You Are Here: 3/11/2009 Security Committee Meeting Highlights
Attendees:
- Deb Snyder (OTDA)
- Bob Spina (Cisco)
- Joel Conklin (Verizon Business)
- Jo Shrader (OCFS)
- Scott Elliot (IPLogic)
- Mike Springer (DASNY)
- Rich Higgins (OMRDD)
- Ted Phelps (SUNY Admin.)
- Joann Bomeisl (OMRDD)
- Estelle Council (Parole)
- Bruce Borgoyne (DMV)
- Barry Pardee (D & D)
- Bridget Nuss (EMC2)
- Jill Elwert (Fortify)
- Jacob West (Fortify), guest speaker
2/11/09 meeting highlights shared.
Monthly "Hot Topic" Presentation - Jacob West, Fortify Software provided an executive overview of a recent study - "Open Source Security Study - How Are Open Source Development Communities Embracing Security Best Practices?" Excellent insights from a recent study; timely and relevant information on open source code risk. More information at: http://www.fortify.com/security-resources/library/opensource.jsp.
Education/Security-Related Webcasts - Collaboration with NYS OCSCIC on the MS ISACA webcasts.
- April 9, 2009 National webcast ? Application Security, 2:00pm-3:00pm EST. CSCIC recently rearranged planned topics, and has a presenter lined up - Alan Paller, Director of Research, SANS Institute.
- Finalized upcoming dates & topics: June 17th, 2009 - Securing Mobile Devices; and August 19th, 2009 - Security of Social Networking Sites / Web 2.0.
Education/Seminar/Presentations (topics based on Forum's Annual Strategic Planning Conference)
- Special Event Planning Team Progress Updates:
- Information Security Roundtable - May 14, 2009; 8am - 12 noon, Desmond Hotel & Conference Center, Albany, NY. Team: Deb Snyder/Bob Spina (leads), Chuck Weiss; Rich Higgins, Nikki Brate, Mike Deyo, Ted Phelps. Call for Topics survey (www.nysforum.org/committees/security/survey) released 2/12 to ~350 people (Forum's Directory - Info. Security, Senior IT Officer; person Senior IT Officer reports to & NYS Forum Institutional Rep., and ITCR.) Call for Subject Matter Experts sent to Forum 3/12, to be issued to ITCR and Operating Committee Chairs.
- Information Security & Business Continuity, What Project Managers Need to Know - March 24, 2009; 2:30-4:00pm, Empire State Plaza Rm. 6, Albany, NY. Collaborative event with Project Management & Business Continuity Committees. Presenters: Deb Snyder (SC public co-chair) & Mark Spreitzer (BC corporate co-chair). Overview: How Security & Business Continuity integrate from a risk management point-of-view, with critical tasks/deliverables and control objectives tied back to the project management life cycle/model.
- Virtualization-related Security Risk - June 9, 2009, 8:30am-12noon; Desmond Hotel & Conference Center, Albany, NY. Team: Joe Lynch (lead), Chuck Weiss, Frank Wickham, Rich Higgins, Bob Spina, Joel Conklin & Scott Elliot. Planning underway; aiming for June; call for presenters to ITCR shortly.
- Data Classification - A Planned, Phased-in Approach - Overview: Planning & strategies to help ensure data classification initiatives success. Team: Deb Snyder (temporary lead); Joel Conklin, Mike Springer, Ted Phelps, Bridget Nuss & Bruce Burgoyne. Aiming for 4th QTR 2009 to allow agencies time to digest standard, attend CSCIC training, etc. Preliminary planning underway.
- Emerging Technologies - collaborative discussions are underway with the Emerging Technologies Committee as to what we can do in this area. Team: Bob Spina (lead); Jill Elwert, Barry Pardee & Scott Elliot.
- The Legal Side of Security - Privacy, Confidentiality & Security Rules, Regs, Statutes, Compliance. Team members: Mike Deyo (lead), Deb Snyder, Maureen McClure. Preliminary planning underway.
Application Security Procurement Language - further discussion of Will Pelgrin's (OCSCIC) call for review/comments.
Next meeting - April 8, 2009, 2:00-3:30pm. Regular meetings are held the 2nd Wed. of each month; posted on Forum online calendar online event calendar and www.nysforum.org/committees/security/meetings.aspx.
Security Committee Co-Chairs:
| Deb Snyder | Deborah.Snyder@otda.state.ny.us | (518) 473-3195 |
| Bob Spina | bspina@cisco.com | (518) 427-5248 |