ISAlliance SCAP VoIP Project Update 12 June 2009
|
|
- Francine Williams
- 8 years ago
- Views:
Transcription
1 1
2 ISAlliance SCAP VoIP Project Update 12 June 2009 Lawrence G Dobranski, CISSP-ISSAP, CISM, CSSLP Leader, Security Architecture & Compliance Carrier VoIP and Applications Solutions Nortel ldobran@nortel.com (613) BUSINESS MADE SIMPLE 2
3 Agenda ISA VoIP Proposal & Status Snapshot Schedule, Deliverables & Status Scope & Objective Statement Resources Next Steps Program Meeting Schedule Technical Working Groups Meeting Backup VoIP Security Standards Participants from Industry Participants from Government 3
4 ISAlliance VoIP Proposal & Status Snapshot To lead and influence the development of industry based SCAP checklists for Voice and VoIP Security for Government, CriAcal Infrastructure and Enterprises (approved Feb 2008 ISAlliance BoD Mee9ng) VoIP Security ImplementaAon and Assurance Workshop NIST (complete, Sept 22 nd rd, 2008) SCAP Voice and VoIP Checklists: Phase I reports due Security Autma9on Conference Oct 2009 Applicability of SCAP to VoIP Baseline Standards Phase II - - proposed Based on current industry standards for Voice and VoIP Security Developed by a joint Government/Industry working groups 4
5 5 Scope, Objective & Deliverables Objective: The development of industry based Baseline SCAP checklists for Voice and VoIP Security for Government, Critical Infrastructure and Enterprises Scope: SCAP Voice and VoIP Checklists Based on current industry standards for Voice and VoIP Security Developed by a joint Government/Industry working group Deliverables: Policy Checklists for VoIP Security ( XCCDF based) XML format standardized checklist representing VoIP Security Policy: CPE Platform reference platform configuration based on source VoIP Security standards CCE Miss configuration reference configuration for VoIP systems CVSS Impact reference framework for characteristics and impacts for vulnerabilities in VoIP Systems Schema for VoIP Systems (OVAL based) XML format specifying vulnerability and configuration tests or changes A collection of XML schema for representing VoIP Solution system information, expressing specific machine states, and reporting the results of an assessment Reference implementation for VoIP Systems API Reference Implementation Reference implementation API for VoIP System Vendors, utilizing management, signaling and media plan model. VoIP Solution vendors will implement specific interpretations of the ISAlliance deliverables for their solutions.
6 Schedule, Deliverables & Status Event Plan Status Kick- off meeang with NIST to present ISA Proposal & iniaal paracipants Jointly host with NIST a VoIP Security Implementa3on and Assurance Workshop to discuss the applicability of SCAP to VoIP and to establish the need for a SCAP checklist for VoIP developed by industry. July 2008 Proposed agenda end of July 2008 Key paracipants IDed mid August 2008 Event Oct 2008 ü Complete ü At NIST s 4th Annual Informa3on Security Automa3on Conference (Sept 22nd 23rd ) ü ISAlliance presented at the conference ü ISAlliance hosted a day long workshop on the applicability of SCAP to VoIP ISA lead working groups formed to: 1) assess applicability of SCAP to VoIP, 2) to determine appropriate reference standards 6 Bi- weekly virtual meeangs Reports complete end August 2009 Reports to be presented at 5th Annual Informa3on Security Automa3on Conference (Sept 2009)
7 SCAP Applicability Working Group Status: Green Accomplishments To Date: Defined Scope of Effort (Basic VoIP Service) Just Voice, Just SIP, No SIP-trunking, No Voic Defined Reference VoIP System Near Term Work Plan (Due 7/4): Conduct TRA on Reference VoIP System Produce Control Matrix base on SP Longer Term Work Plan: Develop Future Applicability Roadmap (Due 7/18) Draft Whitepaper (Due 8/10) Produce Presentation (Due 8/31) Virtual Meetings: meets every 2 nd 1:00 PM Eastern for 1 hour Leadership: Chaired by Paul Sand, President of Salare Security 7
8 SCAP Baseline Working Group Status: Yellow Accomplishments To Date: SCAP 101 and 102 presented Near Term Work Plan (Due 7/4): Strawman work plan developed Longer Term Work Plan: Draft Whitepaper (Due 8/10) Produce Presentation (Due 8/31) Virtual Meetings: Meets every 2nd 1:00 PM Eastern for 1 hour Leadership Co chair (1): Scott Armstrong, VP at Gideon Technologies Co chair (2): TBD 8
