Big 4 Information Security Forum
|
|
- Harriet Williams
- 8 years ago
- Views:
Transcription
1 San Francisco ISACA Chapter Proudly Presents: Big 4 Information Security Forum A Day-Long, Multi-Session Event, being held in San the Sir Francis Drake Hotel! *** PLEASE NOTE THIS EVENT WILL NOT BE AT THE HOTEL NIKKO *** Where: Sir Francis Drake Hotel Powell Street San Francisco, CA (415) When: Thursday, May 20 th, 2010 Registration: 8:30 a.m. 9:15 a.m. Session: 9:15 a.m. 4:30 p.m. - Breakfast / Lunch / Afternoon Refreshments provided Speakers: See below for Sessions Agenda, Speaker Information, and Schedule CPE Hours: 6.0 Cost: $79.00 ISACA Members $89.00 Non-Members $59.00 Students $79 for members = 6 CPEs + Meals 4x the CPE units of our regular monthly luncheon sessions for less than 2x the cost = more than 50% savings for our valued members!!!
2 Sessions Agenda and Speaker Information: 2010 Security Trends Vijay Jajoo, Director KPMG Session Synopsis: Over the past 20 years, the information security landscape has significantly evolved from focus on firewalls, operating systems, web applications to edge devices and data protection. This evolution has been driven by consumer behavior, and the platforms leveraged to manage the business and deliver services. With every new technology, there lies the business benefits, as well as certain risks. This session will focus on discussing the 2010 trends that we see in the industry, and how to be prepared as a security professional, to minimize the risks, create business value, and gain efficiencies. Speaker Bio: Vijay Jajoo is a Director in KPMG s IT Advisory practice with over 15 years of experience assisting clients with IT Strategy, Security Transformation, Enterprise Governance Risk & Compliance (GRC), Security Incident Response programs, and enabling their business processes using emerging technologies to meet their strategic objectives and mitigate business and compliance risks. His technical and functional security expertise includes a wide range of platforms, networks and applications, and his primary focus has been on servicing Fortune 100 companies in the Financial Services and Internet Services industries. Vijay has presented at various IT and Security industry events on key security challenges, trends and remediation strategies like data breach and identity theft, IT transformation, and CIO/CISO agenda, Enterprise GRC roadmap and implementation. Vijay was a steering committee member with IDSP (Identity Theft Prevention & Identity Management Standards Panel), coordinated by ANSI and the BBB institute, to help develop a practical standards framework to minimize identity theft and fraud across various industries. He also assisted the primary authors in writing and editing the book Cloud Security and Privacy (O'Reilly Media). He earned his MBA with an emphasis in Telecommunications and International Finance from the University of San Francisco, CA. He s a Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified LiveWire Investigator (CLI) and Cisco Certified Network Associate (CCNA).
3 Cyber Intelligence / Warfare Ali Golshan, Manager PricewaterhouseCoopers Session Synopsis: Concerns over Advanced Cyber Threats is growing by day, and it has been well documented that certain organized groups and governments have taken an active approach to creating cyber attack capabilities. Today s security solutions are falling short due to their approach & architecture. Furthermore, the rise of espionage groups such as the Shadow Network, using sophisticated methodologies to hack military and civilian networks, as well as governments employing Cyber Warfare as part of military offensive such as Russia's well documented attacks on the Georgian Cyber infrastructure during the 2008 conflict. We have reached a point where a new threat landscape has been created, through weaponizing of malware, and networks such as RBN (Russian Business Network) created for the distribution of these types of attacks. As a result there is an urgent need in a paradigm shift to combat these highly sophisticated and targeted attacks. Speaker Bio: Ali Golshan is focused on the security of information technology, with a focus on technical assessments related to malware, targeted attacks, and cyber warfare, has been involved in the security industry for over 9 years, with the last 5 years focused on the changing threat landscape, and the paradigm shift required in the security industry to combat organized, and sophisticated attacks. Ali is a leading subject matter specialist in IT Security, consulting, development, and operational processes, with extensive experience in R&D towards mapping and building advanced threat vectors.
