phoenix - SecureWorld

Transcription

is your world secure?
PHOENIX
Phoenix Convention Center
DECEMBER 7 - 8, 2010
Inside SecureWorld:
Featured Keynotes
Industry Expert Panels
Conference Sessions
Case Studies
SecureWorld+ Training
December 7, 2010
December 8, 2010
OPENING KEYNOTE
INFRAGARD KEYNOTE
James Beeson
Joseph Dittmar
CISO, GE Capital Commercial Finance
“Social Networking and the
Consumer Cloud-Are You Ready?”
World Trade Center Survivor
“Lessons Learned from a Date with
Destiny; A Historic and Inspirational
View of 9/11/01”
And More!
....................................
Security demands are
rapidly growing while
security training
budgets are not.
SecureWorld delivers
the most affordable,
highest quality security
education, training and
networking right to
your doorstep.
LUNCHEON KEYNOTE
LUNCHEON KEYNOTE
Thomas R. Peltier
Patrick T. Beggs
Security Sage
“Selling Information Security”
Director of Operations (Acting)
Office of Cybersecurity and
Communications
U.S. Department of Homeland Security
“Cyber Resilience Review”
secureworldexpo.com
Check us out on the web at
Gold Sponsor:
This Event Hosted by:
INTEGRATION FORENSICS BOTNETS VIRTUALIZATION APPLICATION SECU
UALIZATION APPLICATION SECURITYSYSTEMS
ENCRYPTION
VoIP
DATA LEAKAGE COMPLIANCE WIRELESS BIOMETRICS ACCESS CONTROL
RISK MANAGEMENT
DATA LEAKAGE COMPLI
HIGHLIGHTS
December 7, 2010
9:30 am OPENING KEYNOTE
James Beeson
CISO, GE Capital Commercial Finance
“Social Networking and the
Consumer Cloud-Are You Ready?”
12:30 pm LUNCHEON KEYNOTE
Thomas R. Peltier
Security Sage
“Selling Information Security”
December 8, 2010
9:30 am INFRAGARD KEYNOTE
Joseph Dittmar
12:15 pm LUNCHEON KEYNOTE
Patrick T. Beggs
“Lessons Learned from a Date with
Destiny; A Historic and Inspirational
View of 9/11/01”
“Cyber Resilience Review”
World Trade Center Survivor
Office of Cybersecurity and Communications
(Earn 16 CPE CREDITS)
Assessing Your Current Security
How good is your security program? Is there an effective way to measure the current state of your security program and compare it against
some industry-accepted criteria? This session will present key methods to conduct just such an assessment using your current staff
members. The session will begin with a brief discussion of what is meant by risk analysis, risk assessment, security assessment
and vulnerability assessment, then analyze how these processes interact with one another. We will also examine how penetration
testing and audits fit into the overall assessment methodologies.
Defense Against Social Engineering
Despite media reports, hackers are not always technological geniuses. Some can’t even read the scripts they unleash against our networks.
However, while computer crime grows increasingly organized, focused and specialized, even the greenest script kiddie can be an outstanding
social engineer. This class details various psychological workings of social engineering and presents scenarios and role-playing excercises to
help us fully comprehend the threat. We also give suggestions for constucting a realstic defense program, emphasizing effects on the business.
Includes SWE Conference Pass:
Conference Sessions, Keynotes, Exhibits, Open Sessions and Lunch Each Day
This Event Hosted by:
TWO DAY CONFERENCE - $265
SECUREWORLD+ - $695
Conference Sessions, Conference Keynotes,
Exhibits, Open Sessions, Lunch and 12 CPE
Certficate of Attendence.
Extended Training Opportunities - Conference
Sessions, Keynotes, Exhibits, Open Sessions,
Lunch and a 16 CPE Certificate of Attendence
EXHIBITS/OPEN SESSIONS - FREE
INVITE ONLY
Exhibits, Keynotes and Open Sessions
Day 1 - December 7, 2010
TIME
CONFERENCE
ROOM #
SPEAKER(S)
7:00am - 3:00pm
Registration
8:00am - 9:15am
Executive Steering Council Breakfast: (Invitation Only)
160
Philip Alexander
8:00am - 9:30am
• SecureWorld+ Assessing Your Current Security Program (Part 1)
• SecureWorld+ Defense Against Social Engineering (Part 1)
166
167
Thomas R. Peltier
John G. O’Leary
8:30am - 9:15am
