The Dallas Chapter of the Institute of Internal Auditors

January Meeting
Thursday the 12^TH
CityPlace Conference Center

Lunch Meeting 12:00pm
Registration begins at 11:30am

SOLD OUT!

The joint lunch meeting presented by Mark Loveless is sold out. We do not expect to be able to seat anyone who has not registered due to space availability.

Joint Meeting with the North Texas ISACA

Hacking the Friendly Skies

Mark Loveless, A.K.A. “Simple Nomad”, Vernier Networks

You are sitting on an airplane, and you pull out your laptop. No one can attack you here, you're cruising at 35,000. Your system is safe, right? Right? Think again. Flaws in Microsoft Windows allow laptop attacks in some of the oddest places, and these will be discussed in their full and ugly details.

Simple Nomad is an internationally recognized security expert, and has written and released a wide variety of advisories, tools, and white papers involving computer security. Founder of NMRC, an international hacking group, he also works by day at Vernier Networks where his job is to slice and dice computers and the networks they reside on. He frequently speaks at security conferences, has been quoted in the New York Times, Washington Post, CNN, several Internet news outlets, and is an outspoken privacy fanatic. He is also paranoid, and believes that Evil Alien Overlords are losing his luggage and misdirecting his mail.

Make your Reservation On line!

Pre-Meeting 10:30am

The Value of Vulnerability Management
Robert Buchheit and Ricky Allen, PricewaterhouseCoopers LLP

Download the Presentation

Security penetration testing continues to identify an alarming number of vulnerabilities despite dedicated resources and management programs. Vulnerability assessment reports are often too large and complex to effectively deploy within the typical limits of available IT staff and capabilities. A value based vulnerability management program can assist with your company’s mitigation and compliance programs.

Things we will cover include: - What do you get out of a security assessment? - Vulnerability scanning vs. penetration testing - Operational Risks and Concerns - Completion checklist - Methods for vulnerability management

Robert Buchheit, CISA, CISSP, Director – PricewaterhouseCoopers, with PwC's Advisory Security practice in Dallas. He has over 12 years of information systems security and audit experience and currently provides clients in various industries with information technology oriented security and consulting services. Robert has been responsible for numerous domestic and international projects relating to the development of enterprise-wide security strategies, policies, standards and technical control procedures, as well as leading and/or performing security penetration testing and diagnostic reviews.

Ricky Allen, CISA, CISSP, MCSE, Manager – PricewaterhouseCoopers, with PwC's Advisory security practice focusing on penetration testing and security assessments. He is responsible for developing Web application, penetration and network assessment methodologies. Ricky is a contributing author to the book: Information Security A Strategic Guide for Business and has presented at the SC Magazine Executive Forum and for the Houston ISACA Chapter.

Make your Reservation On line!

Post-Meeting 1:30pm

Limiting Liability Exposure of the IT Manager
Attorney Peter Vogel – Partner, Gardere Wynne Sewell LLP

Is there a discussion in your firm on liability questions regarding IT breaches and management accountability? How are directors and officers protected? What actions should be taken when breaches are discovered? Are there interviews where security executives discuss their insights into preventing major IT liability problems? What are the potential IT liabilities? What are the basics of liability insurance coverage? Are there case studies involving IT liability? What about Electronic Evidence? Failure to produce electronic evidence cost UBS $29 million. Failing to produce back-up tapes cost Morgan Stanley $1.455 billion. Are there guidelines the IT manager can put into practice? Is there a manager's checklist?

Peter Vogel is a Partner at Gardere Wynne Sewell LLP specializing in Information Technology issues. For 29 years, Peter has combined his legal skills with a Master’s Degree in Computer Science and a background in programming and management consulting to provide both technological expertise and business understanding for clients. Peter specializes in trial and transaction services related to software patents, copyrights, trade secret protection, ERP implementation, Internet security, Web site business management, and outsourcing.

At Gardere Wynne Sewell, Peter is chair of the Electronic Discovery and Document Retention Team and co-chair of the Internet and Computer Technology Practice. He helps clients navigate business and technology issues through the legal mazes of intellectual property, contracts, government regulation, and litigation from cradle to grave. Because of his unique background and expertise, Peter is often appointed as an Arbitrator, Court Ordered Mediator, and Special Master in Internet, intellectual property, and computer technology litigation.

In addition to his professional work, Peter assists a number of governmental and non-profit organizations with their technology issues. Peter has served as President of the Dallas Bar Association and served on the Board of Directors of the State Bar of Texas. In addition, Peter is an Adjunct Professor at SMU Law School and currently teaches a course on the Law of eCommerce.

It was no surprise to the people who know him that in June 2004, Peter received a Lifetime Achievement Award for Promoting Technology in the Law from the Computer & Technology Section of the State Bar of Texas. Further, Texas Monthly and D Magazine have both spotlighted the fact that Peter was selected as a Top Lawyer by his peers.

Make your Reservation On line!

Cityplace Confernce Center Map to CityPlace Conference Center