4 Owning Corporations: Abusing (and Leveraging) Subliminal Intelligence form Open Source Channels Nitesh Dhanjani, Senior Manager Ernst and Young Session Synopsis: Take a look at your corporation's security project portfolio and you are likely to find the following initiatives: application security, platform security, identity and access management, data security, network security. By investing in these projects, your corporation is probably spending millions every year to protect its intellectual property. Unfortunately, the traditional channels many security projects aim to protect are increasingly becoming outmoded and of little interest to the new generation of malicious and persistent actors. In this presentation, we will take a detailed look at how malicious attackers can leverage subliminal intelligence, which is continuously being leaked into the public domain by staff and executives alike, to ascertain confidential information and to steal intellectual property from the largest corporations. Here are the topics we will cover: How vulnerabilities in social media platforms can be abused to uncloak identities and discover the underlying business hierarchies. Reconnaissance and pillage of confidential corporate information via behavioral analysis of social networks. Inside-out intelligence gathering from public channels - specifically location aware social channels. Influence analysis of social network graphs to discover and steal corporate information. Hacking the Psyche: How to build psychological and emotional dashboards of targeted individuals for social engineering by way of manipulation. The goal of this presentation is to raise consciousness on how open source mechanisms can and are being abused by malicious actors to infiltrate their way into corporations by abusing channels that leak subliminal intelligence. Speaker Bio: Nitesh Dhanjani is a well known information security researcher and speaker. Dhanjani is the author of "Hacking: The Next Generation" (O'Reilly), "Network Security Tools: Writing, Hacking, and Modifying Security Tools" (O'Reilly), and "HackNotes: Linux and Unix Security" (Osborne McGraw-Hill). He is also a contributing author to "Hacking Exposed 4" (Osborne McGraw-Hill) and "HackNotes: Network Security" (Osborne McGraw-Hill). At Ernst & Young, Dhanjani is Senior Manager in the Advisory practice, responsible for helping some of the largest corporations establish enterprise wide information security programs and solutions. Dhanjani is also responsible for evangelizing brand new technology service lines around emerging technologies and trends such as social media, cloud computing, and virtualization. Prior to E&Y, Dhanjani was Senior Director of Application Security and Assessments at Equifax where he spearheaded security efforts into enhancing the enterprise SDLC, created a process for performing source code security reviews & threat modeling, and managed the attack & penetration team. Before Equifax, Dhanjani was Senior Advisor at Foundstone's Professional Services group where, in addition to performing security assessments, he contributed to and taught Foundstone's Ultimate Hacking security courses. Dhanjani holds both a Bachelor's and Master's degree in Computer Science from Purdue University.
5 Cloud Security Arun Perinkolam, Manager Deloitte & Touche Session Synopsis: Cloud computing promises significant cost savings, rapid deployment opportunities, dynamic scalability and flexibility. With these purported benefits, however, come various security and privacy risks and challenges which are widely cited as the top barrier to adoption for cloud services. Whether operating in a public, private, or hybrid cloud model, developing an effective security and privacy program for the cloud will be an imperative to managing risk and protecting key IP and data assets from unauthorized access and disclosure. We will provide participants with an overview of the various cloud business models, discuss the broad security and privacy concerns facing enterprises today, and highlight some of the key differences and challenges addressing security and privacy risk in the cloud versus more traditional IT deployment models (e.g. hosting). Speaker Bio: Arun is a Manager with the Security & Privacy practice at Deloitte & Touche LLP, serving clients in the Technology and Consumer Business (Retail) industry sectors. As an Information Technology and Security Solutions consultant, Arun has served both national and global clients on engagements ranging from information security strategy development to detailed design & deployment of enterprise security solutions for over 9 years in both technical and management leadership roles. Arun specializes in the domains of Information Security and Technology Risk Management Strategy, Identity and Access Management, Data Protection and Compliance (including PCI), System Vulnerability Assessment and related methodologies. More recently Arun has been focused on serving clients in the areas of Ecommerce Security and Fraud Management. Arun holds a Masters degree in Computer Science from the University of Southern California and also holds the CISSP and CSSLP certifications.
6 Tentative Session Schedule Session Start End Registration / Breakfast 8:30 9:15 Session 1 9:15 10:30 Break 10:30 10:35 Session 2 10:35 11:50 Networking Lunch 11:50 12:50 Session 3 12:55 2:10 Break 2:10 2:15 Session 4 2:15 3:30 Afternoon Networking Break w/ Refreshments 3:30 4:00 *** TENTATIVE: Open Q&A session with the presenters 4:00 4:30
Getting real about cyber threats: where are you headed?
