Hi [[ session.user.profile.firstName ]]

State of the Standards, Don’t Just Stand There, Do Something

Three standards for business continuity and management have been the subject of much debate since late last year, BS 25999, NFPA 1600 and the new ASIS BCM standard currently under development.

While there is an impressive “battle” raging on which standard is best or most all-encompassing, continuing this argument only distracts organizations from implementing a business continuity process and reaping the benefits of resiliency because many are waiting for the dust to settle concerning not only the standards wars, but the finalization of Title IX. A decision to do nothing could be the worst decision of your life.

This webinar is meant to help attendees understand, at a high-level, the state of the standards, their purpose and intent, and why you should do “something” rather than just stand there waiting for the dust to settle and possibly consider the recommendations of all available standards to identify the most applicable and appropriate strategies for your organization.
Recorded Apr 29 2009 29 mins
Your place is confirmed,
we'll send you email reminders
Presented by
John DiMaria; Six Sigma BB, HISP
Presentation preview: State of the Standards, Don’t Just Stand There, Do Something

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
  • Channel
  • Channel profile
  • NIST 800-171 Protect CUI or Risk Losing Federal Business Oct 12 2017 5:00 pm UTC 60 mins
    Kelly Handerhan, CISSP, PMP, CASP, CEH, Cybrary.it SME
    Federal contractors that process, store or transmit what’s called Controlled Unclassified Information have until December to implement new, more stringent security guidelines to protect that information. Chances are your organization already meets some of the requirements, but it’s unlikely that you meet them all. Join us to identify what’s new, what’s not, what you have to do and how to assess the impact.
  • Why do corporate breaches continue to succeed? Oct 5 2017 5:00 pm UTC 60 mins
    Robert Johnston, CISSP, Adlumnin, Co-Founder & Chief Executive Officer
    Corporate breaches continue to succeed because attackers can steal the legitimate identities of your employees and use those identities to attack your infrastructure. Far deadlier than malware based attacks, identity based attacks can go undetected for months or years because perpetrators impersonate the methods used by your various privileged accounts as if they were that user. Attackers have changed their methods from the now outdated malware based attacks to the evolved identity based attacks. Learn how analytics, deception, and data streams are saving the security industry, or would have at least saved the Democratic National Committee.


    Robert Johnston, CISSP
    Behavior Analytics, Active Defense, President & CEO Adlumin.com, Technology Entrepreneur

    Previously Mr. Johnston worked in the private sector as a principal consultant at CrowdStrike, Inc as an incident response expert conducting engagements against nation state, criminal, and hacktivist organizations across a variety of industry sectors.

    Previously Mr. Johnston served as an officer in the United States Marine Corps. As a Marine Officer he was the Team Lead of 81 National Cyber Protection Team, Cyber National Mission Force and the Director of the Marine Corps Red Team. He is an accomplished leader and technical expert within the cyber security community. Mr. Johnston is a 2008 United States Naval Academy graduate with a degree in Information Technology.

    He has published multiple projects and articles in industry relevant magazines and peer reviewed journals. An avid speaker within the cyber security community (ISC)2 awarded him runner up for the best up-and-coming cyber security professional in North, Central, and South America and the winner of the 2015 Community Awareness Government Information Security Leadership Award. Mr. Johnston can be followed on Twitter at @dvgsecurity.
  • Risk-Cloud-Crypto Sep 28 2017 5:00 pm UTC 60 mins
    Donald Parker, CISSP, CCSK, ITIL, MCSE
    The three emerging pillars of cybersecurity include Risk Management, Cloud Security, and Cryptography. Cybersecurity can't be implemented efficiently without risk management. The cloud is taking over and here to stay. Cryptography is the clue that holds it all together.

