Thursday, June 24, 2010
Health information in Alberta is protected by legislation, in particular the Health Information Act. But what does HIA actually do to protect your health information? And in a publicly funded health care system, is compliance with HIA just window dressing and a series of compliance checkboxes that the bureaucrats fill in while providing no real security to Albertans and their health information?
Alberta Health Services is the public body responsible for administering and operating the largest component of the public health care system in Alberta and as such, is the largest custodian of health information in the province and likely in Canada. AHS has a multi-billion dollar budget, in excess of 80,000 employees, over 2,500 enterprise applications, 100+ physical locations and an IT staff of over 1,100 people. It is the largest health care organization in Canada, the largest employer in Alberta, the fourth largest employer in Canada, and is the result of the most complex merger in Canadian history. In addition, on the surface, it might appear that managing and protecting health information is no different than managing and protecting any other information, but the degree of partnerships, collaboration and research in the health sector make the clichéd “vanishing perimeter” seem trite. An organization with such a scope and organizational complexity will no doubt cause inherent issues in how to manage and protect health information; however, the sheer scope of such an organization also creates numerous opportunities by providing a critical mass of talent and resources to tackle the very issues that smaller organizations might not be able to.
Robert Martin, P.Eng., is the Executive Director of Security and Compliance in the Information Technology division of Alberta Health Services. His talk will highlight some of the challenges his team has faced in the 18 months since being formed. In addition, he will discuss the formation of the multi-year, multi-million dollar AHSecure Program, plus the pain of “doing the right thing” and public notification.
Please arrive early enough (11:30) to get lunch and be seated by 11:45.
Thanks to Brookfield Properties for the meeting room!
SPIE members, for convenient entry please remember to bring your SPIE member card. Non members pay $15 at the door by cash or cheque payable to SPIE. Receipts will be issued. Sorry, no credit or debit cards.
Monday, June 21, 2010
When: June 21, 2010
Where: Sheraton Suites Calgary Eau Claire, Calgary
Details: http://www.priv.gc.ca/resource/consultations/index_e.cfm
Wednesday, June 09, 2010
WedgeBreakfastSeminar_June9
When: June 9, 2010 7:30 - 9:00 AM
Where:
Wedge Networks Inc.
238, 35536 31Street NW
Calgary, Alberta, Canada
T2L 2K7
Start: Wednesday, June 09, 2010End: Friday, June 11, 2010
When: June 9 - 11
Where: Edmonton Marriott at River Cree Resort
Thursday, May 27, 2010
Due to the Tri-lateral conference, there will not be a lunch time meeting for SPIE on thursday May 27, 2010.
Thursday, April 29, 2010
When: 11.30 h - 13.00 h
Where: Fifth Avenue Place; West Tower, +15 Conference Room
Information can be highly mobile, even if it is not being sent between two parties. One of the most obvious examples is your laptop that travels with you, or is left in a car or hotel room, and is stolen for the worst reasons. Today most businesses buy more laptops than desktops and the information stored is increasingly more vulnerable. To lose a laptop can be devastating for any organization or individual unless the data is properly secured. Having the information encrypted at all times mitigates these risks, but at what cost? Full disk encryption (FDE) provides protection for when a laptop is sold, exchanged, gifted, stolen or just at the end of its life cycle.
In North American, legislation continues to emerge that requires strict internal control and auditing of financial information to defend proactively against fraud. The question now is not whether my company encrypts data, but how and at what cost? .Alertsec Xpress is a software as a service that make FDE available to almost any company, even those with minimum technology resources. We will discuss how this technology has emerged and what we envision the future to be.
Terry Shofner, VP North American Sales for .Alertsec Xpress, holds a Bachelor of Science degree in Engineering in Industrial Technology from Tennessee Technological University. Prior to joining Alertsec, Terry held a key executive management role with Pointsec Mobile Technology and was instrumental in increasing market share and profitability in the North American security software marketplace. Terry is based in the United States and resides in Colorado.