Getting real about cyber threats: where are you headed? Energy, utilities and power generation companies that understand today s cyber threats will be in the best position to defeat them June 2011 At a
More informationSECURITY CONSIDERATIONS FOR LAW FIRMS
SECURITY CONSIDERATIONS FOR LAW FIRMS Enterprise Risk Management Professional consulting firm that specializes in cyber security Founded in 1998 in Miami, Florida Serves more than 150 clients, locally,
More informationCybersecurity and internal audit. August 15, 2014
Cybersecurity and internal audit August 15, 2014 arket insights: what we are seeing so far? 60% of organizations see increased risk from using social networking, cloud computing and personal mobile devices
More informationIntroduction to Cybersecurity Overview. October 2014
Introduction to Cybersecurity Overview October 2014 Introduces the importance of cybersecurity and current trends Eight modules with presentations and panel discussions that feature industry experts Activities,
More informationWAN security threat landscape and best mitigation practices. Rex Stover Vice President, Americas, Enterprise & ICP Sales
WAN security threat landscape and best mitigation practices. Rex Stover Vice President, Americas, Enterprise & ICP Sales The Cost of Cybercrime Sony $171m PlayStation 3 data breach (April 2011) $3 trillion
More informationCybersecurity Kill Chain. William F. Crowe, CISA, CISM, CRISC, CRMA September 2015 ISACA Jacksonville Chapter Meeting August 13, 2015
Cybersecurity Kill Chain William F. Crowe, CISA, CISM, CRISC, CRMA September 2015 ISACA Jacksonville Chapter Meeting August 13, 2015 Who Am I? Over 20 years experience with 17 years in the financial industry
More informationSession 9: Changing Paradigms and Challenges Tools for Space Systems Cyber Situational Awareness
Session 9: Changing Paradigms and Challenges Tools for Space Systems Cyber Situational Awareness Wayne A. Wheeler The Aerospace Corporation GSAW 2015, Los Angeles, CA, March 2015 Agenda Emerging cyber
More informationCyber Security and Privacy Services. Working in partnership with you to protect your organisation from cyber security threats and data theft
Cyber Security and Privacy Services Working in partnership with you to protect your organisation from cyber security threats and data theft 2 Cyber Security and Privacy Services What drives your security
More informationZak Khan Director, Advanced Cyber Defence
Securing your data, intellectual property and intangible assets from cybercrime Zak Khan Director, Advanced Cyber Defence Agenda (16 + optional video) Introduction (2) Context Global Trends Strategic Impacts
More informationA BUSINESS CASE FOR BEHAVIORAL ANALYTICS. White Paper
A BUSINESS CASE FOR BEHAVIORAL ANALYTICS White Paper Introduction What is Behavioral 1 In a world in which web applications and websites are becoming ever more diverse and complicated, running them effectively
More informationISSA SOUTH TEXAS CHAPTER NEWSLETTER
Page 1 of 5 ISSA SOUTH TEXAS CHAPTER NEWSLETTER For May 2013 Voted "Outstanding Chapter of 2007" by ISSA International As always, please feel free to contact me with any suggestions or requests to improve
More informationOil & Gas Cybersecurity
COurse Oil & Gas Cybersecurity Best Practices & Future Trends Sheraton Pentagon City Hotel Supporting Organization is authorized by IACET to offer 0.6 CEUs for the course. 1 Overview The energy industry
More informationAnalyzing Security for Retailers An analysis of what retailers can do to improve their network security
Analyzing Security for Retailers An analysis of what retailers can do to improve their network security Clone Systems Business Security Intelligence Properly Secure Every Business Network Executive Summary
More informationPCI Solution for Retail: Addressing Compliance and Security Best Practices
PCI Solution for Retail: Addressing Compliance and Security Best Practices Executive Summary The Payment Card Industry (PCI) Data Security Standard has been revised to address an evolving risk environment
More informationCyberArk Privileged Threat Analytics. Solution Brief
CyberArk Privileged Threat Analytics Solution Brief Table of Contents The New Security Battleground: Inside Your Network...3 Privileged Account Security...3 CyberArk Privileged Threat Analytics : Detect
More informationCybersecurity: Protecting Your Business. March 11, 2015
Cybersecurity: Protecting Your Business March 11, 2015 Grant Thornton. All LLP. rights All reserved. rights reserved. Agenda Introductions Presenters Cybersecurity Cybersecurity Trends Cybersecurity Attacks
More informationIT risk management discussion 2013 PIAA Leadership Camp May 15, 2013
IT risk management discussion 2013 PIAA Leadership Camp May 15, 2013 Debbie Lew Agenda Review what is IT governance Review what is IT risk management A discussion of key IT risks to be aware of Page 2
More informationApplication Security in the Software Development Lifecycle
Application Security in the Software Development Lifecycle Issues, Challenges and Solutions www.quotium.com 1/15 Table of Contents EXECUTIVE SUMMARY... 3 INTRODUCTION... 4 IMPACT OF SECURITY BREACHES TO
More informationAre you prepared to be next? Invensys Cyber Security
Defense In Depth Are you prepared to be next? Invensys Cyber Security Sven Grone Critical Controls Solutions Consultant Presenting on behalf of Glen Bounds Global Modernization Consultant Agenda Cyber
