I will be in Grand Rapids this Friday, attending the information security conference GrrCon. I am speaking on business continuity and risk management in the executive management track. Meantime, there is a slate of excellent speakers covering everything from OS kernel attacks, SSL trust, social engineering, to hacking smart meters and hacking airplanes.

Come out and see the conference. Drop me an email if you want to hook up. 

I will be out at the GrrCON conference in Grand Rapids on Friday, September 16. I am giving a session in the InfoSec Management track. The topic is on business continuity planning and risk management. Sound boring? No worries. There is an amazing line up of speakers covering a wide range of topics. Hope to see you there.

How asteroids falling from the sky improves security
An asteroid fell from the sky and the data center is now a smoking crater. At least, that’s the scenario that launches your business continuity planning. BCP asks the questions: what do we have, what does it do, what is the risk and what is the value? The answers to these questions are also essential build blocks of a risk management program. This presents an opportunity for the savvy information security professional. In this session, we will look at ways to co-opt business continuity to advance an organization’s information security.

I will be at the B-Sides Detroit this Friday (6/3) and Saturday (6/4). I am looking forward to meeting up with the local InfoSec talent.

http://www.securitybsides.com/w/page/33949981/BSidesDetroit

I am back from hiking the Shenandoah national forest.

John le Carre: "Coming home from very lonely places, all of us go a little mad: whether from great personal success, or just an all-night drive, we are the sole survivors of a world no one else has ever seen."

Contact: Cynthia Meinke
Ph: 248-373-8494
Date(s): 9/18/08
Time: 6:00 PM
Location: Cisco Systems, 2000 Town Center, Suite 450, Southfield, MI 48075

Event Description:

The Motor City Chapter of the Information Systems Security Association (ISSA) will be hosting their September meeting with a presentation on Practical Risk Management. Their speaker,  J. Wolfgang Goerlich, CISSP, CISA,  is an information security professional with over a decade of experience in IT.  Currently Mr. Goerlich is the Network Operations and Security Manager for a large financial institution in Michigan.  In this presentation, Mr. Goerlich will describe some of the challenges he faced while developing an enterprise risk management program and explain how he ultimately solved them with a leading governance risk and compliance (GRC) technology. This presentation will discuss the practical implementation of GRC technology, discuss its uses, and review lessons learned.

This event is open to non-members.  Please RSVP to secretary@issa-motorcity.org.  For further information, please contact Cynthia Meinke at 248-373-8494 ext. 405. 

--

Update 2011-09/09: A recording of this talk on risk management is now available on Blip.tv.

I am giving a talk at September's Information Systems Security Association (ISSA) meeting. The topic is practical risk management, how and why to build a security program around risk management. I hope to see you there.

Event information:
2008 Office Roadshow
6-May-08
Time: 9:00AM - 11:30AM Eastern Time (US & Canada)
The Inn at St. John's - Detroit (Plymouth)
44045 Five Mile Road
Detroit (Plymouth), Michigan 48170

I will be out at the Storage Networking World Conference on April 7 thru 10. On Tuesday, I am holding a session in the Business Continuity/Data Protection track. The topic is Simplifying Business Continuity Planning using OS and Storage Virtualization. Hope to see you there.