Hello friends and members: 

Calling all CISA and CISM candidates!  The CISA review class has begun.  It is not too late to still take advantage of the class!   These classes are also available for CPE hours for those already certified.  Need a refresher?  Come and get it - the CISA class provides 18 CPE hours ($5.55 a CPE) and the CISM class provides 16 CPE hours at $6.25 a CPE.  The CISA class is on Tuesdays and Thursdays and the CISM class starts this Saturday.  Go to the events registration tab to sign up.

We have room in the November session of Modern Cyber Trends and Threats Update for 3 CPEs.  Get yourself signed up.

Be sure to catch these early bird prices for the Penetration Testing against APT in December for 6 CPEs.  The early bird pricing goes through November 7th.  Additionally, if you live on the western side of the state, we are attempting to offer this class in Greenville.  So far, only three folks are signed up.  We need five people at least before we can justify the additional travel costs for the instructor.  Please sign up now if you intend on going!

Welcome to Linda Weeks, our new Marketing Director.  Check out her bio on the officer's page.  Linda will be working to get the news about ISACA out to folks in the four domains we cover - Risk, Governance, Security and Audit.  We will be hosting booths at local conferences where these career paths would congregate for education.  If you know of a great conference we should be at, please send Linda a note!   

We are looking for volunteers to continue to build relationships with our local universities:  We need a volunteer who would help us get the ISACA information out to students at our universities.  If you are a graduate of a local university and would like to help, please contact either Tom Hart or Sue Rusher to let us know.  Working on the Board offers great networking with leaders locally, nationally, and internationally, extra CPEs and a chance to make a difference.

Sincerely,

Leighton Johnson - CTO of ISFMT (Information Security & Forensics Management Team

DATE:           November 4, 2011

LOCATION:   BCBSSC Tower Auditorium
                    2501 Faraway Drive, Columbia, SC 29223
                    Free Parking
TIME:            
Registration:  8:30 am (Breakfast served)
Class Time:   9:00 am - 12 noon
Lunch:           12 noon - 1:00 pm

Pre-Registration and payment required at http://www.scisaca.org/ Click on future events, and locate this date.  Checks and credit cards accepted for pre-registration.  

Pricing:
Registration: Oct 26th- Nov 3rd
$75- SC Midlands ISACA Members
$95- Affiliate Members
$115- Non-Members

*Affiliate Members of IIA, SIAA, IMA, other ISACA chapters, etc.

What you will learn:
Cybersecurity incidents are major concerns for enterprises and governments worldwide. Data breaches are expected to account for US $130.1 billion in global corporate losses this year, according to the Ponemon Institute.

This course will help enterprises to be prepared against the rise in threats from cyber criminals. The latest cybersecurity threats will be identified; the current cyber-trends across the Internet will be defined; network vulnerabilities will be discussed; and tools, techniques, and tactics will be provided to combat threats.

Current threats to the information security landscape are:

�         Data breaches
�         Identity theft
�         Web 2.0 and client-side attacks
�         Targeted messaging attacks
�         Botnets
�         Rootkits
�         Logic Bombs

Phishing e-mails are the most common attack vector, and combating them requires a varied approach that includes:

�         User awareness and training
�         Incident response capability
�         In-bound and out-bound filters at gateways

Each threat and attack is different, and should be considered independently. This course will provide tips on how to gather a team of well-trained experts to develop the best approach possible and how to be sure your filtering methods and incident response capabilities are up to date and efficient to effectively combat attacks.

Leighton Johnson, the CTO of ISFMT (Information Security & Forensics Management Team), has presented computer security, cyber security and forensics classes and seminars all across the United States and Europe. He was the regional CIO and Senior Security Engineer for a 450 person
directorate within Lockheed Martin Information Systems & Global Solutions Company covering 7 locations within the Eastern and Midwestern parts of the U.S. He is an adjunct instructor of digital and network forensics and incident response at Augusta State University. He has over 35 years experience in Computer Security, Cyber Security, Software Development and Communications Equipment Operations & Maintenance; Primary focus areas include computer security, information operations & assurance, software system development life cycle focused on modeling & simulation systems, systems engineering and integration activities, database administration, business process & data modeling. He holds CISM (Certified Information Security Manager), CISSP (Certified Information Systems Security Professional), CIFI (Certified Information Forensics Investigator) CSSLP (Certified Security Software Lifecycle Professional), CMAS (Certified Master Antiterrorism Specialist) and CISA (Certified Information Systems Auditor) credentials. He has taught CISSP, CISA, CISM, DIACAP, Digital and Network Forensics, and Risk Management courses around the US over the past 7 years. He has presented at EuroCACS 2010, ISMC 2007, ISMC 2006, CyberCrime Summit 2007, multiple year presentations for OPNET Technologies international conferences, INFOSEC WORLD 2005, multiple presentations for military and civilian conferences for customers and clients worldwide.

Peter Morin CISSP, CISA, CGEIT, CRISC and GCFA - Senior Manager of Information Security at Bell Aliant Corporate Security

DATE:          December 7, 2011 (Columbia)
                    December 8, 2011 (Greenville)

LOCATION:   Columbia:
                    BCBSSC Tower Auditorium
                    2501 Faraway Drive, Columbia, SC 29223
                    Free Parking

                    Greenville

                    Clemson at the Falls

                    55 Camperdown Way

                    Greenville, SC 29601

 

TIME:            
Registration:   8:30 am (Breakfast served)
Lunch:            12 noon - 1pm
Seminar:        9:00 - 12 noon and 1:00 to 4:00 pm

Pre-Registration and payment required at http://www.scisaca.org/  Click on future events, and locate this date.  Checks and credit cards accepted for pre-registration.  