Please arrive early enough (11:30) to get lunch and be seated by 11:45.
Thanks to .Alertsec Xpress for sponsoring lunch and Brookfield Properties for the room!
SPIE members, for convenient entry please remember to bring your SPIE member card. Non members pay $15 at the door by cash or cheque payable to SPIE. Receipts will be issued. Sorry, no credit or debit cards.
Tuesday, April 20, 2010
When: 10:30AM
Where: AXIA Boardroom (33rd floor, 450-1 Street)
Calgary, AB … Calgarians are among some of the most generous people, contributing millions of dollars in local and international aid to victims of natural or man-made disasters. Unfortunately, many of these good Samaritans can in turn become a victim themselves – of disaster fraud. On April 20th at 10:30 AM in the AXIA Boardroom (33rd floor, 450-1 Street) members of the Security Professionals Information Exchange (SPIE) will demonstrate safe donation practices.TEST
“Disaster fraud and cons can take many forms. Solicitations can originate from e-mails, websites, door-to-door collections, mailings and telephone calls.” Dan Chervenka, SPIE President, explains. “As an organization whose mission it is to promote security, we felt it was prudent to remind the public of these risks. Especially in the wake of the recent Millrise condo fire and Haitian relief efforts. By showcasing through a donation of our own, we can identify what to look for in secure sites, appropriate logos and phishing emails.”
The kinds of things SPIE will be considering before making a donation of any kind:
- Do not respond to unsolicited (spam) incoming e-mails, including clicking links contained within those messages.
- Beware of organizations with copy-cat names similar to but not exactly the same as those of reputable charities.
- Be cautious of e-mails that claim to show pictures of the disaster areas in attached files because the files may contain viruses. Only open attachments from known senders.
- Do not give your personal or financial information to anyone who solicits contributions. Providing such information may compromise your identity and make you vulnerable to identity theft.
- Avoid cash donations if possible. Pay by debit or credit card, or write a check directly to the charity. Do not make checks payable to individuals.
Source: National Center for Disaster Fraud
SPIE is a Calgary nonprofit created to improve access to information for local security professionals plus to educate the public on how to be secure in the information age. For more information on SPIE, visit www.spie.ca.
Media Contact:
Shawna Ogston, Publicity Consultant, Direct: 403-870-2009
Thursday, March 25, 2010
When: 2010-Mar-25, 11.30 h - 13.00 h
Where: Fifth Avenue Place; West Tower,+15 Conference Room
During the week of March 22 Mr. Luallen will be teaching the SANS, SECURITY 617 course, "Wireless Ethical Hacking, Penetration Testing, and Defenses". He will present to SPIE on
(1) Understanding Cyber Assets in Critical Infrastructure (CI)
(2) Example CI Cyber Incidents
(3) Continued Cyber Threats and Vulnerabilities
(4) Responding to Events of Interest (Incident Handling)
Matthew E. Luallen is a well-respected information professional, researcher, instructor and author. Mr. Luallen serves as the President and Principal Consultant of Sph3r3, LLC., a strategic and practical educational and consulting company. With Sph3r3 Mr. Luallen consults with both governmental and commercial sectors including a multi-client base of corporations, public utilities, financial institutions, law enforcement and healthcare organizations. He has provided assistance and architectural support for many information security projects including integrating compliance requirements associated with SOX, HIPAA and the NERC CIP standard. Recent endeavors include architecting and integrating protective controls for financial market transactions, virtualized environments and SCADA systems. Prior to incorporating Sph3r3, Mr. Luallen provided strategic guidance for Argonne National Laboratory, U.S. Department of Energy, within the Information Architecture and Cyber Security Program Office. In an effort to promote education and collaboration in information security Mr. Luallen is an instructor and faculty at several institutions. Mr. Luallen is adjunct faculty for DePaul University instructing the Computer Information and Network Security Masters degree capstone course. He is also a certified instructor and CCIE for Cisco Systems instructing security technologies such as firewalls, intrusion prevention, virtual private networks and general secure information architecture. As a certified instructor for the SANS Institute Mr. Luallen teaches infrastructure architecture, wireless security, web application security, regulatory and standards compliance, and security essentials. Mr. Luallen is a graduate of National Technological University with a Master's Degree in Computer Science, Mr. Luallen also holds a Bachelor of Science degree in Industrial Engineering from the University of Illinois, Urbana.
