W. Hord Tipton (Getting ready for cyberwar)
Edward Amoroso (Getting ready for cyberwar)
Justin Clarke (Smart phones, apps and crowd sourcing)
Chris Wysopal (Smart phones, apps and crowd sourcing)
Adrian Davis (How to educate your workforce & Building trust in the cloud)
Martin Smith (How to educate your workforce)
Keiron Northmore (Building trust in the cloud)
Rik Ferguson (Malware: The Bad, the Ugly, and the Uglier)
Melih Abdulhayoglu (Malware: The Bad, the Ugly, and the Uglier)
John Walker (Forensic Analysis in the Cloud)
Michael Panico (Forensic Analysis in the Cloud)
Paul Henry (Preventing insider data leaks)
Marc Spitler (Preventing insider data leaks)
Chris Burchett (The death of endpoint security?)
Paul Simmonds (The death of endpoint security?)
Paul Zimski (The death of endpoint security?)
Mike Rothman (Security in the Age of *Any* Computing: Risks, Options and Automation for Mobile and Endpoint Controls)
Scott Gordon (Security in the Age of *Any* Computing: Risks, Options and Automation for Mobile and Endpoint Controls)

Share

Top 5 Stories

News

2011 Spring Infosecurity Virtual Conference - Conference Programme available On Demand

11 May 2011

We are pleased to confirm the details for the event that was held on 2nd June 2011. This one-day event brought together a series of topical keynote sessions direct to your computer and gives you the flexibility to learn about the latest information security trends and challenges from wherever you are in the world.

Register Now To Watch at Your Convenience

On demand editorial sessions - 2011 Spring Conference

Getting Ready for Cyberwar: Protecting the CNI – Opinions on whether we are currently at cyberwar, ready for cyberwar, or even aware of cyberwar, are incredibly varied, depending on who you speak to. Forget about what ‘could’ or ‘might’ happen, and let’s focus on what the situation is right now. Are we defending against political espionage? Which countries are firing ‘cyber’ shots? Are we ready for cyber attacks from foreign attackers? What is the US government doing about cyberwar? This session hopes to answer these big, and very important, questions.

Speaker 1: W. Hord Tipton, Executive Director, (ISC)2
Speaker 2: Edward Amoroso, Senior Vice President & Chief Security Officer, AT&T Services

Smart phones, apps, and crowd sourcing – Employees are increasingly expecting – and demanding – company smart phones, on which they can email and carry out other work-related tasks, such as salesforce.com. The complications, however, arise when they want to download applications and use their devices for non-work related means. Outsourcing the development of mobile applications (crowd sourcing) is part of the problem. This session will look at crowd sourcing, application security, and just what employees are – and should – be using their work smart phones for.

Speaker 1: Justin Clarke, President, London Chapter of OWASP and Executive Director/Co-Founder, Gotham Digital Science
Speaker 2: Chris Wysopal, Chief Technology Officer/Co-Founder, Veracode

How to educate your workforce – The importance of educating your workforce about information security has been acknowledged for some time now, as has the significance of awareness. However, organizations are still using old-fashioned video tapes (yes, video tapes!) and big, thick policies to ‘educate’ their employees. It is time to update awareness campaigns and make educational programs interesting, and dare we say it, enjoyable. This session will tell you how!

Speaker 1: Adrian Davis, Senior Security Researcher, ISF
Speaker 2: Martin Smith, CEO, The Security Company

Building Trust in the Cloud – Being able to trust that your data is safe in the cloud is crucial to the adoption of cloud services. Identity and access management is a key consideration in building this trust. Add to this transparency, compliance and data protection measures, and the result is a trusted cloud. This session will look at how to turn the concept of a trusted cloud into reality.

Speaker 1: Adrian Davis, Senior Security Researcher, ISF
Speaker 2: Keiron Northmore, Chief of Operations, First Base Technolgies

Malware: The Bad, the Ugly, and the Uglier – It has been predicted by industry experts for some time now that malware – botnet-type malware, in particular – will continue to become more sophisticated and more threatening. The word ‘stuxnet’ proves this to be true. In this session you will discover the anatomy of the virus and its attacks, and learn how to put defenses in place to stop a breach. This session will also take a look at what malware has in store for us in 2011.

