04-30-14 | Blog Post

InfoSec Summit Discusses Cybersecurity Safeguards in Ohio

Blog Posts

On May 5-6, a large group of IT security experts will convene for the 2014 Central Ohio InfoSec Summit put on jointly by the Central Ohio ISSA, Central Ohio Infragard, and Central Ohio ISACA. Due to the diversity of attendees, there will be five tracks at the event:

  • OWASP – Web Applications, Mobile Applications
  • Governance, Risk and Compliance
  • InfoSec Management
  • Technical Track 1
  • Technical Track 2

With 5 tracks, an attendee has their pick from over 40 different sessions. Here’s just a sampling of what you can expect next week at the show:

Learning From the Data of Others: Verizon Breach Report
Jay Jacobs, Senior Data Analyst and co-author of Verizon’s Breach report, Verizon
Tuesday, May 6, 8:30-9:30am (Keynote)


Over the last few months, we have collected and analyzed over 63,000 security incidents from 50 organizations around the world. Hidden within those incidents are practical lessons we can apply back to our own environments. Join the lead data analyst on the 2014 Data Breach Investigations Report from Verizon and explore what higher education can learn from the data loss of others.

Top Legal Issues we see in Cloud Service Agreements
Dino Tsibouris, Founding Principal, Tsibouris & Associates, LLC.
Tuesday, May 6, 9:45-10:30am (Track 4)
Topics to be explored within this session include:

  • Legal regulation
  • Terms of use
  • Ownership of data
  • Third party issues
  • Public/Private/geolocated clouds
  • Audit
  • Privacy
  • Conversion at Termination

Are You Really PCI DSS Compliant? Case Studies of PCI DSS Failure!
Jeff Foresman, Founding Partner, Pondurance
Tuesday, May 6, 2:10-2:55pm (Track 2)

Many organizations have achieved PCI DSS compliance but as past breaches have shown, some companies are not really compliant. This presentation is a case study covering many years of assessing companies that thought they were compliant, but did not meet the requirements as they believed. We will review failures in scoping, segmentation, storage of cardholder data, security testing, logging and development. We will also discuss problems organizations will face with implementing the new PCI DSS v3. Each case study will include what should have been done to meet compliance.

If you’ll be at the Central Ohio InfoSec Summit, come say hello to us at the Online Tech booth. We’ll be speaking on May 5th at 3:20pm:

Securing the Cloud in a Regulated World – April Sage, Director, Healthcare Vertical

Securing the cloud for one organization is hard enough. A cloud architecture that can fit within the performance, security, and compliance constraints across many organizations and industries requires a few novel approaches – and investments. For one, a positive partnership with auditors. Second, security and compliance driven culture, not checkboxes. Third, serious technology investments to enable key functions like encryption and remote backup to play nicely together. This presentation will share a behind the scenes look into the architectural decisions behind a cloud capable of protecting sensitive data in the healthcare, banking, and other regulated industries.

We will be present the whole show, exhibiting our secure hosting solutions. Hope to see you there!

Find out more about the InfoSec Summit here, or register here.

On May 5-6, a large group of IT security experts will convene for the 2014 Central Ohio InfoSec Summit put on jointly by the Central Ohio ISSA, Central Ohio Infragard, and Central Ohio ISACA. Due to the diversity of attendees, there will be five tracks at the event:

  • OWASP – Web Applications, Mobile Applications
  • Governance, Risk and Compliance
  • InfoSec Management
  • Technical Track 1
  • Technical Track 2

With 5 tracks, an attendee has their pick from over 40 different sessions. Here’s just a sampling of what you can expect next week at the show:

Learning From the Data of Others: Verizon Breach Report
Jay Jacobs, Senior Data Analyst and co-author of Verizon’s Breach report, Verizon
Tuesday, May 6, 8:30-9:30am (Keynote)


Over the last few months, we have collected and analyzed over 63,000 security incidents from 50 organizations around the world. Hidden within those incidents are practical lessons we can apply back to our own environments. Join the lead data analyst on the 2014 Data Breach Investigations Report from Verizon and explore what higher education can learn from the data loss of others.

Top Legal Issues we see in Cloud Service Agreements
Dino Tsibouris, Founding Principal, Tsibouris & Associates, LLC.
Tuesday, May 6, 9:45-10:30am (Track 4)
Topics to be explored within this session include:

  • Legal regulation
  • Terms of use
  • Ownership of data
  • Third party issues
  • Public/Private/geolocated clouds
  • Audit
  • Privacy
  • Conversion at Termination

Are You Really PCI DSS Compliant? Case Studies of PCI DSS Failure!
Jeff Foresman, Founding Partner, Pondurance
Tuesday, May 6, 2:10-2:55pm (Track 2)

Many organizations have achieved PCI DSS compliance but as past breaches have shown, some companies are not really compliant. This presentation is a case study covering many years of assessing companies that thought they were compliant, but did not meet the requirements as they believed. We will review failures in scoping, segmentation, storage of cardholder data, security testing, logging and development. We will also discuss problems organizations will face with implementing the new PCI DSS v3. Each case study will include what should have been done to meet compliance.

If you’ll be at the Central Ohio InfoSec Summit, come say hello to us at the Online Tech booth. We’ll be speaking on May 5th at 3:20pm:

Securing the Cloud in a Regulated World – April Sage, Director, Healthcare Vertical

Securing the cloud for one organization is hard enough. A cloud architecture that can fit within the performance, security, and compliance constraints across many organizations and industries requires a few novel approaches – and investments. For one, a positive partnership with auditors. Second, security and compliance driven culture, not checkboxes. Third, serious technology investments to enable key functions like encryption and remote backup to play nicely together. This presentation will share a behind the scenes look into the architectural decisions behind a cloud capable of protecting sensitive data in the healthcare, banking, and other regulated industries.

We will be present the whole show, exhibiting our secure hosting solutions. Hope to see you there!

Ready to attend? Register here.

Overwhelmed by cloud chaos?
We’re cloud experts, so you don’t have to be.

© 2024 OTAVA® All Rights Reserved