Please arrive early enough (11:30) to get lunch and be seated by 11:45.
Thanks to SANS for sponsoring lunch and Brookfield Properties for the room!
SPIE members, for convenient sign in please remember to bring your SPIE member card. Non members pay $15 at the door by cash or cheque payable to SPIE. Receipts will be issued. Sorry, no credit or debit cards.
Register by email to meetings@spie.ca (website registration available soon)
Thursday, February 25, 2010
When: 25.02.2010 - 25.02.2010 11.30 h - 13.00 h
Where: Fifth Avenue Place; West Tower,+15 Conference Room
Most people will look at you blankly if you ask them about Zigbee or DECT, but these technologies are already rolled into our consumer electronics and enterprise systems. We'll explore what these 2 new wireless technologies are, how they work, and where you'll find them. We'll cover the state of security for these technologies, and what you should be worried about when implementing these at home or at work. Wireless goes beyond the walls of your home and business; make sure you know what you're exposing to your neighbors.
Paul Brodeur is a founder of Protospace, Calgary's first hackerspace. Paul had found that the hacker community in Calgary had grown somewhat stagnant and scattered, and envisioned a place where the community could gather likeminded individuals together, work on shared projects, and teach or learn skills. Driven by a passion for community, he traveled the world visiting existing hackerspaces to learn what he could by participating in their culture. His efforts paid off early this year when Paul and a small group opened the doors of Protospace. Since opening, Protospace has grown its membership and hosted several open house nights and social events, including a group trip to Toorcamp, hosted in an abandoned missile silo in a desert in Washington State. Paul's current focus includes educational nights where the general public is invited to the space to learn, and the acquisition of an open source 3D printer for the space. When not at Protospace, Paul is the Information Security Officer for iStockphoto.com.
Thursday, February 11, 2010
There is limited space available at this great networking event so reserve your spot now at Belgo Brasserie, 501 - 8TH Ave SW. We encourage you to attend to expand your professional network and to enjoy the company of your peers.
Savoury hors d'oeuvres and soft drinks will be served and there will be a cash bar. This is a members-only event and registration is required. The RSVP deadline is February 8 at noon. If you reserve a spot and can’t make it, please let us know so that we can provide this opportunity to others.
ISACA and SPIE remind you to please drink responsibly. Thank you for your interest in this event. We look forward to seeing you on February 11!
Thursday, January 28, 2010
Oil and Gas is one of the most important components of the Canadian economy, mainly due to Albertan Oil Sands. Per capita energy consumption in Canada is among the highest in the world. Therefore security of the Canadian Oil and Gas industry is of paramount importance. In the last couple of decades, Information Technology has advanced in leaps and bounds. This technological advancement not only introduced a lot of sophistication and convenience to the end-users, but also equipped unscrupulous users with sophisticated weapons to carry out their evil designs. In this talk we will discuss some of the essential elements in the defense strategy of information assets of the Oil and Gas industry.
Pradeep Kumar Mishra , CISSP, received his education (M Sc in Maths, M Tech and Ph D in Computer Science) from prestigious universities in India. In 2004 he was invited by the Center for Information Security and Cryptography, University of Calgary, to a Post Doctoral Fellowship. His research interests include efficient and secure implementation of elliptic and hyperelliptic curve cryptography, network security and side-channel attacks. He has authored several papers in these areas in prestigious international conferences and journals. After 3 years of post doctoral research at the University of Calgary and University of Waterloo, he is currently working on various aspects of the information security needs of multinational Oil and Gas Companies operating in Alberta.
|