9 Detailed Schedule Technical Working Group Meetings: 1 hour duration Applicability Working Group meets every 2 nd 1:00 PM Eastern Baseline Working Group meets every 2 nd 1:00 PM Eastern Applicability & Baseline Working Groups meet in the same week 9
10 Participants 10 Agilent Technologies, Inc. American Century Investments Assuria Ltd. AT&T Boeing Center For Internet Security City of Seattle CNA Insurance Compliance Collaborators, Inc. Damac Holding Department of Commerce Department of Veterans Affairs DHS Direct Computer Resources Disney DoD etrade Financial EWA-Canada Expedia FDA Gideon Technologies Global UniDocs Company HSBC North America IBM ICSAlabs, an Independent Division of Verizon Business Information Security and Forensics Management Team Institute for Defense Analyses Invensys Process Systems Joint Task Force-Global Network Operations Jones Day Lone Star College System ManTech McAfee Microsoft NASA National Security Agency Nortel Networks Northrop Grumman Oklahoma Office of State Finance Palindrome Technologies Pearl Technology Raytheon RedSeal Rolls Royce Salare Security Science Applications International Corporation (SAIC) Secure Acuity Networks, LLC Time Warner Cable US Department of Transportation US-CERT Vanguard VeriSign VoIPshield Systems Inc. Waters Edge Consulting
11 Backup BUSINESS MADE SIMPLE 11
12 Communications Tools -- collaboration site 12 To join contact Barry Foer:
13 13
VoIP Security Project: SCAP Applicability Work Group. www.isalliance.org
VoIP Security Project: SCAP Applicability Work Group Outline Introductions The Challenge Working Group Process Applicability of the SCAP Standards Future Needs Q&A Applicability Participants Chair of the
More informationApplication of SCAP to Secure Unified Communications. www.isalliance.org
Application of SCAP to Secure Unified Communications Participants Co-Chairs of the Baseline Standards Group Mark Humphrey, Boeing and Scott Armstrong, Gideon Technologies AJ West, Boeing Alex Fielding,
More informationSCAP for VoIP Automating Configuration Compliance. 6 th Annual IT Security Automation Conference
SCAP for VoIP Automating Configuration Compliance 6 th Annual IT Security Automation Conference Presentation Overview 1. The Business Challenge 2. Securing Voice over IP Networks 3. The ISA VoIP Security
More informationThe Internet Security Alliance
The Internet Security Alliance The Internet Security Alliance is a collaborative effort with Carnegie Mellon University. It is a cross-sector, internationallybased trade association devoted to cyber security.
More informationApplicability of the Security Control Automation Protocol (SCAP) to Voice over Internet Protocol (VoIP) Systems Version 0.9
1 1 1 1 1 Applicability of the Security Control Automation Protocol (SCAP) to Voice over Internet Protocol (VoIP) Systems Version 0. 1 Page 1 of 1 1 1 1 1 1 1 1 0 1 This publication is for informational
More informationFDCC & SCAP Content Challenges. Kent Landfield Director, Risk and Compliance Security Research McAfee Labs
FDCC & SCAP Content Challenges Kent Landfield Director, Risk and Compliance Security Research McAfee Labs Where we have been 1 st Security Automation Workshop nearly 20 people in a small room for the day
More informationSTIGs,, SCAP and Data Metrics
Defense Information Systems Agency A Combat Support Agency STIGs,, SCAP and Data Metrics Roger S. Greenwell, CISSP, CISA, CISM Technical Director / Capabilities Implementation Division DISA Field Security
More informationBMC Client Management - SCAP Implementation Statement. Version 12.0
BMC Client Management - SCAP Implementation Statement Version 12.0 BMC Client Management - SCAP Implementation Statement TOC 3 Contents SCAP Implementation Statement... 4 4 BMC Client Management - SCAP
More informationSecure Content Automation Protocol (SCAP): How it is increasingly used to automate enterprise security management activities
Secure Content Automation Protocol (SCAP): How it is increasingly used to automate enterprise security management activities Sean Barnum sbarnum@mitre.org September 2011 Overview What is SCAP? Why SCAP?