• The Human Nature of Security
• Security in Times of Tight Budgets
• Apples and Oranges
• Avoid Data Breaches and Enhance Security: Adopt Privacy By Design
162
163
165
164
Kim L. Jones
Neal Puff
Rich Owen
Dr. Ann Cavoukian
Dr. Marilyn Prosch
9:00am - 3:00pm
Exhibit Floor Open
9:30am - 10:15am
Opening Keynote: Social Networking and the Consumer Cloud-Are You
Ready?
10:15am - 11:30am
Conference Break/Product Demonstrations - Exhibit Floor
11:15am - 12:15pm
Executive Roundtable: Social Media-The Challenges (Invitation Only)
160
Jonathan Harber
11:30am - 12:15pm
• Customer Service for the Information Security Professional
• Integrating Security into the SDLC Process-Reducing both Risks & Costs
• The Up’s and Down’s of DLP (Data Leakage Prevention)
162
163
165
John G. O’Leary
Philip Alexander
James Beeson
11:30am - 12:15pm
Alcatel-Lucent Presents - Securing the Virtualized Enterprise, a
Blueprint for Enterprise Security
164
David Fortini
12:15pm - 1:15pm
Executive Roundtable: Cloud Computing; Lessons Learned
(Invitation Only)
160
Randell Smith
Keynote Theater
James Beeson
12:30pm - 1:00pm
Luncheon Keynote: Selling Information Security
Keynote Theater
Thomas R. Peltier
1:15pm - 2:00pm
• Industry Expert Panel: Data Protection-Walking the Thin Line Between
Employee Productivity and Security
• Industry Expert Panel: Network Security-Finding the Right
Management Program
• Industry Expert Panel: Effective Compliance Management in Today’s
Workplace
Keynote Theater
John G. O’Leary
163
Thomas R. Peltier
164
Lance Turcato
2:00pm - 3:00pm
Conference Dessert Break/Product Demonstration
3:00pm - 3:45pm
• Which Part of the Prickly Pear is the End Point?
• Computer Forensics and Emerging Technologies
• Panel Discussion: End User Security Awareness
• Often Overlooked Vulnerabilities in ERP Systems: Example SAP
Exhibit Floor
163
162
164
165
Jeff Debrosse
Kristy Westphal
Jonathan Harber
Bill Curd, PhD
3:00pm - 4:30pm
166
167
Thomas R. Peltier
John G. O’Leary
3:00pm-5:30pm
Pub Crawl
Foyer
Check us out on the web: secureworldexpo.com
7:00am - Registration Opens
8:00am - 9:15am - Room 160
Executive Steering Council Breakfast (Invitation Only)
8:00am - 9:30am - Room 166
Assessing Your Current Security Program (Part 1)
Thomas R. Peltier, Security Sage
How good is your security program? Is there an effective way to
measure the current state of your security program and compare it
against some industry-accepted criteria? This session will present
key methods to conduct just such an assessment using your current
staff members. The session will begin with a brief discussion of what
is meant by risk analysis, risk assessment, security assessment and
vulnerability assessment, then analyze how these processes interact with one another. We will also examine how penetration testing
and audits fit into the overall assessment methodologies.
8:00am - 9:30am - Room 167
Defense Against Social Engineering (Part 1)
John G. O’Leary, President, O’Leary Management Education
Despite media reports, hackers are not always technological
geniuses. Some can’t even read the scripts they unleash against
our networks. However, while computer crime grows increasingly
organized, focused and specialized, even the greenest script kiddie
can be an outstanding social engineer.
8:30am - 9:15am - Room 162
The Human Nature of Security
Kim L. Jones, Information Risk Manager
General Dynamics C4 Systems
Over the past 20 years security professionals have made tremendous strides in improving security technologies, implementing
security processes, and relating security to the needs of the business. In this presentation, we will explore the profession’s mixed
track record in addressing the human element of security as well
as recommend strategies to improve the acceptance levels of your
security program.
8:30am - 9:15am - Room 163
Security in Times of Tight Budgets
Neal Puff, CIO, Yuma County, AZ
There never seems to be sufficient funding to do everything we want
in terms of security. Things are even worse when budgets are cut.
