[Owasp-twincities] February 17th OWASP Meeting - Rick Ensenbach
lorna.alamri at owasp.org
Sun Feb 8 21:28:50 EST 2009
Finally! Our 1st meeting of 2009 will be on February 17th at 6pm.
*February OWASP Meeting –Rick Ensenbach*
*Proactive Lifecycle Security Management*
Security Authorization Process Overview
Security professionals are often faced with the daunting task of having to
retrofit security controls into systems after it has already been put into
production. The bad news is that this commonly occurs after sensitive or
confidential information has been exposed as a result of a preventable
system vulnerability, which often leads to public embarrassment, unnecessary
litigation, regulatory fines, loss of customer confidence and numerous
man-hours spent performing incident response and breach notification
Attend this session and learn how to ensure that security is addressed early
in the system development/acquisition process by implementing a simple,
scalable process that Federal agencies and the Department of Defense have
practiced for years. You will also learn how this process can help with
other regulatory and industry compliance requirements such as Payment Card
Industry, Health Insurance Portability and Accountability Act,
Sarbanes-Oxley and Gramm-Leach-Bliley.
Mr. Ensenbach will also discuss available resources you can use and provide
and example of a "System Security Plan" that you can immediately start using
in your own organization and get you started on implementing your own
security authorization process.
This is a "must" attend session for all organizations that are required to
comply with Federal Information Security Management Act (FISMA).
Mr. Ensenbach is an information security professional with over 25 years of
experience in the field of information security. Mr. Ensenbach has worked
for a diverse range of organizations. He has been responsible for creating
the information security programs for the Air Force, 934th Airlift Wing -
Air Force Reserve, Children's Hospitals and Clinics of Minnesota and Conseco
Finance. He has also consulted independently and for several security
consulting companies. He currently works in the State of Minnesota's
Enterprise Security Office.
Mr. Ensenbach's background includes information security risk management,
security auditing and regulatory compliance assessments, policy/standards
development, program development and strategic planning. He has an extensive
knowledge of regulatory requirements (e.g. HIPAA, GLBA, FFIEC) and
internationally accepted standards such as NIST, ISO17799/27001 and COBIT.
*Date:* February , 2009
*Time:* 6 p.m.
*Location: L3100*, (Third Floor of the Library Building, Wheelock Whitney
Hall) MnScu Minneapolis Campus
*Address: *1501 Hennepin Avenue, Minneapolis, MN 55403
*5:30 pm - *Networking
*6:00pm* - Introduction and optional sign-in for CISSP credits
*6:10pm* - Welcome: OWASP chapter updates, Conference Announcement!
*6:30pm* – Rick Ensenbach
*8:80 pm* - Upcoming Events reminder and meeting wrap-up
*Thank you:* <http://www.strategicit.org/>
*Center for Strategic Information Technology and Security*
<http://www.strategicit.org/>for sponsor our location
We currently are looking for a meeting sponsor for refreshments for the
meeting and for the book give-away.
Call Lorna at 651-338-0243 if you need directions or have questions.
Twin Cities OWASP
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Owasp-twincities