    Donald Parker, CISSP, CCSK, ITIL, MCSE

    As a Sergeant in the US Army, cybersecurity instructor, inventor, author, and consultant to the Federal Government, Donald Parker has dedicated his entire career of over 23 years to the Information Technology industry with a special focus on Information Security. Mr. Parker has taught CISSP and other cybersecurity classes all over the United States and abroad, including Holland, Germany, and Guam. He holds a US patent for a physical computer security device that he believes will provide the greatest defense to one of the greatest threats on the Internet, Bot Networks. He has also developed a mechanical cryptographic cipher. Donald has authored a book on passing the CISSP exam and has published an audio version of the book online with over a million downloads. He has helped federal agencies and fortune 100 corporations comply with the ever-evolving cybersecurity landscape. As an independent consultant and small business owner for the past 10 years, he successfully completed more than a dozen short to midterm contracts. The knowledge gained from more than 25 different public and private sector environments has afforded him a birds-eye view of this exciting new field. Many of Mr. Parker’s customers and students refer to him as a one-man band in the since that; he can identify the laws, regulations, requirements and policies that an organization must comply with and actually implement the security controls necessary to demonstrate compliance. Donald has developed a STEM program to teach kids and young adults cyber security basics and prepare them for capture the flag competitions.
  • Strategies for the CompTIA Security+ Exam: SYS-501 Recorded: Sep 21 2017 58 mins
    Matt Salmon, CyberVista Lead Instructor
    Are you considering in earning the Security+ certification from CompTIA? A new version of the Security+ exam debuts this fall - version SYS-501. In this webinar, cybersecurity training provider, CyberVista, dissects the structure of the new Security+ exam. We will explain the 6 Domains that comprise the test while also providing valuable strategies for test day.
  • Virtual Chief Information Security Officer (VCISO) Recorded: Sep 14 2017 45 mins
    Frank Shirmo, CISSP, CSSLP, PCI-QSA
    Not all organizations have or can afford a full-time Chief Information Security Officer (CISO) to address regulatory compliance, security, and privacy and its impact on the IT infrastructure. Then again, many organizations don’t need a CISO full time, but rather on a more limited basis
  • Understanding the Metasploit Database Recorded: Aug 31 2017 69 mins
    Tyrone E. Wilson - Founder, and CEO of Cover6 Solutions
    We discussed The Metasploit Database. No matter where you are you should have an understanding of your current network environment. One of the best ways to capture, filter, and share network information is with the Metasploit Database. Keynote Speaker(s): Mr. Tyrone E. Wilson – Founder and President of Cover6 Solutions has over 20 years of experience focusing on Information Systems and Network Security. Wilson has extensive expertise in multiple areas of the cyber field including, but not limited to, network defense, cyber threat analysis, penetration testing/vulnerability assessments, and #IPv6. Wilson has a passion for spreading knowledge to all about everything he’s acquired through his years of experience. Disclaimer: Only scan/test network environments in which you have explicit permission to do so. A sample permission memo can be found at Whttp://www.counterhack.net/permission_memo.html
  • Strategies for CISSP® Exam Recorded: Aug 24 2017 51 mins
    Sam Meisenberg, Head of CISSP Training at CyberVista
    Are you considering taking the CISSP exam? The CISSP is considered the industry-leading certification in cybersecurity, but the exam is certainly no cake walk. Strategies for CISSP Exam webinar dissects the structure of the CISSP exam. Hosted by (ISC)2 Approved training provider CyberVista, we will explain the 8 Domains that comprise the test while also providing valuable strategies for test day.
  • CMDSP - Mobile Security for the Mobile IT Administrator Recorded: Aug 10 2017 54 mins
    Ken Lloyd, CMDSP's Board members and CTO for Mi3 Security.
    ITPG Secure Compliance's Cybercast series proudly presents : CMDSP - Mobile Security for the Mobile IT Administrator.

    Come join us for a discussion on the advent of the Mobile IT Administrator position, and how CMDSP is helping organizations improve their enterprise mobility management strategy.