This positive session will focus on what we CAN do to improve the
security in our organization, even when resources are scarce.
8:30am - 9:15am - Room 165
Apples and Oranges
Rich Owen, CISSP, CPP, CRISC, IAM/IEM, MBCI
This session is a discussion around the problem of ensuring that
your data is protected when outsourced (like in the cloud). It is
also the counter discussion of how you, as a service provider, can
demonstrate good security to the data owner. We will explore the
necessary steps and methods of improving streamlining the discussion between data owner and service provider.
Conference Details
8:30am - 9:15am - Room 164
Avoid Data Breaches and Enhance Security:
Adopt Privacy By Design
Dr. Ann Cavoukian Ph.D., Information and Privacy
Commissioner Of Ontario, Canada
Dr. Marilyn Prosch
In the future, we will need to adopt a different paradigm – while legislation will remain a powerful tool, it will no longer be sustainable as
the sole model for preventing data breaches and ensuring the future
of privacy. We must increasingly turn to positive-sum paradigms
such as Privacy by Design (PbD): Proactively embedding privacy
into emerging technologies, accountable business practices and
networked infrastructures that intersect with personally identifiable
information.
9:00am - 3:00pm - Exhibit Floor Open
9:30am - 10:15am - Keynote Theater
Opening Keynote - Social Networking and the Consumer Cloud-Are
You Ready?
James Beeson, CISO, GE Capital - Commercial Finance
As the younger generation comes into the workforce heavily
dependent on social networking and the consumer cloud as their
tools of choice for communications and productivity, how should we,
as security leaders, be thinking about the associated risks? This
discussion will focus on critical things security and data privacy
leaders should be thinking about as Net Gen’ers grow in population
and power.
10:15am - 11:30am
Conference Break/Exhibitor Product Demonstrations
11:15am - 12:15pm - Room 160
Executive Roundtable: Social Media-The Challenges
(Invitation Only)
11:30am - 12:15pm - Room 162
Customer Service for the Information Security Professional
Security Professionals do not have it easy. We must serve our internal and external customers well while providing appropriate security.
But don’t even think of slowing down crucial business processes.
And isn’t the customer always right?
We’ll analyze the situation on both the service provider (that’s us)
and customer sides from a security perspective, emphasizing the
need to understand the viewpoints of those we must deal with. We
will also analyze complications and particular difficulties inherent
in doing anything that provokes as many potential conflicts as IT
security. Customers want what they want, they want it now, and
they don’t want to hear that what they want represents a significant
risk to the organization. We have to remember the function of the
business, and we want to serve our customers well, but we also
understand that our responsibilities as security professionals are to
safeguard organizational assets. We all know that sometimes that
means protecting users from themselves. In this session we’ll provide specific recommendations for actions that will help IT Security
fit customer service principles and resolve conflicts.
11:30am - 12:15pm - Room 163
Integrating Security into the SDLC Process - Reducing both
Risks & Costs
Philip Alexander, ISO, Wells Fargo
Lowering risks, reducing your time to market, while at the same time
decreasing your IT security costs. It is in fact possible when you position security to be a partner to business rather than a road block.
TWO DAY CONFERENCE
SECUREWORLD+
EXHIBITS/OPEN SESSIONS
11:30am - 12:15pm - Room 165
2:00pm - 3:00pm - Exhibit Hall
James Beeson, CISO, GE Capital - Commercial Finance
3:00pm - 3:45pm - Room 163
The Up’s and Down’s of DLP (Data Leakage Prevention)
DLP is on the radar screen for most businesses, but do companies really
