Anticipate the unexpected - ASIS 2012
Anticipate the unexpected - ASIS 2012
Anticipate the unexpected - ASIS 2012
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
Seminar Overview<br />
Seminar Dates:<br />
Monday–Thursday<br />
September 19–22<br />
Exhibit Dates:<br />
Monday–Wednesday<br />
September 19–21<br />
<strong>Anticipate</strong> <strong>the</strong> <strong>unexpected</strong><br />
The security tools, techniques, and talent for tomorrow.<br />
AS I S I N T E R N AT I O N A L 2 011<br />
57Th ANNuAL SEmINAR ANd ExhIbITS<br />
September 19–22, 2011 | OrlandO, Fl<br />
www.asis2011.org<br />
colocated<br />
with <strong>ASIS</strong> 2011
Face <strong>the</strong> future—and <strong>the</strong> unknown—<br />
with confidence when you acquire <strong>the</strong><br />
comprehensive knowledge and resources<br />
available only at <strong>ASIS</strong> 2011.<br />
<strong>ASIS</strong> International welcomes (ISC) 2 ’s first Security Congress,<br />
colocating with <strong>ASIS</strong> 2011. This important partnership illustrates<br />
<strong>the</strong> rapidly converging roles of traditional security and information<br />
security. These two events will bring toge<strong>the</strong>r <strong>the</strong> best and brightest<br />
minds in <strong>the</strong> profession. Join more than 20,000 of your colleagues<br />
for an unprecedented look at <strong>the</strong> total security landscape.<br />
WhAt DoES thIS mEAn to you?<br />
• Gain new perspectives and expert insights into <strong>the</strong> latest<br />
trends impacting <strong>the</strong> protection of people, property, and<br />
information.<br />
• Connect with security counterparts from around <strong>the</strong> globe.<br />
• See thousands of <strong>the</strong> latest technologies, products, and<br />
services on <strong>the</strong> market.<br />
• Integrate proven best practices into your enterprise<br />
security plan.<br />
• Learn about <strong>ASIS</strong> board certification and (ISC) 2 certifications.<br />
<strong>ASIS</strong> Debuts a Systems Integrator track.<br />
<strong>ASIS</strong> is expanding its educational program to include a<br />
new track of sessions designed for systems integrators.<br />
Practitioners in key vertical industries will share <strong>the</strong>ir<br />
biggest security challenges and insights that will help<br />
integrators provide <strong>the</strong> best solutions to <strong>the</strong>ir customers.<br />
This track is endorsed by PSA Security Network.<br />
Who ShoulD AttEnD<br />
• Security directors and managers<br />
• Homeland security professionals<br />
• CEOs, CSOs, CISOs, CTOs, CIOs<br />
• Managers charged with protecting <strong>the</strong>ir infrastructure<br />
• Government/military personnel with security responsibilities<br />
• Security consultants<br />
• Law enforcement professionals<br />
• Facility/plant/operations managers<br />
• Systems integrators and dealers<br />
• Architects/engineers<br />
• O<strong>the</strong>r professionals with an interest in security
Program Highlights . . . . . . . . . . . . .2<br />
Keynotes and General Sessions . . . . . . .4<br />
Schedule of Events . . . . . . . . . . . . .5<br />
Exhibits . . . . . . . . . . . . . . . . . . .6<br />
Certification . . . . . . . . . . . . . . . . .9<br />
CSO Roundtable . . . . . . . . . . . . . . 10<br />
Pre-Seminar Programs and Events . . . . . 11<br />
Focus on Homeland Security . . . . . . . . 16<br />
Education Sessions . . . . . . . . . . . . 18<br />
Networking Events . . . . . . . . . . . . . 70<br />
table of Contents<br />
Register for <strong>ASIS</strong> 2011 or<br />
(ISC) 2 ’s Security Congress and<br />
gain access to all this and more.<br />
<strong>the</strong> Power Behind <strong>the</strong> <strong>ASIS</strong> Annual Seminar and Exhibits<br />
<strong>ASIS</strong> International (<strong>ASIS</strong>) is <strong>the</strong> preeminent organization for security professionals, with more than 37,000<br />
members worldwide. Founded in 1955, <strong>ASIS</strong> is dedicated to increasing <strong>the</strong> effectiveness and productivity of security<br />
professionals by developing educational and networking opportunities that address broad security interests, such as<br />
<strong>the</strong> <strong>ASIS</strong> Annual Seminar and Exhibits, as well as specific security topics. <strong>ASIS</strong> also advocates <strong>the</strong> role and value of <strong>the</strong><br />
security management profession to business, <strong>the</strong> media, government entities, and <strong>the</strong> public. By providing members<br />
and <strong>the</strong> security community with access to a full range of programs and services, and by publishing <strong>the</strong> industry’s<br />
number one magazine—Security Management—<strong>ASIS</strong> leads <strong>the</strong> way for advanced and improved security performance.<br />
We’re pleased to welcome our new partner:<br />
(ISC)² is <strong>the</strong> largest not-for-profit membership body of certified information security professionals worldwide, with over<br />
77,000 members in more than 135 countries. Globally recognized as <strong>the</strong> Gold Standard, (ISC)² issues <strong>the</strong> CISSP®<br />
and related concentrations, as well as <strong>the</strong> CSSLP®, CAP®, and SSCP® credentials to qualifying candidates. (ISC)²’s<br />
certifications are among <strong>the</strong> first information technology credentials to meet <strong>the</strong> stringent requirements of ANSI/ISO/<br />
IEC Standard 17024, a global benchmark for assessing and certifying personnel. (ISC)² also offers education programs<br />
and services based on its CBK®, a compendium of information security topics. More information is available at<br />
www.isc2.org.<br />
Join professionals from around <strong>the</strong> globe in Orlando for <strong>the</strong> most<br />
comprehensive educational event of <strong>the</strong> year. Register today!<br />
Special Interest Networking Events . . . . . 72<br />
Spouse Program. . . . . . . . . . . . . . 74<br />
Welcome to Orlando . . . . . . . . . . . . 75<br />
General Information/Housing . . . . . . . 76<br />
Thank You to our Partners and Sponsors . . 77<br />
September 19–22, 2011 | Orange County Convention Center | Orlando, Florida | www.asis2011.org 1
Prepare to Learn<br />
Unparalleled<br />
General Sessions. Outstanding keynote<br />
presentations by renowned leaders and<br />
dynamic general sessions on key issues<br />
set <strong>the</strong> stage for this year’s event.<br />
Education Sessions. More than 200<br />
sessions address <strong>the</strong> full range of up-to<strong>the</strong>-minute<br />
security topics, critical issues,<br />
and security management best practices.<br />
Mix ‘n match from 22 tracks and design<br />
<strong>the</strong> program that’s right for you. Refer to<br />
<strong>the</strong> daily Schedule-at-a-Glance—at <strong>the</strong><br />
beginning of each day’s listing.<br />
homeland Security. A listing of 30<br />
sessions provides a quick overview of<br />
our offerings focused on protecting <strong>the</strong><br />
homeland, whe<strong>the</strong>r in <strong>the</strong> U.S. or abroad.<br />
Pre-Seminar Programs and Professional<br />
tours. These in-depth ‘add-on’ programs<br />
are held immediately prior to <strong>the</strong> Seminar<br />
and focus on a variety of issues relevant<br />
to today’s security practitioners.<br />
CSo Roundtable. Members of <strong>the</strong> CSO<br />
Roundtable are invited to attend special<br />
programming relative to senior security<br />
leaders.<br />
Accolades Competition. This program<br />
recognizes innovative new products and<br />
services and helps identify some of <strong>the</strong><br />
hottest solutions that will be displayed<br />
in <strong>the</strong> exhibit hall. View entries online in<br />
advance and see entries ‘up close and<br />
personal’ on <strong>the</strong> show floor.<br />
2 <strong>ASIS</strong> 2011 <strong>Anticipate</strong> <strong>the</strong> <strong>unexpected</strong>. The security tools, techniques, and talent for tomorrow.
