1 is your world secure? DALLAS Plano Convention Centre NOVEMBER 3-4, 2010 Inside SecureWorld: November 3, 2010 Featured Keynotes Industry Expert Panels Conference Sessions November 4, 2010 OPENING KEYNOTE INFRAGARD KEYNOTE William Hugh Murray James Beeson Executive Consultant, Information Assurance; Assoc. Professor, Naval Postgraduate School Essential Security Practices Case Studies CISO, GE Capital Commercial Finance Social Networking and the Consumer Cloud Are You Ready? And More!... LUNCHEON KEYNOTE Security demands are rapidly growing while security training budgets are not. SecureWorld delivers the most affordable, highest quality security education, training and networking right to your doorstep. LUNCHEON KEYNOTE L. Frank Kenney Security Sage VP of Global Strategy, Ipswitch File Transfer Division The Data Breaches You Don't See Hurt You The Most Selling Information Security secureworldexpo.com Check us out on the web at Gold Sponsors: This Event Hosted by: NORTH TEXAS & Ft. Worth Chapter INTEGRATION FORENSICS BOTNETS VIRTUALIZATION APPLICATION SECU UALIZATION APPLICATION SECURITYSYSTEMS ENCRYPTION VoIP DATA LEAKAGE COMPLIANCE WIRELESS BIOMETRICS ACCESS CONTROL RISK MANAGEMENT DATA LEAKAGE COMPLI
2 HIGHLIGHTS November 3, :30 am OPENING KEYNOTE William Hugh Murray Executive Consultant, Information Assurance; Assoc. Professor, Naval Postgraduate School Essential Security Practices 12:15 pm LUNCHEON KEYNOTE Security Sage Selling Information Security November 4, :30 am INFRAGARD KEYNOTE James Beeson CISO, GE Capital Commercial Finance Social Networking and the Consumer Cloud Are You Ready? 12:00 pm LUNCHEON KEYNOTE L. Frank Kenney VP of Global Strategy, Ipswitch File Transfer Division The Data Breaches You Don't See Hurt You The Most (Earn 16 CPE CREDITS) Assessing Your Current Security How good is your security program? Is there an effective way to measure the current state of your security program and compare it against some industry-accepted criteria? This session will present key methods to conduct just such an assessment using your current staff members. The session will begin with a brief discussion of what is meant by risk analysis, risk assessment, security assessment and vulnerability assessment, then analyze how these processes interact with one another. We will also examine how penetration testing and audits fit into the overall assessment methodologies. Defense Against Social Engineering Despite media reports, hackers are not always technological geniuses. Some can t even read the scripts they unleash against our networks. However, while computer crime grows increasingly organized, focused and specialized, even the greenest script kiddie can be an outstanding social engineer. This class details various psychological workings of social engineering and presents scenarios and role-playing excercises to help us fully comprehand the threat. We also give suggestions for constructing a realistic defense program, emphasizing effects on the business. Includes SWE Conference Pass: Conference Sessions, Keynotes, Exhibits, Open Sessions and Lunch Each Day This Event Hosted by: NORTH TEXAS & Ft. Worth Chapter
3 TWO DAY CONFERENCE - $265 Conference Sessions, Conference Keynotes, Exhibits, Open Sessions, Lunch and 12 CPE Certficate of Attendence. SECUREWORLD+ - $695 Extended Training Opportunities - Conference Sessions, Keynotes, Exhibits, Open Sessions, Lunch and a 16 CPE Certificate of Attendence EXHIBITS/OPEN SESSIONS - FREE Exhibits, Keynotes and Open Sessions INVITE ONLY 7:00am - 3:00pm Registration 8:00am - 9:15am Executive Steering Council Breakfast: (Invitation Only) II 8:00am - 9:30am SecureWorld+ Assessing Your Current Security (Part 1) SecureWorld+ Defense Against Social Engineering (Part 1) 8:30am - 9:15am Beyond Gotcha-Surviving Today s Audit Balancing Risk: IT Service Provider Risks Establishing a Digital Forensic and Incident Response Program Hello, Your People, Your Information & Your Technology Have Left the Building! Lavon Hillhaven I 9:00am - 3:00pm Exhibit Floor Open Collinwood I John G. O Leary Mignona Cote Dione McBride Shaun Drutar Jeffrey M. Camiel 9:30am - 10:15am Opening Keynote: Essential Security Practices Keynote Theater William Hugh Murray 10:15am - 11:30am Conference Break/Product Demonstrations - Exhibit Floor 11:15am - 12:15pm Executive Roundtable: Risk Management Concepts (Invitation Only) II 11:30am - 12:15pm 11:30am - 12:15pm Get Secure, Get Compliant Resolving the Conflict over Workplace Privacy and Employee Monitoring Implementing Mobile Device Encryption: A Case Study Alcatel-Lucent Presents - Securing the Virtualized Enterprise, a Blueprint for Enterprise Security I Presentation Theater 12:15pm - 1:15pm Executive Roundtable: Mobile Device Security (Invitation Only) II David Wallace Bridget Aman Cliff Grossner 12:15pm - 1:00pm Luncheon Keynote Selling Information Security Keynote Theater 1:15pm - 2:00pm 2:00pm - 3:00pm 3:00pm - 3:45pm Day 1 - November 3, 2010 TIME CONFERENCE ROOM # SPEAKER(S) Industry Expert Panel: Data Protection-Walking the Thin Line Between Employee Productivity and Security Industry Expert Panel: Network Security-Finding the Right Management Program Industry Expert Panel: Effective Compliance Management in Today s Workplace Conference Dessert Break/Product Demonstration - Exhibit Floor Which Part of the Prickly Pear is the End Point? Don t Fall Victim to Social Media Attacks The Importance of Training in Your Security Program Is Governance Part of Your Architecture? 3:00pm - 4:30pm SecureWorld+ Assessing Your Current Security Program (Part 2) SecureWorld+ Defense Against Social Engineering (Part 2) Keynote Theater Presentation Theater I Lavon Hillhaven 3:00pm-5:30pm Pub Crawl Foyer Jeff Debrosse Carl Timm Chris Hare Randy Guin John G. O Leary Check us out on the web: secureworldexpo.com
4 Day 1 - November 3, :00am - Registration Opens 8:00am - 9:15am - II Executive Steering Council Breakfast: (Invitation Only) 8:00am - 9:30am - Lavon Assessing Your Current Security (Part 1), Security Sage How good is your security program? Is there an effective way to measure the current state of your security program and compare it against some industry-accepted criteria? This session will present key methods to conduct just such an assessment using your current staff members. The session will begin with a brief discussion of what is meant by risk analysis, risk assessment, security assessment and vulnerability assessment, then analyze how these processes interact with one another. We will also examine how penetration testing and audits fit into the overall assessment methodologies. 8:00am - 9:30am - Hillhaven Defense Against Social Engineering (Part 1) John G. O Leary, President, O Leary Management Education Despite media reports, hackers are not always technological geniuses. Some can t even read the scripts they unleash against our networks. However, while computer crime grows increasingly organized, focused and specialized, even the greenest script kiddie can be an outstanding social engineer. 8:30am - 9:15am - Beyond Gotcha-Surviving Today s Audit Mignona Cote, Senior VP, Bank of America Auditors come in types: the gotcha, the apathetic and the true control partner. Recognizing the goal of the auditor coupled with security and control requirements, corporate audits can be survived. The gotcha can be turned to a report of strong confidence for the board and regulators. 