What Not to Do When Testing Your Information Security
Instructor:
Kevin Beaver
Product ID: 700301
In this IT compliance training hear some tales from common security testing oversights, issues that create serious liabilities and common assumptions that can downright waste your valuable time and money when performing information security tests.
Description
A lot of people can tell you how to test for information security weaknesses, but most aren’t willing to share where they’ve screwed up detailing what *not* to do. In this presentation, hear some tales from the trenches including common security testing oversights, issues that create serious liabilities, and common assumptions that can downright waste your valuable time and money when performing information security tests. Not only will you learn proper ways to plan your security testing strategy, you’ll benefit from the mistakes of others to better spend your resources in order to find the most vulnerabilities and help justify future information security spending.
Areas Covered in the seminar:
Security testing oversights that no seems to get yet keep causing problems year after year
Common mistakes when planning and executing security tests
Why preparing and executing security tests are only half the battle
Resources you can benefit from to get and stay on track
Real-world examples
Who Will Benefit:
Anyone responsible for the ongoing compliance and IT governance needs of within their business - regardless of the size of the organization:
IT managers
Information security managers
Compliance officers/managers
Business executives ultimately responsible for compliance
Information security consultants
Information security auditors
Instructor Profile
Kevin Beaver, CISSP, is an independent information security consultant, author, and expert witness with over 18 years of experience in IT. He focuses his work on performing information security assessments related to compliance and IT governance. Kevin has authored or co-authored six books on information security including the highly successful ethical hacking book Hacking For Dummies, 2nd edition and Hacking Wireless Networks For Dummies (both by Wiley) as well as, The Practical Guide to HIPAA Privacy and Security Compliance (Auerbach). In addition, Kevin is a contributing author and editor of the book Healthcare Information Systems, 2nd edition by Auerbach Publications, technical editor of the book Network Security For Dummies by Wiley Publishing, and technical editor for over a dozen books and whitepapers for Realtimepublishers.com.
In addition to his books, Kevin writes and produces practical information security advice called Security on Wheels for IT professionals on the go. He is also a regular columnist and information security advisor for various TechTarget websites including SearchWindowsSecurity.com, SearchSQLServer.com, and SearchStorage.com. In addition, his information security work has been published in Information Security Magazine, SecurityFocus.com, and CSI’s Computer Security ALERT newsletter. Kevin is a frequent and top-rated speaker on information security at various conferences for RSA, CSI, TechTarget, IIA, and SecureWorld Expo.
Javier Kuong
Jay Kuong has over 25 years of management, consulting, lecturing and development experience in the Corporate Governance, IT Compliance, Internal Controls, Risk Management, IT Auditing and Business Continuity fields as an executive, international consultant, lecturer and author of over 40 books and manuals on these topics.
He has held positions as a CIO and Systems manager for industrial companies and as senior consulting manager for a major CPA firm. He is the founder of Management Advisory Services & Publications (MASP) that specializes in governance, compliance, auditing and internal control. He has authored four books on Sarbanes-Oxley compliance and a treatise on "IT Compliance and Governance".
Javier Kuong 