edUcation<br />
Solutions <strong>the</strong>aters. These in-depth<br />
vendor presentations—delivered right on<br />
<strong>the</strong> show floor—give you <strong>the</strong> scoop on<br />
new products, breaking news, and more.<br />
Schedule will be available in August.<br />
<strong>ASIS</strong> tV. Learn about security initiatives<br />
throughout <strong>the</strong> world and see on-<strong>the</strong>-spot<br />
interviews from <strong>the</strong> Seminar. <strong>ASIS</strong> TV also<br />
will be viewable online during and after<br />
<strong>the</strong> Seminar.<br />
Session handouts. All handout materials<br />
will be available for your online access.<br />
Or print <strong>the</strong>m out onsite at print stations<br />
located in <strong>the</strong> convention center. The<br />
choice is yours.<br />
Exhibit hall. Thousands of cutting-edge<br />
products and services will be on display<br />
on <strong>the</strong> show floor. From access control to<br />
cloud security to weapons disposal and<br />
everything in between, you’ll find <strong>the</strong> tools<br />
and partners you need to mitigate risk.<br />
networking. Take advantage of unlimited<br />
opportunities to interact with top<br />
professionals from around <strong>the</strong> globe. This<br />
is <strong>the</strong> place to meet peers face-to-face,<br />
share ideas, and discover solutions.<br />
September 19–22, 2011 | Orange County Convention Center | Orlando, Florida | www.asis2011.org 3
“ If you want to stay abreast of new technology and liaison with o<strong>the</strong>r<br />
colleagues in <strong>the</strong> security sector, you need to attend <strong>the</strong> <strong>ASIS</strong> show.”<br />
James R. Mat<strong>the</strong>ws, CPP<br />
Chief of Police, Rincon Police Department<br />
General Sessions<br />
KEynotE<br />
Jeb Bush<br />
Governor of Florida, 1999–2007<br />
Tuesday, September 20, 8:00 am–9:00 am<br />
As <strong>the</strong> 43rd Governor of<br />
<strong>the</strong> state of Florida, Bush’s<br />
achievements include<br />
education reform, closing <strong>the</strong><br />
achievement gap for Florida<br />
students; and yearly tax cuts<br />
which helped Florida lead <strong>the</strong><br />
nation in job growth. Bush<br />
currently heads his own successful consulting<br />
business and also is chairman of <strong>the</strong> Foundation<br />
for Excellence in Education.<br />
KEynotE<br />
Vicente Fox<br />
President of Mexico, 2000–2006<br />
Wednesday, September 21, 8:00 am–9:00 am<br />
A visionary leader with a deep<br />
understanding of <strong>the</strong> economic<br />
and social challenges facing<br />
Latin America, President Fox<br />
is one of <strong>the</strong> world’s most<br />
important voices on <strong>the</strong><br />
contemporary geo-political<br />
landscape and <strong>the</strong> role of<br />
business in <strong>the</strong> developing world.<br />
General Session<br />
<strong>the</strong> Security leader in 2020<br />
and Beyond<br />
Thursday, September 22, 8:00 am–9:30 am<br />
Explore <strong>the</strong> industry 10+ years into <strong>the</strong> future<br />
with experts from across <strong>the</strong> security community<br />
engaging on key topics. Understand <strong>the</strong> key<br />
technology and security trends driving business<br />
and <strong>the</strong> industry that are likely to have an effect<br />
on <strong>the</strong> leaders of <strong>the</strong> future. Hear from a panel<br />
including chief security officers and representatives<br />
of <strong>the</strong> information security and technology<br />
communities as <strong>the</strong>y discuss <strong>the</strong> trends and<br />
impacts of what professionals will face in <strong>the</strong><br />
next decade.<br />
General Session<br />
Workplace Violence:<br />
A Clear and Present Danger<br />
Thursday, September 22,<br />
10:00 am–12:00 noon<br />
Violence in <strong>the</strong> workplace continues to make<br />
news headlines and is a vital concern to Security,<br />
Human Resources, and management across<br />
all industries. Threats, verbal abuse, physical<br />
assault, and homicide in <strong>the</strong> workplace affect<br />
two million workers annually in <strong>the</strong> U.S. alone.<br />
The use of <strong>the</strong> Internet as a means to promote<br />
violence through <strong>the</strong> delivery of threats, as well as<br />
<strong>the</strong> implications and impact of social media are<br />
evolving factors that also need to be understood.<br />
Join us as we examine <strong>the</strong> issues and <strong>the</strong> latest<br />
information on assessment, prevention, and<br />
mitigation of this growing threat.<br />
Closing luncheon with Burt Rutan<br />
Thursday, September 22,<br />
12:00 noon–2:00 pm<br />
Named “Entrepreneur of <strong>the</strong><br />
Year” by Inc. Magazine and<br />
described by Newsweek as<br />
“<strong>the</strong> man responsible for more<br />
innovations in modern aviation<br />
than any living engineer,” Mr.<br />
Rutan is a bold entrepreneur<br />
and designer with <strong>the</strong> vision<br />
and passion for <strong>the</strong> advancement of technology.<br />
Recent projects include <strong>the</strong> White Knight and<br />
SpaceShipOne, <strong>the</strong> world’s first privately funded<br />
manned spacecraft.<br />
“If you are going to attend one<br />
security event this year…<strong>ASIS</strong><br />
should be <strong>the</strong> one.”<br />
Bret Rowe<br />
Corporate Security Manager<br />
J.R. Simplot Company<br />
4 <strong>ASIS</strong> 2011 <strong>Anticipate</strong> <strong>the</strong> <strong>unexpected</strong>. The security tools, techniques, and talent for tomorrow.
Schedule of Events<br />
All programs and events are open to <strong>ASIS</strong> and (ISC) 2 attendees unless o<strong>the</strong>rwise noted.<br />
Friday, September 16<br />
8:00 am–5:30 pm CPP, PCI, and PSP Certification Reviews, Peabody Hotel<br />
Saturday, September 17<br />
8:00 am–2:00 pm CPP, PCI, and PSP Certification Reviews, Peabody Hotel<br />
8:00 am–5:00 pm CISSP and CSSLP Official Review Seminars<br />
8:00 am–5:00 pm Pre-Seminar Programs<br />
Sunday, September 18<br />
8:00 am–12:00 noon CISSP and SSCP Clinics<br />
8:00 am–1:30 pm <strong>ASIS</strong> Foundation 15 th Annual Golf Tournament<br />
8:00 am–2:00 pm (ISC) 2 Exams<br />
8:00 am–5:00 pm CISSP and CSSLP Official Review Seminars (continued)<br />
8:00 am–5:00 pm Pre-Seminar Programs<br />
1:00 pm–5:00 pm CAP and CSSLP Clinics<br />
4:00 pm–6:00 pm (ISC) 2 Town Hall Meeting for Members Only<br />
5:00 pm–6:00 pm Young Professionals Reception<br />
6:00 pm–7:00 pm <strong>ASIS</strong> First-Time Attendee/<strong>ASIS</strong> New Member Reception<br />
7:00 pm–9:00 pm Welcome Reception<br />
monday, September 19<br />
7:45 am–9:00 am Opening Ceremony<br />
9:00 am–11:00 am Exhibit Hall Grand Opening<br />
9:00 am–4:30 pm Exhibit Hall Open<br />
11:00 am–12:00 noon Education Sessions<br />
12:00 noon–1:30 pm Networking Luncheon<br />
