Re: Information Security Training and Conferences

["Shamblin, Quinn" <qrs () BU EDU>]

I also like to send either the head of the department or the architect (if these are different people) to one of the 
big vendor conferences every year or so.  It allows you to get an update on the vendor arena all in one big chunk and 
allows you a broader understanding of possible solutions to problems that might come up throughout the year.  

Two that jump to mind are BlackHat (August, Vegas) and RSA (Spring, San Francisco) 

Best,

Quinn R Shamblin                                                  .
Executive Director of Information Security, Boston University


-----Original Message-----
From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Stephen 
C. Gay
Sent: Wednesday, July 15, 2015 8:11 PM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: Re: [SECURITY] Information Security Training and Conferences

Matthew,

Lots of great suggestions here. From my personal experience, if you are interested in learning what other institutions 
are doing in regards to InfoSec, Educause Security Professionals Conference (SPC) is where you want to be. There are 
sessions covering all aspects of a comprehensive program and there is no other conference in which the challenges 
unique to Higher Education are better represented. As Ken mentioned, REN-ISAC also holds their annual meeting at the 
end of SPC which further adds to the value of the conference (for members).

I would add that you should add a couple more conferences to your list - Shmoocon and Derbycon. I've been attending 
Derbycon since the beginning and wouldn't miss it. Much like BlackHat and DEFCON, the topics are technical and the 
attendees are "family". Leave the suit at home, come to learn, and there is no better conference. 

Good luck and hope to see you around,

Stephen C Gay CISSP CISA
UITS Executive Director & KSU Information Security Officer Information Security Office University Information 
Technology Services (UITS) Kennesaw State University Technology Services Bldg, Room 031
1075 Canton Pl, MB #3503
Kennesaw, GA 30144
Phone: (470) 578-6620
Fax: (470) 578-9050
sgay () kennesaw edu 

----- Original Message -----
From: "Matt Hall" <matthew.hall () CHEMEKETA EDU>
To: SECURITY () LISTSERV EDUCAUSE EDU
Sent: Wednesday, July 15, 2015 3:32:31 PM
Subject: [SECURITY] Information Security Training and Conferences


Security Listserv, 


Our college is a little new to designated Information Security employees. Because of this, we are not fluent on what 
trainings and conferences that Information Security employees should be attending. So, my question is, what kind of 
trainings and conferences do other Information Security employees attend? What are your favorite trainings/conferences? 
Would you not recommend certain ones? 


We have done some trainings and conferences in the past. Some examples are: 


    * Educause Annual Conference 
    * Educause Security Professionals Conference 
    * Ellucian Live 
    * SANS Training 
    * Local Security BSides 



I am also looking into: 


    * ISC2 Security Congress 
    * Black Hat/Defcon 



Thank you for other information that you can offer. 









Matthew Hall 

Information Security - Team Lead
Chemeketa Community College
Phone : (503) 584-7586
Email: Matthew.Hall () chemeketa edu 



Thank you for your help in making Chemeketa Safe and Secure!