Topic: Fifty Shades of Risks
Summary: In a day and age when advanced threats and active countermeasures are all the rage, topics such as a risk management may seem boring and pedestrian. However, a mature risk management approach is the bedrock of any effective cyber security program. Reid and Dustin will talk about St. Luke’s journey in establishing and maturing a risk management program.
Presenter: Reid Stephan, CISO, St. Luke’s Health System
Dustin Aldrich, Cyber Security Analyst, St. Luke’s Health System
Mr. Stephan the CISO at St. Luke’s Health System. He has over 16 years of experience in cyber security, including 9 years leading HP’s global corporate IT security incident response program. He has a Bachelor of Management Information Systems from the University of Idaho and an MBA in Technology Management from the University of Phoenix. He is a HealthCare Information Security and Privacy Practitioner (HCISPP), Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), and a Certified Professional in Healthcare Information & Management Systems (CPHIMS). @rtstephan
Topic: Continuous Monitoring to decrease your Mean-Time-To-Detect and Mean-Time-To-Respond
Summary: In this presentation I will address why a prevention-centric approach is insufficient and how and why continuous (machine based analytics) monitoring is essential to decreasing an organizations MTTD and MTTR.
Presenter: Dustin Vaughn | Sr Sales Engineer
Dustin is a dynamic Information Security Professional with 18+ years of experience. Spanning his career, Dustin has demonstrated abilities for working at the design and planning as well as the operational and management level of Information Security. Dustin’s employment experience with companies and organizations such as LogRhythm, Coalfire Systems, CH2M HILL, Alcatel-Lucent, Northrop Grumman, the Department of Homeland Security, as well as the US Air Force has him well versed in both commercial and government information security. In his current position, Dustin is a Sales Engineer with LogRhythm. LogRhythm is a Security Information and Event Management solution that Gartner has identified and placed as a Leader in the SIEM Magic Quadrant for multiple year. Dustin currently holds & maintains multiple GIAC certifications and has been a CISSP since 2005. In addition, Dustin enjoys working as a SANS Mentor instructor because it gives him the opportunity to combine his passions for Information Security and teaching, while working with fellow security practitioners.