1:45 pm–3:00 pm Education Sessions<br />
4:30 pm–5:30 pm Education Sessions<br />
5:30 pm–7:00 pm (ISC) 2 Member Reception, Peabody Hotel<br />
7:00 pm–10:00 pm President’s Reception at Universal’s Islands of Adventure ®<br />
tuesday, September 20<br />
8:00 am–9:00 am Keynote: Jeb Bush<br />
9:00 am–4:30 pm Exhibit Hall Open<br />
10:00 am–11:00 am (ISC) 2 Safe and Secure Online Volunteer Orientation<br />
11:00 am–12:00 noon Education Sessions<br />
12:00 noon–1:30 pm Networking Luncheon<br />
1:45 pm–3:00 pm Education Sessions<br />
4:30 pm–5:30 pm Education Sessions<br />
Wednesday, September 21<br />
8:00 am–9:00 am Keynote: Vicente Fox<br />
9:00 am–3:30 pm Exhibit Hall Open (Final Day for Exhibits)<br />
11:00 am–12:00 noon Education Sessions<br />
12:00 noon–1:30 pm<br />
Law Enforcement/Military Appreciation<br />
Luncheon<br />
1:45 pm–2:45 pm Education Sessions<br />
3:30 pm–5:00 pm Education Sessions<br />
6:30 pm–10:00 pm Americas ISLA Gala Dinner, Peabody Hotel<br />
7:00 pm–9:00 pm<br />
thursday, September 22<br />
<strong>ASIS</strong> Foundation Event at BB King’s Blues Club<br />
REGIStRAtIon houRS<br />
Sunday, September 18<br />
12:00 noon–6:30 pm<br />
Monday–Wednesday,<br />
September 19–21<br />
7:00 am–5:30 pm daily<br />
Thursday, September 22<br />
7:30 am–12:00 noon<br />
8:00 am–9:30 am General Session: The Security Leader in 2020 and Beyond<br />
9:30 am–10:00 am Coffee Break<br />
10:00 am–12:00 noon General Session: Workplace Violence: A Clear and Present Danger<br />
12:00 noon–2:00 pm Closing Luncheon with Burt Rutan<br />
All events are held at <strong>the</strong> Orange County Convention Center unless noted o<strong>the</strong>rwise. Schedule subject to change.<br />
September 19–22, 2011 | Orange County Convention Center | Orlando, Florida | www.asis2011.org 5
Exhibits<br />
Knock out a year’s worth of product and supplier research in just<br />
three days. Get face-to-face with product experts and discover what’s<br />
possible in today’s high-tech security market.<br />
Exhibit hall hours: Monday–Tuesday, September 19–20, 9:00 am–4:30 pm<br />
Wednesday, September 21, 9:00 am–3:30 pm<br />
Exhibitor List<br />
as of aPriL 28, 2011<br />
3M Cogent, Inc.<br />
3M Optical Systems Division<br />
3S Pocketnet Technology, Inc.<br />
3SI Security Systems<br />
3VR Security, Inc.<br />
5.11 Tactical<br />
A&S International<br />
A-T Solutions<br />
Aaxeon Technologies<br />
ABM Data Systems, Inc.<br />
Access Specialties<br />
International, LLC<br />
Accessgate.net, Inc. (AGS)<br />
ACCU-TECH CORPORATION<br />
AccuWea<strong>the</strong>r, Inc.<br />
ACTi Corporation<br />
Action Bullet Resistant<br />
ADS, Inc.<br />
ADT Security Services<br />
AFI and IMAC<br />
AFL Telecommunications<br />
Aigis (Now Part of Linear)<br />
Aimetis Corp.<br />
Aiphone Corporation<br />
Airborne Biometrics Group, Inc.<br />
AlarmSaf<br />
Alert Enterprise<br />
Alertus Technologies<br />
Alion Science and Technology –<br />
CounterMeasures<br />
All Traffic Solutions<br />
Allied Tube & Conduit<br />
AlliedBarton Security Services<br />
Allsafe Technologies, Inc.<br />
Alpha Technologies<br />
ALTRONIX CORP.<br />
ALUTIIQ, LLC<br />
ALVARADO TURNSTILES<br />
AMAG Technology, Inc.<br />
American K9 Detection<br />
Services, Inc.<br />
American Military University<br />
American School & University<br />
American Physical Security<br />
Group<br />
Admission to <strong>the</strong><br />
Exhibits is FREE<br />
when you register in<br />
advance ($75 value).<br />
American Science &<br />
Engineering, Inc.<br />
American Security Products Co.<br />
American Video Equipment<br />
Ameristar Fence Products<br />
AMICO<br />
Andrews International<br />
Anixter, Inc.<br />
The Anvil Group, Ltd.<br />
Aon Fire Protection<br />
Engineering (Formerly<br />
Schirmer Engineering)<br />
APOLLO<br />
Arecont Vision, LLC<br />
Ares Corporation<br />
ARH, Inc.<br />
ARMORTEX<br />
AS Solution A/S<br />
ASI Technologies –<br />
Marathon Doors<br />
<strong>ASIS</strong> International<br />
ASSA ABLOY Americas<br />
ASTIC Signals Defenses, LLC<br />
Astrophysics, Inc.<br />
Austin Mohawk and Company<br />
AUTOCLEAR/Scintex<br />
AutoGate, Inc.<br />
Automatic Systems<br />
AVANTE<br />
Aventura Technologies<br />
AVIGILON<br />
AVUE<br />
AWID, Inc.<br />
AXIS COMMUNICATIONS, INC.<br />
Baran Access Solutions<br />
Barco<br />
Barcode Automation, Inc.<br />
Barrier 1 Systems, Inc.<br />
Basler Vision Technologies<br />
Bellevue University<br />
Blackline GPS, Inc.<br />
Boeing Company<br />
Boon Edam, Inc.<br />
Brady People ID<br />
BRICKCOM CORPORATION<br />
BrickHouse Security<br />
BriefCam, Ltd.<br />
Brijot Imaging Systems, Inc.<br />
Brivo Systems, LLC<br />
Brownyard Group<br />
Brownyard Programs, Ltd.<br />
BRS Labs<br />
Bryce Fastener, Inc.<br />
BSI Group America, Inc.<br />
Building Reports<br />
C.R. Laurence Co., Inc.<br />
California University of PA<br />
CALL24 Wireless Callbox<br />
Systems<br />
Cambridge Security Seals<br />
Campus Safety Magazine<br />
CAP Index, Inc.<br />
Card Scanning Solutions<br />
CCTVSTAR, Inc.<br />
CEIA USA<br />
Celayix, Inc.<br />
CI Centre<br />
CIAS<br />
CIC Technology – CORiT<br />
Cisco Systems, Inc.<br />
Clinton Electronics Corporation<br />
CNB Technology, Inc.<br />
CNL Software, Inc.<br />
Cochrane USA<br />
Code Blue Corporation<br />
Cohu, Inc. – Electronics<br />
Division<br />
ColorID, LLC<br />
COMMEND, Inc.<br />
Commissionaires<br />
COMNET<br />
Concentric Security, LLC<br />
Control Risks<br />
Control Room Group –<br />
a division of AVI-SPL<br />
Contronics Technologies<br />
Cooper INDUSTRIES<br />
Cop Security System Corp.<br />
CORNELL<br />
Counter Terrorist Magazine (The)<br />
CoverX Corporation<br />
Cross Match Technologies, Inc.<br />
CSO Magazine<br />
Cygnus Security Group<br />
D3 Security Management<br />
Systems<br />
6 <strong>ASIS</strong> 2011 <strong>Anticipate</strong> <strong>the</strong> <strong>unexpected</strong>. The security tools, techniques, and talent for tomorrow.<br />
DAHLE North America<br />
Datacard Group<br />
DataDirect Networks<br />
Dayton T. Brown, Inc.<br />
DEANSTEEL MFG CO.<br />
DEDICATED MICROS, Inc.<br />
Deister Electronics<br />
Designed Security, Inc. (DSI)<br />
DeTect, Inc.<br />
DeTekion Security Systems, Inc.<br />
DETEX<br />
Diebold Incorporated<br />
Digital ID Solutions, LLC<br />
Digital Supply International<br />
Digitize, Inc.<br />
DITEK Corporation<br />
DMP<br />
Dolphin Components Corp.<br />
DoorKing, Inc.<br />
Dortronics Systems, Inc.<br />
DRS Technologies, Inc.<br />
DSI Security Services, Inc.<br />
DSX Access Systems, Inc.<br />
DVTel, Inc.<br />
DynaLock Corp.<br />
Dynasound – Soundmasking &<br />
Eavesdropping Protection<br />
Division<br />
e-DATA Corporation<br />
EasyLobby, Inc.<br />
ECSI International, Inc.<br />
EK Ekcessories<br />
ELC Security Products<br />
ESRI<br />
Essen Trade Shows<br />
EURESYS<br />
Europ Assistance USA<br />
Evax Systems<br />
EverFocus Electronics<br />
Corporation<br />
Exacq Technologies, Inc.<br />
Explosive Countermeasures Int’l.<br />
EYE TRAX<br />