More informationFederal Desktop Core Configuration (FDCC)
Federal Desktop Core Configuration (FDCC) Presented by: Saji Ranasinghe Date: October, 2007 FDCC Federal Desktop Core Configuration (FDCC) Standardized Configuration with Hardened Security Settings to
More informationEnhancing Security for Next Generation Networks and Cloud Computing
V1.0 Enhancing Security for Next Generation Networks and Cloud Computing Tony Rutkowski Yaana Technologies Georgia Tech ITU-T Q.4/17 Rapporteur ETSI Workshop 19-20 January 2011 Sophia Antipolis, France
More informationHow To Use A Policy Auditor 6.2.2 (Macafee) To Check For Security Issues
Vendor Provided Validation Details - McAfee Policy Auditor 6.2 The following text was provided by the vendor during testing to describe how the product implements the specific capabilities. Statement of
More informationSecurity Content Automation Protocol for Governance, Risk, Compliance, and Audit
UNCLASSIFIED Security Content Automation Protocol for Governance, Risk, Compliance, and Audit presented by: Tim Grance The National Institute of Standards and Technology UNCLASSIFIED Agenda NIST s IT Security
More informationAutomating Compliance with Security Content Automation Protocol
Automating Compliance with Security Content Automation Protocol presented by: National Institute of Standards and Technology Agenda Information Security Current State Security Content Automation Protocol
More informationMassively Scaled Security Solutions for Massively Scaled IT
Massively Scaled Security Solutions for Massively Scaled IT Michael Smith, SecTor 2009 Who is Michael Smith? 8 years active duty army Graduate of Russian basic course, Defense Language Institute, Monterey,
More informationSecurity compliance automation with Red Hat Satellite
Security compliance automation with Red Hat Satellite Matt Micene Solution Architect, DLT Solutions @cleverbeard @nzwulfin Created with http://wordle.net Compliance is a major problem About half of the
More informationNational Communications System. December 6, 2007
1 National Communications System December 6, 2007 2 National Communications System (NCS) Established in 1963 in response to communications failures associated with the Cuban Missile Crisis The mandate
More information1 Call meeting to order Jon Aubart, Chair. 2 Establish Quorum and Adopt Agenda Jon Aubart, Chair
Meeting Agenda Tuesday, November 6, 2012 at 4:00 p.m. 1 Call meeting to order 4 Approve Minutes from September 20, 2012 Meeting 5 Review Departmental Budget 6 Discuss and Take Action on Departmental Transition
More informationSecurity Information and Event Management
Security Information and Event Management sponsored by: ISSA Web Conference April 26, 2011 Start Time: 9 am US Pacific, Noon US Eastern, 5 pm London Welcome Conference Moderator Phillip H. Griffin ISSA
More informationChung-Huang Yang Kaohsiung Normal University, Taiwan http://security.nknu.edu.tw/ November 24th, 2015 @ Central South University
Chung-Huang Yang Kaohsiung Normal University, Taiwan http://security.nknu.edu.tw/ November 24th, 2015 @ Central South University Outline Introduction Digital Forensics for Mobile Devices Configuration
More informationICT Security Cybersecurity CYBEX Overview of activities in ITU-T with focus on Study Group 17
ICT Security Cybersecurity CYBEX Overview of activities in ITU-T with focus on Study Group 17 TSB Briefing to the Regional Offices, 28 Feb 2011 Martin Euchner Advisor of ITU-T Study Group 17 Martin.Euchner@itu.int
More informationCPET 545 SOA and Enterprise Applications. SOA Final Project Project Scope Management 11-13-2008
CPET 545 SOA and Enterprise Applications Examples of Tasks and Subtasks o SOA Project Plan (checklist) Statement of work Resources Schedule Risk plan SOA Final Project Project Scope Management 11-13-2008
More informationApplying the Continuous Monitoring Technical Reference Model to the Asset, Configuration, and Vulnerability Management Domains (DRAFT)
NIST Interagency Report 7800 (Draft) Applying the Continuous Monitoring Technical Reference Model to the Asset, Configuration, and Vulnerability Management Domains (DRAFT) David Waltermire, Adam Halbardier,
