AITP Nashville - Meetings


May 2008 Meeting May 8th IT Security Thomas Lewis, CISSP, CISA Partner in Risk Services with Lattimore Black Morgan & Cain
Our May program is a presentation on current trends in penetration techniques of IT security systems and techniques for penetration testing. This is an excellent opportunity to learn how “bad’ people are trying to get into your IT systems and what can be done about their various schemes. Our speaker is Thomas Lewis, CISSP, CISA, who is a Partner in Risk Services with Lattimore Black Morgan & Cain, PC, a CPA/Financial Planning Firm headquartered in Brentwood, Tennessee. Thomas has many stories of what has been tried in penetrating a company’s security and what audit personnel have tried as penetration testing. These stories range from E-Mail spoof with fake Web Site, to fake badges, to forgotten purse/wallet, to free Flash USB drives, and other situations. Thomas’s stories are sure to make you sit up and think about your company’s security.
Thomas will discuss current trends in penetration testng and the significance of these trends. He will note what is practical for your in-house staff to perform. Thomas has over 13 years experience assisting Fortune 500 clients and government entities with the development of security solutions for complex environments. Thomas’s work has focused on integrating the key elements of environment, physical, and logical security to achieve the appropriate amount of operational security. Thomas’s areas of expertise are security architecture design, network security, UNIX security, attack and penetration assessments, and intrusion detection/prevention solutions. Lattimore Black Morgan & Cain, PC began in 1984 as a CPA firm and has since added new service lines to address the needs of their clients. They now have a full range of services in the key functional areas: financial services, human resources, healthcare consulting, and technology. LBMC has offices in Nashville, Knoxville, Chattanooga, and recent technology expansion in Birmingham and Memphis. In addition to Thomas’s information security consulting experience, he also has several years experience with three of the “Big 5” accounting firms conducting information systems audits. Thomas is a frequent speaker for local and national organizations, including the Information Systems Security Association (ISSA), MIS Institute, Information Systems Audit and Control Association (ISACA), and the Institute of Internal Auditors (IIA). He is the founding president of the Middle Tennessee ISSA Chapter. Thomas holds a Bachelor’s degree in Finance/Economics from David Lipscomb University and a Master of Accountancy from the University of Tennessee. He is a Certified Information Systems Security Professional (CISSP), Microsoft Certified Systems Engineer (MCSE), and Certified Information Systems Auditor (CISA). Thomas is a native of Nashville and resides in Hendersonville with his wife and four daughters. For fun, he plays golf and coaches the local select soccer team. Thomas is a great speaker and has many entertaining stories about the security environment. You should not miss this meeting.