The Governor's Office of Information Technology's Office of Information Security (OIS) is an innovative leader in continuing professional development program such as the CISO Lecture Series which was established in August 2007 as a means of exposing state and local IT professionals to some of the best and brightest individuals in the industry.
Each guest speaker is hand selected by the CISO himself for qualification, competency, and subject matter expertise. Invited speakers and workshops involve a wide range of discussions on cutting-edge topics such as computer forensics, botnets and bot-hunting, "Google" hacking, and more.
The CISO Lecture Series seeks to articulate the importance of continuing education in the IT and information security field, at the same time fostering local relationships among the IT community.
Running a security program in today's current economic condition can be challenging but doable. This lecture series will provide in-depth and practical security solutions that can be applied in any environment with little or no budget.
Location: State of Colorado EOC/MACC
Address: 9195 East Mineral Avenue, Centennial CO 80112
Directions: Exit I-25 at Dry Creek. Head West. First Light is Chester. Take Chester South (Left). Mineral is at the top of the hill. Turn West on Mineral, not at the United Launch Alliance sign. The buildings obvious name is South Metro Fire Rescue Headquarters.
Registration: Email CISO@state.co.us
12:00pm - 1:00pm
Don Bailey - iSEC Partners, Inc.
"Cost Effective Risk Management"
Don Bailey is a security consultant with iSEC Partners, Inc. Don has found and exploited unknown vulnerabilities in both userland and kernel code on many popular computing platforms including Mac OSX, Linux, FreeBSD, and OpenBSD. He also has a strong background in network protocol analysis and root-kit design and detection. Don's prior work includes threat assessment for a wide range of clients, including the financial sector, government sector, and Fortune 500 companies. Mr. Bailey has previously spoken at several national and international security conferences on various topics such as zero-day development, root-kit design, NULL pointer dereferences, and DECT security.
1:00pm - 2:00pm
Richard Fifarek - SANS Institute
"Advanced Intrusion Detection"
Richard Fifarek has 10+ years experience focusing on security, systems and network administration. He has worked in small start-ups, academia, and large federal organizations ranging from UNIX/Linux systems administration to IT Systems Security Officer. He currently works as a Sr. Systems Administrator for the SANS Institute. Richard holds multiple GIAC Certifications, and teaches for the SANS Institute at the Community and Mentor level.
2:00pm - 3:00pm
Patrick Gray - Chief Security Strategist, Cisco Systems
"Data Security Challenges in the All Too Public and Not So Private Sectors"
Patrick Gray joined Cisco Systems after serving as the Director of X-Force Operations, Office of the Chief Technology Officer, Internet Security Systems, Inc. (ISS). Gray also comes to Cisco Systems after twenty years of service with the Federal Bureau of Investigation. Upon his retirement from the FBI in November 2001, he joined Internet Security Systems and created the X-Force Internet Threat Intelligence Center and thereafter was Director of the Penetration Testing and Emergency Response Teams until his promotion to the X-Force R & D Team. As a result of his service with the FBI, and the Internet Threat Intelligence Center, he has first-hand knowledge of the hacking community, its aims and methodologies as they attack government, ecommerce, energy and financial entities relentlessly.
3:00pm - 4:00pm
Stuart McClure - Senior Vice President (SVP), McAfee/Foundstone
Stuart McClure is VP of Operations and Strategy for the Risk and Compliance Business Unit at McAfee. Mr. McClure is responsible for overall business operations and strategy for the BU. Prior to McAfee, McClure held positions as Executive Director of Security Services for Kaiser Permanente, a $34B Healthcare organization, was SVP of Global Threats and Research, AVERT for McAfee where he led an elite global security threats team, and was Founder, President and Chief Technology Officer of Foundstone, a product and consulting company empowering US government agencies and Global 500’s to continuously and measurably manage and mitigate risk. Before Foundstone Mr. McClure helped establish and run the Ernst & Young National Computer Security Practice. Prior to Ernst & Young, Mr. McClure helped run the test labs at InfoWorld Test Center, performing hundreds of product reviews, comparisons, and analyses. Prior to InfoWorld, Mr. McClure was Dir. of IT for state and local government in the US.