The TASK user group meeting...

Wed Apr 23 13:42:15 UTC 2008

A week from now the TASK (Toronto Area Security
Klatch) folks will have their monthly meeting, details
below...

From:  "TASK Executive" <info-xmqwG2hw2hQ at public.gmane.org>
To:  "colinmc151-bJEeYj9oJeDQT0dZR+AlfA at public.gmane.org" <colinmc151-bJEeYj9oJeDQT0dZR+AlfA at public.gmane.org>
Date:   Mon, 21 Apr 2008 23:01:41 -0400
Subject:   TASK April Event Reminder - Incident
Management and BlackHat Europe!

A reminder of this month's TASK event.  Great topics,
exciting speaker line up and great networking as
always!  Be on the look out for another email full of
TASK benefits soon.  (CISSP training coming).

When: Wednesday, April 30, 2008, 6pm-9pm
Location: Pharmacy Building, Room B250, 144 College
St.
Visit the website for more details and directions.

Speaker one:

How to implement a Security & Privacy incident
management program  (Bobby Singh, SSHA)

The purpose of the presentation is to provide an
overview on how to build a comprehensive and
integrated security and privacy incident management
program. Privacy incidents such as accidental
disclosure of patient health information are becoming
more and more common, and but there are few case
studies or documented examples on how to deal with
these types of incidents available to help
organizations effectively manage these incidents.

The presentation will cover key processes and work
flows, and provide an understanding of important touch
points inside the organization.

Highlights include:

- Use cases â€“ unauthorized or illegal
use, collection, disclosure, or disposal of personal
or personal health information
- Incident management work flows for various types of
privacy breaches
- Identification of key areas of integration. The
security & privacy incident management program must be
integrated with other parts of the organization for it
to function efficiently and effectively. Linkages
could be established with security operations, help
desk, etc.
- Lessons learned â€“ sharing 
doâ€™s and donâ€™ts when
building a privacy-focused incident management program
- How to maintain privacy of a privacy incident
â€“ how to triage an incident without
revealing too much information to other parties

My goal is to have participants walk away with a good
understanding of how to manage privacy breaches and
what to do in their respective organizations to ensure
an effective handling of these types of incidents.

Mr. Bobby Singh has 14 plus years experience in IT
security with extensive experience in risk management,
business operations, public relations, consulting and
auditing. As the Director of Information Security for
Smart Systems for Health Agency (SSHA), Mr.
Singhâ€™s role involves
 ensuring that security is built-in both at the
organization-level and to SSHA products and services.
He provides leadership in the development and
promotion of security standards and practices within
SSHA. Mr. Singh has broad experience developing and
implementing security programs for public and private
sector organizations. He is a frequent speaker at
conferences and round tables. Prior to joining SSHA,
Mr. Singh has held positions at Bank of America and
Deloitte were he focused on delivering security
services to clients and developing their security
practice.
 Mr. Singh received his MBA from University of
Pittsburgh and holds CISSP, CISM, CISA and CPA
designations.

Speaker two:

Jeremy Richards, DigitalDefence
Jeremy recently attended the Blackhat conference in
Amsterdam.  He'll be providing an overview of the
European Blackhat community, speaking about training
he received in reverse engineering malware, and
setting the stage for Blackhat in Vegas!
--
The Toronto Linux Users Group.      Meetings: http://gtalug.org/
TLUG requests: Linux topics, No HTML, wrap text below 80 columns
How to UNSUBSCRIBE: http://gtalug.org/wiki/Mailing_lists