8:30am - 9:15am - I Balancing Risk: IT Service Provider Risks Dione McBride, CISSP Laws and regulations like Massachusetts 201 CMR and PCI require due diligence on new outsourcers and contractors. Analysts and industry experts all insist that every company needs to complete due diligence on new outsourcers and contractors and to maintain a good understanding of how the company data is processed and protected. And, if you follow the breach statistics, you can see that in many cases these 3rd parties have been involved in about 40% of security breach. The only problem is - no one tells you how to do this. This session is an opportunity to share some insights into how to approach due diligence efforts, what you can and should include in your contract provisions, and how you demonstrate your approach is appropriate for your business. 8:30am - 9:15am - Establishing a Digital Forensic and Incident Response Program Shaun Drutar, CISSP, American Home Mortgage Servicing Inc. 8:30am - 9:15am - Hello, Your People, Your Information & Your Technology Have Left the Building! Jeffrey M. Camiel, CISSP, QSA Conference Details In this 45 minute breakout session, we will present what these new information system models look like, what new and old security risks CISO and CIOs should be aware of and present the current and possibly security effect of the iphone and ios on your enterprise. 9:00am - 3:00pm - Collinwood I Exhibit Floor Open 9:30am - 10:15am - Keynote Theater Opening Keynote - Essential Security Practices William Hugh Murray, Executive Consultant, Information Assurance; Assoc. Professor, Naval Postgraduate School This Keynote presentation will describe Essential Security Practices, those which anyone can do, with available resources. While individually these practices may be as little as 80% effective; collectively they can dramatically reduce risk at minimal cost. Essential Security Practices are too often dismissed by experts because they are less than perfect, when they should be preferred because they are efficient. 10:15am - 11:30am Conference Break/Exhibitor Product Demonstrations 11:15am - 12:15pm - II Executive Roundtable: Risk Management Concepts (Invitation Only) 11:30am - 12:15pm - Get Secure, Get Compliant David Wallace, Group Manager, Security Standards Compliance Chase Paymentech Solutions On its surface, compliance with the Payment Card Industry Data Security Standards appears to be an Information Technology challenge. As a result many merchants assign it to IT or Information Security and expect them to make it happen. This approach virtually guarantees compliance will take longer, cost more, and be more organizationally disruptive. It will also make maintaining compliance long term less likely. This presentation will explore the steps needed to engage key stakeholder, identify business process issues, and develop an Information Security program that will foster a culture of security. Such an approach will not only to ensure compliance with the PCI DSS but also position the enterprise for compliance with future compliance mandates. 11:30am - 12:15pm - I Resolving the Conflict over Workplace Privacy and Employee Monitoring, Security Sage Employers want to be sure their employees are doing a good job, but employees don t want their every move or message logged. That s the essential conflict of workplace monitoring. In this session we will examine what an employer can do and what they should do to make the workplace safe and the employees secure in the knowledge that there is really little expectation of privacy. Key considerations and capabilities you need to build into your Digital Forensic and Incident Response Program. How much will this functionality cost? Where does ediscovery fit into your program? What resources will you need? Why you need to do this.