More informationUnified Cyber Security Monitoring and Management Framework By Vijay Bharti Happiest Minds, Security Services Practice
Unified Cyber Security Monitoring and Management Framework By Vijay Bharti Happiest Minds, Security Services Practice Introduction There are numerous statistics published by security vendors, Government
More informationExecutive Cyber Security Training. One Day Training Course
Executive Cyber Security Training One Day Training Course INTRODUCING EXECUTIVE CYBER SECURITY TRAINING So what is all this we hear in the media about cyber threats? How can an organization understand
More informationNorth Texas ISSA CISO Roundtable
North Texas ISSA CISO Roundtable Roundtable Topic Threat Against Our Well Being The Most Effective Methods in Combating and Responding to the Cyber Attack Event Sponsor Moderator and Panelists David Stanton
More informationEduca&onal Event Spring 2015. Cyber Security - Implications for Records Managers Art Ehuan
Educa&onal Event Spring 2015 Cyber Security - Implications for Records Managers Art Ehuan Risk to Corporate Information The protection of mission dependent intellectual property, or proprietary data critical
More informationCyber security Time for a new paradigm. Stéphane Hurtaud Partner Information & Technology Risk Deloitte
Cyber security Time for a new paradigm Stéphane Hurtaud Partner Information & Technology Risk Deloitte 90 More than ever, cyberspace is a land of opportunity but also a dangerous world. As public and private
More informationKASPERSKY SECURITY INTELLIGENCE SERVICES. EXPERT SERVICES. www.kaspersky.com
KASPERSKY SECURITY INTELLIGENCE SERVICES. EXPERT SERVICES www.kaspersky.com EXPERT SERVICES Expert Services from Kaspersky Lab are exactly that the services of our in-house experts, many of them global
More informationAddressing Cyber Risk Building robust cyber governance
Addressing Cyber Risk Building robust cyber governance Mike Maddison Partner Head of Cyber Risk Services The future of security The business environment is changing The IT environment is changing The cyber
More informationProfessional Services Overview
Professional Services Overview INFORMATION SECURITY ASSESSMENT AND ADVISORY NETWORK APPLICATION MOBILE CLOUD IOT Praetorian Company Overview HISTORY Founded in 2010 Headquartered in Austin, TX Self-funded
More informationWeb application security Executive brief Managing a growing threat: an executive s guide to Web application security.
Web application security Executive brief Managing a growing threat: an executive s guide to Web application security. Danny Allan, strategic research analyst, IBM Software Group Contents 2 Introduction
More informationAdvanced Threat Protection with Dell SecureWorks Security Services
Advanced Threat Protection with Dell SecureWorks Security Services Table of Contents Summary... 2 What are Advanced Threats?... 3 How do advanced threat actors operate?... 3 Addressing the Threat... 5
More informationENISA s Study on the Evolving Threat Landscape. European Network and Information Security Agency
ENISA s Study on the Evolving Threat Landscape European Network and Information Security Agency Agenda Introduction to ENISA Preliminary remarks The ENISA report Major findings Conclusions 2 ENISA The
More informationKey Cyber Risks at the ERP Level
Key Cyber Risks at the ERP Level Process & Industrial Products (P&IP) Sector December, 2014 Today s presenters Bhavin Barot, Sr. Manager Deloitte & Touche LLP Goran Ristovski, Manager Deloitte & Touche
More informationInto the cybersecurity breach
Into the cybersecurity breach Tim Sanouvong State Sector Cyber Risk Services Deloitte & Touche LLP April 3, 2015 Agenda Setting the stage Cyber risks in state governments Cyber attack vectors Preparing
More informationAccenture Intelligent Security for the Digital Enterprise. Archer s important role in solving today's pressing security challenges
Accenture Intelligent Security for the Digital Enterprise Archer s important role in solving today's pressing security challenges The opportunity to improve cyber security has never been greater 229 2,287
More informationHOSTING. Managed Security Solutions. Managed Security. ECSC Solutions
Managed Security Managed Security MANAGED SECURITY SOLUTIONS I would highly recommend for your company s network review... were by far the best company IT Manager, Credit Management Agency Presenting IT
More informationAbout MicroSolved, Inc. Company Profile, Experience, Capabilities and Differentiators
About MicroSolved, Inc. Company Profile, Experience, Capabilities and Differentiators Profile MicroSolved, Inc. is an Ohio corporation with a Dun and Bradstreet number of 022904119. Since 1992, MSI has
More informationCybersecurity The role of Internal Audit
Cybersecurity The role of Internal Audit Cyber risk High on the agenda Audit committees and board members are seeing cybersecurity as a top risk, underscored by recent headlines and increased government
More informationCyber Security Evolved
Cyber Security Evolved Aware Cyber threats are many, varied and always evolving Being aware is knowing what is going on so you can figure out what to do. The challenge is to know which cyber threats are
More informationCLOSING THE DOOR TO CYBER ATTACKS HOW ENTERPRISES CAN IMPLEMENT COMPREHENSIVE INFORMATION SECURITY
