|
|
Sessions and Speakers
Roger Dixon,
Invesco, Ltd. |
 |
Convergence of Physical and IT Security
Just as IT Security is only one component of overall Information Security, Physical Security is only one component of overall Corporate Security. This presentation will introduce the information security practitioner to some of the various aspects of Corporate Security, and how from a management level one can potentially take advantage of the convergence of these two security disciplines in today�s challenging market.
Roger is the Head of Information Security - North America for Invesco Ltd. supporting Invesco's 35 offices in 22 cities across North America. He is a retired military officer with over 27 years experience in physical, operational, communications, and information security. Prior to Invesco, was the Director of Security for Wells Real Estate Funds in Norcross, GA. Roger holds a MBA, a Master of Science degree in Computer Science and a Bachelor of Science degree in Business Administration. While in the military he held multiple leadership assignments including being Chief of an award-winning software development team at the U.S. Total Army Personnel Command, an Assistant Professor of computer science at the United States Military Academy (USMA) at West Point, and Chief of an information warfare/information security research team at the Army Research Laboratory - Atlanta.
|
Martin Fisher,
Delta Air Lines |
 |
Taking Incident Response to the Next Level in the Real World
This session will discuss taking security incident response, no matter where you are, to the next level. We'll specifically use the case study of a Fortune 100 company moving from disjointed and undocumented response plan to the establishment of a Computer Security Incident Response Team. Topics will include realistic self-assessment, developing the business case, addressing small yet vital issues, and continual improvement.
Martin Fisher is currently leads the Computer Security Incident Response Team at Delta Air Lines. He has had a wide set of experiences in his 20 year career including spending the last three years working at Delta to develop security incident response. A leader focused on developing high performing teams he is working currently to create a consolidated CSIRT for the largest airline in the world.
|
| Bradford Hutson |
 |
Fraud & Digital Forensics
This is a discussion on the current industry and market trends in the fields of Fraud, Digital Forensics and eDiscovery. Processes and methodologies in these fields are covered as well as an overview of tools of the trade, case study analysis and best practices. Brad will also cover the need for detective mechanisms required by the U.S. Red Flag regulation.
Bradford Hutson, SpearTip’s Chief Security Engineer, has over 30 years of experience in the information technology industry. He served as a security and compliance consultant for Fortune 100 corporations such as Bank of America, PricewaterhouseCoopers and Equifax. His software development accomplishments include developing data compression and encryption for medical imagery, security intelligence software and secure satellite data transmission. Mr. Hutson has deep knowledge of penetration and vulnerability testing and methods as well as international experience working with various foreign governments.
|
Eric D. Knapp,
NitroSecurity, Inc. |
 |
Convergence of DLP and SIEM - The Content Aware SEIM
With increasing budgetary pressures, many are turning to SIEM to prevent data loss and inhibit fraudulent insider activity. However, lacking visibility beyond application and database logs, legacy SIEMs offer little for DLP. Dedicated DLP solutions, in contrast, provide strong protection but require the additional cost and complexity of yet another security solution. The solution lies in a new variation of SIEM designed to provide full visibility into your data, both at rest (in the database) and in motion (in use through applications and protocols). This session will describe new Content-aware SIEM platforms. The result is exceptional compliance management, which can be performed operationally, or used to feed hundreds of pre-defined compliance reports for GLBA, HIPAA, FISMA, NERC, PCI, SOX, and other regulatory requirements.
Eric D Knapp is the Vice President of Technical Marketing for NitroSecurity, Inc. Eric joined NitroSecurity in early 2007, bringing over a decade of experience in telecommunications and Internet security technology. He has previously held senior positions in Product Management and Marketing at Cabletron Systems, Paradyne, and Zhone Technologies. Eric is considered an expert in applied Ethernet technologies and Ethernet-in-the-First-Mile (EFM), and is an award-winning author.
|
Arun Kothanath,
Integral Business Solutions |
 |
Online Fraud Management: Current & Future Threats, Impact & Remediation Strategy
This session will cover the state of economic impact relating to online fraud and provide guidance as to how organizations can avoid high profile data breeches and customer loss resulting from fraudulent activity. Topics will include:
- Fraud-definition and relevance
- Digital identification-what is good
- How fraud occurs
- Where access control fails
- Impact-financial, regulatory, systems, etc.
- Containing fraud-bottom line impact
- Gate-keeping
- Enterprise fraud management
- Trends-what next?
Arun Kothanath, CISSP is a 12 year veteran in the information security and technology industry, and is sought after for his security expertise from start ups and Fortune 500 organizations as well as leading industry analysts throughout the world. Kothanath's recognition stems from his involvement with various security forums such as speaking at ISSA conferences and university forums, participating in the Cisco advisory panel, security adviser/Deputy CTO to Oracle through their Partner Advisory Council for identity management, and leading fraud management panels. In his spare time Kothanath authors whitepapers on the latest security trends and leads collaborative industry forums to promote security awareness.
|
Sue Lin Lange,
Voice Ideas |
 |
Job Search Tips for Security
Downsized? Laid-off? Hate your job?
What you need to know NOW to help you get a new job (or protect yourself in your current job ) in these challenging economic times?
Sue will give you the very latest info and invite your participation regarding:
- Tips on resume preparation for 2010.
- Research to do BEFORE going on an interview.
- How to handle WHY you were laid off before.
- A list of top 50 Interview questions to take home with you.
- What else you can do to help prepare for (or destroy) your interview opportunity.
Sue has been the Owner of an IT recruiting firm for the past six years. For 20 years prior, Sue worked in the IT industry in networking & security companies: Cisco Systems, IBM, Network General & McAfee. She has received national recognition for her technical sales management. She will offer you the benefit of her expertise and success developed working with upper management and the board of directors of IT companies. Sue will bring to light some of the top needs and concerns of management in hiring and retaining employees.
|
Bill Ledingham,
Verdasys |
 |
Enterprise Information Protection (EIP): The Next Generation in Information Security
The need for organizations to unify their information protection policies, business and security processes, and their many disparate security technologies is clear. EIP looks holistically at defining and mitigating the risk to sensitive information being moved across complete business processes and multitudes of end users worldwide as part of a strategic and unified information governance program.
Bill is a seasoned technology professional with over 25 years of experience in bringing new technologies and companies to market. Bill most recently served as VP of Engineering at Avalere, a software company focused on information management. Bill holds a B.S. in Electrical Engineering and a M.S. in Industrial Engineering from Stanford University, and a MBA from Harvard University.
|
Bryan Marlatt,
ForeScout Technologies |
 |
Network Access Control & Compliance Strategies
The first step of an audit begins with determining what devices are connected to the network. Beyond this basic requirement, network and security compliances are very different. From SOX and GLBA, to PCI, to HIPAA, to FISMA -- No two compliances are exactly the same. Network access control will not only help you define the devices on the network, it will also notify you of the compliance and non-compliance of those devices. NAC has the ability to remediate devices to make them compliant. NAC will also validate that each user has the appropriate level of access to the network and that intruders are dealt with appropriately. NAC helps you achieve compliance before the auditor arrives.
As the Director of Engineering, Bryan Marlatt helps to drive the technical growth of ForeScout Technologies with their network access control (NAC) solution. Bryan works with customers to meet their corporate and regulatory compliance goals using NAC. He has over seventeen years of experience working in the IT network and security field working as a lead technologist for the federal government, resellers and vendors. | |
