Data-centric security and Security Requirements in Software Development Lifecycle

May 30, 2018
5:30 PM - 8:30 PM

Ottawa Police Association - Russell's Lounge
141 Catherine Street
Ottawa, ON K2P 1C3
Venue website

Our May 2018 chapter meeting will be sponsored by VARONIS. Come out and join us for our informative presentations and great networking with your coworkers, colleagues and friends! This month’s event will be preceded by the Chapter’s Annual General Meeting (AGM). The AGM is our opportunity to establish a strong Chapter Board of Officers and Directors. Your support is essential to make this happen. All members in good standing will be eligible to vote once for each position. If you would like to volunteer or nominate someone, please send an e-mail to info@issa-ottawa.ca.

IMPORTANT: Please note that this month's event will exceptionally be held on Wednesday, May 30th from 5:30 pm to 8:30 pm at the OTTAWA POLICE ASSOCIATION.

Parking:  The Ottawa Police Association provides complimentary parking to attendees.  Please park in the paid lot opposite the OPA on the south side of Catherine St., and validate your parking ticket at the bar prior to leaving at the end of the evening.

May Event's sponsor  is our event sponsor

Michael Dybala

Turtles, Trust and The Future of Cybersecurity

CISSP DOMAINS: SECURITY RISK MANAGEMENT, SECURITY OPERATIONS

Faith in our institutions is collapsing, and GDPR is at the door. What would cybersecurity look like if we started from scratch, right now, in our hybrid, interdependent world? It would focus relentlessly on data. Learn how a data-centric security approach can reduce risk, increase efficiency and re-engineer trust in a society where faith has been shaken by unstoppable breaches.

Michael Dybala

Bio

Michael Dybala is a Systems Engineer currently working for Varonis Systems, Inc. He began his IT career in 1998 doing front line tech support for dialup Internet users. He quickly progressed to second level support and then supervisor of the call center. After 7 years in the call center business, Michael packed up, left Ottawa and moved to Montreal for a career centered around helping IT administrators. For over 9 years he provided post and pre-sales technical support for the email community, focusing on security, archiving, storage and migrations. Michael now helps customers understand the risks surrounding access, governance and security of their organization's infrastructure.




Daniel Kefer & Rene Reuter

APPLICATION SECURITY: HOW TO WIN FRIENDS AND INFLUENCE PEOPLE

CISSP DOMAIN:SOFTWARE DEVELOPMENT SECURITY

The bigger the company you're working in, the more technologies and methodologies used by development teams you are going to face. At the same time, you want to address security risks in an appropriate, reliable and traceable way for all of them. After a short introduction of a unified process for handling security requirements in a large company, the main part of the talk is going to focus on a tool called SecurityRAT which we developed in order to support and accelerate this process. The goal of the tool is first to provide a list of relevant security requirements according to properties of the developed software (e.g. type of software, criticality), and afterwards to handle these in a mostly automated way - integration with an issue tracker being used as a core feature. Work in progress (currently targeting mainly integration to other systems, automated testing of requirements and reporting) as well as future plans will form the last part of the talk.

Daniel KeferBio

Daniel Kefer 1&1 Mail & Media Development & Techhnology GmbH Head of Application Security Daniel Kefer has been working in the application security field since 2007. Having started as a penetration tester, he soon became passionate about proactive security efforts and working closely with developers. Since 2011 he has been working for 1&1 where he currently leads an internal application security team supporting development teams with security challenges of their work. With OWASP, he leads the SecurityRAT project and contributes to the SAMM project. Rene Reuter Robert Bosch GmbH IT Security Consultant René Reuter is a security engineer with over 6 years of experience in the application security field. At Robert Bosch GmbH, he works as an IT Security Consultant responsible for identifying vulnerabilities and design flaws that may impact Robert Boschs' applications and infrastructure. René holds a Master's Degree in Computer Science from the University of Applied Sciences Karlsruhe.

Rene ReuterBio

Rene Reuter Robert Bosch GmbH IT Security Consultant René Reuter is a security engineer with over 6 years of experience in the application security field. At Robert Bosch GmbH, he works as an IT Security Consultant responsible for identifying vulnerabilities and design flaws that may impact Robert Boschs' applications and infrastructure. René holds a Master's Degree in Computer Science from the University of Applied Sciences Karlsruhe.


Agenda

5:30 pm - Doors open for check-in/ Networking
6:00 pm - Dinner / Annual General Meeting (AGM)
6:30 pm - Daniel Cybulskie
7:30 pm – Daniel Kefer & Rene Reuter
8:30 pm – End of the event

 

NOTES

  • All successful registrations will result in a confirmation screen and followed by a confirmation e-mail from ISSA Ottawa.  If a confirmation e-mail is NOT received, please contact registration@issa-ottawa.ca
  •   (when you pay online, don't forget to click on the "Return to Merchant" buton at the bottom, at the completion of the PayPal process)  
  • Only online registrations and payments will be accepted.

 

  • Member registration - for ISSA members only - please login in order to register with the ISSA Member discount
  • Non-member registration - please use the CONTINUE AS GUEST link to register
  • Please note that due to the cost of pre-ordering meals, we request a minimum of 72 hours notice for cancellation prior to the event.
  • We cannot guarantee meals for registrations at the door or within 72 hours of the event.
  • We use PayPal: fast, easy and secure
  • CPE points can be recorded for attending, according to the relevant certification guidelines for CPE reporting

 

Tickets

$30.00 ISSA Member

$20.00 Student Member Ticket (must present Student card at check-in desk for validation)

$40.00 Non-ISSA Members

$25.00 Non-Member Student ticket (must present Student card at check-in desk for validation)

$30.00 Members from ASIS

$30.00 Members from DRIE

$120.00 Non-ISSA Member - 4 for 3 bundle