5 TWO DAY CONFERENCE SECUREWORLD+ EXHIBITS/OPEN SESSIONS INVITE ONLY 11:30am - 12:15pm - Implementing Mobile Device Encryption: A Case Study Bridget Aman, CISSP, CISA, CPA, Information Privacy and Security Officer, Children s Medical Center Dallas In this session we will share the experiences of one company s implementation of mobile device encryption. We will talk about important lessons learned and strategies for the following: Selecting the right solution Important questions to ask vendors Implementation: the good, the bad and the ugly Impact to users: what to really expect Communication and training 11:30pm - 12:15pm - Presentation Theater Alcatel-Lucent Presents - Securing the Virtualized Enterprise, a Blueprint for Enterprise Security Clifford Grossner Ph.D, Director Strategic Marketing, Enterprise Security, Alcatel-Lucent Securing communications for voice, data, and video applications on a converged network is the key to supporting new business models and enabling a virtualized enterprise that competes effectively in today s business environment. The transformation to a converged network has been accompanied by an equally rapid multiplication in security threats, the growth of cybercrime, and the introduction of new security regulations. To take advantage of the latest business models and ensure they are still protected, enterprises must change how they view security to include a strategy for network embedded security capabilities. Learn about application converged networks and how they can be a security instrument delivering embedded security to protect your corporation. 12:15pm - 1:15pm - II Executive Roundtable: Mobile Device Security (Invitation Only) 12:15pm - 1:00pm - Keynote Theater Luncheon Keynote: Selling Information Security To have a successful information security program, you must first visualize the successful program. The first person you must sell the program to is - - you. This session will examine methods to be used to prepare your message. We will discuss establishing a short-term goal, achieving it, reviewing the results, and setting the next objective. We will then examine how to use short-term objectives to develop a long-term plan and how to adjust the plan after each incremental objective is met. Most importantly, we will examine how we can best reach management and employees with our message. 1:15pm - 2:00pm - Keynote Theater Industry Panel: Data Protection-Walking the Thin Line Between Employee Productivity and Security Managing and securing your data is becoming more complicated each day with the demands of today s fast-paced world. How can you adequately protect it and at the same time allow for your employees to access it for work related use? This panel will discuss possible data protection issues and steps to take to help you secure one of your most important company assets; your data. 1:15pm - 2:00pm - Presentation Theater Industry Panel: Network Security-Finding the Right Management Program With all of the recent threats and security breach scenarios, it is necessary to create a network that is secure and manageable. This panel discussion will examine the important steps and tools required for increased network security and manageability. 1:15pm - 2:00pm - Industry Panel: Effective Compliance Management in Today s Workplace PCI, SOX, HIPAA, GLBA; these acronyms can cause a lot of stress for today s IT professional. Join this panel for a look at the recent developments in compliance regulations and what you should be doing to ensure you are meeting them and have effective plans in place. 2:00pm - 3:00pm - Exhibit Hall Conference Dessert Break/Exhibitor Product Demonstrations 3:00pm - 3:45pm - Which Part of the Prickly Pear is the End Point? Jeff Debrosse, Senior Research Director ESET For the IT professional trying to secure the end point their job has become a game of catch with a prickly pear. The proper use of technology, policy, and education can be the defense you need to survive the game. 3:00pm - 3:45pm - I Don t Fall Victim to Social Media Attacks Carl Timm CISSP, PMP, CCIE #7149, Regional Director of Security, Savvis, Inc. Social media is everywhere. People use it almost on a daily basis and corporations use it for marketing and a magnitude of other reasons. However, do we really understand what is happening with our information and what we are vulnerable to? During this session we will explore our privacy and the latest vulnerabilities. We will also take a look at how to protect ourselves and the one s we love. Don t fall victim to blindly using social media. This is the time to educate yourself on the information the social media sites don t tell you about. 3:00pm - 3:45pm - The Importance of Training in Your Security Program Chris Hare, CISSP, CISA Security professionals know that people are the weakest link in a security program. Most often this is because they don t know what is expected of them. Training is an important method of conveying information to the employee population to improve their security related knowledge and drive changes in your security posture. This session examines the importance of learner-centric training to your security program. 3:00pm - 3:45pm - Is Governance Part of Your Architecture? Randy Guin, IT Security Officer, Dallas County Are solutions and technologies standardized? Does the current strategy change to include an in the cloud approach? Do you outsource an application for hosting and/or support? These are all approaches that can increase efficiency and decrease cost; exactly what upper management wants to hear! The issue becomes the architecture strategy is developed from an operational and budget perspective and may not or does not factor in Governance. In this presentation we will discuss the different elements of an IT Governance model and how it impacts IT Architecture. 3:00pm - 4:30pm - Lavon Assessing Your Current Security Program (Part 2), Security Sage 3:00pm - 4:30pm - Hillhaven Defense Against Social Engineering (Part 2) John G. O Leary, President, O Leary Management Education Check us out on the web: secureworldexpo.com
