When: December 04, 2019 - 0830-1630
Where: RTP HQ
Registration: Website
Cost:
ISACA-RTC Members - $75 (Log in to register to ensure discounted fee)
Affiliated Organizations (IIA, ISSA, Othe ISACA Chapters) - $100
All Others: $125
CPEs: Upto 7
Handouts: Will Be Uploaded When available
Session I Principles of Application Security for Risk Management Practitioners
As an auditor, risk practitioner, or risk management professional, have you ever wondered about the fundamental principles that go into building an application securely?
Do you do risk assessments of internal applications and wonder about the component pieces, and what makes them secure?
In this session, we’ll explore the modern application and how to apply secure design principles that make it safe. You’ll understand application security on a deeper level, and be better prepared to perform risk management activities against your private fleet of applications. We’ll cover:
- Secure design principles
- Input validation
- Output encoding
- Authentication
- Authorization
- Logging
- Cryptography
- Risk management for AppSec
Speaker: Chris Romeo, CEO, Security Journey
Chris Romeo is CEO and co-founder of Security Journey where he creates security culture influencing training, consults, and speaks. His passion is to bring security culture change to all organizations large and small through the creation and design of gamified security training. He was the Chief Security Advocate at Cisco for five years, where he empowered engineers to "build security in" to all products at Cisco and led the creation of Cisco’s security belt program. Chris has twenty years of experience in security, holding positions across the gamut, including application security, penetration testing, and incident response. Chris holds the CISSP and CSSLP certifications. For more information, see
https://www.linkedin.com/in/securityjourney/
Session II Robotic Process Automation
Advancements in robotic process automation (RPA) are yielding powerful results for organizations and bots are joining the workforce like never before. The digital workforce presents new opportunities for augmenting security operations—and challenges for defending against new threat vectors. How can technology leaders leverage this powerful technology to enable security while also avoiding the introduction of new vulnerabilities? This presentation provides an overview of current practices for using robotic process automation to enhance IT and security operations as well as provides takeaways for securing a digital workforce. After attending this presentation, participants will understand:
- Use cases for RPA in IT and security operations
- Cyber Threats and Vulnerabilities Related to RPA
- Practices for safely adopting and defending automation programs
Speaker: Roberto Valdez, CPA, CISA, CISM, Director of Cybersecurity & Automation, Kaufman Rossin
Roberto Valdez, CPA, CISA, CISM is the Director of Cybersecurity & Automation for Kaufman Rossin. He performs advisory and assurance engagements that include robotic process automation and digital strategies; SOC 1, 2, and 3 audits; IT risk assessments; phishing simulations; and engagements addressing compliance with requirements under HIPAA, FINRA, and SOX 404.
President of ISACA South Florida, Rob is a motivated advocate for building trust in technology through community development and education. He is an adjunct professor with Florida Atlantic University, an industry advisor to University of Miami’s College of Engineering, and he has been featured in the Wall Street Journal, TechRepublic, the South Florida Business Journal, Healthcare Business, and other publications.
For more information and to register for the training session, please visit the ISACA RTC website.
