The Security Professionals Conference connects information security professionals, security analysts and engineers, IT staff, privacy officers, C-level executives, and others from across the higher education community. It is the premier forum for strengthening the ability of the higher education sector to protect information assets from the changing threat vectors and respond to the ever-increasing compliance requirements imposed on the higher education community. The Security 2011 conference, "Setting a Course for Collaboration and Innovative Solutions," will focus on security topics that span the information assurance measures of people, process, and technology.
I am doubly excited to be presenting at EDUCAUSE's security conference. First, because they gave me a half-day (3.5 hours...better bring coffee!) at this premier event; and more importantly, because it is a chance to meet with a great group of IT and security people from institutions nationwide.
Here's the plan. The session is Seminar 01-P on Monday, April 4. I'll start out exploring the PCI ecosystem including PCI DSS, PA-DSS, and the card brand mandates. This will be a quick intro for some and review for others. I'll also cover some best practices for meeting what I call PCI Requirement 0 (Reducing scope). That will include outsourcing and related topics. I also plan to delve into changes in PCI version 2.0 and especially the new SAQ C-VT, as well as all the SAQs. I'm looking forward to lots of questions: the last time I did this I got to about my third slide before I was slammed with questions and we went off in whatever direction the audience wanted! I sure hope they have a whiteboard or flip chart.
If EDUCAUSE is in your plans, I hope you will register for my Monday afternoon seminar. Even if you don't like PCI, it's a chance to get to San Antonio a little early and enjoy that beautiful city a bit longer.
No comments:
Post a Comment