Events & Program

Chapter Events are right below, or go to the Non-Chapter events.

Chapter Events and Meetings

The Hacker Evolves: New Trends in Vulnerabilities and Exploits
Date: December 14, 2005
Time: 11:00am to 12:00pm
Location: Your computer! (webcast)
Cost: FREE
Presenter: Clint Hatton, S.P.I. Dynamics, Inc.

The growth of e-business and use of the Internet to automate data intensive functions has driven many companies and individuals to open their networks and lives to wider audiences. The ability of hackers to continually evolve with security initiatives and technology has created a difficult cycle for many companies and individuals to keep up. As the sophistication of tools to prevent or detect hackers has increased, the technical knowledge required to attack a network and mobile devices has sharply decreased, and the continual surge of new hacker techniques is dramatically on the rise. This has left growing numbers of companies and the individual consumers exposed to an ever-increasing list of potential attacks.

With the ever-increasing threat of cyber attacks, today’s Web environment has made application security an essential element in the application development lifecycle. Industry experts estimate that three-fourths of today’s successful system attacks do not happen via network security flaws, but by entering directly through defects in Web application code. The hacker has evolved. Reality is that Web sites and Web applications are hacked with frightening ease. By taking advantage of the public access to a company through the Internet and using it to subvert your applications, hackers can gain easy access into your company’s sensitive backend data. Firewalls and intrusion detection systems (IDS) will not stop such attacks because hackers using the Web application layer are not seen as intruders. This presentation explores trends in hacker exploits and the vulnerabilities they exploit, including real examples of common Web application attacks such as SQL injection. In addition, the session will discuss how to defend against these common attacks.

Clint Hatton is a senior security engineer for SPI Dynamics, (www.spidynamics.com), the expert in Web application security assessment and testing. He has over 20 years experience in the information technology industry. Prior to joining SPI Dynamics, Clint worked for Sanctum (which was acquired by Watchfire in 2004) where his roles included Web application security auditor, strategic alliances partner development, trainer, and sales engineer. Prior to his role at Watchfire, Clint was also the director of Data Center Operations at Pilot Network Services where he was responsible for the day to day technical operations of a security focused ISP. In addition, Clint was a senior project manager for IBM Global Services, and manager of network and telecom technologies at GTECH Corporation. In his spare time, Clint recently founded an organization that refurbishes used and donated corporate computer equipment, provides the equipment, training, and support to the elderly and needy.

You can register online, or just see the form for offline registration instructions. Register by December 8!

Accessing the Webinar Meeting:
Subject: Western Michigan ISACA Meeting
Meeting URL: https://www.livemeeting.com/cc/spi/join
Meeting ID: RT7TBQ
Meeting Key: 9-%3FpPcp
Role: Attendee
Phone Number (for audio): Provided by Richard Rosenthal via email

Get the full details on the meeting and setup in the November newsletter. First-time users: Go to the meeting site early to install the Windows-based Meeting Console before your meeting.
*Note: The first time you use the Microsoft Placeware service will require the user to download some ActiveX components. This might add a couple of minutes to the login time so please plan to join a bit early.

Upcoming Events and Meetings

January 25, 2006
TBD
Location: Your computer (webinar)
Time: 11:00am
Presenter: Clint Hatton, SPI Dynamics

February, 2006
ACL Training
Location: Grand Rapids
Time: TBD
Presenter: Robert T. Makowski

March 30, 2006
Understanding Group Policy in Active Directory
Location: Grand Rapids
Time: TBD
Presenter: Derek Melber, Braincore

April 12, 2006
Auditing Windows 2000
Location: Crowne Plaza, Grand Rapids
Time: 8:00am
Presenter: Clayton Snyder, Deloitte

May 17, 2006
IT’s 2006 Oxymoron: Reduce IT Cost by Modernization IT Code, Privatize IT Data, and Testing it all Thoroughly
Location: Grand Rapids
Time: 8:00am
Presenter: Gary Deneszczuk, Compuware

Prior Events and Meetings

November 18, 2005
An Examination of the ISACA Code of Professional Ethics
Presenter: David M. Cannon, Assistant Professor of Accountancy, Grand Valley State University
Presentation

October 19, 2005
Risk Assessment Practices
Presenter: William Papanikolas from Sparrow Health System
Presentation

September 28, 2005
Wireless Security
Presenter: Robert Parsons, Information Security/Business Continuity Project Manager, Sparrow Health System
Handouts: Wireless Security

Non-Chapter Events and Meetings

ISACA Events

**Increase your audit, control and security knowledge -- register today for an IS Audit & Control Training Week.**
Training Weeks provide unique educational experiences. If you are an IS/IT audit, control or security professional in need of proven strategies and techniques for meeting the challenges you face every day, join your peers at a Training Week. An accomplished practitioner leads each comprehensive, weeklong training program, and you can earn up to 38 continuing professional education (CPE) hours.

Members be sure to take advantage of early registration deadlines!

Program and venue information: www.isaca.org/trainingweek
Contact us: conference@isaca.org

Scottsdale, AZ, USA
5-9 December, 2005
Courses:
* Fundamentals of IT Auditing
* Information Security Management
* Database Audit, Security and Control

For more information about additional training opportunities and educational events sponsored by ISACA, visit the ISACA web site at www.isaca.org/conferences.

These items were supplied by other organizations and are included here as a service to the members of our chapter. No endorsement of the events is implied by their inclusion. If you would like us to include an announcement in this section, see our Web Site Posting Policy.

Other ISACA Chapters

Nothing to include at this time.

Non-ISACA Organizations

Nothing to include at this time.

Vendors

Nothing to include at this time.

Last updated 01/01/2006