understand the complexities involved? Do the benefits outweigh the costs?
This presentation is a review and discussion of best practices and challenges faced when implementing a global Data Leakage Prevention program.
James Beeson, a Chief Information Security Officer at General Electric will
talk about the advantages and the complications associated with implementing and managing DLP in a complex and ever-changing environment.
11:30am - 12:15pm - Room 164
Alcatel-Lucent Presents - Securing the Virtualized Enterprise, a
Blueprint for Enterprise Security
David Fortini, Director of Business Development
for North America (West), Alcatel-Lucent
Securing communications for voice, data, and video applications on a converged network is the key to supporting new business models and enabling
a virtualized enterprise that competes effectively in today’s business environment. The transformation to a converged network has been accompanied by
an equally rapid multiplication in security threats, the growth of cybercrime,
and the introduction of new security regulations. To take advantage of the
latest business models and ensure they are still protected, enterprises must
change how they view security to include a strategy for network embedded
security capabilities. Learn about application converged networks and how
they can be a security instrument delivering embedded security to protect
your corporation.
12:15pm - 1:15pm - Room 160
INVITE ONLY
Conference Dessert Break/ Exhibitor Product Demonstrations
Which Part of the Prickly Pear is the End Point?
Jeff Debrosse, Senior Research Director ESET For the IT professional trying to secure “the end point” their job has become
a game of catch with a prickly pear. The proper use of technology, policy, and
education can be the defense you need to survive the game.
3:00pm - 3:45pm - Room 162
Computer Forensics and Emerging Technologies
Kristy Westphal, Information Security Consultant,
TSYS Acquiring Solutions
The newest technologies implemented in your organizations are wonderful for
moving the business forward, but can move your computer forensics efforts
backwards...if you aren’t careful! In this session, we’ll take a look at how you
can stay one step ahead of these new trends, including virtualization, Web 2.0,
encryption and Windows 7. Attendees will leave with a solid understanding of
how the latest in technology can impact their own forensic programs.
3:00pm - 3:45pm - Room 164
Panel Discussion: End User Security Awareness
Jonathan Harber, CIO & Vice President, Information Technology
Blood Systems, Inc.
12:30pm - 1:00pm - Keynote Theater
Clearly, there are many security questions facing organizations today.
This panel will gather some key IT and security practice leaders who
will share from their work history and current organization how they
answered these questions. The panel will focus on practical solutions in
the real world.
3:00pm - 3:45pm - Room 165
Executive Roundtable: Cloud Computing; Lessons Learned
(Invitation Only)
Luncheon Keynote: Selling Information Security
To have a successful information security program, you must first visualize
the successful program. The first person you must sell the program to is
you. This session will examine methods to be used to prepare your message. We will discuss establishing a short-term goal, achieving it, reviewing
the results, and setting the next objective. We will then examine how to use
short-term objectives to develop a long-term plan and how to adjust the plan
after each incremental objective is met. Most importantly, we will examine
how we can best reach management and employees with our message.
Industry Panel: Data Protection-Walking the Thin Line Between
Employee Productivity and Security
Managing and securing your data is becoming more complicated each day
with the demands of today’s fast-paced world. How can you adequately
protect it and at the same time allow for your employees to access it for work
