A Logo

Feel free to include my content in your page via my
RSS feed

Help Irongeek.com pay for
bandwidth and research equipment:

Subscribestar or Patreon

Search Irongeek.com:

Irongeek Button
Social-engineer-training Button

Help Irongeek.com pay for bandwidth and research equipment:


Control of Unclassified Information in Non-Federal IT Systems - Or What You Don't Know Can Cost You - Tim Grace (ShowMeCon 2019) (Hacking Illustrated Series InfoSec Tutorial Videos)

Control of Unclassified Information in Non-Federal IT Systems - Or What You Don't Know Can Cost You
Tim Grace

ShowMeCon 2019

Executive Order (EO) 13556 was signed by President Barack Obama on November 4, 2010. EO 13556 called for the protection of Controlled Unclassified Information (CUI) resident in nonfederal systems and organizations. The EO 13556 set in motion the National Archives and Record Administration (NARA) as well as the National Institute of Standards and Technology (NIST) in defining CUI, and developing guidance for protecting CUI. In this session you will learn exactly what CUI is, and how it may be present in your system, even though your organization does not deal directly with the Federal government. You will also learn the requirements for protecting CUI within your systems and how to implement a risk management framework per NIST guidance.

Bio: As the Technology Risk Advisory Services leader for Mueller Prost, Tim brings more than 30 years of business experience delivering solutions that drive business innovation, optimization, and change within world class organizations. He is a leader in the fields of cybersecurity, information technology, internal audit, privacy, compliance, and risk management. Tim has brought best practices to global organizations and helped drive solutions that strengthen and enhance current technology practices. Through innovation and process improvement, Tim has been able to drive change to ensure organizations remain focused on key business issues. His deep information technology background and deep understanding of business processes allowed him to bring technology and business processes together.As a leader in the information technology industry, Tim is a former President of the St. Louis ISACA chapter, serving on several local and international ISACA committees, is an active participant in the St. Louis Institute of Internal Auditors (IIA) chapter, serving on and chairing numerous committees, and was involved in re-invigorating the local Association of Government Accounts (AGA) chapter. In addition, he is an Advisory Board member for SecureWorld Expo St. Louis and Kansas City and was an adjunct professor for Webster University's School of Business and Technologies information technology Master's Program.Tim holds the following certifications: Certified Internal Auditor (CIA), Certified Information Systems Auditor (CISA), Certified Information Security Management (CISM), Certified in Risk and Information Systems Compliance (CRISC), Six Sigma Black Belt, ISO 27001 Lead Implementor / Auditor and has been a Qualified Security Assessor (QSA) for the Payment Card Industry.As a lifelong resident of St. Louis, Tim grew up in the Bevo Mill area, and attended Christian Brothers College High School. He holds a Bachelor of Science Degree, majoring in Accounting, and a Master of Business Administration Degree with emphasis in Information Systems, both from Maryville University in St. Louis.Tim is active in the local community serving on the Advisory Board for the USO of Missouri, working with the Boys and Girls club in the past, and has been active in several foster and adoption groups, including Foster Adoption Support Team (FAST), Adoption Exchange, and Missouri Baptist Children's Home (MBCH).

Back to ShowMeCon 2019 video list

Printable version of this article

15 most recent posts on Irongeek.com:

If you would like to republish one of the articles from this site on your webpage or print journal please contact IronGeek.

Copyright 2020, IronGeek
Louisville / Kentuckiana Information Security Enthusiast