6 7:00am - 2:30pm Registration 8:00am - 9:15am InfraGard Chapter Meeting Keynote Theater 8:00 am - 9:30am SecureWorld+ Assessing Your Current Security Program (Part 3) SecureWorld+ Defense Against Social Engineering (Part 3) 8:30am - 9:15am Checking the box. What compliance doesn t mean. No More Chewy Centers: The Zero-Trust Model Of Information Security Inferring Private Information Using Social Network Data Risks, Liabilities, Strategies, Tactics, and Solutions Lavon Hillhaven I 9:00am - 3:00pm Exhibit Floor Open Collinwood I John G. O Leary George Genovezos John Kindervag Murat Kantarcioglu David Jesse Coker 9:30am - 10:15am InfraGard Keynote: Social Networking and the Consumer Cloud Are You Ready? Keynote Theater James Beeson 10:15am - 11:15am 10:45am - 11:45am 11:15am - 12:00pm Conference Break/ Product Demonstrations-Exhibit Floor Executive Roundtable: Cloud Security; Lessons Learned (Invitation Only) The Ups and Down s of DLP (Data Leakage Prevention) Privacy & Security Risks in Cloud Computing Hardware-based Cryptography for High Risk Applications Take Back the End Point II I 11:30am - 1:00pm ISSA Chapter Luncheon (Invitation Only) Windhaven 11:45am - 12:45pm Executive Roundtable: DLP; Reducing The Risk (Invitation Only) II James Beeson Robert J. Scott Ralph S. Poore Tom Fitzpatrick 12:00pm - 12:45pm Luncheon Keynote: The Data Breaches You Don t See Hurt You The Most Keynote Theater L. Frank Kenney 1:00pm - 1:45pm 1:45pm - 2:30pm 2:00pm - 2:30pm 2:30pm - 3:15pm Day 2 - November 4, 2010 TIME CONFERENCE ROOM # SPEAKER(S) Industry Panel: Protecting Your Endpoint Security Assets Industry Panel: Data Privacy- Keeping your Information out of the Wrong Hands Industry Panel: Directing Managed Services: Look Before you Leap Conference Dessert Break/Product Demonstration - Exhibits Floor SecureWorld Expo: Dash for Prizes Customer Service for the Information Security Professional An FBI Cyber Crime Briefing The Security of Equipment Tracking Connecting in Information Security Presentations: Getting past hearing to listening and connecting with your audience Keynote Theater Presentation Theater I John G. O Leary Chris Thompson Mike Kachline Andy Stokes 8:00am - 9:15am - Keynote Theater InfraGard Chapter Meeting 8:00am - 9:30am - Lavon Assessing Your Current Security Program (Part 3), Security Sage 8:00am - 9:30am - Hillhaven Defense Against Social Engineering (Part 3) John O Leary, President, O Leary Management Education 8:30am - 9:15am - Checking the box. What compliance doesn t mean. George Genovezos, Principal Information Security Analyst, Sabre-Holdings NIST, FIPS, HIPAA, PCI. Billions of dollars have been spent on compliance but does being compliant mean security? Has it ever? And why are we still not secure after a 30 years of NIST standards? Is there a solution? 8:30am - 9:15am - No More Chewy Centers: The Zero- Trust Model Of Information Security John Kindervag, Senior Analyst, Forrester The biggest issue facing information security professionals is that our traditional trust model is broken. Security devices have two interfaces: One interface is labeled trusted, and the other is labeled untrusted. In today s threat environment, which interface goes to the Internet? The zero-trust model is built on the idea that security must become ubiquitous throughout your infrastructure. 8:30am - 9:15am - Inferring Private Information Using Social Network Data Murat Kantarcioglu Asst. Professor Computer Science Dept., Director UTD Data Security and Privacy Lab University of Texas On-line social networks are increasingly utilized by many users.some of the information revealed inside these networks is private and it is possible that corporations could use learning algorithms on the released data to predict undisclosed private information. In this talk, we discuss how to launch inference attacks using released social networking data to predict undisclosed private information about individuals. 8:30am - 9:15am - I Risks, Liabilities, Strategies, Tactics, and Solutions David Jesse Coker, Attorney & Counselor at Law, Glaze & Coker, PLLC As businesses around the world face growing challenges to manage electronic access control, CCTV, burglar, and fire systems, it is important to understand the dynamics of these systems. The presentation will discuss the risks involved with this evolution, potential liabilities, enterprise-wide strategies, and proven solutions. 9:00am - 2:30pm - Collinwood I Exhibit Floor Open 10:45am - 11:45am - II Executive Roundtable: Cloud Computing; Lessons Learned (Invitation Only) 11:15am - 12:00pm - The Ups and Down s of DLP (Data Leakage Prevention) James Beeson, CISO, GE Capital - Commercial Finance This presentation is a review and discussion of best practices and challenges faced when implementing a global Data Leakage Prevention program.