related use? This panel will discuss possible data protection issues and
steps to take to help you secure one of your most important company assets;
your data.
1:15pm - 2:00pm - Room 163
Industry Panel: Network Security-Finding the Right
Management Program
With all of the recent threats and security breach scenarios, it is necessary
to create a network that is secure and manageable. This panel discussion
will examine the important steps and tools required for increased network
security and manageability.
1:15pm - 2:00pm - Room 164
Industry Panel: Effective Compliance Management in Today’s
Workplace
Often Overlooked Vulnerabilities in ERP Systems: Example SAP
Bill Curd, PhD, Cyber Security Leader
You implement a big, expensive ERP (Enterprise Resource Planning) system
to automate much of your business. You follow the vendor’s instructions,
hire consultants, and meticulously adhere to a security framework. What
might you be overlooking?
Using SAP as an example, we’ll look at security in context (of architecture
and requirements) and in depth (how authorizations are really enforced) to
identify some frequent blind spots and propose solutions, so you don’t learn
them the hard way.
3:00pm - 4:30pm - Room 166
Assessing Your Current Security Program (Part 2)
3:00pm - 4:30pm - Room 167
Defense Against Social Engineering (Part 2)
3:00pm - 5:30pm - SecureWorld Expo Pub Crawl
PCI, SOX, HIPAA, GLBA; these acronyms can cause a lot of stress for
today’s IT professional. Join this panel for a look at the recent developments
in compliance regulations and what you should be doing to ensure you are
meeting them and have effective plans in place.
TIME
CONFERENCE
ROOM #
SPEAKER(S)
7:00am - 2:30pm
Registration
8:30am - 9:15am
InfraGard Information Meeting
8:00 am - 9:30am
166
167
Thomas R. Peltier
John G. O’Leary
8:30am - 9:15am
• Know Thy Enemy: Assessing Agents of Threat for Better
Risk Management
• Building an Effective Security Program (on the fly)
• How to Create a Security Awareness Program
• Peering into the Darkness: Implementing SIEM
162
Tim Casey
163
164
165
Cristy Schaan
Mike Ste. Marie
Brian Basgen
Keynote Theater
Joseph Dittmar
Keynote Theater
9:00am - 3:00pm
Exhibit Floor Open
9:30am - 10:15am
InfraGard Keynote: Lessons Learned from a Date with Destiny; A Historic and
Inspirational View of 9/11/01
10:15am - 11:15am
Conference Break/ Product Demonstrations-Exhibit Floor
10:45am - 11:45am
Executive Roundtable: Disaster Recovery/Business Continuity Planning
(Invitation Only)
160
11:15am - 12:00pm
• Resolving the Conflict Over Workplace Privacy and Employee Monitoring
• Managing Security Risk for the Executive Level
• Cryptography for Managers
• Got Governance?
162
163
164
165
160
Steve Porter
Thomas R. Peltier
Debbie Christofferson
David Schlesinger
Leah Core
11:45am - 12:45pm
Executive Roundtable: Risk Management Concepts (Invitation Only)
12:15pm - 1:00pm
Luncheon Keynote: Cyber Resilience Review
Keynote Theater
Andy Nold
Patrick T. Beggs
1:15pm - 2:00pm
• Industry Panel: Protecting Your Endpoint Security Assets
• Industry Panel: Directing Managed Services: Look Before You
Leap into the Cloud
Keynote Theater
163
William Bell
Fawn Medesha
2:00pm - 2:45pm
Conference Dessert Break/Product Demonstration
2:15pm - 2:45pm
SecureWorld Expo: Dash for Prizes
2:45pm - 3:30pm
• Internet Profiling and Intelligence Gathering
• An FBI Cyber Crime Briefing
• Managing Enterprise Forensic Investigations
• Not Every Cloud Has a Silver Lining
Exhibit Floor
162
163
164
165
Michele Stuart
Michael McAndrews
Diane Barrett
Erik Graham
8:30am - 9:15am - Keynote Theater
8:30am - 9:15am - Room 163
8:30am - 9:15am - Room 165
8:00am - 9:30am - Room 166
SecureWorld+ Training (Part 3)
Christy Schaan, Information Security
Officer, State of Arizona
Brian Basgen, Information Security Officer
Pima Community College
Considering the unprecedented growth in IT
demand combined with growing system complexities, our data centers and networks have
become increasingly opaque. This discussion