Faro<br />
Fastcom Technology<br />
Feeling Software<br />
Fire and Life Safety America<br />
Firetide
Fisher Labs<br />
Fleet Management Solutions<br />
FLIR Systems, Inc.<br />
Florida Association of Security<br />
Companies (FASCO)<br />
FreightWatch International<br />
(USA), Inc.<br />
FujiFilm North America Corp.<br />
Fujitsu Frontech North<br />
America, Inc.<br />
Future Fibre Technologies<br />
FutureSentry<br />
G4S<br />
GAI-Tronics Corporation<br />
Galaxy Control Systems<br />
Gale Force Software<br />
Corporation<br />
Gallagher Security USA, Inc.<br />
Garrett Metal Detectors<br />
Gatekeeper Security<br />
Gavin de Becker & Associates<br />
General Lock & Clark Security<br />
General Services<br />
Administration<br />
Genetec<br />
Genius Vision Digital, Inc.<br />
GENRIC<br />
George Washington University<br />
GeoVision, Inc.<br />
GEUTEBRUCK Security, Inc.<br />
GlassLock, Inc.<br />
Global Engineering Security<br />
System<br />
Global Rescue, LLC<br />
Global Software<br />
Graybar<br />
GSP Systems, Inc.<br />
Guardian8, Inc.<br />
Guardsmark, LLC<br />
Gunnebo Entrance Control<br />
GVI Security<br />
HanitaTek, LLC<br />
Heigl Technologies<br />
HGH Infrared Systems, Inc.<br />
HID Global<br />
Hikvision Digital Technology<br />
Co., Ltd.<br />
Hill & Smith, Inc.<br />
Hirsch Electronics<br />
Hitachi America, Ltd.<br />
HMA Consulting, Inc.<br />
Homeland Security Newswire<br />
Honeywell International<br />
Huffmaster Protective Services<br />
Group<br />
HySecurity Gate Operators<br />
Hytera Communications<br />
i2, Inc.<br />
i 3 International<br />
IAPP<br />
ICD Security Solutions<br />
ICE PACK Emergency<br />
Sustainment Systems, LLC<br />
ICx Technologies<br />
IDenticard Systems<br />
Identification Systems Group<br />
idOnDemand<br />
“this is <strong>the</strong> largest ga<strong>the</strong>ring of<br />
security professionals and <strong>the</strong> most<br />
comprehensive display of security<br />
technology in <strong>the</strong> world.”<br />
Milton Moritz, CPP, President<br />
Moritz Associates<br />
IEE Sensing<br />
IEI (Now Part of Linear)<br />
IFSEC<br />
iJET Intelligent Risk Systems<br />
Ikegami Electronics (USA), Inc.<br />
Iluminar<br />
ImmerVision<br />
IndigoVision, Inc.<br />
INEX/ZAMIR<br />
Infinova<br />
Ingersoll Rand Security<br />
Technologies<br />
InMotion CCTV, Inc.<br />
InstaKey Security System<br />
Installations, Inc.<br />
Insulgard Security Products<br />
Integrated Security Corporation<br />
Intelli-Check-Mobilisa, Inc.<br />
INTELLIKEY Corporation<br />
Intergraph Corporation<br />
International SOS<br />
Intransa, Inc.<br />
Investigations Canada, Inc.<br />
iOmniscient Corporation<br />
Ionit Technologies, Inc.<br />
IPVideo Corporation<br />
IQinVision<br />
IRIS Companies, (The)<br />
(ISC) 2 Pavilion<br />
iThreat Solutions<br />
iView Systems<br />
Izzo Insurance Services, Inc.<br />
JDS Digital Security<br />
Systems, LLC<br />
Johnson Controls, Inc.<br />
Jolly Technologies, Inc.<br />
Jupiter Systems<br />
K2 Solutions, Inc.<br />
Kaba Access Control<br />
KBC Networks<br />
Keltron Corporation<br />
Keri Systems, Inc.<br />
Key Systems, Inc.<br />
Key Tracer Systems, Inc.<br />
Keyscan, Inc.<br />
KeyTrak, Inc.<br />
KKP Security Group<br />
Koukaam<br />
Kowa Optimed, Inc.<br />
Krieger Specialty Products<br />
KT & C USA<br />
L-1 Enterprise Access Division<br />
(Bioscrypt)<br />
Laboratory Corporation of<br />
American Holdings<br />
Laipac Technology<br />
Laminex, Inc.<br />
Lantronix<br />
LawMate America<br />
Leading Holdings, Inc.<br />
LENSEC-IP Video Surveillance<br />
LG Electronics USA –<br />
Iris Technology Division<br />
Liberty Uniform Mfg. Co., Inc.<br />
LifeSafety Power, Inc.<br />
LightLOC Divison of Woven<br />
Electronics<br />
Linear, LLC<br />
Lion Uniform Group –<br />
a G&K Services Company<br />
LockDown, Inc.<br />
Lockmasters, Inc.<br />
LOUROE ELECTRONICS<br />
LSI – Lockmasters Security<br />
Institute/Lockmasters, Inc.<br />
Lumidigm, Inc.<br />
M.C. Dean, Inc.<br />
Madico Window Films<br />
MAGICARD – Ultra Electronics<br />
Magnetic Automation Corp.<br />
March Networks<br />
Marlin Leasing Corp.<br />
Marshall Electronics, Inc.<br />
Martin Yale Industries, Inc.<br />
Matrix Systems, Inc.<br />
Maxxess Systems, Inc.<br />
MBM Corporation<br />
McGard, LLC<br />
THE MECHANIC GROUP, Inc.<br />
MEDEX Global Group, Inc.<br />
<strong>ASIS</strong> is proud to<br />
honor this year’s<br />
Security’s Best—<strong>the</strong><br />
most innovative new<br />
technology, product,<br />
and service solutions.<br />
MER, Inc.<br />
Meridian Technologies, Inc.<br />
Messoa Technologies, Inc.<br />
Metro One<br />
Microsemi/PowerDsine<br />
Microsoft Corporation<br />
Middle Atlantic Products, Inc.<br />
MILESTONE SYSTEMS<br />
MKS Instruments<br />
Mobotix Corp.<br />
Modular Security Systems, Inc.<br />
Monitor Dynamics, Inc.<br />
Monitronics<br />
Moog QuickSet<br />
MorphoTrak<br />
Morse Watchman, Inc.<br />
MSA Security<br />
NAPCO Security<br />
Technologies, Inc.<br />
NASATKA BARRIER, Inc.<br />
National Background Data<br />
NC4<br />
NEDAP<br />
Network Video Technologies<br />
Next Level Security<br />
Systems, Inc.<br />
NIGHTSTICK<br />
Niscayah, Inc.<br />
Nissan North America<br />
NITEK<br />
NUUO, Inc.<br />
Oberthur Technologies<br />
Omnitron Systems Technology<br />
On-Net Surveillance Systems,<br />
Inc. (ONSSI)<br />
One Source Industries<br />
Ontario-Canada Delegation<br />
Open Options, Inc.<br />
OPENEYE<br />
Optellios, Inc.<br />
Optex<br />
Optiview, Inc.<br />
Orion Images Corp.<br />
OSRAM SYLVANIA<br />
OSSI (OLTIS Security Systems<br />
International)<br />
OzVision<br />
Pacific Lock Company<br />
Pacom<br />
Panasonic<br />
Par-Kut International, Inc.<br />
Parabit Systems, Inc.<br />
Patriot3, Inc.<br />
Paxton Access, Inc.<br />
Pelco, Inc. by Schneider Electric<br />
PENTAX Imaging<br />
Perceptics, LLC<br />
Petersen Mfg. Co., Inc.<br />
Philadelphia Insurance Co.<br />
Pivot3<br />
Pixim, Inc.<br />
The winning entries from this competition, open to<br />
all <strong>ASIS</strong> exhibitors, will be featured in <strong>the</strong> Accolades<br />
Showcase in <strong>the</strong> Exhibit Hall. View product information<br />
online pre- and post-show and see <strong>the</strong> solutions<br />
‘up close and personal’ on-site.<br />
September 19–22, 2011 | Orange County Convention Center | Orlando, Florida | www.asis2011.org 7
Plasco ID<br />
PlaSec, Inc.<br />
Point Grey Research, Inc.<br />
POINTMAN<br />
Polaroid ID Systems<br />
POWDERSAFE Pty, Ltd.<br />
PowerFlare (PF Distribution Ctr)<br />
PPM 2000, Inc.<br />
Premier Mounts<br />
Premier Wireless, Inc.<br />
PRO Barrier Engineering<br />
Protech/Protection<br />
Technologies, Inc.<br />
Protection One, Inc.<br />
ProxiGuard/BlueCard Software<br />
Technology Co., Ltd.<br />
Proxim Wireless<br />
PureTech Systems, Inc.<br />
QNAP, Inc.<br />
Quantum Secure, Inc.<br />
Quartermaster, Inc.<br />
Quest Diagnostics<br />
Quintron Systems, Inc.<br />
Rainbow CCTV<br />
Rapiscan Systems<br />
Raytec<br />
