About Us | Contact Us
View Cart

Spring Talks by Dan!

By Dan Hadaway | Thursday, April 29, 2010 - Leave a Comment

Okay, it’s that time when I am supposed to be posting my weekly “Dan’s New Leaf” post and guess what?  You guessed it, I’m coming up blank again.  These new leaves are hard to turn over!

So I’m going to cheat a little (again) and remind everybody of four “talks” I’m going to be giving this spring (besides awareness training for clients which I can’t list due to nondisclosure agreements and such.)  Boy . . . . . I find myself giving workshops and talks and speeches and such on such a regular basis now that they don’t even phase me.  It’s just part of the job.  As anyone who knows me knows, I like to talk.

So hey . . . . I like my job!!

First of all, there’s the Vendor Management Workshop coming up at the Indiana Bankers Association on May 6th.  This is going to be an excellent workshop.  It’s the third or fourth time I’ve actually delivered this workshop.  I can’t remember . . . . like I said, they’re all starting to blend together.  But even if you’ve been to one of my previous vendor management workshops, you should still come to this one because we’ve updated our tools, simplified the “threshold risk assessment,” and we will also have sample risk assessments based on vendor type.   So hurry up and sign up, it’s next Thursday!!!

Now you might be thinking, “of course you are going to write that it’s good, you’re going to deliver it.”  So let me lend some credibility to that statement.   My next talk, scheduled for the Operations and Technology Track at the Megaconference is, quite frankly, scaring the heck out of me.  I’m worried it won’t be good enough!

First, the Megaconference is one of the best educational conferences in banking.  Period.  I don’t make this claim lightly.  I’ve seen this in my own meanderings around the bank conference world.  But I’ve also heard this from vendors that go to conferences all over the country.  And I’ve heard this from OCC banks (meaning they usually have branches in many different states.)  I’ve even heard this from other bank associations.

What this means is that I need to be good.  Strike that, it means I need to be DARN GOOD.  Usually I can just show up and follow the slide show.  But for the Megaconference, I actually need to prepare!  I’m already working it up and it isn’t until May 25th!

Second, I get to follow Jimmy Sawyers. Lucky me!!  This guy is an amazing speaker, and I’d really rather not follow an amazing speaker! It’s like the IT Security Conference last year, when I got to follow Lee Wetherington.  Wow! How do you tell a joke after Lee?

Think of it this way.  When I say, “Ben Stiller,” you probably think “now there’s a funny guy!”  Wouldn’t you love seeing Ben Stiller do a little stand-up comedy?  Of course!  Now . . . . . . put him right after Robin Williams.  Not so funny any more!

Third, I volunteered to do a topic that is just plain scary in itself.  If you’ve already clicked on the link I so carefully opened in a blank window for you, you already know what I mean.  But for those of you who read past that without clicking on the link, I’ll put my topic description right here:

Three “New” Technology Trends and How to Decide If/When They Are for You!

Some of us remember when authors predicted a “brave new world” in just a few short decades. Now we struggle to forecast the next few months! While envisioning the future will not formulate sound banking strategy, knowing where things are heading can help align that strategy with the adoption of “new” technologies. Viewing three of the “newest” technology trends, we will explore ways to determine if, when and how to introduce technology. CE Credit Approved: 1.25 CSOP

Now, how I am going to choose from the myriad of strange new cool wonderful weird risky and downright irritating “newest technology trends?”  Three?  Where did I come up with that number?  (Actually, I didn’t.   That was decided by the IBA right after I said “sure, I can do that.”)

Let me finish up on this particular talk by invoking the words my oldest daughter often uses:  “So, yeah. ”

The next talk, coming up on June 29th, is going to be a blast! I’m really looking forward to it.

For one, I’m already having fun, because I know we’ve already checked to make sure that it is indeed on June 29th.  That’s because I had it on the wrong date on my calendar for some reason.  Fortunately Laurie Rees is thorough because I had that wrong date in the rough draft workshop invitation I submitted back when we first started advertising the conference.  But then, after someone pointed out it was on the wrong date, I got distracted again because about a week later, in a meeting, she noticed that I still had it down on the wrong date in my calendar!

“So yeah.”

Secondly, it’s about Managing Information Technology Risk.  Well, actually, it’s about performing the annual GLBA Risk Assessment.  But anything related to managing IT risk is right up my ally.  It’s what I live and breath, and have been living and breathing since about 1985, when my company back then bought their first “AT&T Unix Machine,” that we never used.  Nothing exposes us to more risk than technology.  Well, I suppose there are some things more risky, like sky-diving or something.  But if not for the technology called “air travel” we wouldn’t be jumping out of planes.