will focus on a real-world implementation of
a Security Information and Event Management device (SIEM) and the practical ways it
assisted our organization in improving security
and raising awareness.
InfraGard information Meeting
Assessing Your Current Security Program
8:00am - 9:30am - Room 167
SecureWorld+ Training (Part 3)
Defense Against Social Engineering
John O’Leary, President, O’Leary
Management Education
8:30am - 9:15am - Room 162
Know Thy Enemy: Assessing Agents of
Threat For Better Risk Management
Tim Casey, Senior Information Risk Analyst,
Intel
For risk managers to prepare for threats to their
information assets, we must first understand
the human threat, the classes of people who
can harm those assets. Essentially, we need a
“competitive analysis” of our security opponents, just as we analyze our business rivals.
However, useful analysis of the threat agents
is difficult to come by because of the lack of
industry standards or reference definitions of
the agents themselves. We formed a skunkworks team of senior analysts to address this
problem, resulting our Threat Agent Library
of 23 agent archetypes, each uniquely and
uniformly defined.
Building an Effective Security Program (on the fly)
All organizations are not created equal. Their
maturity level, culture, and mission can often
determine their ability to understand and
embrace information security. This ability
has a direct impact on program build-out success. Because each organization has its own
threats, risks, business drivers and compliance
requirements, the first step involves cultural
understanding of Security Awareness. This
session will provide a walk-through of laying
the foundation and then building an effective
InfoSec Program on the fly.
8:30am - 9:15am - Room 164
How to Create a Security Awareness
Program
Mike Ste. Marie
Information Security Analyst, Kronos, Inc.
Security awareness training is becoming more
of a requirement than a nice-to-have for corporations. This presentation will discuss why
a security program is needed, how it can be
built and supported. It will show some of the
free tools you can use to get people “excited”
about security (ok…mildly interested) and will
detail how the speaker set up a program at a
previous company.
Peering into the Darkness:
Implementing SIEM
9:00am - 2:30pm
Exhibit Floor Open
9:30am - 10:15am
Keynote Theater
InfraGard Keynote-Lessons Learned
from a Date with Destiny; A Historic
and Inspirational View of 9/11/01
Joseph Dittmar, WTC Survivor
Joe Dittmar’s eyewitness account of the
9/11/01 attack on the World Trade Center is
steeped with facts and observations of historic
proportions. This presentation also imparts
concepts and ideas on what was learned that
day and what lessons we can continue to
teach.
Conference Details
10:45am - 11:45am - Room 160
11:45am - 12:45pm - Room 160
2:45pm - 3:30pm - Room 162
Michele Stuart, Owner and President of
JAG Investigations, Inc.
Executive Roundtable: Risk
Management Concepts (Invitation Only)
Executive Roundtable: Disaster
Recovery /Business Continuity Planning
(Invitation Only)
11:15am - 12:00pm - Room 162
Luncheon Keynote: Cyber Resilience
Review
Resolving the Conflict Over Workplace
Privacy and Employee Monitoring
Thomas R. Peltier
Security Sage
Employers want to be sure their employees
are doing a good job, but employees don’t
want their every move or message logged.
That’s the essential conflict of workplace
monitoring. In this session we will examine
what an employer can do and what they
should do to make the workplace safe and
the employees secure in the knowledge that
there is really little expectation of privacy.
11:15am - 12:00pm - Room 163
Managing Security Risk for the Executive
Level
Debbie Christofferson, CISSP, CISM
President, Phoenix Chapter ISSA
Patrick T. Beggs, CISM
Office of Cybersecurity and
Communications
This presentation will provide the audience
with an overview of the evaluative method,
called a Cyber Resiliency Review, review
lessons-learned and field experiences from
