SFISSA September Monthly Meeting

Our September meeting will be a joint meeting with South Florida OWASP on Wednesday, September 25

Our next meeting is Wednesday, September 25, 2013 in Nova Southeastern University from 5:00pm to 7:00pm followed by our usual networking at the Falcon pub. As always, this meeting will be FREE and provide you with 2 CPE credits; REGISTER NOW!

Talk 1: BYOP: Bring Your Own Policy

How to write (by consensus) Information Security, Internet use and privacy policies, come away with a policy written by the group. (and you will see why it’s hard to please everyone). We will start with a downloaded sample BYOD / smartphone policy, talk about the basics, what is BYOD, legal issues, security issues, safety issues and write a BYOD / mobile device policy. Takeaways include 15 most important policies, policy checklist, Sample BYOD / smartphone policy

Bio: Michael Scheidell is a recognized expert in the information security and privacy community with a strong history of innovation and entrepreneurship. Frequent conference speaker and subject matter expert in InfoSec and Digital Privacy issues. Developed a suite of IT security products with impressive results—including a patented intrusion detection system, an award-winning email security solution and a revolutionary IT Risk and Assessment framework currently used by large multinational companies, healthcare organizations and financial institutions to ensure their privacy and security. Certified CISO (C|CISO), Member FBI Infragard, ISSA, ISACA, IAPP. Managing Director of Security Privateers.

Talk 2: What’s Hiding in Your Software Components? Hidden Risks of Component-Based Software

Software is no longer written, it’s assembled. With 80% of a typical application now being assembled from components, it’s time to take a hard look at the new risks posed by this type of development — and the processes and tools that we’ll need in order to keep them in check.

Join Ryan Berg, Sonatype CSO, as he shares real world data on component risks, outlines the scope of the problem, and proposes approaches for managing these risk. You’ll learn how security professionals can work cooperatively with application developers to reduce risk AND boost developer efficiency.

Bio: Ryan is the Chief Security Officer at Sonatype. Before joining Sonatype, Ryan was a co-founder and chief scientist for Ounce Labs which was acquired by IBM in 2009. Ryan holds multiple patents and is a popular speaker, instructor and author, in the fields of security, risk management, and secure application development.