Ray<strong>the</strong>on<br />
RBH ACCESS<br />
TECHNOLOGIES, Inc.<br />
Realtime DAR<br />
record usa, Inc.<br />
Redline Communications<br />
Research Electronics Int’l., LLC<br />
RF Ideas, Inc.<br />
RGB Spectrum<br />
ROFU International Corp.<br />
Rosslare Security Products<br />
RS2 Technologies, LLC<br />
RSSI Barriers, LLC<br />
RTM Soft<br />
Rytec High Performance Doors<br />
S2 Institute<br />
S2 Security Corporation<br />
Safety Technology<br />
International, Inc.<br />
SAIC<br />
Salient Systems<br />
Salto Systems, Inc.<br />
Samsung Techwin<br />
Sarnoff Corporation<br />
Scallop Imaging<br />
Scanna MSC, Inc.<br />
Schneider Electric<br />
School Planning & Management/<br />
College Planning &<br />
Management<br />
SDC-Security Door Controls<br />
SDM & Security Magazines<br />
SecurAmerica, LLC<br />
Securitas Security Services<br />
USA<br />
Securitech Group, Inc.<br />
Security Buyer<br />
Security Director News and<br />
Security Systems News<br />
Security Information<br />
Systems, Inc.<br />
Security Journal/Palgrave<br />
Macmillan<br />
Security Management<br />
SECURITY PRODUCTS<br />
MAGAZINE<br />
Security Sales & Integration<br />
Magazine<br />
Security Solutions Int’l.<br />
Security Today Magazine – India<br />
Security Tronix<br />
Security-Net<br />
Seguridad en America<br />
Send Word Now<br />
SensaVideo<br />
Senstar, Inc.<br />
Sentry 360 Security<br />
Sentry View Systems<br />
SentryNet<br />
Shanghai Xinfan Container Fit<br />
ShotSpotter, Inc.<br />
SIEDLE<br />
Sielox/Costar Video<br />
SightLogix<br />
SimonsVoss<br />
SITE – SECURE<br />
Smarter Security –<br />
Outdoor Division<br />
Smartvue Corp.<br />
Smiths Detection<br />
SMP Europe Limited<br />
Sony Electronics<br />
Southwest Microwave, Inc.<br />
SPAWAR Atlantic<br />
SPECO Technologies<br />
Stanley Security Solutions<br />
THE STEELE FOUNDATION<br />
STENTOFON/Zenitel Group<br />
Stone Panels, Inc.<br />
STOPware, Inc.<br />
Stretch, Inc.<br />
Sun Myung Electro-Telecom Co.<br />
Surveon Technology<br />
Synology America Corp.<br />
T.S. MicroTech, Inc.<br />
TagMaster North America, Inc.<br />
TAKEX AMERICA, Inc.<br />
TALK-A-PHONE CO.<br />
TAMRON USA, Inc.<br />
Tavcom Training<br />
Team NiSCA/Kanematsu USA<br />
& GLORY<br />
TEAM Software, Inc.<br />
Tech, Inc., Corp.<br />
Tech Systems, Inc.<br />
Telephonics Corporation<br />
“If you are thinking about or<br />
looking for anything in or about<br />
security, you’ll find it here, see it<br />
here, and experience it here.”<br />
Robert Crow<br />
Director, Corporate Security<br />
AmerisourceBergen Corporation<br />
Telular Corporation<br />
Texecom Limited<br />
Theia Technologies<br />
THETW<br />
Thomson Reuters<br />
Tilt-A-Way/Ideal Mfg., Inc.<br />
TLO<br />
Today’s Facility Manager<br />
TOKINA INDUSTRIAL, Inc.<br />
ToteVision<br />
Tower Solutions<br />
Training Camp<br />
Traka USA<br />
Transformational Security, LLC<br />
TransTech Systems, Inc.<br />
Travel Guard<br />
Tridium<br />
Triple Canopy<br />
TSSIA – Taiwan Safety &<br />
Security Industry Assoc.<br />
Tyco Security Products<br />
TydenBrooks Security<br />
Products Group<br />
TYMETAL Corp.<br />
U.S. Postal Inspection Service<br />
U.S. Saudi Arabian Business<br />
Council<br />
U.S. SECURITY ASSOCIATES,<br />
Inc.<br />
UDP Technology<br />
Uncle Mike’s Law Enforcement<br />
Underwriters Laboratories, Inc.<br />
UNIONCOMMUNITY CO., LTD.<br />
UniPro Uniforms<br />
United States Bullet<br />
Proofing, Inc.<br />
Universal Safety Response –<br />
GRAB Barrier<br />
Universal Services of America<br />
University of Denver<br />
University of Maryland<br />
University College<br />
University of Phoenix<br />
UTC Fire & Security (Formerly<br />
GE Security)<br />
Valcom, Inc.<br />
Valor Systems, Inc.<br />
Ventas De Seguridad<br />
Veracity USA<br />
Verint Video Solutions<br />
PErSONALIzE yOur ShOw ExPErIENCE wIth<br />
thE ONLINE PLANNEr ANd <strong>ASIS</strong> MOBILE!<br />
• Plan your session schedule.<br />
• Search for companies, products, and services.<br />
• Pre-book appointments with exhibitors.<br />
• Learn about breaking <strong>ASIS</strong> news and show specials.<br />
• Access a live Twitter feed.<br />
8 <strong>ASIS</strong> 2011 <strong>Anticipate</strong> <strong>the</strong> <strong>unexpected</strong>. The security tools, techniques, and talent for tomorrow.<br />
Vertex Standard<br />
Vicon Industries, Inc.<br />
Video Insight, Inc.<br />
Video Mount Products<br />
Videology Imaging<br />
Solutions, Inc.<br />
videoNEXT Network<br />
Solutions, Inc.<br />
VIDEX, Inc.<br />
VIDO Security System Co., Ltd.<br />
VidSys, Inc.<br />
VIEWZ<br />
VIGITRON, Inc.<br />
Viking Electronics, Inc.<br />
Virtual Imaging, Inc. (Canon)<br />
Viscount Systems, Inc.<br />
Vision Components GmbH<br />
Visitor Pass Solutions by Data<br />
Management, Inc.<br />
VIVOTEK, INC.<br />
Vumii Imaging, Inc.<br />
Watec/Genwac<br />
Wausau Tile, Inc.<br />
Webster University<br />
WEISER SECURITY<br />
SERVICES, INC.<br />
Whelan Security Co.<br />
Whitaker Bro<strong>the</strong>rs, Inc.<br />
Wilson Bohannan Padlock<br />
Company<br />
Winland Environmental Security<br />
Winncom Technologies<br />
Winsted Corporation<br />
WIRECRAFTERS, LLC<br />
Worldwide Imaging & Detection<br />
Systems, Inc.<br />
X-Test<br />
Xiamen Leading Optics Co.,<br />
Ltd.<br />
Xtec, Incorporated<br />
Xtralis<br />
Zebra Technologies<br />
Zistos Corporation
Certification Activities<br />
<strong>ASIS</strong> CERtIFICAtIon<br />
Prepare for <strong>ASIS</strong> Board Certification—take a Review Before <strong>the</strong> Seminar<br />
Friday, September 16–Saturday, September 17<br />
Peabody Hotel<br />
The most respected leaders in security management are board-certified by <strong>ASIS</strong> International.<br />
Prepare a course of study to earn one of three <strong>ASIS</strong> designations (CPP, PCI, or PSP) by attending a<br />
classroom review prior to <strong>the</strong> Seminar and Exhibits. Experienced instructors provide a focused review<br />
of <strong>the</strong> subjects tested on each exam. Reviews may also be audited for a reduced fee (restrictions<br />
apply). Visit www.asis2011.org for details and to register.<br />
Certification lounge<br />
Monday–Wednesday, 9:00 am–4:30 pm<br />
CPPs, PCIs, and PSPs are invited to visit <strong>the</strong> Certification Lounge throughout <strong>the</strong> Seminar. The<br />
Lounge is <strong>the</strong> perfect place to connect with o<strong>the</strong>r certificants from around <strong>the</strong> world and to get <strong>the</strong><br />
latest in certification news. Members of <strong>the</strong> Professional Certification Board (PCB) and <strong>ASIS</strong><br />
Certification Department staff will also be in <strong>the</strong> Lounge to network and answer your questions.<br />
Earn up to 19 Recertification Credits<br />
If you’re a CPP, PCI, or PSP, you can earn up to 19 recertification CPEs by attending <strong>the</strong> Annual Seminar<br />
and Exhibits:<br />
