About Us | Contact Us
View Cart

Spring Talks by Dan!

By Dan Hadaway | Thursday, April 29, 2010 - Leave a Comment

Okay, it’s that time when I am supposed to be posting my weekly “Dan’s New Leaf” post and guess what?  You guessed it, I’m coming up blank again.  These new leaves are hard to turn over!

So I’m going to cheat a little (again) and remind everybody of four “talks” I’m going to be giving this spring (besides awareness training for clients which I can’t list due to nondisclosure agreements and such.)  Boy . . . . . I find myself giving workshops and talks and speeches and such on such a regular basis now that they don’t even phase me.  It’s just part of the job.  As anyone who knows me knows, I like to talk.

So hey . . . . I like my job!!

First of all, there’s the Vendor Management Workshop coming up at the Indiana Bankers Association on May 6th.  This is going to be an excellent workshop.  It’s the third or fourth time I’ve actually delivered this workshop.  I can’t remember . . . . like I said, they’re all starting to blend together.  But even if you’ve been to one of my previous vendor management workshops, you should still come to this one because we’ve updated our tools, simplified the “threshold risk assessment,” and we will also have sample risk assessments based on vendor type.   So hurry up and sign up, it’s next Thursday!!!

Now you might be thinking, “of course you are going to write that it’s good, you’re going to deliver it.”  So let me lend some credibility to that statement.   My next talk, scheduled for the Operations and Technology Track at the Megaconference is, quite frankly, scaring the heck out of me.  I’m worried it won’t be good enough!

First, the Megaconference is one of the best educational conferences in banking.  Period.  I don’t make this claim lightly.  I’ve seen this in my own meanderings around the bank conference world.  But I’ve also heard this from vendors that go to conferences all over the country.  And I’ve heard this from OCC banks (meaning they usually have branches in many different states.)  I’ve even heard this from other bank associations.

What this means is that I need to be good.  Strike that, it means I need to be DARN GOOD.  Usually I can just show up and follow the slide show.  But for the Megaconference, I actually need to prepare!  I’m already working it up and it isn’t until May 25th!

Second, I get to follow Jimmy Sawyers. Lucky me!!  This guy is an amazing speaker, and I’d really rather not follow an amazing speaker! It’s like the IT Security Conference last year, when I got to follow Lee Wetherington.  Wow! How do you tell a joke after Lee?

Think of it this way.  When I say, “Ben Stiller,” you probably think “now there’s a funny guy!”  Wouldn’t you love seeing Ben Stiller do a little stand-up comedy?  Of course!  Now . . . . . . put him right after Robin Williams.  Not so funny any more!

Third, I volunteered to do a topic that is just plain scary in itself.  If you’ve already clicked on the link I so carefully opened in a blank window for you, you already know what I mean.  But for those of you who read past that without clicking on the link, I’ll put my topic description right here:

Three “New” Technology Trends and How to Decide If/When They Are for You!

Some of us remember when authors predicted a “brave new world” in just a few short decades. Now we struggle to forecast the next few months! While envisioning the future will not formulate sound banking strategy, knowing where things are heading can help align that strategy with the adoption of “new” technologies. Viewing three of the “newest” technology trends, we will explore ways to determine if, when and how to introduce technology. CE Credit Approved: 1.25 CSOP

Now, how I am going to choose from the myriad of strange new cool wonderful weird risky and downright irritating “newest technology trends?”  Three?  Where did I come up with that number?  (Actually, I didn’t.   That was decided by the IBA right after I said “sure, I can do that.”)

Let me finish up on this particular talk by invoking the words my oldest daughter often uses:  “So, yeah. ”

The next talk, coming up on June 29th, is going to be a blast! I’m really looking forward to it.

For one, I’m already having fun, because I know we’ve already checked to make sure that it is indeed on June 29th.  That’s because I had it on the wrong date on my calendar for some reason.  Fortunately Laurie Rees is thorough because I had that wrong date in the rough draft workshop invitation I submitted back when we first started advertising the conference.  But then, after someone pointed out it was on the wrong date, I got distracted again because about a week later, in a meeting, she noticed that I still had it down on the wrong date in my calendar!

“So yeah.”

Secondly, it’s about Managing Information Technology Risk.  Well, actually, it’s about performing the annual GLBA Risk Assessment.  But anything related to managing IT risk is right up my ally.  It’s what I live and breath, and have been living and breathing since about 1985, when my company back then bought their first “AT&T Unix Machine,” that we never used.  Nothing exposes us to more risk than technology.  Well, I suppose there are some things more risky, like sky-diving or something.  But if not for the technology called “air travel” we wouldn’t be jumping out of planes.