the past two years. The audience should
come away with an understanding of meaningful evaluation and understand the method
applied, likely span of results and focus of
improvement activities.
Industry Panel: Protecting Your Endpoint
Security Assets
Do your senior management and executives
care about security? Business universally
runs on IT Infrastructures and both IT risks
and costs have continued to grow. Security
is a major component of risk, but how much
security is too much? What do executives
and our boards expect regarding enterprise
security risk?
11:15am - 12:00pm - Room 164
Cryptography for Managers
The equipment that your employees rely on
can be one of the most vulnerable points
of attack and intrusion. What can you do to
help protect them? What requirements and
systems should you put in place to prevent a
security disruption? This panel will take a look
at some elements that should be implemented to create and maintain endpoint security. 1:15pm - 2:00pm - Room 163
Industry Panel: Directing Managed
Services: Look Before you Leap
David Schlesinger, CISSP
Vice President, Phoenix Chapter ISSA
This talk is aimed at non-technical managers who will be involved in implementing
cryptographic information protection. It covers
the business and security requirements for
cryptography, principles of certificates and
key management, secure protocols, and
the capabilities and limits of cryptography. It
also provides an overview of the key areas
of interest when selecting a cryptographic
solution.
11:15am - 12:00pm - Room 165
Got Governance?
Leah Core, MBCP
Director of IT Governance
Governance is gaining ground as the next
big buzzword but how can it actually advance your program. We will explore how
governance initiatives incorporate security,
businesses continuity and compliance into a
secure foundation of availability and can help
professionals in these areas collaborate to
create a strong framework for risk mitigation
and advancing their programs.
There has been a lot of discussion
surrounding the cloud and managed services.
But do you have the facts? This panel will
take a look at the components of managed
services programs such as cloud computing,
SaaS and Virtualization and highlight what
you should be looking for and how to sift
through and determine the best program for
your needs.
2:00pm - 2:45pm - Exhibits Floor
Conference Dessert Break/
Product Demonstrations
2:15pm - 2:45pm - Exhibits Floor
SecureWorld Expo: Dash for Prizes
Internet Profiling and Intelligence
Gathering
Michele’s class, nationally renowned, will
illustrate to us the most current research techniques using open sources such as public
records and the vast amount of information
located within ‘open sources’ on the internet.
She will demonstrate how to utilize the internet (by manipulating search criteria) to locate
and create an entire profile on an individual
or company. This class is a thorough ‘how
to’ presentation showing us the step by step
procedures to conducting research in the
most productive and fact finding ways.
2:45pm - 3:30pm - Room 163
An FBI Cyber Crime Briefing
Michael McAndrews, Special Agent, FBI
Join us for a look at the latest trends in cyber
crime and what you should be aware of.
2:45pm - 3:30pm - Room 164
Managing Enterprise Forensic
Investigations
Diane Barrett, Professor
University of Advancing Technology
In today’s world, forensic data collection
touches every organization. This presentation
will begin with the identification of enterprise
evidence collection components. From there,
how to make intelligent decisions on data
collection as the number of handheld network
devices increases daily will be discussed.
Finally, evidence collection techniques used
in real cases such as US v. Madoff will be
offered as suggestions for formulating guidelines that pertain to your own organization.
2:45pm - 3:30pm - Room 165
Not Every Cloud Has a Silver Lining
Erik Graham, CISSP-ISSAP, Principal
Information Security Engineer, General