    ITPG Secure Compliance has invited Mr. Ken Lloyd, CMDSP's Board members and CTO for Mi3 Security, a leader in Mobile Application Risk Intelligence and Mobile Threat Defense. With 18 years focused on creating powerful Mobile and Security solutions for Enterprises, SMB's and Consumers. Recognized as a Subject Matter Expert (SME) in Mobile Security, Security Awareness and IT Security.
  • Human Factors in Cyber Security Recorded: Aug 10 2017 74 mins
    Dr. Calvin Nobles
    We discussed Human Factors in Cyber Security. The discourse surrounding human performance in cyber security remains a relevant topic; nevertheless, the scientific underpinning remains deficient. Human error is the primary contributing factor that leads to malicious activity in cyber security. Other domains such as aviation, healthcare, and nuclear power have capitalized on human factors to reduce accidents and to identify critical phases of operations; consequently, the cyber security sector trails behind the above-mentioned industries in leveraging human factors.

    The aim of this presentation is leveraging organizational culture as a platform to address human factors in cyber security. The continuous integration of technology accompanied by (a) advanced persistent threats, (b) ransomware attacks, (c) data breaches, and (d) cyber-attacks increases and threatens the complexity of cyber security operations.

    Included are examples of conceptual processes, models, and frameworks to influence cyber leaders and professionals to mandate the integration of human factors in cyber security.

    Keynote Speaker:
    Dr. Calvin Nobles, Ph.D. is a cyber security subject matter expert (SME), national security leader, researcher, practitioner, and educator with more than 20 years of experience. Culminating a career of military service at the national level in 2017, as a cyber security executive and cyber consultant. He is an adjunct faculty member at the University of Maryland University College and Indian Wesleyan University. Calvin is actively involved in the cyber community, volunteering with multiple professional associations and conducting cyber security research. Calvin is the author of the book, Exploring the Implications of Implementing Technologically Advanced Aircraft in General Aviation.
  • Web Application Testing Recorded: Aug 9 2017 124 mins
    Ben Pick - Coveros
    We discussed Web Application Testing. Web applications provide a vulnerable window into internal enterprises. These applications often process and use poorly validated input. This presentation discusses methodologies to identify and exploit such vulnerabilities within the applications.

    The target audience for this talk ranges from those with limited prior knowledge of web application testing to those with a moderate understanding.

    Keynote Speaker(s):
    Mr. Ben Pick has 8 years of security and development experience including vulnerability assessments of web and mobile applications, analyzing source code for security risks, and configuring architecture to monitor systems for anomalous activities. For the past few years, Ben has worked to incorporate security into DevOps environments by merging security tools within the software development lifecycle. This includes automating static code analysis and vulnerability tools on development environments which act as supplemental resources for manual tests.
  • SOC Analyst Fundamentals Recorded: Aug 4 2017 129 mins
    Tyrone E. Wilson - Founder, and CEO of Cover6 Solutions
    We discuss defensive tools/techniques to understand SOC Analyst fundamentals and why SOC Analysts are so highly sought after with the increasing hacking incidents. When most people hear "hacking", they think of offensive tools and software, but defensive tools play a big part in incident prevention, handling, response/recovery and forensics. This webinar is suitable for both beginners and seasoned professionals.

    Keynote Speaker(s):
    Tyrone E. Wilson - Founder, and CEO of Cover6 Solutions 19 years of experience focusing on Information Systems and Network Security. Wilson has extensive expertise in multiple areas of the cyber field including, but not limited to, network defense, cyber threat analysis, penetration testing/vulnerability assessments, and IPv6. Wilson has a passion and a mission for spreading knowledge to all that he can reach about everything that he’s acquired through his years of experience.