More informationLarry Clinton President & CEO Internet Security Alliance lclinton@isalliance.org 703-907-7028 202-236-0001 www.isalliance.org
Larry Clinton President & CEO Internet Security Alliance lclinton@isalliance.org 703-907-7028 202-236-0001 www.isalliance.org ISA Board of Directors Ty Sagalow, Esq. Chair, Executive Vice President & Chief
More informationInterna'onal Standards Ac'vi'es on Cloud Security EVA KUIPER, CISA CISSP EVA.KUIPER@HP.COM HP ENTERPRISE SECURITY SERVICES
Interna'onal Standards Ac'vi'es on Cloud Security EVA KUIPER, CISA CISSP EVA.KUIPER@HP.COM HP ENTERPRISE SECURITY SERVICES Agenda Importance of Common Cloud Standards Outline current work undertaken Define
More informationDoD Secure Configuration Management (SCM) Operational Use Cases
Defense Information Systems Agency A Combat Support Agency DoD Secure Configuration Management (SCM) Operational Use Cases DISA PEO-MA Computer Network Defense Enclave Security 26 September 2010 This brief
More informationHow to Use the Federal Risk and Authorization Management Program (FedRAMP) for Cloud Computing
How to Use the Federal Risk and Authorization Management Program (FedRAMP) for Cloud Computing Warren S. Udy, CISSP Senior Cyber Security Advisor Office of Cyber Security 301-903-5515 warren.udy@hq.doe.gov
More informationAn Approach to Vulnerability Management, Configuration Management, and Technical Policy Compliance
An Approach to Vulnerability Management, Configuration Management, and Technical Policy Compliance Presented by: John Banghart, Booz Allen Hamilton SCAP Validation Project Lead Thoughts on Current State
More informationContinuous Monitoring
Continuous Monitoring The Evolution of FISMA Compliance Tina Kuligowski Tina.Kuligowski@Securible.com Overview Evolution of FISMA Compliance NIST Standards & Guidelines (SP 800-37r1, 800-53) OMB Memorandums
More informationVA Medical Device Protection Program (MDPP)
VA Medical Device Protection Program (MDPP) Presented to National Institute for Standards and Technology (NIST) Health Security Conference May 11, 2011 Table of Contents Introduction MDPP Timeline and
More informationSecure Remote Substation Access Interest Group Part 3: Review of Top Challenges, CIPv5 mapping, and looking forward to 2014!
Secure Remote Substation Access Interest Group Part 3: Review of Top Challenges, CIPv5 mapping, and looking forward to 2014! October 3, 2013 Scott Sternfeld, Project Manager Smart Grid Substation & Cyber
More informationAn Enterprise Continuous Monitoring Technical Reference Architecture
An Enterprise Continuous Monitoring Technical Reference Architecture 12/14/2010 Presenter: Peter Mell Senior Computer Scientist National Institute of Standards and Technology http://twitter.com/petermmell
More informationSecurity Coordination with IF-MAP
Security Coordination with IF-MAP Matt Webster, Lumeta 28 Sept 2010 Copyright 2010 Trusted Computing Group Agenda Threat Landscape and Federal Networks Recap of TNC Explanation of IF-MAP What is IF-MAP?
More information"Women Veterans: A Listening Session"
You are invited to a Roundtable Seminar "Women Veterans: A Listening Session" Hosted by the of Labor Women's Bureau Date: Monday, March 23, 2015 Time: 2:00 p.m. - 4:00 p.m. Location: J.F. K. Federal Building
More informationHow to use the National Cybersecurity Workforce Framework. Your Implementation Guide
How to use the National Cybersecurity Workforce Framework Your Implementation Guide A NATIONAL PROBLEM The Nation needs greater cybersecurity awareness. The US workforce lacks cybersecurity experts. Many
More informationOVAL Developer Days. July 11-12, 2006
OVAL Developer Days July 11-12, 2006 Introduction...- 3 - Attendee List...- 4 - Day One...- 5 - Session 1...- 5 - OVAL Tutorial... - 5 - Session 2...- 5 - External Repositories... - 5 - Inventory Definitions...
More informationVirtual Desktop Infrastructure (VDI) Overview
Virtual Desktop Infrastructure (VDI) Overview October 2012 : EMC Global Services Gary Ciempa, Vinay Patel EMC Technical Assessment for Virtual Desktop Infrastructure COPYRIGHT 2012 EMC CORPORATION. ALL
More informationQualys PC/SCAP Auditor