1. Those who register for <strong>the</strong> Full Seminar (four days) will automatically receive sixteen (16) CPE<br />
credits plus three (3) CPE credits for attendance at <strong>the</strong> exhibit hall. (No documentation is required.)<br />
2. Those who register for a Single Day registration will automatically receive four (4) CPE credits plus<br />
three (3) CPE credits for attendance at <strong>the</strong> exhibit hall.<br />
3. Those who register as Exhibits-only can claim three (3) CPE credits (copy of <strong>the</strong> name badge is<br />
required as a form of documentation).<br />
4. Those who attend as Exhibitors can claim three (3) CPE credits and one (1) CPE credit per session<br />
that <strong>the</strong>y attend. (Copy of <strong>the</strong> name badge is required as a form of documentation).<br />
(ISC) 2 ® EDuCAtIon<br />
Free Credential Clinics<br />
Sunday, September 18<br />
Peabody Hotel<br />
If you are an information security professional who would like to become (ISC) 2 certified, we invite you<br />
to take a sneak peak into our award-winning Official Review Seminars. During our half-day Free<br />
Credential Clinics you will be taught by an (ISC) 2 Authorized Instructor in accordance with (ISC) 2 approved<br />
education materials, so you can see for yourself which credential is <strong>the</strong> best fit for your skills and career<br />
path. You may choose from CISSP,® CSSLP,® CAP,® or SSCP® and decide whe<strong>the</strong>r an official education<br />
program is <strong>the</strong> best choice for you.<br />
official Review Seminar<br />
Saturday–Sunday, September 17–18<br />
Peabody Hotel<br />
(ISC) 2 is offering a two-day Intensive Education program for <strong>the</strong> CISSP or CSSLP certification, so if<br />
you would like to take advantage of <strong>the</strong> best discounts on (ISC) 2 official education, plan on registering<br />
for one of <strong>the</strong> classes. For more information or a complete listing of <strong>the</strong> offerings, please visit<br />
www.isc2.org/congress2011.<br />
(ISC) 2 Exam<br />
Sunday, September 18<br />
Peabody Hotel<br />
(ISC) 2 will host a certification exam. Register for any (ISC) 2 exam online at<br />
www.isc2.org/certification-register-now.aspx.<br />
September 19–22, 2011 | Orange County Convention Center | Orlando, Florida | www.asis2011.org 9
<strong>the</strong> CSO roundtable, a private membership group within <strong>ASIS</strong> International, is proud<br />
to offer an exclusive slate of sessions and activities for senior security executives<br />
at this year’s Annual Seminar and Exhibits. In addition to this special CSO track,<br />
members can take advantage of a business lounge and a private area at <strong>the</strong><br />
President’s reception. Access to <strong>the</strong>se benefits is free for paid roundtable members.<br />
If you are not a roundtable member but are interested in attending <strong>the</strong>se sessions,<br />
please contact manuela.costa@asisonline.org.<br />
Speakers subject to change. Session times will<br />
be announced at a later date.<br />
Distinguished Speakers<br />
In <strong>the</strong> CSO Roundtable’s Distinguished Speaker<br />
Series, notable and sometimes controversial<br />
speakers join private sessions and take questions<br />
from members of <strong>the</strong> CSO Roundtable. The CSO<br />
Roundtable is proud to announce that Jeb Bush,<br />
former Governor of Florida, and Vicente Fox,<br />
President of Mexico, will participate as this year’s<br />
Distinguished Speakers.<br />
When a Crisis Calls: Business<br />
Collaboration With <strong>the</strong> Public Sector<br />
Public/private collaborations sound great on<br />
paper, but when a disaster strikes, this important<br />
relationship is put to <strong>the</strong> test. This session<br />
emphasizes lessons learned from previous crises<br />
and how to ensure better preparedness and<br />
resiliency by having good coordination between<br />
<strong>the</strong> two sectors.<br />
Lori Hennon-Bell, Chief Security Officer, Prudential<br />
Financial<br />
Social media Risks and Rewards<br />
Should your company allow <strong>the</strong> use of Facebook<br />
or LinkedIn? How about letting workers use <strong>the</strong>ir<br />
iPhones? Are you planning to move any critical<br />
services to <strong>the</strong> cloud? Organizations move faster<br />
and function more efficiently when <strong>the</strong>ir security<br />
teams embrace, ra<strong>the</strong>r than reject, new<br />
technologies, but it’s not always easy to do so.<br />
Businesses also face increased intelligence<br />
threats from using social media. This session<br />
considers all sides of <strong>the</strong> debate and how security<br />
professionals can stop fighting technology<br />
demands and become enablers.<br />
Jeff Berkin, Chief Security Officer, CACI<br />
Changes in Corporate liability Put<br />
Companies and Executives at Risk<br />
An employee used corporate Internet access in<br />
planning a crime, and <strong>the</strong> victim’s family sued to<br />
hold <strong>the</strong> company liable—and won. In Europe,<br />
<strong>the</strong> managing director of a German steel plant<br />
in Italy was charged with second-degree murder<br />
and received a 16-year jail sentence, held<br />
responsible (along with five o<strong>the</strong>r managers) for<br />
an accidental fire that killed seven workers. This<br />
session explores how <strong>the</strong> notion of corporate<br />
liability is changing across <strong>the</strong> globe, and provides<br />
advice to security leaders on how to keep <strong>the</strong>ir<br />
companies and executives safe from this kind of<br />
liability.<br />
Brian Reich, CPP, Bergen County Prosecutor’s Office;<br />
Roger Warwick, CPP, Managing Director, Pyramid<br />
International<br />
Revolution in <strong>the</strong> middle East: What’s<br />
next Will Affect your Company<br />
From Bahrain to Yemen, discontent followed by<br />
‘soft revolutions’ swept through <strong>the</strong> Middle East<br />
this year, dislodging some decades-old regimes<br />
and threatening o<strong>the</strong>rs. What changes have been<br />
wrought in <strong>the</strong> region, and which regimes may be<br />
next? How are <strong>the</strong> new governments different<br />
from <strong>the</strong> regimes <strong>the</strong>y are replacing, or will it be<br />
business as usual? And what will be <strong>the</strong> short-<br />
and long-term effects on multinationals that do<br />
business in <strong>the</strong> region? This presentation<br />
addresses <strong>the</strong>se issues and encourages security<br />
executives to discuss o<strong>the</strong>r issues pertinent to<br />
doing business in <strong>the</strong> region.<br />
Hugh McLeod, COO, Stirling Assynt (Europe), Ltd.<br />
Becoming a trusted Advisor to<br />
<strong>the</strong> CSo<br />
See page 15 for details.<br />
10 <strong>ASIS</strong> 2011 <strong>Anticipate</strong> <strong>the</strong> <strong>unexpected</strong>. The security tools, techniques, and talent for tomorrow.