Anyway . . . . the point is . . . . my mission is helping people protect themselves from the risks of technology.  You know how it is.  If you have a mission in life, teaching that mission to people is just downright fun.

Meanwhile, I’m really looking forward to preparing for it.  I’ve purposefully delayed updating the infotex risk assessment by two months so I could perform a risk assessment on my own company in preparation of this workshop.  The only downfall with this strategy is this:  I hope that the compliance risk I am taking in delaying the risk assessment will be okay with the FDIC and OTS when they come in to exam us in August.  See, if you attend my workshop, you’ll realize that quite a few items on the Information Technology Governance Strategy calendar have to wait until the risk assessment has been completed.  So what that means is that I’ll be finishing up on a lot of items in July, whereas last year we finished those items in May.  But I’m taking that compliance risk, because I firmly believe that combining the infotex risk assessment with the creation of the IBA Risk Assessment Workshop will deliver a better product on both fronts.

Finally, it’s going to be fun because I’ve already thought of several different humorous stories to sprinkle throughout the risk assessment.  No, I won’t be doing a strip tease at this workshop (which I have been known to do at times.)  But I will make it interesting.

I don’t have a link to the final talk, but it will be the most important talk of the spring.  It will be taking place sometime after Mother’s Day and before we drive my daughter Dani to the airport on May 16th.  See, my daughter is going to spend the summer in Los Angeles.  She’s doing an internship there . . . . translating Japanese books into English.

As you have just read, my mission in life is managing IT risk.  But right now my thinking is that there is one thing more risky in this world than Technology . . . . . and that one thing is Los Angeles!!

So yeah.

Related Articles
Latest News
    The Four Basic Truths of System Security Webinar-Video The last thirty years have seen an evolution of frameworks, laws, and assessment approaches to information security which can intimidate the management team with their complexity. This webinar will discuss the four basic truths of system security regardless of frameworks or approach, and eight control systems to […]
    Community Banking and their layers of security. . . Michael Hartke’s first post as Executive Vice President! Thinking back to my first talk to security professionals in community banking almost 10 years ago, the question continues to this day. First some background… infotex was moderating the Indiana Bankers Association Security Conference when one of the […]
    Reasons why we should be considered! infotex provides a number of services that can be checked out if you click over to offerings.infotex.com! We even made a movie with all the reasons why infotex should be your next MSOC!  
    infotex and GoTo To all infotex managed security service Clients: As recently reported by major news outlets there was a data breach affecting GoTo (formerly LogMeIn) wherein attackers stole encrypted backups containing customer information in November 2022.  Based on the advisory from GoTo the products they offer that are affected include LogMeIn Pro, LogMeIn Central, […]
    An option for increasing security for ALL organizations. . . The threat landscape is evolving daily, and it is becoming increasingly difficult for even large organizations providing cyber defense services to keep up. As Brandao (2021) notes, it is important for organizations to adapt holistic technologies that can correlate all attack events. Therefore, developing XDR […]
    Another awareness poster for YOUR customers (and users).  Now that we have our own employees aware, maybe it’s time to start posting content for our customers! Check out posters.infotex.com for the whole collection! Download the large versions here: Awareness Poster (Portrait) Awareness Poster (Landscape) You are welcome to print out and distribute this around your […]
    A relic of the internet’s less secure past, many small firms struggle to secure their email systems… An article review. With a great deal of cybersecurity related news focused on new threats and similarly new techniques aimed at combating them, it can be easy to forget some of the older threats that have never gone […]
    Seven Trends . . . …that small bank Information Security Officers face in 2023 Another one of those Dan’s New Leaf Posts, meant to inspire thought about IT Governance . . . . Welcome to the Magnificent Seven, my annual predictive article about the seven trends in technology that will impact the Information Security Officers of […]
    System Security and Cybersecurity are not the same thing. . . Another one of those Dan’s New Leaf Posts, meant to inspire thought about IT Governance . . . . Regarding “information security,” the last thirty years have seen an evolution of frameworks, laws, and assessment approaches which intimidate the management team with their complexity.  […]
    The cryptographic algorithm is vulnerable to attack and is no longer considered secure… An article review. NIST has announced that it plans to retire the SHA-1 cryptographic algorithm by the end of 2030, citing multiple vulnerabilities in the standard, effectively ending its use after nearly 30 years.  Introduced in 1995, SHA-1 used a 160-bit hash […]