28 June, 2017

WELCOME TO GREATER NEW ORLEANS ISACA (GNO ISACA)

Winner of 2009, AND 2010 K Wayne Snipes Best Small Chapter North America & for 2009 AND 2010 Worldwide

And the Infragard Cybersecurity Special Interest Group (SIG)



ISACA is a vibrant, growing, international organization of over 115,000 information system security, governance (management) and audit professionals in 180 countries. ISACA® (www.isaca.org) helps business and IT leaders build trust in (and value from) information &  information systems. Established in 1969, ISACA is the trusted source of knowledge, standards, networking, and career development for information systems audit, assurance, security, risk, privacy and governance professionals. ISACA offers the Cybersecurity Nexus™, a comprehensive set of resources for cybersecurity professionals, and COBIT®, a business framework that helps enterprises govern and manage their information and technology. ISACA also advances and validates business-critical skills and knowledge through the globally respected Certified Information Systems Auditor® (CISA®), Certified Information Security Manager® (CISM®), Certified in the Governance of Enterprise IT® (CGEIT®) and Certified in Risk and Information Systems Control™ (CRISC™) credentials. The association has more than 200 chapters worldwide.



ISACA Privacy Policy -- Your Rights!

http://www.isaca.org/pages/Privacy.aspx

Networking

     
LOCAL ANNOUNCEMENTS
Stay Tuned: For Summer Meetings!
UP COMING EVENTS
Stay Tuned: For Summer Meetings!

COMING UP:

GNO ISACA Workshop - Thursday July 13 2017 (4:30pm-5:30pm) - at East Jefferson Regional Library

Topic -- What's new in security for servers?

Much of the blame for the spread of ransomware attacks was placed on computers running older operating systems. A company can spend several thousand dollars a month on an outside security firm to protect its network, or several hundred thousand dollars cleaning up after an attack, or just $800 purchasing a license for the latest Windows Server operating system.
 
After a year of testing, the newest operating system "Windows Server 2016" was released six months ago.
 
Learn what new Internal Controls are now available to improve security, such as detecting & issuing an alert if ...

1) A user's computer asks for the names & addresses of all other computers on the network.

2) A user's computer is starting to have a lot of traffic with other computers on the network.

3) A device (Webcam, scanner) has been added by a user (or vendor) to your network -- is that device secure from outside access?

Learn what Internal Controls can automatically invoke the appropriate defense against specific security attacks.

1) Your website is being overwhelmed by traffic from an outside computer (a Denial of Service attack).

2) Someone is trying to "scrape memory" to steal credit card numbers or login credentials.
 
Learn what Internal Controls can prevent malicious code from executing.

1) Build a whitelist of commands (like "Copy", "Delete", or "Encrypt") that can only be executed by sitting at the keyboard of the server, not remotely over the Internet.
 
Learn what Internal Controls can prevent loss of availability.

1) Automatically shift traffic to a secondary server when the primary server becomes too busy (Denial of Service attack) or goes offline (hardware failure).

2) Quickly install a vendor's application on a second [replacement] server, without having to wait for the vendor to perform this task.


Speaker's Biography:

Jeffrey Wagar is the Past President of the ISACA Greater New Orleans Chapter. He has passed 36 certification exams (Microsoft, ISACA, ISC2, etc.) in Information Technology, including 7 in IT Security. He was a Speaker recently at the ISACA 2016 National Convention on the topic of Ransomware, and has spoken this year to MBA Classes at Tulane and UNO on the topic of IT Security.