Pricing:
Early Bird Registration:  Now - Nov 11th  $85 - SC Midlands ISACA Members
$105 - Affiliate Members
$125 - Non-Members

Regular Registration: Nov 8th - Nov 30th    
$105- SC Midlands ISACA Members
$125 - Affiliate Members
$145 - Non-Members

Late Registration: Dec 1st - Dec 6th
$125 - SC Midlands ISACA Members
$145 - Affiliate Members
$165 - Non-Members

*Affiliate Members of IIA, SIAA, IMA, other ISACA chapters, etc.

What you will learn:

The current cyber-battlefield involves persistent campaigns of targeted and sophisticated hacking attacks aimed at governments, military, fortune 500 corporations and other sources of high-value targets, commonly referred to as Advanced Persistent Threats or APT.

Do the following questions interest you?

• How do groups such as Lulzsec and Anonymous hack into seemingly high-security networks with such ease?
• Curious what terms such as "command and control" refer to?
• Interested how a spear phishing attack can lead to a data breach?
• How can a Security Information Event Management (SIEM) system help my organization identify when it is under attack?   

This one day workshop will provide insight into the anatomy of Advanced Persistent Threats including the various stages of attack, common attack vectors used, and examples of high-value targets (i.e. SCADA). We will also discuss some examples of organizations that have been breached and the complex attack methods used (i.e. RSA, Sony, Lockheed Martin, HB Gary, etc) as well as some of the defenses organizations are employing to better protect their information assets. During this workshop we will use common hacker tools such as MetaSploit and BackTrack to perform real-life demonstrations to highlight the significance of the attacks occurring today.

 

Peter Morin is a Senior Manager with Bell Aliant where he is responsible for managing security planning, vulnerability assessments, security event management and incident response. His position with Bell Aliant focuses on information security risk management, penetration testing, application code analysis, malware analysis, and developing standards for secure application development. Peter has over 15 years of in-depth information technology experience in the fields of enterprise computing and networking with an emphasis on IT security, application development, business continuity, incident response and forensics. Prior to Bell Aliant, Peter was a Senior Manager with KPMG LLP and Ernst & Young LLP's IT Security, Risk Advisory & Forensic practices. Peter is a frequent speaker on the subject of social networking, risk management, information security, penetration testing, malware analysis and forensics and has presented at numerous events held by the HTCIA, Blackhat/DefCon, PMI, Computer Security Institute, Interop, SANS, and ISACA. Peter is also a frequent guest lecturer at numerous colleges and university throughout North America.

Presented by John Gatto, CISA, CRISC of Health Care Service Corporation (HCSC), Divisional Vice President, Audit Services

Breakfast, Lunch and 6 CPEs

DATE:          January 12, 2012
LOCATION:   BCBSSC Tower Auditorium
                   2501 Faraway Drive, Columbia, SC 29223
                   Free Parking
TIME:            
Registration:   8:30 am (Breakfast served)
Lunch:            12 noon - 1pm
Seminar:        9:00 - 12 noon and 1:00 to 4:00 pm

Pre-Registration and payment required at http://www.scisaca.org/  Click on future events, and locate this date.  Checks and credit cards accepted for pre-registration.  ISACA Student Members and Academic Advocates attend for free but must register in advance.

Pricing:
$65 Early Bird:  Now - December 10, 2011
$85 Regular Registration: December 11, 2011 - December 31, 2011
$105 Late Registration: January 1, 2012 - January 9, 2012

What you will learn
Every auditor is faced with the world of technology in almost every audit in the audit plan. This course is great for those auditors who have not been formally trained in IT or IT Auditing and an excellent brush up on basic skills for the experienced IT Auditor. Topics to be covered will be; General Overview of IT, IT Controls, IT General Controls, Outsourcing and Social Networking. The General Controls area will highlight the major issues an auditor should be concerned with and provide some testing matrices that can be used in the future.

John Gatto has been with Health Care Service Corporation (HCSC) in Chicago, IL, since December, 2005 and is currently the Divisional Vice President, Audit Services. In this role, he is responsible for all aspects of IT Audit for the four Plans comprising HCSC (Illinois, Texas, New Mexico and Oklahoma) and encompasses NAIC / MAR compliance and testing, risk based audits, advisory engagements for new development projects, coordination of SSAE #16 reviews and E&Y Year-End Financial Audits. John is a member of a number of Steering Committees within the IT area of HCSC.

Prior to HCSC, John worked at Federal-Mogul in Michigan as the Sox coordination supervisor, Avery Dennison in California as a Project Manager, and spent 13 years with Horizon BlueCross BlueShield of New Jersey, where he was Director of Systems Audit, Customer Audit and Operations Audit.

John has over 40 years of audit experience, most of it in the IT arena. He is a CISA and CRISC and has his MBA from Fairleigh-Dickinson University in New Jersey. John is a frequent speaker for the BCBSA, IIA and ISACA organizations.