Blogs

This Thursday, June 17th, at our Boston Chapter breakfast roundtable on Cloud Security we will hear from IANS Faculty Member Joshua Corman.  Joshua Corman is the Research Director for Security at The 451 Group.  In addition to hearing from Joshua we will hear from experts at Solutionary and Sourcefire, our event sponsors.

This past week we wrapped up breakfast sessions in Baltimore and DC.  Our members seem to have a strong opinion about the cloud.  Given that most of our members are CISOs from rather large enterprises, they expressed reluctance to move much into the cloud until security is better defined. 

As we launch into our breakfast series on Cloud Security, I thought I'd get a few things into the blog.First, I know that most of us recognize that the cloud is just another name for outsourced, third-party services that we have used forever.  It used to be called Time Sharing, ASP, Outsourcing, and a host of other names.However, I do believe that the current version of services from giants like Google and Amazon and others is a bit different in that we really don't know where I data will reside.  To me, that's one of the biggest concerns.

We are hosting our regional Retail & PCI Security Forum at the Omni William Penn Hotel in Pittsburgh this Thursday May 27th.  Bob Russo, GM of the PCI Security Standards Council is our Keynote Speaker.

As the event approaches I have been reflecting back to conversations I've had with CISOs across the US over the past few years as the PCI DSS has evolved.  I always wonder if it has helped improve security and actually reduce the risk to credit card data.

CSO Breakfast Club will start its Cloud Security series in early June.  On topic, Walt Mossberg, technology columnist of the Wall Street Journal, addresses the terminology around cloud computing in his May 6th column.  See the article here.

Matt Moynahan, CEO of Veracode spoke at our DC breakfast 2 weeks ago and is speaking again at our NY breakfast this Friday May 7th. In addition to Matt Moynahan, Veracode has provided Paul Zymba Director of Customer Success as well as Chris Wysopal - the company CTO to speak to various chapter during our current series on Third Party Vendor Risk Management. See our interview with Chris Wysopal below.

Here are a few things to get you all up to date.

This week we hold our Third Party Vendor Risk Management breakfast events in our Pittsburgh and Philadelphia chapters on Thursday and Friday respectively.  Go to the events calendar and register for the events if you have not already.  We are very excited to have Michelle Dennedy VP of Security & Privacy Solutions from ORACLE presenting along with Chris Wysopal, CTO at Veracode in both cities.

Join with Information Security, Audit & Compliance and IT Risk Management Executives from the region to hear from peers and their technology partners as they provide case studies in overcoming challenges related to Retail & PCI issues. If your company must comply with PCI then you should attend this event.

MAY 27th - 7:30am-4:30pm

Omni Wiliam Penn Hotel, Pittsburgh, PA

In this part 2 of my interview with Bob Maley, former CISO for the Commonwealth of PA, Bob tells us more about his firing for speaking at the RSA conference and just why we he went to the conference knowing this might be the consequence.

Last week we met up with Bob Maley, the former CISO of the Commonwealth of PA. Bob was part of a controversial firing from the state after he spoke at the RSA conference last month.

In this 3-part video interview we ask Bob to tell us a little about his program at the state, what his feelings are about being fired and what's next for him.