CLOSING THE DOOR TO CYBER ATTACKS HOW ENTERPRISES CAN IMPLEMENT COMPREHENSIVE INFORMATION SECURITY CLOSING THE DOOR TO CYBER ATTACKS Cybersecurity and information security have become key challenges for
More informationSymantec Global Intelligence Network 2.0 Architecture: Staying Ahead of the Evolving Threat Landscape
WHITE PAPER: SYMANTEC GLOBAL INTELLIGENCE NETWORK 2.0.... ARCHITECTURE.................................... Symantec Global Intelligence Network 2.0 Architecture: Staying Ahead of the Evolving Threat Who
More information2010 AICPA Top Technology Initiatives. About the Presenter. Agenda. Presenter: Dan Schroeder, CPA/CITP Habif, Arogeti, & Wynne, LLP
2010 AICPA Top Technology Initiatives Presenter: Dan Schroeder, CPA/CITP Habif, Arogeti, & Wynne, LLP Georgia Society of CPAs Annual Convention June 16, 2010 About the Presenter Partner-in-Charge, Habif,
More informationISO27032 Guidelines for Cyber Security
ISO27032 Guidelines for Cyber Security Deloitte Point of View on analysing and implementing the guidelines Deloitte LLP Enterprise Risk Services Security & Resilience Contents Foreword 1 Cyber governance
More informationPCI DSS Overview and Solutions. Anwar McEntee Anwar_McEntee@rapid7.com
PCI DSS Overview and Solutions Anwar McEntee Anwar_McEntee@rapid7.com Agenda Threat environment and risk PCI DSS overview Who we are Solutions and where we can help Market presence High Profile Hacks in
More informationCyber Threat Intelligence Move to an intelligencedriven cybersecurity model
Cyber Threat Intelligence Move to an intelligencedriven cybersecurity model Stéphane Hurtaud Partner Governance Risk & Compliance Deloitte Laurent De La Vaissière Director Governance Risk & Compliance
More informationCYBER SECURITY, INTELLIGENCE AND AWARENESS COURSE PARK HOTEL THE HAGUE THE HAGUE, NETHERLANDS 26-30OCTOBER 2015
BACKGROUND CYBER SECURITY, INTELLIGENCE AND AWARENESS COURSE PARK HOTEL THE HAGUE THE HAGUE, NETHERLANDS 26-30OCTOBER 2015 On 26-30 October 2015 Lowlands Solutions Netherlands (LSN) will be presenting
More informationCompliance Doesn t Mean Security Achieving Security and Compliance with the latest Regulations and Standards
Compliance Doesn t Mean Security Achieving Security and Compliance with the latest Regulations and Standards Paul de Graaff Chief Strategy Officer Vanguard Integrity Professionals March 11, 2014 Session
More informationPrivilege Gone Wild: The State of Privileged Account Management in 2015
Privilege Gone Wild: The State of Privileged Account Management in 2015 March 2015 1 Table of Contents... 4 Survey Results... 5 1. Risk is Recognized, and Control is Viewed as a Cross-Functional Need...
More informationInternal audit of cybersecurity. Presentation to the Atlanta IIA Chapter January 2015
Internal audit of cybersecurity Presentation to the Atlanta IIA Chapter January 2015 Agenda Executive summary Why is this topic important? Cyber attacks: increasing complexity arket insights: What are
More informationThreat Intelligence & Analytics Cyber Threat Intelligence and how to best understand the adversary s operations
Threat Intelligence & Analytics Cyber Threat Intelligence and how to best understand the adversary s operations September 2015 Copyright 2015 Deloitte Development LLC. All rights reserved. This presentation
More informationCybersecurity: Considerations for Internal Audit. IIA Atlanta Chapter Meeting January 9, 2015
Cybersecurity: Considerations for Internal Audit IIA Atlanta Chapter Meeting January 9, 2015 Agenda Key Risks Incorporating Internal Audit Resources for Internal Auditors Questions 2 Key Risks 3 4 Key
More informationA COMPLETE APPROACH TO SECURITY
A COMPLETE APPROACH TO SECURITY HOW TO ACHEIVE AGILE SECURITY OPERATIONS THREAT WATCH Cyber threats cost the UK economy 27 billion a year 200,000 new threats are identified every day 58% of businesses
More informationApplication Security 101. A primer on Application Security best practices
Application Security 101 A primer on Application Security best practices Table of Contents Introduction...1 Defining Application Security...1 Managing Risk...2 Weighing AppSec Technology Options...3 Penetration
More informationWHITE PAPER Mapping Organizational Roles & Responsibilities for Social Media Risk. A Hootsuite & Nexgate White Paper
WHITE PAPER Mapping Organizational Roles & Responsibilities for Social Media Risk A Hootsuite & Nexgate White Paper Mapping Organizational Roles & Responsibilities for Social Media Risk Executive Summary
More informationCovert Operations: Kill Chain Actions using Security Analytics
Covert Operations: Kill Chain Actions using Security Analytics Written by Aman Diwakar Twitter: https://twitter.com/ddos LinkedIn: http://www.linkedin.com/pub/aman-diwakar-ccie-cissp/5/217/4b7 In Special
More informationCybersecurity Awareness. Part 1
Part 1 Objectives Discuss the Evolution of Data Security Define and Discuss Cybersecurity Review Threat Environment Part 1 Discuss Information Security Programs s Enhancements for Cybersecurity Risks Threat
More informationThe enemies ashore Vulnerabilities & hackers: A relationship that works
The enemies ashore Vulnerabilities & hackers: A relationship that works Alexandros Charvalias, Manager CISSP, CISA, ACDA Assurance & Enterprise Risk Services Cyber security maturity model How effectively
More informationApplying the 80/20 approach for Operational Excellence. How to combat new age threats, optimize investments and increase security.
