Home
From the President
Membership
Calendar of Events
Job Postings
Presentations
ISSA Journal
Sponsors
Contact Us

Archived Event Description

January 23, 2008 - 1:00 pm - 4:30 pm
Global Enterprise Risk Identification & Mitigation

Event Details:

EDUCATIONAL SESSION: #2008-001
Global Enterprise Risk Identification & Mitigation
Date: Wednesday, January 23, 2008 - 1:00 pm - 4:30 pm
Venue: Cisco Systems, Inc., 499 Thornall St, Edison, NJ – 8th Floor Gotham City Conf. Room

To Register: Please send an e-mail to doris.vasquez@us.pwc.com

Presentation #1: “Data @ Risk - Going Global via Internet File Sharing Networks”
Abstract:
Today, information asset breaches inevitably have at their source a technological cause. Well publicized cases such as hackers that access corporate data, lost laptops, backup or archival tapes that are lost or stolen are commonplace. A much more damaging mechanism, which is less well understood, is how global peer-to-peer file sharing networks used to share music and movies expose millions of personal, organizational, and government sensitive information files a year for use by criminals to commit ID theft and fraud, competitors to gain advantage, and the news media impacting organizational brand.
As corporations outsource and their workforces become more mobile and virtual, “where” the corporate perimeter is located becomes less clear. How should organizations, legislators, and law enforcement address the extended enterprise and the information custody chain that represents the reality of today’s global business operations?
This presentation will share experiences and knowledge intended to:
Illustrate the use of peer-to-peer networks and show that peer-to-peer networks are larger on many activity measures than the world-wide web,
Discuss how sensitive and personal information is made available on peer-to-peer networks,
Show the magnitude and type of information available,
Describe how criminals and other malicious individuals are using these networks to exploit disclosed information for ID theft and fraud,
Illustrate recent corporate and government breach case studies, and
Show what actions you can take to protect your organization.

Presenter Name: William Ferguson - Senior Analyst and Account Executive, Tiversa, Inc.
Presenter Biography:
Mr. Ferguson is responsible for research in areas including securing electronically stored information (ESI), threats and vulnerability management, risk mitigation, and peer-to-peer security. Mr. Ferguson brings to Tiversa five years of experience from Carnegie Mellon University. During his time at Carnegie Mellon Mr. Ferguson utilized his business, technology, and problem-solving skills to deliver solutions, advance research (both technical and operational), and offer strategic guidance to industry and government organizations.

Additionally, Mr. Ferguson was the Executive Director of Carnegie Mellon University’s Chief Information Officer (CIO) Institute, a leading research and executive education organization that seeks to enable better IT management, security and privacy within business, non-profit and government organizations.

Mr. Ferguson holds a Bachelor’s degree in Information Science from the University of Pittsburgh and a Masters in Business Administration from Robert Morris University.

Mr. Ferguson is often invited to be a lecturer and panel moderator on a variety of IT management issues and is currently active on the following councils: Privacy/RIM Council, The Ponemon Institute; Corporate Leadership Council, National Association of State CIOs (NASCIO); Homeland Security Committee, National Association of State CIOs (NASCIO); Privacy Committee, National Association of State CIOs (NASCIO); The Pittsburgh CIO Group’ Federal Government CIO University; Federal Government Project Management Advisory Group; Advisory Council, Pittsburgh CIO Forum & Executive IT Summit.

PRESENTATION #2: Governance Practices in Enterprise Risk Management

Abstract:
Enterprise Risk Management is often described as a risk-based approach to managing an enterprise, integrating concepts of strategic planning, operations management, and internal control. ERM is evolving to address the needs of various stakeholders, who want to understand the broad spectrum of risks facing complex organizations to ensure they are appropriately managed. Regulators and debt rating agencies have increased their scrutiny on the risk management processes of companies.

Enhanced expectations from stakeholders and an activist legal environment have put pressure on companies to assess the quality of their overall response to business risk issues. ERM stands apart from the fragmented and compartmentalized risk management solutions already in place at many companies.

