| |
| Welcome |
| Schedule |
| Presenters |
| Directions |
| Parking |
| Registration |
| Sponsors |
| Presenters |
|
 |
||
Bob Russo – General Manager, PCI Security Standards Council |
||
|
|
Bob Russo, the general manager of the PCI Security Standards Council, works with representatives from American Express, Discover Financial, JCB, MasterCard Worldwide and Visa International to drive awareness and adoption of the PCI Data Security Standard. Mr. Russo is responsible for driving the organization’s policies, as well as meeting its goals to create education programs, establish pools of certified QSAs and ASVs and incorporate feedback from all stakeholders across the payment chain into the work of the Council and the development of new standards. In addition, Mr. Russo oversees the PCI Security Standards Council's training, testing and certification programs for Qualified Security Assessors (QSAs) and Approved Scanning Vendors (ASVs). Russo brings more than 25 years of high-tech business management, operations and security experience to the PCI Security Standards Council. Mr. Russo will guide the organization through its crucial charter, focused on improving data security standards for merchants, banks and other key stakeholders involved in the global payment card transaction process. |
|
 |
l | |
| Bruce Bonsall, Vice President and Chief Information Security Officer, MassMutual Financial Group | ||
| PPT | Over the past 19 years, Bruce Bonsall transformed a seven member mainframe-centric group into a high-performance team of over fifty five well-trained highly motivated security professionals responsible for all aspects of information security. He devised and executed a highly effective, enterprise-wide security strategy for a Fortune 100 company with 250+ billion in assets under management. He also established strong business relationships with executive management throughout the company, both influencing and educating them and driving the message that information risk management is a fundamental business issue and not just an IT issue. Bruce was forward thinking in the implementation of protective technologies such as full-disk encryption of laptops (14 years ago). He defined security policies that support the business needs of a highly-regulated, global, diversified, growth-oriented financial services company and lead the development of Information Risk Management processes for IT systems. Mr Bonsall created an atmosphere that attracts, retains and encourages security professionals to innovate and build an efficient and cost effective security program that enables and protects the company and her subsidiaries including Oppenheimer Funds, Babson Capital Management, Barings Asset Management, MassMutual Japan, MassMutual Asia and Mercuries Life of Taiwan. Recognized as an industry expert, Mr. Bonsall received both the 2006 New England and National Information Security Executive of the Year Awards. His security team was also recognized in 2007 with the number 1 ranking in the InformationWeek 500 "Information Security/Privacy" category for MassMutual’s proprietary information security management system. In December 2008, Mr. Bonsall was recognized as one of the Top 25 Most Influential People in Security by Security magazine. |
|
| Nancy Kindness Heath Enterprise Information Risk Management, Information Risk Office, IT Governance Awareness Specialist, MassMutual Financial Group |
||
| Nancy Kindness Heath is a Security Awareness Specialist with MassMutual Financial Group. In this role she coordinates Information Security events and communications to employees across the enterprise. She has strong input on updates and changes to information security policies, procedures and industry best practices. Since joining MassMutual in 2007, Nancy has developed comprehensive communications and presentations tailored to specific audiences and skill sets. The key to her outstanding awareness program is the ability to have fun with the topics and create a desire for the employees to learn more. Her suggestions for increased security can be applied at work as well as at home. Nancy is a graduate of Springfield Technical Community College. Prior to her employment with MassMutual, she was an Information Security Analyst employed by Dow Jones & Co. She has 14 years experience in the Information Security field. Her career focus has been mainframe account provisioning and Information Security Awareness. She created an outstanding Awareness program for Dow Jones and developed a direction for Dow Jones that won her an award by the Chief Information Officer for its creation and implementation. |
||
 |
||
| Evan Wheeler , The SANS Institute | ||
| Evan Wheeler:As a Security Consultant working in many industries for over ten years, Evan Wheeler is accustomed to advising clients on all aspects of Information Assurance. Specializing in risk management, digital forensic investigations, and secure application design, he offers an expert insight into security principles for both clients and security professionals. Evan has spoken to many audiences on topics ranging from Payment Card Industry (PCI) risk management to building a forensic incident response infrastructure. He currently leads the information security risk management effort as a Senior Security Consultant for Omgeo, a DTCC / Thomson Reuters company, and maintains a role as a Security Consultant for the High Performance Computer Modernization Program within the U.S. Department of Defense. As a complement to this diverse experience in the field and his Computer Science degree from Georgia Tech, he has earned a Master of Science in Information Assurance from the National Security Agency certified program at Northeastern University. | ||
 |
||
Cyber Squad Agent, FBI-Boston |
||
| An FBI agent will be on hand to present on the FBI process with Cyber crimes and how their offices respond and work with potential victimes of cyber crime. The agent will discuss current trends and will be available for other questions. | ||
 |
||
| John Beveridge, CISA, CFE State Auditor's Office |
||
| PPT | Provide the business community with a highly trained cadre of professional IS auditors. To help ensure the technical caliber of members of the profession, the New England Chapter annually provides a CISA® and CISM® review course which has been instrumental in assisting many Chapter members in attaining the designation of CISA® or CISM®. A further objective is to promote information systems auditing as a career path. Through its College Relations Committee, the Chapter has endeavored to promote IS-audit career path interest among college and university students throughout the region. For the past several years, the Chapter has sponsored IS audit presentations, tables and booths on an ad-hoc basis and at various career day seminars. These presentations have been well received, and the feedback to the Chapter has been most favorable |
|