Pre-Seminar Programs and Events<br />
Make <strong>the</strong> most of your time and resources in Orlando by adding<br />
one or more of <strong>the</strong>se exciting programs to your agenda. Additional<br />
registration fees apply where indicated.<br />
PRE-SEmInAR PRoGRAmS<br />
<strong>the</strong> Impact of Cargo <strong>the</strong>ft on <strong>the</strong><br />
Global Supply Chain<br />
Saturday–Sunday, September 17–18<br />
This comprehensive program examines supply<br />
chain criminal activity in all modes and areas of<br />
<strong>the</strong> global logistics and transportation industry<br />
sectors. Beginning with <strong>the</strong> identification and<br />
assessment of existing threats and related<br />
vulnerabilities which significantly impact <strong>the</strong><br />
supply chain, examine all aspects of effective<br />
mitigation processes. The critical role of<br />
actionable intelligence analysis in <strong>the</strong> strategic<br />
security planning process is emphasized, and<br />
specific supply chain security countermeasures<br />
are presented. Review <strong>the</strong> importance of existing<br />
transportation statutes and necessary cargo<br />
carriage liability coverage. The creation of a<br />
secure environment for people and cargo is<br />
examined, both from a supply chain standpoint<br />
and a terminal perspective. Trends in supply chain<br />
governance and <strong>the</strong> uncertainty of global political<br />
resolve are analyzed as key factors requiring<br />
substantial change for <strong>the</strong> improvement of supply<br />
chain security integrity in <strong>the</strong> face of <strong>the</strong> ongoing<br />
threat of criminal activity.<br />
Presented by <strong>the</strong> Global Maritime and Transportation<br />
School (GMATS) at <strong>the</strong> U.S. Merchant Marine Academy<br />
Program #1165<br />
$595 member; $695 nonmember<br />
Detecting Deception in Verbal and<br />
Written Statements<br />
Saturday–Sunday, September 17–18<br />
8:00 am–5:00 pm<br />
This is an intensive, hands-on introduction to<br />
Statement Analysis. You will learn how to detect<br />
deception in verbal and written statements,<br />
allowing you to identify suspects and eliminate<br />
truthful persons as suspects. The technique will<br />
allow you to save time and resources as well as<br />
be more successful in your investigations. Learn<br />
from actual cases that were solved using <strong>the</strong><br />
technique and gain practical experience.<br />
Sponsored by John Dietz and Associates<br />
Program #1164<br />
$595 member; $695 nonmember<br />
Advanced Guard Force management:<br />
Improving Performance/Reducing<br />
turnover<br />
Sunday, September 18, 8:00 am–5:00 pm<br />
The basic element in private security today is still<br />
<strong>the</strong> security officer. Improper pre-employment<br />
screening, weak training programs, and worn out<br />
policies and practices resulting in even one bad<br />
performer can derail an entire protection program.<br />
This program, conducted by leading security<br />
managers with over 75 years of cumulative<br />
experience, outlines cases where training came<br />
too late and offers you practical advice on how to<br />
avoid <strong>the</strong> pitfalls of a less than optimum program.<br />
Topics include defining <strong>the</strong> security officer role,<br />
performing an objective evaluation, contract<br />
security, managing security in an organized labor<br />
environment, avoiding litigation, use of force, and<br />
building morale.<br />
Sponsored by <strong>the</strong> International Foundation for Cultural<br />
Property Protection.<br />
Program #1168<br />
$395 member; $495 nonmember<br />
Bank Security Risk mitigation<br />
Sunday, September 18, 8:00 am–5:00 pm<br />
This full-day program covers <strong>the</strong> major topics<br />
and concerns faced by corporate security<br />
managers in <strong>the</strong> banking and financial institutions<br />
environment. A panel of security directors and<br />
o<strong>the</strong>r bank security specialists will address <strong>the</strong><br />
Bank Protection Act, risk assessment process,<br />
CPTED principles for banking, bank robbery<br />
training, effects of global financial crime, Internet<br />
banking account takeovers, preparing for court<br />
testimony, and creating added value in bank<br />
security programs.<br />
Sponsored by <strong>the</strong> <strong>ASIS</strong> Banking and Financial Services<br />
Council<br />
Program #1167<br />
$395 member; $495 nonmember<br />
September 19–22, 2011 | Orange County Convention Center | Orlando, Florida | www.asis2011.org 11
Pre-Seminar Programs and Events<br />
not a moment to lose: Facing<br />
<strong>the</strong> Security Challenges of <strong>the</strong><br />
new Decade<br />
Sunday, September 18, 8:00 am–5:00 pm<br />
After a decade of disappointment that included<br />
both 9/11 and <strong>the</strong> near collapse of <strong>the</strong> global<br />
financial system, today’s security leaders, more<br />
than any time in history are faced with issues<br />
that require <strong>the</strong> knowledge and leadership<br />
skills to influence management. This program<br />
examines all-hazards global risk and its economic<br />
consequences as well as evolving compliance<br />
trends. A diverse group of expert practitioners<br />
will share <strong>the</strong>ir cross-functional methodologies,<br />
measures, and best practices for enterprise risk<br />
management, cost containment, and revenue<br />
influence within <strong>the</strong> framework of <strong>the</strong> company<br />
environment.<br />
Sponsored by <strong>the</strong> <strong>ASIS</strong> Leadership and Management<br />
Practices Council<br />
Program #1171<br />
$395 member; $495 nonmember<br />
Preparing for <strong>the</strong> Worst: Security<br />
Readiness and Response for your<br />
Critical Business Functions<br />
Sunday, September 18, 8:00 am–5:00 pm<br />
Every business has its own critical processes and<br />
functions, making resiliency to incidents vital. In<br />
this program, you will learn readiness, response,<br />
and recovery practices using standards related<br />
to <strong>the</strong> preservation of your assets. Information<br />
on resiliency, current practices, and training to<br />
ensure your exercises conform to established<br />
best practices will be provided. Topics include<br />
<strong>the</strong> DHS PS Prep Program, cyber security risks to<br />
critical infrastructure, liability and insurance<br />
issues resulting from a catastrophic event, an<br />
update on terrorism issues, and <strong>the</strong> Homeland<br />
Security Exercise and Evaluation Program<br />
(HSEEP).<br />
Sponsored by <strong>the</strong> <strong>ASIS</strong> Critical Infrastructure Working<br />
Group<br />
Program #1166<br />
$395 member; $495 nonmember<br />
Raising <strong>the</strong> heat on Soft target<br />
Protection: Is your open Access<br />
Business Environment Safe?<br />
Sunday, September 18, 8:00 am–5:00 pm<br />
The challenging task of protecting soft targets<br />
including hotels, arena events, and o<strong>the</strong>r<br />
entertainment and hospitality venues requires<br />
more than a basic security plan. This intensive,<br />
full-day program, presented by industry professionals<br />
and government officials, provides an<br />
array of resources and information on staff<br />
training, current threat trends and mitigation,<br />
evaluating risks, response, <strong>the</strong> value of publicprivate<br />
partnerships, and liability exposure<br />
associated with major events in soft target<br />
environments. Leave with real world solutions<br />
to apply at your venue.<br />
Sponsored by <strong>the</strong> <strong>ASIS</strong> Hospitality Entertainment and<br />
Tourism Council<br />
Program #1169<br />
$395 member; $495 nonmember<br />
Securing houses of Worship now and<br />
in <strong>the</strong> Future<br />
Sunday, September 18, 8:00 am–5:00 pm<br />
International polls on terrorism list houses of<br />
worship in <strong>the</strong> top five ‘at risk’ sectors for <strong>the</strong><br />
threat of terrorist attacks. This program addresses<br />
<strong>the</strong> risks, threats, and vulnerabilities to houses<br />
of worship and faith-based organizations from<br />
various cross-denominational religions in <strong>the</strong> U.S.<br />
and abroad. Learn how to develop risk management<br />
strategies that will help your organization<br />
implement solid safety and security plans as well<br />
as aid in deploying detailed operational protection<br />
procedures.<br />
Sponsored by <strong>the</strong> <strong>ASIS</strong> Cultural Properties Council and <strong>the</strong><br />
Houses of Worship Security Committee<br />
Program #1170<br />
$395 member; $495 nonmember<br />
12 <strong>ASIS</strong> 2011 <strong>Anticipate</strong> <strong>the</strong> <strong>unexpected</strong>. The security tools, techniques, and talent for tomorrow.