This presentation is aimed at helping organizations develop and implement a comprehensive ERM governance solution in their environment, providing a framework for risk management, which typically involves identifying particular events or circumstances relevant to the organization's objectives (risks and opportunities), assessing them in terms of likelihood and magnitude of impact, determining a response strategy, and monitoring progress. By identifying and proactively addressing risks and opportunities, business enterprises protect and create value for their stakeholders, including owners, employees, customers, regulators, and society overall.

Presenter Name: Ashish Atri, Independent Security Consultant
Presenter Biography:
Ashish Atri is a Senior Compliance, Risk and Information Security Mitigation Consultant and one of the ISSA New Jersey Chapter’s most popular presenters.
His experience includes work on several assignments, nationally and globally, advising clients with needs for risk mitigation in the areas of Compliance, ISO 27001/17799, Business Continuity and Disaster Recovery, Information Security and Privacy. He has over 20 years experience as a management consultant with experience in Banking, Healthcare, Pharmaceuticals, Consulting and Business Process Re-engineering, at a global level.
Ashish has worked on several global risk assessments and has consulted with clients in, both the private and public sector, for their Compliance and Information Risk related needs and concerns. In the recent past, Ashish has consulted with the largest central bank in the world, the number one financial services company in the world, the number one news gathering and dissemination company in the world and one of the top five pharmaceutical companies in the world. Ashish has a BS in Electronics and an MBA. He is a certified Lead Auditor for ISO 27001 and ISO 9001.

__________________________


From Route 287 South
Follow Interstate 287 South to NEW Route 24 East (Exit 37)
Take the I-78 EAST LOCAL exit toward RT-124/GARDEN STATE PARKWAY/RT-82.
Merge onto I-78 E.
Take the GARDEN STATE PARKWAY exit- exit number 52.
Take the PARKWAY SOUTH exit.
Merge onto GARDEN STATE PKWY S (Portions toll).
Take the RT-27 exit- exit number 131- toward ISELIN/RAHWAY/METUCHEN.
Take the ramp toward EDISON/METUCHEN.
Turn SLIGHT RIGHT onto NJ-27/LINCOLN HWY.
Turn LEFT onto WOOD AVE S.
Turn RIGHT onto CR-657/THORNALL ST.
End at 499 Thornall St Edison NJ.

PLEASE NOTE THE OFFICE ADDRESS, AS THERE IS NO SIGNAGE OUTSIDE OR INSIDE THE
BUILDING OTHER THAN THE ADDRESS.


From Route 287 North
Follow Interstate 287 North to NEW Route 24 East (Exit 37)
Take the I-78 EAST LOCAL exit toward RT-124/GARDEN STATE PARKWAY/RT-82.
Merge onto I-78 E.
Take the GARDEN STATE PARKWAY exit- exit number 52.
Take the PARKWAY SOUTH exit.
Merge onto GARDEN STATE PKWY S (Portions toll).
Take the RT-27 exit- exit number 131- toward ISELIN/RAHWAY/METUCHEN.
Take the ramp toward EDISON/METUCHEN.
Turn SLIGHT RIGHT onto NJ-27/LINCOLN HWY.
Turn LEFT onto WOOD AVE S.
Turn RIGHT onto CR-657/THORNALL ST.
End at 499 Thornall St Edison NJ.


From Newark International Airport
Take the NJ Turnpike South to Exit 11 - toward US-9/GARDEN STATE
PARKWAY/WOODBRIDGE.
Once you exit, take the Garden State Parkway North to Exit 131B - toward
METRO PARK.
From the exit continue straight through three lights (the Metro Park Train
Station will be on the right).
After the third light, the second building on the left is 499 Thornall Street.


Back to Calendar Archives


Home | Membership | Calendar | Presentations | Journal | Sponsors | Contact Us

© 2004 ISSA, NJ Chapter