Presentation 1 – Peter Sloan, Information Governance Group, LLC
I Love It When a Plan Comes Together: The Importance of Risk Assessment, Policies, and Response Plans for Data Security
Data security is about more than IT controls –effective defense also requires security policies and readiness plans, based on a security risk assessment. In this session Information Governance lawyer Peter Sloan will discuss why and how to establish right-sized security policies and response plans by first assessing your security threats, vulnerabilities, and risks.
Mini Presentation – IT Panel: MSSU, Stronghold Data, SNC2, and Oxen Tech
Presentation 2 - June M. Middleton, CPA, CISA, SEPP, MILSE, CICA, CBA
‘Hacking the Human: Real Social Engineering Stories From the Field.’
This presentation entails:
1) An understanding of social engineering basics (what it is, history of social engineers, today’s social engineers, terminology, etc.);
2) What and How Information on businesses and their employees is gathered by social engineers (by technical and non-technical means);
3) Examples of real attacks using various vectors (phishing, phone elicitation/vishing, removable media, physical/dumpster diving, etc.); and
4) Mitigation strategies to reduce risk of social engineering attacks.