27k:
Security Summit for the Americas will cover security metrics in the
context of the ISO/IEC 27000 Information Security Management Sytems standards.
It's a
2-day conference plus optional workshops the day before and training courses
afterwards, in the final week of September at a smart purpose-built conference facility on
the outskirts of San Francisco airport, not far beyond the boundary fence I
think. Standing speakers may need to duck, and shout.
There will be sessions on:
- ISO27k basics
- ISO27k implementation
- ISO27k for cloud security
- Integrating ISO 22301 (business continuity) with ISO27k
- ISO27k metrics …
and
more.
Walt
Williams of Lattice, Richard Wilshire (ISO/IEC JTC1/SC27 project leader
for the total revamp of ISO/IEC
27004 on “Monitoring, measurement, analysis and evaluation” – publication
imminent), and Jorge Lozano from PwC are all presenting on metrics at the
conference, and FWIW me too. I’m hoping to persuade Krag to attend as well.
Aside
from the conference sessions, it is lining up to be The Place for security
metrics newbies and wise old owls alike to put the world to rights during the coffee
breaks, maybe over a meal, and then inevitably at a nearby airport hotel bar
until the wee small hours. Should be a hoot.
Join
us? Register by Aug 15th
for the early-booking rate of $530 for the core conference. Hopefully
that leaves enough time to persuade the boss that it will be an invaluable
personal development opportunity. Essential. Unmissable.
Priceless.
