April TASK – Cyber Response Readiness with VERIS / Using HIPAA compliance techniques to secure sensitive workloads in the AWS cloud

Wednesday 27-April-2016 // 6:00 – 9:00 PM
Meeting Location: 55 John Street, Toronto
Room:Rotunda (On main floor, just past elevators)


Speaker: Judy Nowak
Topic: Cyber Response Readiness with VERIS

Responding to cyber incidents is not what it used to be, the landscape has changed considerably; proactive response now requires the use of many tools and extensive coordination and expertise. Adding to the complexity is the common confusion between IR and forensics. Where does forensics begin and incident response start? What incidents require forensic investigation? And what should you know to pull the pieces together?

Embarking on creating an incident response (IR) program can be challenging and frustrating. This talk will show you that in order to adequately prepare for security incidents you need an IR framework that can lay the foundation for your IR plan and in turn help describe attacks. Describing attacks is important because you cannot respond to what you cannot identify.

VERIS will be used as an example framework to help you along your path in creating a successful cyber response program.


Speaker: Wendell Ying
Topic: Using HIPAA compliance techniques to secure sensitive workloads in the AWS cloud

A large and growing number of healthcare providers, payers and IT professionals are using AWS’s utility-based cloud services and other cloud platforms to process, store, and transmit Protected Health Information (PHI) and deliver applications that are compliant with the HIPAA Privacy and Security Rules. In order to satisfy rigorous HIPAA audit requirements and to help prevent costly data breaches, a number of HIPAA-related design patterns have emerged on AWS that can be re-purposed to secure other sensitive workloads in the cloud.

What are those design patterns? How can they be applied to non-healthcare workloads, especially those that store sensitive data? This talk will describe some of those patterns along with practical deployment scenarios, using AWS cloud computing services for security and compliance in the cloud.

Meeting Location: 55 john Street, Toronto. Rotunda Room

Posted in Events.