & Compliance solutions for Enterprise Accounts.

Note: For ISACA members, you can access your CPE certificate for the previous meeting by using this link below:
https://www.isaca.org/myisaca/Pages/MyDownloads.aspx

Register here to attend the meeting.

Previous Meetings:

April 2018 Information Technology Governance
Austin Hutton CISA, CISM, CGEIT (ret.)
February 2018 Forensic Data Mining
Lanny W. Morrow, EnCE®, CTFI® - Senior Data Scientist, Forensics & Valuation Services and Big Data & Analytics Services at BKD
December 2017 Applying experiences from Nuclear Engineering and Intelligence Analyses to IT and Information Security
Sal Aurigemma, Ph.D.
October 2017 Architecture Governance in Agile Development ? How Much is Enough?
M. Todd Gamble, Ph.D
August 2017 Evolution of the IT Risk Assessment
John MacDonald, Risk Advisory Services - Manager, RSM US LLP
June 2017 Building a Strong Data Governance Program
Jean Golka, Principal Consultant, RSA
April 2017 Cybersecurity Examination: Raising the Bar for Cyber Risk Management Oversight and Reporting
Rumy Jaleel Khan and Amanda Lobin, Deloitte Advisory Senior Managers
February 2017 Managing Third-party Risk in the Age of Now
Justine Lowe, Executive Director, Executive Advisory, Optiv
December 2016 Control Responsibilities in the Cloud
Aaron Garcia, Director, PricewaterhouseCoopers (PwC) LLP Dallas
October 2016 Managing Technology as a Business Risk
David Maberry, Managing Director, Information Technology Audit Solutions
August 2016 Cyber-terrorism and IA?s Role in Combating It
Jared Joels, Advisory, Technology Risk ? Cyber Risk Services, Deloitte & Touche LLP
June 2016 Minimizing the Attack Surface through Identity Management Practices
Paul Tucker, Director, Information Security, BOK Financial
April 2016 City of OKC ? Designing, Deploying and Implementing the City of Oklahoma City?s Cyber-Security Framework
Ian Anderson, IT Security Manager for the City of Oklahoma City
February 2016 FBI Briefing - Current State of Cyber Crime
Preston Ackerman, Supervisory Special Agent (SSA)
December 2015 Disaster Recovery and Business Continuity Planning
Jennifer Brandt, Principal with Stinnett & Associates
October 2015 Threat Landscape, Doing Security Right
Michael Oglesby, Security Principal with True Digital Security
August 2015 Building and Implementing a Cyber Security Framework ? Corporate implementation vs. ICS (SCADA)
Brett Edgar and Jeff Bewley, Information Security Architects with ONEOK
June 2015 Industrial Control Systems (ICS) Security
Tauseef Ghazi, Senior Manager with McGladrey
April 2015 The Endpoint Security Anomaly
Critt Golden, Senior Solutions Architecture with Accuvant Security
February 2015 Prioritizing Defenses with Critical Security Controls
James Tarala, Principal with Enclave Security
December 2014 Electronic Audit Evidence (EAEs)/Application Controls
Alex Islamov, Manager, Information Technology Risk and Assurance, Ernst & Young
October 2014 Managing Shadow IT ? Cloud Visibility and Control
Rob Davis, Managing Principal of Critical Start
August 2014 Attacking the Current Threat Landscape
Andrew Weidenhamer, Security and Privacy Manager, McGladrey, LLP
June 2014 Records Information Management: Seven Habits of an Effective RIM Program
Dave Foley, Director of Records Information Management, ONEOK
April 2014 Bizarre Architecture Exploitation: Tales from the Trenches
Nate Keltner, Partner and Chief Hacker, Atredis Partners
February 2014 Managing Electronic Information from A to Zettabyte
Fred Menge, CISA, CISM, Magnir Group, LLC
December 2013 Cyber Attacks ? Beyond the Compliance Checkbox
Rob Davis, Managing Principal of Critical Start
October 2013 Don?t Just Talk, Communicate!
Jennifer Roberson, Stinnett & Associates
August 2013 Physical Security
Randy Nason, Vice President/Manager of the Security Consulting Group, Guernsey
June 2013 Ten Key IT Considerations for IA
Stacey Moore, Senior Manager, Advisory Services, Ernst & Young
April 2013 Data Analytic Tools and Techniques
Brent Hinds and Mark Funck, Stinnett & Associates
February 2013 Getting the Most Value from Your Next Network Penetration Test
Jerry Dawkins, Ph.D., CEO and Founder, True Digital Security
December 2012 A Day in the Life
Jon Williams, Lead IT Auditor, WPX Energy, Inc.
October 2012 Getting the Right Fit from Service Organization Controls (SOC) Reports
George Galindo, Managing Director, PwC
August 2012 TAFT! (This Ain?t Freakin? Texas): A Case Review of How the Failure to Manage Assumptions Has Cost Companies Millions in Overruns
Bill Fournet, President and CEO, The Persimmon Group
June 2012 PM Unusual
Kris Reynolds, Project Management Practice Leader, The Persimmon Group
April 2012 Letting the CAAT Out of the Bag
Jennifer Goines, Continuous Auditor, Cherokee Nation
February 2012 Mobile Device Security
Joe Krull, Mobile Security and Privacy SME, PwC Risk Assurance, IT Risk and Security Assurance
December 2011 Application Security: Current Landscape, Maturity, and Landscape Trends
Michael Oglesby, Director of Technical Security Services, True Digital Security
October 2011 IT Governance, Risk and Compliance
Tommy Thompson, Director of Program Development Services, True Digital Security
August 2011 Incident Response, Current Cyberthreat Picture, and Addressing Malicious Network Traffic
Matt Harper, Special Agent, FBI
June 2011 If Hackers Don't Kill You, Litigation Will
Dr. Gavin Manes, President and CEO, Avansic
April 2011 What is Data? Code Sheets, Error Levels and Endians Oh My!
Ben Davies, Ben Davies, CISSP, CISA, CM, CSM, ITILv3
The Persimmon Group
February 2011 Auditing the Enterprise Database
Mark Trinidad, Product Manager, Application Security, Inc.
Download the presentation.
December 2010 The Deadliest Catch: Risk Identification
Bill Fournet
The Persimmon Group
October 2010 Auditing the Enterprise Database
Rob Barnes, CISA, Application Security, Inc.
August 2010 The Cloud Computing Train has Left the Station. Is Your Technology Risk Management Program on Board?
Paul Tucker, CISSP, CISA, ITIL V3
Information Security Manager, Williams Information Technology (Williams Co.)
June 2010 IT Audit Implications of Carbon Accounting
Brian Yarbrough, PricewaterhouseCoopers LLP
April 2010 Common Compromises: How Modern Companies Get Hacked
Nathan Keltner, Security Consultant
February 2010 Application Security
Clint Pollock, Veracode
December 2009 Security Vulnerabilities and IT Security
Dr. John Hale, Director of the Institute for Information Security, University of Tulsa
October 2009 Business Service Management using ITIL
Jared DeShields, Williams
August 2009 Business Continuity and Disaster Recovery
Mahlon Pitt, President, Titan
June 2009 The Role of Digital Data in Legal Proceedings
Gavin Manes, Ph.D.
Avansic
April 2009 Password Vaulting
Gene Scheckel, CISA, Richard Leonard, CISSP, CISA, and Glenn Davis
ConocoPhillips
February 2009 Hackers and Hacking
Rodney Kocot
K3DES and Systems Control and Security Incorporated
December 2008 Moving into the 21st Century
Steve Burrage
October 2008 OSI Model
Ben Davies
August 2008 Data Security
Alex Pezold
June 2008 Oracle Database Controls and Security
Grant Thornton LLP
April 2008 Web Application Penetration Testing
Jerald Dawkins, Ph.d
February 2008 Vitual Machine Ware
Eric Vogelpohl, PWC Manager
December 2007 Mayor Kathy Taylor
October 2007 Unix Security and Control
Tim Fawcett, PWC Manager
April 2007 Forum on Sarbanes Oxley
February 2007 Forum on Disaster Recovery
Sandy Comish, Williams Inc., Jack Campbell, Magellan, LLP., Steve Bourke, Level 3
Dec 2006 Joint Forum on Leadership
with IIA, Tulsa Chapter Oklahoma Society of CPAs, Financial Executives International, Institute of Management Accountants, American Society of Woman CPAs, Oklahoma Business Ethics Consortium, and Association of Certified Fraud Examinars

