InterSec 2009 - Indianhead Region

Ken Shaurette

Ken has a strong understanding of complex computing environments and the appropriate solutions to comply with legislative and regulatory requirements. He is a founding member and past President of the Western Wisconsin Chapter of InfraGard, is a past President and Vice President of ISSA-Milwaukee Chapter (International Systems Security Association), current President and a founding member of ISSA-Madison Chapter. He is a past chairman for Milwaukee Area Technical College's Security Specialist Curriculum Advisory Committee, is an active committee member on Herzing College Madison's Department of Homeland Security Degree Program, a member of the Western Wisconsin Association of Computer Crime Investigators (WWACCI), a former chairman of the HIPAA-COW (Collaborative of Wisconsin) Technical Security Workgroup and a past co-chair of the Wisconsin InfraGard KIS (Kids Improving Security) Poster Contest.

Ken is a frequent writer of information security articles including chapters in the Handbook of Information Security Management (2001-2007), 2006 HIPAA Program Reference Handbook and contributor of content and editor for other authors, including working on the editorial board of EDPACS. Ken has information published in several books and trade magazines. In his spare time he finds time to work as Director IT Services for Financial Institution Products Corporation (FIPCO®) a subsidiary of the Wisconsin Bankers Association.

Presentation: A Practical and Effective Approach to Risk Assessment

In theory, Risk Assessment should be easy. Identify critical assets, consider potential risks and evaluate mitigating factors.

In practice, many institutions struggle with the basic terms and concepts. For those who master the concepts, the “exponentially increasing complexity” of risk assessment efforts can quickly overwhelm organizations of every size.

A significant threat in many organizations today is the inability to easily access the key information necessary to make critical decisions in a timely manner.

This presentation will provide a practical and effective approach to tackling the difficult task of assessing risk. A form of this presentation has been delivered the past two years at the FFIEC Technology Conference to bank examiners.