ISO27k conference in San Francisco, end of Sept
27k: Security Summit for the Americas will cover security metrics in the context of the ISO/IEC 27000 Information Security Management Sytems standards.
It's a 2-day conference plus optional workshops the day before and training courses afterwards, in the final week of September at a smart purpose-built conference facility on the outskirts of San Francisco airport, not far beyond the boundary fence I think. Standing speakers may need to duck, and shout.
There will be sessions on:
- ISO27k basics
- ISO27k implementation
- ISO27k for cloud security
- Integrating ISO 22301 (business continuity) with ISO27k
- ISO27k metrics …
and more.
Walt Williams of Lattice, Richard Wilshire (ISO/IEC JTC1/SC27 project leader for the total revamp of ISO/IEC 27004 on “Monitoring, measurement, analysis and evaluation”), and Jorge Lozano from PwC are all presenting on metrics at the conference, and FWIW me too. I’m hoping to persuade Krag Brotby to attend as well.
Aside from the conference sessions, it is lining up to be The Place for security metrics newbies and wise old owls alike to put the world to rights during the coffee breaks, maybe over a meal, and then inevitably at a nearby airport hotel bar until the wee small hours. Should be a hoot.