Applying the 80/20 approach for Operational Excellence How to combat new age threats, optimize investments and increase security Vinod Vasudevan Agenda Current Threat Landscape The 80/20 Approach Achieving
More informationRETHINKING CYBER SECURITY Changing the Business Conversation
RETHINKING CYBER SECURITY Changing the Business Conversation October 2015 Introduction: Diane Smith Michigan Delegate Higher Education Conference Speaker Board Member 2 1 1. Historical Review Agenda 2.
More informationOver 20 years experience in Information Security Management, Risk Management, Third Party Oversight and IT Audit.
CYBERSECURITY: ISSUES AND ISACA S RESPONSE June 2014 BILL S BIO Over 20 years experience in Information Security Management, Risk Management, Third Party Oversight and IT Audit. Vice President Controls
More informationC DIG COMMITTED TO EXCELLENCE IN CYBER DEFENCE. ONE MISSION. ONE GROUP. CSCSS / DEFENCE INTELLIGENCE GROUP
C DIG CSCSS / DEFENCE INTELLIGENCE GROUP COMMITTED TO EXCELLENCE IN CYBER DEFENCE. ONE MISSION. ONE GROUP. CENTRE FOR STRATEGIC CSCSS CYBERSPACE + SECURITY SCIENCE C DIG CSCSS / DEFENCE INTELLIGENCE GROUP
More informationWHITE PAPER KEEPING CLIENT AND EMPLOYEE DATA SECURE DRIVES REVENUE AND BUILDS TRUST PROTECTING THE PROTECTOR
KEEPING CLIENT AND EMPLOYEE DATA SECURE DRIVES REVENUE AND BUILDS TRUST Protecting Identities. Enhancing Reputations. IDT911 1 DATA BREACHES AND SUBSEQUENT IDENTITY THEFT AND FRAUD THREATEN YOUR ORGANIZATION
More informationAgenda. All Summit Sessions will be held in CA Thayer Ballroom (unless noted).
Program Guide SANS Securing the Internet of Things Summit 2013 Agenda All Summit Sessions will be held in CA Thayer Ballroom (unless noted). All approved presentations will be available online following
More informationKEY TRENDS AND DRIVERS OF SECURITY
CYBERSECURITY: ISSUES AND ISACA S RESPONSE Speaker: Renato Burazer, CISA,CISM,CRISC,CGEIT,CISSP KEY TRENDS AND DRIVERS OF SECURITY Consumerization Emerging Trends Continual Regulatory and Compliance Pressures
More informationSeptember 20, 2013 Senior IT Examiner Gene Lilienthal
Cyber Crime September 20, 2013 Senior IT Examiner Gene Lilienthal The following presentation are views and opinions of the speaker and does not necessarily reflect the views of the Federal Reserve Bank
More informationASSUMING A STATE OF COMPROMISE: EFFECTIVE DETECTION OF SECURITY BREACHES
ASSUMING A STATE OF COMPROMISE: EFFECTIVE DETECTION OF SECURITY BREACHES Leonard Levy PricewaterhouseCoopers LLP Session ID: SEC-W03 Session Classification: Intermediate Agenda The opportunity Assuming
More informationInformation Security and Risk Management
Information Security and Risk Management COSO and COBIT Standards and Requirements Page 1 Topics Information Security Industry Standards and COBIT Framework Relation to COSO Internal Control Risk Management
More informationPractical Steps To Securing Process Control Networks
Practical Steps To Securing Process Control Networks Villanova University Seminar Rich Mahler Director, Commercial Cyber Solutions Lockheed Martin Lockheed Martin Corporation 2014. All Rights Reserved.