Qualys PC/SCAP Auditor Getting Started Guide August 3, 2015 COPYRIGHT 2011-2015 BY QUALYS, INC. ALL RIGHTS RESERVED. QUALYS AND THE QUALYS LOGO ARE REGISTERED TRADEMARKS OF QUALYS, INC. ALL OTHER TRADEMARKS
More informationToward an Ontology Architecture for Cyber-Security Standards
Toward an Ontology Architecture for Cyber-Security Standards Mary C. Parmelee The MITRE Corporation 7515 Colshire Drive, McLean, VA 22102-7539, USA mparmelee@mitre.org Abstract. The rapid growth in magnitude
More informationInternet Security Alliance
Larry Clinton President Internet Security Alliance lclinton@isalliance.org 703-907-7028 (O) 202-236-0001 (C) ISA Presentation to ABA 1. Who is the ISA? 2. Review of activities in relation to the Obama
More information88% Top 50 Fortune 500 Companies
Brad Sears Nan D. Hunter Christy Mallory APRIL 2013 Sexual Orientation and Gender Identity Non-Discrimination Policies of the Top 50 Federal Contractors and the Top 50 Fortune 500 companies, 2011 As of
More informationNational Initiative for Cyber Security Education
2014/PPWE/SEM2/007 Agenda Item: 5 National Initiative for Cyber Security Education Submitted by: United States Women Business and Smart Technology Seminar Beijing, China 23 May 2014 NICE OVERVIEW Women
More informationDoD Supply Network Management Committee February Manufacturing Division Meeting
DoD Supply Network Management Committee February Manufacturing Division Meeting Des Newman, Chairman Kenneth W. Sullivan, Vice-Chairman Steven A. Melnyk, Technical Advisor February 25-26, 2009 DoD Supply
More informationHow To Integrate Software And Systems
September 25, 2014 EFFECTIVE METHODS FOR SOFTWARE AND SYSTEMS INTEGRATION P R E S E N T E D B Y: D R. B O Y D L. S U M M E R S 1 Software Engineer (Quality) Defense and Space The Boeing Company - Seattle,
More informationNICE and Framework Overview
NICE and Framework Overview Bill Newhouse NIST NICE Leadership Team Computer Security Division Information Technology Lab National Institute of Standards and Technology TABLE OF CONTENTS Introduction to
More informationGuide to Enterprise Patch Management Technologies
NIST Special Publication 800-40 Revision 3 Guide to Enterprise Patch Management Technologies Murugiah Souppaya Karen Scarfone C O M P U T E R S E C U R I T Y NIST Special Publication 800-40 Revision 3
More informationInvestor Presentation
Investor Presentation Symbol: VCT Exchange: CSE Shares Issued (Post Merger): 95,801, 907 Industry: Supplier of technology solutions to major defense contractors Established:1989 Revenue (2013): US $34M
More informationBIOS Steven Penn, Senior Director CSF Development And Educa9on Programs Bryan Cline, PhD Senior Advisor
1 CSF Roadmap 2015 BIOS Steven Penn, Senior Director CSF Development And Educa9on Programs Steve Penn is an experienced security professional with 15+ years of informa;on security experience. He currently
More informationSecure Remote Substation Access Solutions
Secure Remote Substation Access Solutions Supplemental Project - Introduction Webcast October 16, 2013 Scott Sternfeld, Project Manager Smart Grid Substation & Cyber Security Research Labs ssternfeld@epri.com
More information2011 Cloud Security Alliance, Inc. All rights reserved.
Vast Landscape of Cloud Standards Development Organizations (SDOs) 2 4 Mission Statement (Non-Profit) Promote common level of understanding Consumers Providers Security Requirements Attestation of Assurance
More informationMicrosoft Active Directory Project
Microsoft Active Directory Project Simcoe County District School Board Project Kick-off Meeting Rami Wehbe (Solution Architect) January 18, 2012 Agenda Introductions Project objectives and drivers Approach
More informationOracle and Telephony@Work
Oracle and Telephony@Work Acquisition Announcement Customer and Partner Presentation June 13, 2006 Expands Oracle On Demand with Leading IP-based Contact Center Solution THIS DOCUMENT IS FOR INFORMATIONAL
More informationWORKSHOP Rethinking Cyber Security for Industrial Control Systems
WORKSHOP Rethinking Cyber Security for Industrial Control Systems Bob Mick, Workshop Moderator VP Emerging Technologies ARC Advisory Group bmick@arcweb.com 1 Re-Thinking Cyber Security Why Re-Thinking?