Speaker 1: Rik Ferguson, Solutions Architect, Trend Micro
Speaker 2: Melih Abdulhayoglu, CEO, Comodo

Forensic Analysis in the Cloud – Compliance has always been a tricky balancing act, especially when dealing with regulations across jurisdictional boundaries. Now cloud computing has complicated the mix even further, with providers storing data around the globe. So how can you avoid the headache of jurisdictional roadblocks in the event of an alleged breach event that requires investigation? This session will examine the questions you need to ask, and the agreements that should be in place, before you hand your infrastructure, platforms, and/or data over to a cloud provider

Speaker 1: Professor John Walker FBCS CISM CITP MFSSoc A.IISP, Visiting Professor & CTO Secure-Bastion - a World Class Organisation
Speaker 2: Michael Panico, Vice President, Stroz Friedberg

Preventing Insider Data Leaks - WikiLeaks is certainly a word that will have featured quite heavily in the vocabulary of information security professionals over the past few months. Whatever your opinion on the WikiLeaks phenomenon however, you will recognize the crucial need to plug any holes which could lead to the accidental or malicious leak of internal data.
Gone are the days when ‘keeping the bad stuff out’ was the only mantra. These days, ‘keeping the good stuff in’ is every bit as important. This session will offer advice on how to plug those holes which could lead to the loss of company data.

Speaker 1: Paul Henry, Security and Forensic Analyst, Lumension
Speaker 2: Marc Spitler, Senior Risk Analyst, Verizon RISK Intelligence Team

The death of endpoint security? – The increasingly mobile workforce, coupled with the increased ‘consumerisation’ of devices in the enterprise space, has led many security professionals to call for a new approach to security. Rather than securing end points, some now advocate for a data-centric approach to security. This session will examine exactly what a data-centric approach to security entails, and what the future holds for end point device security.

Speaker 1: Chris Burchett, Chief Technology Officer/Co-Founder, Credant Technologies
Speaker 2: Paul Simmonds, Board Member/Co-Founder, Jericho Forum
Speaker 3: Paul Zimski, Vice President of Solution Strategy, Lumension

Security in the Age of *Any* Computing: Risks, Options and Automation for Mobile and Endpoint Controls - Users want access to information on any device, from anywhere, at anytime.  Then there¹s the dynamics of virtualization and coping with new world threats.  Whatever control you thought you had over the IT environment is gone.  But what about data privacy, data leakage, unauthorized access, rogue WAPs and malware threats? This provocative session, lead by distinguished analyst Mike Rothman of Securosis, exposes issues, examines processes and weighs technical options that you can apply today to advance mobile, wireless and endpoint security.  Explore data classification and network segmentation, policy development and enforcement, preempting access violations, and the means to automate respective security controls.

Speaker 1: Mike Rothman, Analyst and President, Securosis
Speaker 2: Scott Gordon, Vice President, ForeScout Technologies

CISSP SSCP logo

CISSPs and SSCPs members can receive 1 CPE credit for attending each webinar. You can earn the credit by simply specifying your number on the registration form and correctly answering 3 multiple choice polling questions about the program at the end of the event.

Please note that all CPEs are subject to auditing and a proof of attendance will be required.

Register Now To Watch at Your Convenience

 

This article is featured in:
Application Security  •  Biometrics  •  Business Continuity and Disaster Recovery  •  Cloud Computing  •  Compliance and Policy  •  Data Loss  •  Encryption  •  Identity and Access Management  •  Industry News  •  Internet and Network Security  •  IT Forensics  •  Malware and Hardware Security  •  Public Sector  •  Security Training and Education  •  Wireless and Mobile Security

 

Comment on this article

You must be registered and logged in to leave a comment about this article.

We use cookies to operate this website and to improve its usability. Full details of what cookies are, why we use them and how you can manage them can be found by reading our Privacy & Cookies page. Please note that by using this site you are consenting to the use of cookies. ×