More informationThe Case for a New Approach to Network Security
The Case for a New Approach to Network Security An Advanced Systems Group White Paper The IT world certainly has changed. The cloud, social media, smartphones, widespread WiFi, tablets, and other innovative
More informationWelcome Back Roberto Casetta, Snr. Vice President International. The Story Behind The Crystal Pete Daw, Cities Urban Developer Siemens Plc
Agenda Overview 9:00am General Session Auditorium 13:30pm General Session Auditorium 16:30pm General Session Auditorium 09:00 Welcome am Roberto Casetta, Snr. Vice President International 9:15am HEAT Software
More informationMiddle Class Economics: Cybersecurity Updated August 7, 2015
Middle Class Economics: Cybersecurity Updated August 7, 2015 The President's 2016 Budget is designed to bring middle class economics into the 21st Century. This Budget shows what we can do if we invest
More informationCloud and Critical Infrastructures how Cloud services are factored in from a risk perspective
Cloud and Critical Infrastructures how Cloud services are factored in from a risk perspective Reaching the Cloud era in the EU Riga 16 June 2015 Jonathan Sage Government and Regulatory Affairs Cyber Security
More informationDeveloping Secure Software in the Age of Advanced Persistent Threats
Developing Secure Software in the Age of Advanced Persistent Threats ERIC BAIZE EMC Corporation DAVE MARTIN EMC Corporation Session ID: ASEC-201 Session Classification: Intermediate Our Job: Keep our Employer
More informationPCI DSS READINESS AND RESPONSE
PCI DSS READINESS AND RESPONSE EMC Consulting Services offers a lifecycle approach to holistic, proactive PCI program management ESSENTIALS Partner with EMC Consulting for your PCI program management and
More informationPENETRATION TESTING GUIDE. www.tbgsecurity.com 1
PENETRATION TESTING GUIDE www.tbgsecurity.com 1 Table of Contents What is a... 3 What is the difference between Ethical Hacking and other types of hackers and testing I ve heard about?... 3 How does a
More informationContinuous Network Monitoring
Continuous Network Monitoring Eliminate periodic assessment processes that expose security and compliance programs to failure Continuous Network Monitoring Continuous network monitoring and assessment
More informationCourse Bachelor of Information Technology majoring in Network Security or Data Infrastructure Engineering
Course Bachelor of Information Technology majoring in Network Security or Data Infrastructure Engineering Course Number HE20524 Location Meadowbank OVERVIEW OF SUBJECT REQUIREMENTS Note: This document
More informationSecuring Your Business with DNS Servers That Protect Themselves
Summary: The Infoblox DNS security product portfolio mitigates attacks on DNS/DHCP servers by intelligently recognizing various attack types and dropping attack traffic while responding only to legitimate
More informationA Strategic Approach to Web Application Security The importance of a secure software development lifecycle
A Strategic Approach to Web Application Security The importance of a secure software development lifecycle Rachna Goel Technical Lead Enterprise Technology Web application security is clearly the new frontier
More informationwww.pwc.com/us/cyber Statement of Qualifications Cybercrime & data breach
www.pwc.com/us/cyber Statement of Qualifications Cybercrime & data breach Contents Countering cyber threats and fraud Cyber forensics and investigative services Cyber forensics and investigations Past
More informationOctober 24, 2014. Mitigating Legal and Business Risks of Cyber Breaches
October 24, 2014 Mitigating Legal and Business Risks of Cyber Breaches AGENDA Introductions Cyber Threat Landscape Cyber Risk Mitigation Strategies 1 Introductions 2 Introductions To Be Confirmed Title
More information7 Things All CFOs Should Know About Cyber Security
Insero & Company s Accounting & Finance Education Series Presents 7 Things All CFOs Should Know About Cyber Security September 23, 2014 Michael Montagliano Chief Technologist, IV4. Inc. CERTIFIED PUBLIC
More informationBy John Pirc. THREAT DETECTION HAS moved beyond signature-based firewalls EDITOR S DESK SECURITY 7 AWARD WINNERS ENHANCED THREAT DETECTION
THE NEXT (FRONT) TIER IN SECURITY When conventional security falls short, breach detection systems and other tier 2 technologies can bolster your network s defenses. By John Pirc THREAT HAS moved beyond
More informationInternet Reputation Management Guidelines Building a Roadmap for Continued Success
Internet Reputation Management Guidelines Building a Roadmap for Continued Success Table of Contents Page INTERNET REPUTATION MANAGEMENT GUIDELINES 1. Background 3 2. Reputation Management Roadmap 5 3.