More informationMobile and BYOD Strategy
Mobile and BYOD Strategy Bring Your Own Device Danairat T. Certified Java Programmer, TOGAF Silver danairat@gmail.com, +66-81-559-1446 1 Agenda Introduction to Mobile Technology Mobile Computing Bring
More informationConcept Proposal. A standards based SOA Framework for Interoperable Enterprise Content Management
Concept Proposal A standards based SOA Framework for Interoperable Enterprise Content Management Mike Connor miconnor@adobe.com Paul Fontaine Paul.Fontaine@ost.dot.gov What is it? IECM Framework Vision:
More informationUpdate on the CSSLP And its Impact on the SDLC Profession. Hart Rossman, CSSLP Member, (ISC) 2 Application Security Advisory Board
Update on the CSSLP And its Impact on the SDLC Profession Hart Rossman, CSSLP Member, (ISC) 2 Application Security Advisory Board (ISC)² Built the largest, most comprehensive Software Security Body of
More informationThe New York State Forum. New York s Government and Corporate Information Technology Knowledge Space
The New York State Forum New York s Government and Corporate Information Technology Knowledge Space MetroNY Agenda: What is The NYS Forum? History Who are our Members IT Corporate Roundtable Purpose &
More informationSIP Trunking DEEP DIVE: The Service Provider
SIP Trunking DEEP DIVE: The Service Provider Larry Keefer, AT&T Consulting UC Practice Director August 12, 2014 2014 AT&T Intellectual Property. All rights reserved. AT&T, the AT&T logo and all other AT&T
More informationAHS Flaw Remediation Standard
AGENCY OF HUMAN SERVICES AHS Flaw Remediation Standard Jack Green 10/14/2013 The purpose of this procedure is to facilitate the implementation of the Vermont Health Connect s security control requirements
More informationRoadmaps to Securing Industrial Control Systems
Roadmaps to Securing Industrial Control Systems Insert Photo Here Mark Heard Eastman Chemical Company Rockwell Automation Process Solutions User Group (PSUG) November 14-15, 2011 Chicago, IL McCormick
More informationHow To Get To The Top Of Six Sigma
1 Integration of PSM and Six Sigma to Achieve CMMI Level 5 Larry LaBruyere Michael Kaminsky Northrop Grumman Corporation Information Technology Sector 23 March 2005 2 Agenda Background (Journey to CMMI
More informationLeveraging SANS and NIST to Evaluate New Security Tools
Leveraging SANS and NIST to Evaluate New Security Tools Agenda About TaaSera A Problem to Solve Overview of NIST Cybersecurity Framework Overview of SANS CSC-20 Call to Action Conclusion Q&A Company Founded
More informationVA Enterprise Design Patterns: 4. IT Service Management (ITSM) 4.3: Configuration Management
VA Enterprise Design Patterns: 4. IT Service Management (ITSM) 4.3: Configuration Management Office of Technology Strategies (TS) Architecture, Strategy, and Design (ASD) Office of Information and Technology
More informationCloud Standards. Arlindo Dias IT Architect IBM Global Technology Services CLOSER 2102
Cloud Standards Arlindo Dias IT Architect IBM Global Technology Services CLOSER 2102 2011 IBM Corporation Agenda Overview on Cloud Standards Identity and Access Management Discussion 2 Overview on Cloud
More informationA community of organizations working together to accomplish their respective missions with a common goal of improving human performance through
1 A community of organizations working together to accomplish their respective missions with a common goal of improving human performance through simulation 2 Team Orlando Mission The mission of Team Orlando
More informationMaking Vulnerability Management Operational
QuickTime and a TIFF (Uncompressed) decompressor are needed to see this picture. Making Vulnerability Management Operational Track 1 11:45am-12:30pm/Ballroom A Robert A. Martin The MITRE Corporation Preview
More informationARF, ARCAT, and Summary Results. Lt Col Joseph L. Wolfkiel
ARF, ARCAT, and Summary Results Lt Col Joseph L. Wolfkiel Enterprise-Level Assessment and Reporting The Concept Assessment Results Format (ARF) Assessment Summary Results (ASR) The Assessment Results Consumer
More informationInformation Security Workforce Development Matrix Initiative. FISSEA 23 rd Annual Conference March 23, 2010
Information Security Workforce Development Matrix Initiative FISSEA 23 rd Annual Conference March 23, 2010 Professionalization of the Workforce The CIO Council s IT Workforce Committee partnered with Booz
More informationevolving voicemail An Advanced VoIP Migration Strategy for CLECs, ILECs Mpathix Inc. 2004. All Rights Reserved.
