27k: Security Summit for the Americas will cover security metrics in the context of the ISO/IEC 27000 Information Security Management Sytems standards.
It's a 2-day conference plus optional workshops the day before and training courses afterwards, in the final week of September at a smart purpose-built conference facility on the outskirts of San Francisco airport, not far beyond the boundary fence I think. Standing speakers may need to duck, and shout.
There will be sessions on:
- ISO27k basics
- ISO27k implementation
- ISO27k for cloud security
- Integrating ISO 22301 (business continuity) with ISO27k
- ISO27k metrics …
Walt Williams of Lattice, Richard Wilshire (ISO/IEC JTC1/SC27 project leader for the total revamp of ISO/IEC 27004 on “Monitoring, measurement, analysis and evaluation” – publication imminent), and Jorge Lozano from PwC are all presenting on metrics at the conference, and FWIW me too. I’m hoping to persuade Krag to attend as well.
Aside from the conference sessions, it is lining up to be The Place for security metrics newbies and wise old owls alike to put the world to rights during the coffee breaks, maybe over a meal, and then inevitably at a nearby airport hotel bar until the wee small hours. Should be a hoot.
Join us? Register by Aug 15th for the early-booking rate of $530 for the core conference. Hopefully that leaves enough time to persuade the boss that it will be an invaluable personal development opportunity. Essential. Unmissable.