Willis Allen
President of Gilbreath's® Practical Solutions For Success
November 2006 Members Appreciation Night
Tulsa ISACA Chapter Members enjoyed a members only night at the Polo Grill, one of Tulsa's finest wine and dine restaurants.
Oct 2006 Joint Forum with ISSA - SCADA Security
Rick Belisle
Director for the X-Force Professional Security Services Southeast Region

Dr. Gavin W. Manes
President of Oklahoma Digital Forensics Professionals, Inc. (OKDFP) and a Research Assistant Professor of Computer Science

Dr. Mauricio Papa
Assistant Professor of Computer Science at the University of Tulsa
August 2006 Computer Forensics
Dr. Gavin W. Manes
President of Oklahoma Digital Forensics Professionals, Inc. (OKDFP) and a Research Assistant Professor of Computer Science
June 2006 Securing Wireless Networks
Dr. Jerald Dawkins
President of Digital Enteprise Security Associates (DESA) and a Research Associate at the University of Tulsa, Digital Enteprise Security Associates (DESA)
April 2006 Active Directory
Mr. Eric Vogelpool
Principle Microsoft-technologies consultant with Williams Companies.
February 2006 TU Cybercore
Dr. John Hale
Director Associate Professor of Computer Science, CIS
December 2005 Joint Meeting with IIA on Fraud
Mr. Irving Faught
Administrator of the Oklahoma Securities Commission.
October 2005 Current State of Credit Card Control Requirements
Ray Seefeldt
Consulting Director, RSM McGladrey, Inc.
August 2005 Sarbanes-Oxley IT Audit Testing - Internal vs. External Auditing
June 2005 Chapter Planning Meeting
Dec 2004 Stopping Corporate Fraud: Will Sarbanes-Oxley Help?
John Russell
Director, Fellers Snider Blankenship Bailey & Tippins, PC
Sep 2004 Computer Crimes
Sgt. Tim C. Stadler
Cybercrime Unit, Tulsa Police Department
May 2004 Sarbanes Oxley IT Audit Process
Mar 2004 Security Roundtable Discussion
Jan 2004 Wireless Networking Security
Donald L. Pipkin, CISSP, CISM
Halting the Hacker, LLC
Nov 2003 Active Directory
John Sivinski
CITGO Petroleum Corporation
Sep 2003 Internet Firewalls:
These Days We Just Can't Live Without Them

Rick Link, CISA, CISSP
Jefferson Wells International
Jul 2003 Sarbanes-Oxley 404:
How and to What Extent Does I.T. Fit In?