evolving voicemail An Advanced VoIP Migration Strategy for CLECs, ILECs Mpathix Inc. 2004. All Rights Reserved. Introduction In a turbulent telecom environment, traditional carriers will always face ROI
More informationD. Best Practices D.2. Administration The 6 th A
Best Practices I&C School Prof. P. Janson September 2014 D. Best Practices D.2. Administration The 6 th A 1 of 26 The previous section described how to improve IT security through use of better development
More informationEL SEGUNDO UNIFIED SCHOOL DISTRICT REQUEST FOR PROPOSAL (RFP) VoIP TELEPHONY INSTALLATION #06 16 ADDENDUM 2
EL SEGUNDO UNIFIED SCHOOL DISTRICT REQUEST FOR PROPOSAL (RFP) VoIP TELEPHONY INSTALLATION #06 16 ADDENDUM 2 Please be advised that the El Segundo Unified School District is issuing Request for Proposal
More informationTowards security management in the cloud utilizing SECaaS
Towards security management in the cloud utilizing SECaaS JAN MÉSZÁROS University of Economics, Prague Department of Information Technologies W. Churchill Sq. 4, 130 67 Prague 3 CZECH REPUBLIC jan.meszaros@vse.cz
More informationImportant Dates Calendar 2014-2015 FALL
Important Dates Calendar 204-205 FALL Rev. 6-8-4 st 8 H st 0 2nd 0 st 5 2nd 5 3rd 5 LSC Advanced Registration Begins May 27 May 27 May 27 May 27 May 27 May 27 May 27 May 27 May 27 Returning Students Advanced
More informationThe Software Engineering. Today and in the Future. Software Engineering Institute Carnegie Mellon University Pittsburgh, PA 15213
The Software Engineering Institute t (SEI): Today and in the Future Software Engineering Institute Carnegie Mellon University Pittsburgh, PA 15213 Paul D. Nielsen 1 May 2008 Software Engineering Institute
More informationRealizing Trusted Clouds
Realizing Trusted Clouds with Trusted Computing and SCAP SICS Security Seminar April 08, 2014 Mudassar Aslam (Researcher,PhD Student) Security LAB (SEC Lab) 1 Outline Cloud Computing Trusted Clouds Cloud
More informationContinuous security audit automation with Spacewalk, Puppet, Mcollective and SCAP
Continuous security audit automation with Spacewalk, Puppet, Mcollective and SCAP Vasileios A. Baousis (Ph.D) Network Applications Team Slide 1 Agenda Introduction Background - SCAP - Puppet &Mcollective
More informationSECURING YOUR ENTERPRISE MOBILITY
SECURING YOUR ENTERPRISE MOBILITY STRATEGY, OPERATION & TECHNOLOGY INTERACTIVE TRAINING WORKSHOP Burj Al Arab, Dubai th th th 16, 17 & 18 March 2015 ABOUT LUCIDEUS Lucideus is a cyber space security leader
More informationPROJECT MANAGEMENT PLAN <PROJECT NAME>
PROJECT MANAGEMENT PLAN TEMPLATE This Project Management Plan Template is free for you to copy and use on your project and within your organization. We hope that you find this template useful and welcome
More informationMark S. Orndorff Director, Mission Assurance and NetOps
Mark S. Orndorff Director, Mission Assurance and NetOps Sustaining US Global Leadership: Priorities for 21 st Century Defense Both state and non-state actors possess the capability and intent to conduct
More informationVRDA Vulnerability Response Decision Assistance
VRDA Vulnerability Response Decision Assistance Art Manion CERT/CC Yurie Ito JPCERT/CC EC2ND 2007 2007 Carnegie Mellon University VRDA Rationale and Design 2 Problems Duplication of effort Over 8,000 vulnerability
More informationAgile Portfolio Management. Jochen(Joe)Krebs www.incrementor.com
Agile Portfolio Management Jochen(Joe)Krebs www.incrementor.com 1 Jochen (Joe) Krebs www.jochenkrebs.com com www.incrementor.com Author of Agile Portfolio Management (Microsoft Press 2008). Co author of
More informationstate of south dakota Bureau of Information & Telecommunications Provide a Reliable, Secure & Modern Infrastructure services well-designed innovative
Strategic Plan 2015-2017 state of south dakota Bureau of Information & Telecommunications 1GOAL ONE: Provide a Reliable, Secure & Modern Infrastructure services security technology assets well-designed
More informationINFORMATION SHARING ENVIRONMENT GUIDANCE (ISE-G) TECHNICAL STANDARD INFORMATION ASSURANCE VERSION 1.0
INFORMATION SHARING ENVIRONMENT GUIDANCE (ISE-G) TECHNICAL STANDARD INFORMATION ASSURANCE VERSION 1.0 1. Authority. The National Security Act of 1947, as amended; The Intelligence Reform and Terrorism
More informationSUMMARY PROFESSIONAL EXPERIENCE. IBM Canada, Senior Business Transformation Consultant
Doreen Funk, MA 191 Discovery Ridge Blvd SW, Calgary Cell: 587-434- 0811 E- mail: dorfunk@hotmail.com SUMMARY Senior management consultant with 20 years of experience in applying strategies and implementing
More informationVermont Electric Cooperative
Vermont Electric Cooperative 42 Wescom Rd. Johnson VT 02/18/2014 1. Introduction Vermont Electric Coop is seeking information about a voice telephone system to replace the existing Nortel/Avaya BCM450
More informationNDIA Software Industry Experts Panel
NDIA Software Industry Experts Panel Paul R. Croll, Chair NDIA Systems Engineering Division Meeting 24 June 2008 Who We Are The NDIA Software Industry Experts Panel acts as a voice of industry in matters
More informationNOVEMBER DEFENSE & FEDERAL TECHNOLOGY MARKET UPDATE
NOVEMBER DEFENSE & FEDERAL TECHNOLOGY MARKET UPDATE Aronson Capital s, LLC 805 King Farm Boulevard, Suite 300 Rockville, Maryland 20850 Tel: (301) 231-6200 Fax: (301) 231-7630 Philip J. McMann Tel: (301)
More informationjbpm Explained with Simple Use Cases
jbpm Explained with Simple Use Cases Tom Baeyens Founder and lead of jbpm, JBoss Sept 2nd 2009 1 Agenda Business Process Management jbpm Introduction Developer Value Business Value Train ticket system
More informationTen Steps to a Successful Business Phone System Implementation. By Clare Kaufman
Ten Steps to a Successful Business Phone System Implementation By Clare Kaufman Contents Introduction...2 Planning a Business Phone Solution...2 1. Define business requirement...3. 2. Line Up Technical
More informationVoIP P2P: breakthrought technology, lot of hype (after Skype) but which business impacts at the end?