Anyway . . . . the point is . . . . my mission is helping people protect themselves from the risks of technology.  You know how it is.  If you have a mission in life, teaching that mission to people is just downright fun.

Meanwhile, I’m really looking forward to preparing for it.  I’ve purposefully delayed updating the infotex risk assessment by two months so I could perform a risk assessment on my own company in preparation of this workshop.  The only downfall with this strategy is this:  I hope that the compliance risk I am taking in delaying the risk assessment will be okay with the FDIC and OTS when they come in to exam us in August.  See, if you attend my workshop, you’ll realize that quite a few items on the Information Technology Governance Strategy calendar have to wait until the risk assessment has been completed.  So what that means is that I’ll be finishing up on a lot of items in July, whereas last year we finished those items in May.  But I’m taking that compliance risk, because I firmly believe that combining the infotex risk assessment with the creation of the IBA Risk Assessment Workshop will deliver a better product on both fronts.

Finally, it’s going to be fun because I’ve already thought of several different humorous stories to sprinkle throughout the risk assessment.  No, I won’t be doing a strip tease at this workshop (which I have been known to do at times.)  But I will make it interesting.

I don’t have a link to the final talk, but it will be the most important talk of the spring.  It will be taking place sometime after Mother’s Day and before we drive my daughter Dani to the airport on May 16th.  See, my daughter is going to spend the summer in Los Angeles.  She’s doing an internship there . . . . translating Japanese books into English.

As you have just read, my mission in life is managing IT risk.  But right now my thinking is that there is one thing more risky in this world than Technology . . . . . and that one thing is Los Angeles!!

So yeah.

Related Articles
Latest News
    As the investigation of the SolarWinds Hack was ongoing, another hack stole some of the limelight… This is the final update on the SolarWinds hack unless a major development comes to light. You can see the previous article here: “Autopsy of the SolarWinds Hack Update“. One of the largest cyber-espionage campaigns in the history of […]
    Employees working from home may find it more difficult to follow security policies… An article review. The surge in employees working from home during the pandemic created many headaches for IT departments around the world, many of whom had no telecommuting policies or procedures before the start… but what about the employees who had to […]
    A Webinar-Movie infotex presents the 2021 update of a previously released webinar presented by our Lead Non-Technical Auditor, Adam Reynolds. This movie-short is intended for those who are planning to participate in an infotex Incident Response Test. Not sure about the importance of an Incident Response Test? Check out onetest.infotex.com for more information! Please let […]
    PRESS RELEASE – FOR IMMEDIATE RELEASE BUSINESS NEWS INFOTEX PROMOTES BRYAN BONNELL TO DIGITAL MEDIA MANAGER infotex, the Managed Security Service Provider, announced Bryan Bonnell’s promotion from Senior Data Security Analyst to Digital Media Manager.  “He will continue his normal DSA duties on a limited basis, because we want everybody to stay in touch with […]
    PRESS RELEASE – FOR IMMEDIATE RELEASE BUSINESS NEWS RYAN HENSLER OF INFOTEX, EARNS CISSP CERTIFICATE Ryan Hensler, Senior NOC Associate of infotex, Inc., recently received the CISSP certification. “Ryan has proven himself to be a seasoned security professional both in his work for infotex and now through achieving this certification.” said Sean Waugh, Information Security Officer. […]
    Dubious app store subscriptions bring in hundreds of millions of dollars in revenue… An article review. When it comes to malicious applications you’re probably familiar with things like malware and ransomware, and you have ways to avoid them.  Modern desktop and smartphone operating systems have built-in malware detection tools, and some web browsers even automatically […]
    Another Manifesto A supply-chain manifesto by the author of Never Say Never: A Password Manifesto! Another one of those Dan’s New Leaf Posts, meant to inspire thought about IT Governance . . . . [Sssshh.  Turn out the lights.  Let’s lower our inner voices, as I have something to propose that might be a bit […]
    Another awareness poster for YOUR customers (and users).  Now that we have our own employees aware, maybe it’s time to start posting content for our customers! Download the large versions here: Awareness Poster (Portrait) Awareness Poster (Landscape)   You are welcome to print out and distribute this around your office.  
    While malware and security exploits continue to make headlines, the majority of reported security incidents involve phishing… An article review. With all the attention given recently to security incidents involving software exploits and high-profile malware attacks, it would be easy to believe that they represented the most likely incidents you may encounter in the wild.  […]
    Implementing Protective DNS could help your organization avoid attack… An article review. Noting the risks still associated with the Domain Name System (DNS), the National Security Agency and the Cybersecurity and Infrastructure Security Agency (CISA) have recently released new guidance on the selection and use of a Protective DNS service (PDNS). The guidance, released in […]