    Candan Bolukbas is digital polymath and Certified Ethical Hacker. Candan fully appreciates the growing threat to digital communications and data accumulation which affects all of us. He is co-founder and chief technology officer for NormShield, Inc., a McLean-based “security-as-a-service solutions” company. Candan and NormShield’s primary focus is on cyber threat intelligence, vulnerability management and perimeter monitoring.
  • Protecting identity perimeter of modern enterprises Recorded: Jul 19 2017 28 mins
    Shri. P. & Alex Buffington
    Come join a discussion on how identity has become the new enterprise perimeter now and learn how to protect it against 95% of all security breaches that often start with compromised identity.
  • Dark Web AI is bringing Dark Web Intelligence to your desktop Recorded: May 18 2017 60 mins
    Ross Everett and Larry Lafferty
    Come join a discussion with two industry leaders in the converging worlds of Dark Web Scanning and Artificial Intelligence. Learn how Intelligent agents can work from your desktop to scan the dark web for your stolen data.
  • Building Your New York State Financial Services Cyber Compliance Plan Recorded: Apr 6 2017 48 mins
    David Kim. ITPG Secure Compliance: Principal Consultant, Governance Risk and Compliance
    The most critical first steps for mid-size banks, financial and insurance firms
  • Building Your NY State Financial Services Cyber Compliance Plan Recorded: Mar 13 2017 32 mins
    David Kim. ITPG Secure Compliance SVP | Governance Risk and Compliance
    What, Why, How, & When to comply with the
    Dept. of Financial Services 23 NYCRR 500 – Cybersecurity Requirements
  • PCI DSS v3.2. A Fast Assessment to Identify What You Must Do to Comply Recorded: Jan 12 2017 53 mins
    David Kim. ITPG Secure Compliance. SVP, Governance Risk and Compliance
    Your organization has little over a year to comply with the new PCI DSS v3.2 standard. If you have yet to assess your current security controls against these new standards, it’s time to start. We’ll highlight the key changes, the issues to think about, and the time required to assess, plan and implement. As a PCI Qualified Security Assessor, we know what can trip organizations up and how to avoid missteps.
  • The Human Factor:Secure the Most Vulnerable Link in Your DLP Stgy Recorded: Feb 11 2010 47 mins
    Dow A. Williamson; Executive Director, SCIPP International, Inc.
    No matter what kind of data you are charged with protecting or how much money you spend on expensive security technology solutions, your end-users are still the number one culprit for your data loss prevention problem. Stop your leaks before they get any worse – at the “Human Level”. Over the past decades, numerous studies have concluded that inadequate end-user security awareness training is the leading cause of security breaches, data misuse, and information theft. Don’t be the next statistic! SCIPP International’s ANSI-accredited security awareness certificate programs provide your end-users the awareness they need and the quality training your executive management, auditors, and shareholders expect.
  • Gartner’s BCM & IT DRM Maturity Model Recorded: May 20 2009 61 mins
    Roberta Willey and John Morency
    Measuring the maturity of your BCM and IT DRM programs shouldn’t require hours of time, pages of documentation and teams of people to execute. This session will provide an overview of Gartner’s BCM Activity Cycle as well as our BCM/IT DRM Maturity self-assessment model.
  • State of the Standards, Don’t Just Stand There, Do Something Recorded: Apr 29 2009 29 mins
    John DiMaria; Six Sigma BB, HISP
    Three standards for business continuity and management have been the subject of much debate since late last year, BS 25999, NFPA 1600 and the new ASIS BCM standard currently under development.

    While there is an impressive “battle” raging on which standard is best or most all-encompassing, continuing this argument only distracts organizations from implementing a business continuity process and reaping the benefits of resiliency because many are waiting for the dust to settle concerning not only the standards wars, but the finalization of Title IX. A decision to do nothing could be the worst decision of your life.

    This webinar is meant to help attendees understand, at a high-level, the state of the standards, their purpose and intent, and why you should do “something” rather than just stand there waiting for the dust to settle and possibly consider the recommendations of all available standards to identify the most applicable and appropriate strategies for your organization.
The Security Awareness Certification Company
SCIPP International was formed to develop, define and promote best business practices for security awareness training with a singular focus on increasing understanding and instilling positive behavioral changes as they relate to protecting information assets. SCIPP International was founded in 2006 and relies on a distinguished Board of Advisors which is composed of an international body of information security luminaries, business executives and training professionals from around the globe. Complete biographies and security awareness course offerings for general end-users and web application developers are available on our website: www.SCIPPinternational.org

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: State of the Standards, Don’t Just Stand There, Do Something
  • Live at: Apr 29 2009 6:00 pm
  • Presented by: John DiMaria; Six Sigma BB, HISP
  • From:
Your email has been sent.
or close