VoIP P2P: breakthrought technology, lot of hype (after Skype) but which business impacts at the end? Marco Salvadori, General Secretary BB Biz Forum - Rome, Oct. 27, 2005 ThinkTel C.so Venezia 34/36 20121
More informationHosted Monthly on the 3 rd Tuesday 3 :00PM EST Registration is Free
Hosted Monthly on the 3 rd Tuesday 3 :00PM EST Registration is Free 0 Vista Mobile Health Wyatt Smith, AbleVets LLC, Agilex March 17, 2015 AbleVets Happy St. Patrick s Day! 2 Why Mobility Now? Opportunity
More informationOpen Vulnerability and Assessment Language (OVAL ) Validation Program Test Requirements (DRAFT)
NIST Interagency Report 7669(Draft) Open Vulnerability and Assessment Language (OVAL ) Validation Program Test Requirements (DRAFT) John Banghart Stephen Quinn David Waltermire NIST Interagency Report
More informationSTATEMENT of. Open Group and The Open Group Trusted Technology Forum. Submitted for the record. Hearing on. March 27, 2012
Executive Summary of The Open Group s testimony to the House Energy and Commerce Oversight and Investigations Subcommittee Hearing on IT Supply Chain Security: Review of Government and Industry Efforts
More informationME 4054W: SENIOR DESIGN PROJECTS
c Scott Adams, Inc./Dist. By UFS, Inc. ME 4054W: SENIOR DESIGN PROJECTS Week 3 Tuesday Managing your ME 4054W Project Notes Design Ideation Workshop next week Logistics will be provided at Thursday s lecture
More informationAnatomy of a Network Marketing Workshop
Monday July 22 nd 2013 10:00-10:10 Welcome Introduce the organizers and notable participants. Describe MITRE s role and the goals for this event. 10:10-10:30 Remediation - Status Update & Session Objectives
More informationFederal IPv6 Working Group Innovative IPv6 Implementation with Least Cost Funding
Federal IPv6 Working Group Innovative IPv6 Implementation with Least Cost Funding John L Lee, CTO Co-Chair, IPv6 Address Planning Team, ACT-IAC, Federal IPv6 Task Force Internet Associates, LLC A Certified
More informationSCADA Security Training
SCADA Security Training 1-Day Course Outline Wellington, NZ 6 th November 2015 > Version 3.1 web: www.axenic.co.nz phone: +64 21 689998 page 1 of 6 Introduction Corporate Background Axenic Ltd Since 2009,
More informationCloud Security. DLT Solutions LLC June 2011. #DLTCloud
Cloud Security DLT Solutions LLC June 2011 Contact Information DLT Cloud Advisory Group 1-855-CLOUD01 (256-8301) cloud@dlt.com www.dlt.com/cloud Your Hosts Van Ristau Chief Technology Officer, DLT Solutions
More informationU.S. ELECTION ASSISTANCE COMMISSION OFFICE OF INSPECTOR GENERAL
U.S. ELECTION ASSISTANCE COMMISSION OFFICE OF INSPECTOR GENERAL FINAL REPORT: U.S. Election Assistance Commission Compliance with the Requirements of the Federal Information Security Management Act Fiscal
More information2014 Montana Government IT Conference. Securing Data Networks and People
Presenter: Matt Bennett, Genetec Leveraging the Cloud for Hybrid Video Surveillance Matt is based in Seattle, WA and is the Western North America pre-sales engineer for Genetec (the world s leader in unified
More information