2/11/2009 Security Committee Meeting Highlights

You Are Here: NYS Forum Home > Committees/Areas of Interest > Security Committee > Meetings > 2/11/2009 Security Committee Meeting Highlights

2/11/2009 Security Committee Meeting Highlights

Attendees:

Deb Snyder (OTDA)

Bob Spina (Cisco)

Joel Conklin (Verizon Business)

Frank Wickham (Sun Microsystems)

Joe Lynch (Sun Microsystems)

Barry Pardee (D & D)

Jill Elwert (Fortify)

Mike Springer (Dormitory Authority)

Ted Phelps (SUNY Admin.)

Bruce Borgoyne (DMV)

Mike Luttman (DOT)

Maureen McClure (Sun Microsystems)

Ted Doty (Cisco), guest speaker

1/15/09 meeting highlights shared.

Monthly "Hot Topic" Presentation - "How do you identify and Stop Long Tail Threats." Guest speaker Ted Doty, Cisco, provided an insightful executive overview presentation on a new view into threat assessment/management.

Education/Security-Related Webcasts - Collaboration with NYS OCSCIC on the MS ISACA webcasts.

Feb 12th webcast - Payment Card Industry Data Security Standard (PCI-DSS). Presenters: Tony Hernandez, SMART Business Advisory and Consulting Services & Taylor McKinley, Fortify Software. Announcement issued 2/3 via NYS Forum with link to registration www.msisac.org/webcast/2009-02/index.cfm and on Forum's web site event page. Registration numbers look good (as of 2/11 ~420 individuals from 4 countries & 42 states).
April 9, 2009 webcast - Incident Response (Medium Technical Level). Call for presenters to be issued week of 3/4/09; proposal deadline week of 3/16/09; presenter selections the week of 3/23/09.

Education/Seminar/Presentations (topics based on Forum's Annual Strategic Planning Conference)

Special Event Planning Team Progress Updates:
- Information Security Roundtable - May 14, 2009; 8am - 12 noon, Desmond Hotel & Conference Center, Albany, NY. Team: Deb Snyder/Bob Spina (leads), Chuck Weiss; Rich Higgins, Nikki Brate, Mike Deyo, Ted Phelps. Call for Topics survey (www.nysforum.org/committees/security/survey) released 2/12 to ~350 people in the Information Security, Senior IT Officer; person to whom the Senior IT Officer reports; & NYS Forum Institutional Representative sections of the Forum's "Managing Information in New York State: A Directory." Also issued to ITCR. Further survey distribution/comments welcomed.
- Information Security & Business Continuity, What Project Managers Need to Know - March 24, 2009; 2:30-4:00pm, Empire State Plaza Rm. 6, Albany, NY. Collaborative event with Project Management & Business Continuity Committees. Presenters: Deb Snyder (SC public co-chair) & Mark Spreitzer (BC corporate co-chair). Overview: How Security & Business Continuity integrate from a risk management point-of-view, with critical tasks/deliverables tied back to the project management life cycle/model as a "you are here" reference.
- Virtualization-related Security Risk - Team: Joe Lynch (lead), Chuck Weiss, Frank Wickham, Rich Higgins, Bob Spina, Joel Conklin & Scott Elliot. Planning underway; aiming for June; call for presenters to ITCR shortly.
- Data Classification - A Planned, Phased-in Approach - Part 1 of a 2-part series.* Overview: Planning & strategies to help ensure successful data classification initiatives. Team: Deb Snyder (temporary lead); Joel Conklin, Mike Springer, Ted Phelps, Bridget Nuss & Bruce Burgoyne. Aiming for 4th QTR 2009 to allow agencies time to digest standard, attend CSCIC training, etc. Planning underway.
- Data Classification - Emerging Tools & Solutions - *Part 2 is a collaborative effort with the Emerging Technologies Committee. Overview: new technologies, tools and solutions available to assist Data Classification (while a change from the planned direction, feedback in both committees indicates this topic is of high interest & deserves added focus.) Team: Bob Spina (lead); Jill Elwert, Barry Pardee & Scott Elliot.
- The Legal Side of Security - Privacy, Confidentiality & Security Rules, Regs, Statutes, Compliance. Team members: Mike Deyo (lead), Deb Snyder, Maureen McClure. Preliminary planning discussion 1/23/09.

Application Security Procurement Language - Will Pelgrin (OCSCIC) call for review/comments.

Next meeting - March 11, 2009, 2:00-3:30pm. Regular meetings are held the 2nd Wed. of each month; posted on Forum online calendar online event calendar and www.nysforum.org/committees/security/meetings.aspx.

Security Committee Co-Chairs:

Deb Snyder	Deborah.Snyder@otda.state.ny.us	(518) 473-3195
Bob Spina	bspina@cisco.com	(518) 427-5248