Membership is FREE. Just come to a meeting, and sign yourself up for the (e)mailing list!
IMPORTANT: Please be prompt, as we plan to start at 7 pm SHARP
!! The building is locked at 7 pm and anyone who arrives after that time will
require a Sun employee to escort them to the meeting. It is also highly
probable that those who arrive after 7:30 may not be able to attend the
meeting.
IT Governance and Security Standards like PCI DSS, ISO-27001 and ISO-27002,
COBIT, ITIL, Common Criteria, FISMA, and FISO are the alphabet soup of the
new
decade. They aren't as different as you think.
In this month's presentation Mark Mellis who has presented various
security and datacenter
related talks at UUASC along with Mike Jordan will point out what the
standards have in common,
where some of the differences are, and most importantly, what
practical compliance actions
you can take that keep the auditors off your back while providing a
functional and secure system.
About the presenters:
Mike Jordan
Mike Jordan has spent decades working with the latest cutting-edge
technology in a number of fields. He most recently managed educational
software product development at seven sites for Cengage Learning,
introducing the Scrum framework and agile development practices as
well as structured security methods. These Cengage SaaS products
included homework, assessment, outcomes management and reference
material applications for higher education. Mike has managed software
development, documentation, QA, testing, SaaS operations and security
at a number of companies in such diverse fields as SaaS (Cengage
Learning and PlaceWare), game systems (3DO), high-performance systems
(Ridge Computers) and embedded systems (Network Computing Devices).
Mike is a software developer at heart and prior to his management
experience worked on software in research and simulations at GE;
compilers, design automation and operating systems at Honeywell
working on Multics; transaction-based file systems and early laptop
computers at Gavilan Mobile Computers and embedded systems at Network
Computing Devices.
Mike has provided security expertise for companies ranging from large
financial services companies to online game startups. These reviews
have dealt with topics including security architecture, risk analysis,
code review and third-party suppliers. Mike has held the position of
CISO for a major SaaS company. His SaaS and Security experience has
included Forensics, Incident Response and Security Planning.
Mike is a Certified Scrum Master. Mike is a current member of the
IEEE, ISACA (Silicon Valley Chapter) and ACM. You can find out more
about Mike at LinkedIn or on the Multicians web site. He graduated
from Arizona State University with a BSEE degree (before they had a
Computer Science program).
Mark Mellis
Mark specializes in Information Security Architecture and Operations
consulting. Most recently he has served as the Operations Director and
Information Security Officer for a SaaS web application project,
preceded by more than a decade of Information Security consulting
where he served clients in the higher education, financial,
manufacturing, and high-tech sectors, including more than 50 of the
Fortune 500. Prior to his consulting career, Mark worked as a software
developer for several Silicon Valley startups. Mark began his career
with a stint as a nuclear power plant operator on U.S. Navy
submarines.
Mark has written for TechTarget and Usenix's newsletter ;login, and
has taught forNetworld+InterOp and USENIX.
Mark holds the CISM certification and is a member of the ISACA (Los
Angeles Chapter,) theIEEE Computer Society, and USENIX. He studied
Physics at the University of Washington.
Overlapping Circles: What Modern Security
Standards Have In Common
Michael R. Jordan and Mark K. Mellis
CSO Compass, Inc.
The chocolate cream pie is a particular point of interest ;-)
222 N. Sepulveda Blvd, Suite 1800, El Segundo, CA 90245 10th floor, to the right of the elevators. Use the elevators on the west side of the building This is one of the huge white "Pacific Towers" buildings. The one with "Oracle" on the top, funnily enough... From the 105 freeway: Take the Sepulveda (aka hwy 1, aka airport) exit, but go SOUTH. It's about a kilometre down Sepulveda, on the left. Take a left just BEFORE the building, on Grand avenue, and turn into "Visitor Parking" From the 405 freeway: Take the exit just south of the 105 (El Segundo Blvd) Go west for 2+ miles on El Segundo Blvd. Turn right onto Sepulveda Boulevard. Stay in the right lane and take another right onto Grand Avenue. Pass the building on the corner completely and turn into the second driveway on the right were it says "Visitor Parking." Parking: Parking in the adjacent structure appears to have cycled back to non-free, for now.Here's a map for ya!
If you would like to be a speaker, or if you know someone who you think would be a legitimate speaker for us, please contact UUASC-LA Program Chairperson Jordan Schwartz