More informationCYBER SECURITY TRAINING SAFE AND SECURE
CYBER SECURITY TRAINING KEEPING YOU SAFE AND SECURE Experts in Cyber Security training. Hardly a day goes by without a cyber attack being reported. With this ever-increasing threat there is a growing need
More informationCyber crime risk management protecting your business 4 November 2015
Cyber crime risk management protecting your business 4 November 2015 Programme genda (updated 26 Oct) 7.15 am 8.25 am Registration Networking breakfast sponsored by 8.25 am 8.30 am Welcome remarks by MC
More informationRisky Business. Is Your Cybersecurity in Cruise Control? ISACA Austin Chapter Meeting May 5, 2015
Risky Business Is Your Cybersecurity in Cruise Control? ISACA Austin Chapter Meeting May 5, 2015 What We ll Cover About Me Background The threat Risks to your organization What your organization can/should
More informationPresented by Frederick J. Santarsiere
http://cinoltd.com/ Presented by Frederick J. Santarsiere CHFI, CISSP, CISM, CISA, CEH, CEI, CAP, SSCP Sec+, Net+, A+, MCSA, MCSE, MCITP, MCT CCENT, CCNA, CCNA Wireless, CCNA Voice CISCO SMBEN, SMBAM,
More informationCyber-Security. FAS Annual Conference September 12, 2014
Cyber-Security FAS Annual Conference September 12, 2014 Maysar Al-Samadi Vice President, Professional Standards IIROC Cyber-Security IIROC Rule 17.16 BCP The regulatory landscape Canadian Government policy
More informationGAO. INFORMATION SECURITY Persistent Weaknesses Highlight Need for Further Improvement
GAO For Release on Delivery Expected at time 1:00 p.m. EDT Thursday, April 19, 2007 United States Government Accountability Office Testimony Before the Subcommittee on Emerging Threats, Cybersecurity,
More informationwww.pwc.com Cybersecurity and Privacy Hot Topics 2015
www.pwc.com Cybersecurity and Privacy Hot Topics 2015 Table of Contents Cybersecurity and Privacy Incidents are on the rise Executives and Boards are focused on Emerging Risks Banking & Capital Markets
More informationInternet Reputation Management Guide. Building a Roadmap for Continued Success
Internet Reputation Management Guide Building a Roadmap for Continued Success About BrandProtect BrandProtect is the leader in multi-channel Internet threat monitoring and risk mitigation. The company
More informationItaly. EY s Global Information Security Survey 2013
Italy EY s Global Information Security Survey 2013 EY s Global Information Security Survey 2013 This year s survey our 16th edition captures the responses of 1,909 C-suite and senior level IT and information
More informationREPORT. Next steps in cyber security
REPORT March 2015 Contents Executive summary...3 The Deloitte and Efma questionnaire...5 Level of awareness...5 Level of significance...8 Level of implementation...11 Gap identification and concerns...15
More informationSecurity Risk Management Strategy in a Mobile and Consumerised World
Security Risk Management Strategy in a Mobile and Consumerised World RYAN RUBIN (Msc, CISSP, CISM, QSA, CHFI) PROTIVITI Session ID: GRC-308 Session Classification: Intermediate AGENDA Current State Key
More informationHow Security Testing can ensure Your Mobile Application Security. Yohannes, CEHv8, ECSAv8, ISE, OSCP(PWK) Information Security Consultant
How Security Testing can ensure Your Mobile Application Security Yohannes, CEHv8, ECSAv8, ISE, OSCP(PWK) Information Security Consultant Once More Consulting & Advisory Services IT Governance IT Strategic
More informationCYBER SECURITY AND RISK MANAGEMENT. An Executive level responsibility
CYBER SECURITY AND RISK MANAGEMENT An Executive level responsibility Cyberspace poses risks as well as opportunities Cyber security risks are a constantly evolving threat to an organisation s ability to
More informationWhite Paper. Advantage FireEye. Debunking the Myth of Sandbox Security
White Paper Advantage FireEye Debunking the Myth of Sandbox Security White Paper Contents The Myth of Sandbox Security 3 Commercial sandbox evasion 3 Lack of multi-flow analysis and exploit detection 3
More informationProtecting What Matters Most. Terry Ray Chief Product Strategist Trending Technologies Session 11
Protecting What Matters Most Terry Ray Chief Product Strategist Trending Technologies Session 11 Cyber attacks are bad and getting Significant economic Stock price fell by 14% Impacted profits by 46% Total
More informationModern IT Security. Jerry Craft Sr. Security & Networking Consultant
Modern IT Security Jerry Craft Sr. Security & Networking Consultant August 5, 2014 Arcsight Managed Services Bio Senior Security & Networking Consultant for Nth Generation Computing Ethical Hacker and
More informationITAR Compliance Best Practices Guide
ITAR Compliance Best Practices Guide 1 Table of Contents Executive Summary & Overview 3 Data Security Best Practices 4 About Aurora 10 2 Executive Summary & Overview: International Traffic in Arms Regulations
More information