7 Conference Details 11:15am - 12:00pm - I Privacy & Security Risks in Cloud Computing Robert J. Scott, Managing Partner, Scott & Scott, LLP Cloud computing is exploding. Gartner estimates the cloud market will reach $150 billion by There is growing concern over how to meet regulatory privacy and security requirements. Robert J. Scott, Managing Partner, Scott & Scott, LLP, a Dallas-based law firm with a privacy and security practice area, will share suggestions on how to mitigate or eliminate the privacy and security risks in cloud computing. 11:15am - 12:00pm - Hardware-based Cryptography for High Risk Applications Ralph Spencer Poore, CISSP, CFE, CISA, CHS-III, CTGA, QSA This session will describe the benefits of hardware-based cryptography especially as it applies to applications where a security failure would have extremely grave consequences to the organization or relying parties. No special technical cryptographic knowledge is assumed. The attendee should acquire an understanding of cryptographic principles and technical hardware design considerations for hardware-based cryptographic devices. 11:15am - 12:00pm - Take Back the End Point Tom Fitzpatrick, Director, Field Marketing, Kaspersky Lab, Americas As IT departments plan their security strategy, many overlook today s real target: The endpoint. Desktops, laptops, even smartphones and the servers that support them all are a wide open target for cybercriminals. From data breaches to banker Trojans and resulting massive financial losses, the endpoint is the new battleground for cybercrime. Think you are secure? Join this talk to find out about the growing malware threat, how cybercriminals are targeting the endpoint and how you can protect your endpoints from cybercrime. 11:30am - 1:00pm - Windhaven ISSA Chapter Luncheon: (Invitation Only) 11:45am - 12:45pm - II Executive Roundtable: DLP; Reducing The Risk (Invitation Only) 12:00pm - 12:45pm - Keynote Theater Luncheon Keynote: The Data Breaches You Don t See Hurt You The Most L. Frank Kenney, VP of Global Strategy, Ipswitch File Transfer Division Data loss is a growing risk, especially as prosumers bring more and more of their personal technology into the workplace. IT departments not only need to enable personto-server and system-to-system interactions, but also must create and enforce consistent policies and processes regarding how information is moved between people inside and outside a company. This session is meant for businesses and consumers at all levels to understand the current managed file transfer market and what comes next. 1:00pm - 1:45pm - Keynote Theater Industry Panel: Protecting Your Endpoint Security Assets The equipment that your employees rely on can be one of the most vulnerable points of attack and intrusion. What can you do to help protect them? What requirements and systems should you put in place to prevent a security disruption? This panel will take a look at some elements that should be implemented to create and maintain endpoint security. 1:00pm - 1:45pm - Industry Panel: Data Privacy- Keeping your Information out of the Wrong Hands Your customers and clients need to know their private data is safe with you and won t be shared. How do you ensure that this is the case? What recent legislation must you be aware of related to your data privacy plans? This panel will take a look at some of the elements needed to successfully keep your data private and in compliance with new regulations mandated. 