Dynamics C4 Systems
Cloud computing. What does it mean to you?
Ask 10 people that question and you’ll get
10 different answers. Now ask what does
“securing the cloud” or “cloud computing
security” mean? Again you will get a wide
variety of answers. Does this mean that
security within the cloud is unobtainable?
No - depending on your implementation / use
of cloud computing it may be a challenge but
you can provide the necessary security to allow business to leverage the capabilities provided by cloud computing. In this presentation we will examine the key elements within
the cloud and what risks and mitigations exist
within each element.
Extends Special Thanks to our 2010
Executive Steering Council:
Laura Ploughe
Kevin Sauer
Director Business Applications & Fiscal Control President
Arizona State University
Society for Information Management
Joanne Goldberg
Principal QA Systems Specialist/President
Medtronics/Alliance of Technology & Women
Leo Hauguel
Founder/Chairperson
Sonoran Desert Security Users Group
Rich Wilson
President
Arizona Chapter Association of
Threat Assessment Professionals
Jim Ryan, CISO
State of Arizona
Andy Nold, CIO
Loan Resolution Corp.
Gary Nichols, CISO
Blue Cross Blue Shield of Arizona
Lance Turcato
Deputy City Auditor - IT Audit Division / VP
City of Phoenix / Phoenix ISACA Chapter
Christian Price
ISA/Co-Founder
PetSmart/Arizona Security
Practitioners Forum
Todd Therrien
Technical Systems Manager
City of Phoenix - Phoenix Convention Center
Philip Alexander , ISO
Wells Fargo
Kim Jones
Information Risk Manager
General Dynamics C4 Systems
John Moede
Emergency Management Coordinator
City of Scottsdale
Mary Beth Joublanc
Chief Privacy Officer
Arizona Government
Information Technology Agency
Maudy Lockhart
Business Technology Integrator
President, APS/ARMA
Brian Basgen, ISO
Information Security Officer
Pima Community College
Neal Puff, CIO
Yuma County, AZ
Cary Gielniak
Director, Information
Technology Services
The Biodesign Institute at ASU
Susan Silberisen
Chief Information Officer
Arizona Department of Revenue
Randell Smith, CISO
City of Phoenix
Robert Talbot
Vice President, CPO
Coventry Health Care, Inc.
Michael Tolk
CIO & Security Officer
NextCare, Inc.
Bert Talley
Director of Forensics
Apollo Group
Gina Busby, ISO
City of Surprise
Lois Folk, President
Association of Certified
Fraud Examiners
Vauda Jordan
Senior Security Engineer
City of Phoenix
Catherine Rando
VP of Technology
First Credit Union
Steven Porter, CIO
Touchstone Behavioral Health
Fawn Medesha
Prior CIO/Executive Board
IMH Real Estate/Society for
Information Management
Jenner Holden
IS0/ISM
Arizona Department of Education/LifeLock
Aaron Carpenter
Information Security Manager
AZ Dept of Health Services
Jillian Testa
VP, Information Security Officer
Wells Fargo
William L Bell II
Director of Information Systems
PhoenixNAP, LLC
Jonathan Harber
CIO & Vice President, IT
Blood Systems, Inc.
Mark Williams
Information Security Officer
Salt River Pima-Maricopa Indian Community
Terri Aguilar
Information Systems Security Manager
Raytheon Missile Systems
Saul Morse
CIO/COO Interactive
McMurry
Keith Stocks
Senior Manager, Information Security Services
Blue Cross Blue Shield of Arizona
Trisha Lowry
Security Engineer
Safeway
Thank You to Our Sponsors
INTEGRATION FORENSICS BOTNETS VIRTUALIZATION APPLICATION SECU
UALIZATION APPLICATION SECURITYSYSTEMS
ENCRYPTION
DATA LEAKAGE COMPLIANCE WIRELESS BIOMETRICS ACCESS CONTROL
RISK MANAGEMENT
DATA LEAKAGE COMPLI

phoenix - SecureWorld

Transcription

Similar documents

4th of july sendiks - Nehring`s Sendik`s Downer

2016 SFOpen Dance Camp

Pre Trip Information - Christ`s Church of Oronogo

Brochure - Academy of Women`s Health

sandra humphries - Mid Murray Council

Outdoor Recreation Programming in March

Motivate Unmotivated Kids - Nysmith School for the Gifted

Schedule - Tikkun America

2012 New York Women in Communications Foundation (NYWICI

Shenzhou Fellowship Shenzhou Fellowship 2010 Camping