Chapter Meeting (Oct 2017)

When:
October 17, 2017 @ 1:00 pm – 4:00 pm America/North Dakota/Center Timezone
2017-10-17T13:00:00-05:00
2017-10-17T16:00:00-05:00
Where:
Ewald Conference Center
1000 Westgate Dr #252
St Paul, MN 55114
USA
Cost:
Free
Contact:
Event Director

marketing02Our fifth chapter meeting of 2017 will be held October 17th, 1:00-4:00pm, at the Ewald Conference Center in St Paul.  Come out and join us for our informative presentations and great networking with your coworkers, colleagues and friends!

Meeting Agenda

  • Social networking: 1pm – 1:30pm
  • President and Board opening statements: 1:30pm – 1:50pm
  • Presentation: 1:50 – 2:40pm
  • Break: 2:40pm-2:50pm
  • Presentation: 2:50pm – 3:40pm
  • Drawings and closing remarks: 3:40pm – 4pm
  • Happy Hour

Right after the chapter meeting, join us at the Surley Brewing Co. for a happy hour social/networking opportunity and visit with your friends and colleagues.


People…the Social Engineer’s Dream

Data breach revelations are commonplace in news headlines and social media today. The development of new and expanded breach notification laws ensures the public will encounter breach disclosures frequently in the future. To understand why these breaches have become a societal norm there must be an awareness of the fundamental factor, in particular the human contribution. Social engineering, is by definition the psychological manipulation of people into performing actions or divulging confidential information they would normally keep to themselves.

Evan Francen

Evan is a passionate information security expert who serves businesses of all sizes, in all industries by cooperatively solving the complex issues surrounding information security. Prior to establishing FRSecure, Evan spent more than 15 years as a leading information security professional and corporate leader in both private and public companies. He is well-versed in governmental and industry-specific regulations, standards and guidelines including ISO/IEC 27002 (17799:2005), HIPAA, GLBA, PCI-DSS, FDA CFR Part 11, SOX and COBIT, but also understands the intricacies in aligning compliance with business objectives. Most recently, and prior to establishing FRSecure LLC, Evan established the formal information security programs for four publicly-traded companies; Corel Corporation (CREL), Mattersight Corporation (MATR), MGI Pharma(MOGN) and Eisai Ltd (TSE).

 


Contracting for Security

Many organizations, regardless of size or regulatory obligations, rely on contract language to ensure obligations with their third parties. In the United States, contract enforcement still provides the best route for financial recovery following a data breach and including the right contractual terms can safeguard your organization.

Information security personnel, both in private and public organizations, are increasingly asked to draft, review or negotiate contractual terms for business customers and third parties. Teams are left wondering what security terms to include, how much detail is required and which other legal terms should also be reviewed to manage information security risk for your organization.

Charlotte Tschider

Charlotte is Owner and Principal of Cybersimple Security, a privacy and security consulting firm and Consultant, Global Privacy and Data Protection, for Medtronic Corporation. She is also a member of the International Association of Privacy Professionals (IAPP) Training Advisory Board, reviewing international privacy educational books and training materials, and a Fulbright Specialist (Fulbright Scholar Program) in Cybersecurity and Privacy Law.

Tschider was most recently Director of Information Security Management for Carlson Wagonlit Travel and has led information technology teams and served as a privacy liaison in various industries for 16 years, most notably at Target Corporation leading security incident response, risk management, and risk governance. Tschider has previously taught at the University of Minnesota. Tschider writes and presents internationally on a variety of topics involving the intersection of law and technology, and is author of International Cybersecurity and Privacy Law in Practice (Wolters Kluwer, 2018). Tschider holds industry certifications in IAPP’s Certified Information Privacy Professional (CIPP/US, CIPP/E) and ISC2’s Certified Information Systems Security Professional (CISSP).

Charlotte Tschider is a member of the American Bar Association’s Cybersecurity Section and associated working groups; an active member of the App Association’s Connected Health Initiative, a Washington D.C.-based legal advocacy group supporting app developers; a lecturer for the Information Systems Security Association’s CISSP certification preparation program; and was previously legal advisor for the Online Web Application Security Project (OWASP).

 


FAQs

Are non-members and guests welcome at meetings and events?

Yes, we welcome individuals at large from the security community to join us for any of our events. We simply ask that, after experiencing personally the value of our community at two events, individuals consider joining ISSA for the additional benefits that membership provides.

Why do we have to register to attend meetings and events?

Besides assisting the board with planning logistics for our events, registering for meetings and events, then checking in when you attend, provides you with self-service documentation you can print out to support your CPE credits if you are audited.