1:00pm - 1:45pm - Presentation Theater Industry Panel: Directing Managed Services: Look Before you Leap There has been a lot of discussion surrounding the cloud and managed services. But do you have the facts? This panel will take a look at the components of managed services programs such as cloud computing, SaaS and Virtualization and highlight what you should be looking for and how to sift through and determine the best program for your needs. 2:30pm - 3:15pm - Customer Service for the Information Security Professional John O Leary, President, O Leary Management Education We ll analyze the situation on both the service provider (that s us) and customer sides from a security perspective, emphasizing the need to understand the viewpoints of those we must deal with. We will also analyze complications and particular difficulties inherent in doing anything that provokes as many potential conflicts as IT security. 2:30pm - 3:15pm - I An FBI Cyber Crime Briefing Chris Thompson, Special Agent, FBI Dallas Division Join us for a look at the latest trends in cyber crime and what you should be aware of. 2:30pm - 3:15pm - The Security of Equipment Tracking Mike Kachline, Director of Software Operations, Geoforce An emerging trend is the use of wireless devices to track and monitor key pieces of equipment. Discover how these technologies work and some of the security challenges being faced in this new world of asset visibility. 2:30pm - 3:15pm - Connecting in Information Security Presentations: Getting past hearing to listening and connecting with your audience Andy Stokes President Forth Worth Chapter ISSA John Maxwell says that everyone communicates, yet few connect. In this presentation, we will talk about connecting with everyone, from the conference room to the boardroom, to ensure your voice as the Information Security Professional is heard and even sought out. You will see examples of both good and bad communication styles and learn strategies that will get you invited back time after time. Check us out on the web: secureworldexpo.com
8 Extends Special Thanks to our 2010 Executive Steering Council: James Beeson GE Capital Richard Dorough Textron James Hynes Wells Fargo Jerry A. Knight Comerica Robert Myles UT Southwestern KC Condit Rent-A-Center, Inc. Randy Calhoun Nortel Randy Guin Dallas County Deborah Lohr BancTec, Inc. Robert Polvado Verizon Christopher Meinders World Marketing, Inc. Mike Pruden ADT Security Steve Weber CVS Caremark Corporation Bridget Aman Children's Medical Center in Dallas Chris Rapp Sovereign Bank George Genovezos Sabre Holdings Kim Morris PNM Resources Eric Hill Southern Methodist University Mark Natzic Northrup Grumman Mark Urbis Carlson Restaurants Mike Kachline Geoforce, Inc Sean Inman Pier 1 Imports Glynn Smith Dave & Buster's Shaun Drutar American Home Mortgage Servicing Inc Chester Helt City of Plano Dan Myers Cinemark, Inc. Jeff Stapleton Bank of America Rob Mears Beal Bank Kip Chevalier KnowledgeBase Marketing Michael R. Smith Parkland Health & Hospital System Guy Billingsley CHRISTUS Health Roger Martin Hunt Consolidated, Inc. Richard Stelluti Fossil, Inc. Gary Petroski National Weather Service Shamoun Siddiqui CVS Caremark Joe Pindell Bank of America Alex Nehlebaeff Harley-Davidson Financial Services Inc. George Turrentine Verizon Christopher Mears Fossil Jerry Davis Sabre Holdings Johnny Hernandez PrimeLending Dione McBride CISSP Rob West Texas Instruments Rick Baldree ISSA Fort Worth Chapter Steve Streiffert City of Fort Worth Imtiaz Haiyoom Central Dallas Ministries Ismael Alfaro Jr. GameStop, Inc. Travis Farral XTO Energy a subsidiary of Exxon Mobil Thanks to Our Sponsors ALIZATION ATA LEAKAGE APPLICATION SECURITY COMPLIANCE SYSTEMS INTEGRATION ENCRYPTION BIOMETRICS WIRELESS FORENSICS ACCESS CONTROL BOTNETS VIRTUALIZATION RISK MANAGEMENT DATA LEAKAGE APPLICATION SECU COMPLI