Officers & Contacts
President's Message
Academic Relations
Meetings & Events
Newsletters
Membership
Employment
Certification
Links and Resources
The Official Newsletter of the Silicon Valley Chapter of the Information Systems Audit and Control Association (ISACA) Editor: Lawrence R. Halme ISACA’s Silicon Valley Chapter has decided to transition from our quarterly newsletter to instead distributing the newsletter monthly. This format should help our members to better plan ahead to attend our quarterly meetings. June 2004 ISACA-SV Meeting Our 10 June meeting was conducted two days before 2004’s CISM/CISA certification exams. The meeting consisted of two talks, Chapter elections, dinner, door prizes, and the offering of moral support to those preparing for the exams. Aaron Davies-Morris of Preventsys spoke about implementing a comprehensive, centrally audited security solution that would proactively enforce security policy rather than today’s usual approach of attempting to react to apparent compromises. Kurt Shaver of Websense spoke about the “sex, drugs, and rock & roll” to be found on the Internet and the legal and security risks these present from workforce web surfing. Volunteers for Chapter positions were solicited, and by meeting adjournment, the Chapter was fully staffed for the upcoming year except for the position of Conference Director. We are still looking for one! Later this month our Chapter officers for the previous and upcoming year will meet for our annual changeover meeting. The new appointments take effect on this date. Upcoming Quarterly ISACA-SV Meeting: We are happy to announce some exciting sessions for our next quarterly meeting: Thursday, 9 September 2004 3pm to 7:30pm Ramada Inn, Sunnyvale RSVP: terry.barnhart@lmco.com ISACA Members $25 Non-Members $30 Students $15 ------------------------------------------------------------------------------------------- AFTERNOON PRESENTATION: "Auditable Security Controls of Best in Class Security and IT Operations Organizations" Speaker: Gene Kim, CTO of Tripwire Synopsis: One of the biggest challenges facing Information Security executives is how to integrate better with their peers in IT Operations, Audit, and Management. All too often, despite sharing common objectives, these stakeholders integrate poorly together. This talk presents the results of benchmarking, showing how best-in-class ITO and Infosec organizations work together to create the best service levels (high uptimes, low Mean Time To Repair), unusually efficient cost structures (server-to-sysadmin ratios of 100:1 or above), fewest security incidents, and earliest integration of Infosec requirements in the service delivery lifecycle. EVENING PRESENTATION: "Internet Secure Messaging: The Challenges Ahead" Speaker: John Thielens, CTO of Tumbleweed Communications Synopsis: This talk will examine the risks inherent in Internet messaging and the challenges organizations will face in securing Internet Messaging and managing these risks. Our September Newsletter will provide further information on reservations. Attendance of both workshops will represent three CEUs. ------------------------------------------------------------------------------------------- TRAINING & CONFERENCES: IS Audit & Control Training Week Training week provides a unique educational experience. If you are an IS/IT audit, control, or security professional in need of proven strategies and techniques for meeting the challenges you face everyday, join your peers at training week. These intensive events, led by accomplished practitioners, offer in-depth coverage on the topics important to you. Training Week provides a great way to earn valuable continuing professional education (CPE) hours while learning more about your profession. Network Security Conference The Network Security Conference will be held 13-15 September in Las Vegas, Nevada. Information Security Management Conference The Information Security Management Conference will be held 13-15 September in Las Vegas, Nevada. RELATED SECURITY PRACTITIONER / AUDITOR EVENTS: IIA and AGA Bay Area Chapters: The three local chapters of the Institute of Internal Auditors and the Silicon Valley chapter of Advancing Government Accountability are holding Auditors’ Conference 2004 “Enhancing Audit Performance and Productivity”. This two-day event will be on 19-20 August at the Crowne Plaza Hotel at Union Square in San Francisco. IIA-SJ: The San Jose chapter of the Institute of Internal Auditors is co-sponsoring an afternoon seminar/round table event at the Santa Clara Biltmore Hotel on 20 July 2004. The topic of this seminar is, “How Sarbanes-Oxley is Changing the Tax World”. ISSA-SV: The next meeting of the Silicon Valley chapter of the Information Systems Security Association will be held on Wednesday, 4 August 2004 from 11:30AM-2:00PM at Cisco Systems - Building 9, 260 E. Tasman Rd, San Jose. New ISACA benefit: COBIT Security Baseline ISACA is making a new COBIT offering available to members free of charge. All members have been granted access the publication titled, "COBIT Security Baseline: An Information Security Survival Kit". Members can download of this document in PDF format through the home page of the ISACA website. This publication presents the basic elements of COBIT most pertinent to security, offers a COBIT/ISO 17799 mapping, and presents "survival guidelines" for information security relevant to a variety of audiences, such as the home user, management and executives. It recognizes the increasing importance of information security in the roles and responsibilities of ISACA members and the association's commitment to serve in that professional arena. Job Opportunities on the ISACA-SV Website: We invite you to visit the Chapter's local job page to view employment opportunities. We are accepting job descriptions for open positions you wish to post on our web site. See the web site for contact information. New Members: Welcome to all new members of the chapter! Our membership has grown to over 250 members (as of 1 May 2004). This represents a substantial increase of chapter ranks! 2004-2005 CHAPTER OFFICERS Yogita Parulekar, President Swami Ramachandran, Vice President Oliver Wong, Secretary Sudha Chadalavada, Treasurer Kishor Kapasi, Past President Nicholas Green, Program Director Nils Puhlmann, Seminar Director Terry Barnhart, Membership and Meeting Arrangements Director Swee Fuller, Academic Relations Director and CISA/CISM Coordinator Larry Halme, Newsletter Editor Tamara DeMarco, Webmaster Roger Delgado, Webmaster DISCLAIMER As it is the objective of the Silicon Valley Chapter of the Information Systems Audit and Control Association to provide a forum for the expression of ideas and opinions, statements of opinion appearing herein are not necessarily those of the Chapter or its directors and officers.Previous Issues of the CHIP