<strong>the</strong> Basis of Security Design:<br />
Functionally Integrated Systems<br />
Sunday, September 18, 8:00 am–5:00 pm<br />
Based on <strong>the</strong> first part of Facility Security Design,<br />
<strong>ASIS</strong>’ popular three-day program, this one-day<br />
intensive workshop delineates a step-by-step<br />
process to identify assets and assess value,<br />
identify threats and vulnerabilities of those<br />
assets, and <strong>the</strong>n use that information in a risk<br />
assessment process to help develop functional<br />
design requirements for solutions to <strong>the</strong><br />
vulnerabilities. New hands-on exercises help you<br />
put <strong>the</strong> approach into a realistic scenario. The<br />
program wraps up with discussion on how to take<br />
<strong>the</strong> functional requirements and prepare <strong>the</strong><br />
preliminary design package.<br />
Sponsored by <strong>ASIS</strong> Security Architecture and Engineering<br />
Council<br />
Program #1172<br />
$395 member; $495 nonmember<br />
<strong>the</strong> Successful Security Consultant<br />
Sunday, September 18, 8:00 am–5:00 pm<br />
Launch a new security consultant practice or<br />
jump-start an existing one – this popular, one-<br />
day program will show you how! Learn from a<br />
faculty of seasoned consultants how to avoid<br />
<strong>the</strong> expensive mistakes that can sabotage your<br />
success. The program is filled with practical<br />
information that will save you time, money, and<br />
frustration. Take home a comprehensive workbook<br />
of sample proposals and reports that give you a<br />
clear advantage when competing for a security<br />
consulting assignment.<br />
Sponsored by International Association of Professional<br />
Security Consultants (IAPSC)<br />
Program #1173<br />
$395 member; $495 nonmember<br />
“From a security field perspective,<br />
it is <strong>the</strong> best available conference/<br />
show on security in <strong>the</strong> united<br />
States.”<br />
Michael Burton<br />
Security Manager<br />
ACE Cash Express<br />
CISSP® 2-Day Intensive<br />
Education Program<br />
Saturday–Sunday, September 17–18<br />
8:00 am–5:00 pm<br />
two-Day Review Seminar—Exclusive<br />
For those information security professionals<br />
considering becoming (ISC)² certified, a two-day<br />
Official Review Seminar for CISSP will be offered<br />
for a one time only price of $750.00. Please<br />
register for this by calling certification consultant<br />
Guy Wiltse at +1.703.637.4416 or online at<br />
www.isc2.org/certification-register-now.aspx.<br />
Sponsored by (ISC) 2<br />
$750 member/nonmember<br />
CSSlP® 2-Day Intensive<br />
Education Program<br />
Saturday–Sunday, September 17–18<br />
8:00 am–5:00 pm<br />
two-Day Review Seminar—Exclusive<br />
For those information and application security<br />
professionals considering becoming (ISC)²<br />
certified, a two-day Official Review Seminar<br />
for CSSLP will be offered for a one time only<br />
price of $750.00. Please register for this by<br />
calling certification consultant Guy Wiltse<br />
at +1.703.637.4416 or online at<br />
www.isc2.org/certification-register-now.aspx.<br />
Sponsored by (ISC) 2<br />
$750 member/nonmember<br />
September 19–22, 2011 | Orange County Convention Center | Orlando, Florida | www.asis2011.org 13
Pre-Seminar Programs and Events<br />
PRoFESSIonAl touRS<br />
Kennedy Space Center<br />
Sunday, September 18, 1:00 pm–6:00 pm<br />
Blast off! Get up close<br />
and personal with a<br />
Saturn Rocket. This<br />
two-hour guided tour<br />
of <strong>the</strong> Kennedy Space<br />
Center by trained<br />
space experts gives<br />
you a unique view of<br />
<strong>the</strong> space program,<br />
from launch<br />
preparation to liftoff.<br />
<strong>ASIS</strong> guests are<br />
treated to close views<br />
of space shuttle<br />
launch pads from <strong>the</strong> top of <strong>the</strong> 60-foot-tall LC-39<br />
Observation Gantry with 360 degree views of <strong>the</strong><br />
Cape, <strong>the</strong> Vehicle Assembly Building (VAB), and<br />
<strong>the</strong> massive crawler-transporter, which transports<br />
<strong>the</strong> shuttle from <strong>the</strong> VAB to its launch pad. At <strong>the</strong><br />
conclusion of <strong>the</strong> guided portion of <strong>the</strong> tour,<br />
guests will disembark at <strong>the</strong> Apollo/Saturn V<br />
Center to marvel at a massive 363-foot-long<br />
Saturn V moon rocket. The Apollo/Saturn V Center<br />
is a tribute to <strong>the</strong> Apollo astronauts and <strong>the</strong><br />
machines that got <strong>the</strong>m to <strong>the</strong> Moon—and<br />
brought <strong>the</strong>m home safely.<br />
Then join Kennedy Space Center professionals<br />
who will discuss <strong>the</strong> basics of security for<br />
America’s Space Program. You will have an<br />
opportunity to tour <strong>the</strong> Apollo/Saturn V Center at<br />
your own pace prior to returning to <strong>the</strong> main<br />
campus. Test out <strong>the</strong> Shuttle Launch Experience<br />
simulated attraction for a virtual space voyage.<br />
Short of becoming an astronaut, <strong>the</strong>re’s no better<br />
way to get a glimpse of <strong>the</strong> Kennedy Space<br />
Center! Buses depart <strong>the</strong> Orange County<br />
Convention Center at 1:00 pm and return by<br />
6:00 pm.<br />
Fee: $70<br />
Virtual and Immersive training<br />
Systems Experience<br />
Sunday, September 18, 1:30 pm–5:30 pm<br />
Experience active training <strong>the</strong> way military and law<br />
enforcement experience it. Cubic Corporation<br />
designs, develops, manufactures, and provides<br />
a full range of virtual training devices for national<br />
military and security forces worldwide. Be ready<br />
to put on <strong>the</strong> gear and step into <strong>the</strong> virtual world<br />
where your adrenaline flows.<br />
• Create your own training scenario on <strong>the</strong><br />
computerized tabletop display or Mission<br />
Rehearsal Planning System. This software brings<br />
computer gaming to real-world experiences.<br />
• Test your small arms engagement skills in<br />
Cubic’s scenario-based small arms simulators.<br />
Pick <strong>the</strong> target; take <strong>the</strong> test.<br />
• Experience driving a Humvee through enemy<br />
territory with guns blazing. The big screen<br />
animation reacts to your actions. Are you ready<br />
for a challenge?<br />
• Get down and dirty in this Multiple Integrated<br />
Laser Engagement Simulation, which accurately<br />
replicates actual firing capabilities, detects hits<br />
from laser ‘bullets,’ and performs damage and/<br />
or casualty assessments. Will you survive?<br />
This is an experiential tour. Be ready for action!<br />
Buses depart <strong>the</strong> Orange County Convention Center<br />
at 1:30 pm and return by 5:30 pm.<br />
Fee: $75<br />
<strong>ASIS</strong> WomEn In SECuRIty<br />
SESSIonS AnD EVEntS<br />
Join us for <strong>the</strong> 2011 Women in Security<br />
program and continue to improve your<br />
leadership skills, build your career network,<br />
and nurture your mentoring relationships.<br />
<strong>ASIS</strong> Women in Security open<br />
Session<br />
Tuesday, September 20, 3:15 pm–4:30 pm<br />
Join <strong>the</strong> <strong>ASIS</strong> Women in Security Group for an<br />
open session set to explore topics unique to<br />
females in <strong>the</strong> industry. This premiere networking<br />
event opens with a series of four separate<br />
breakout sessions, including: Achieving Your<br />
Potential with Certification; Projecting Confidence<br />
in <strong>the</strong> Workplace; Mastering Situational Leadership;<br />
and Becoming a CSO. Attendees select two of <strong>the</strong><br />
four sessions to attend. Conclude <strong>the</strong> session<br />
with open discussions and informal networking.<br />
Breakout session options:<br />
Session one: Achieving your Potential with<br />
Certification<br />
In today’s job market, it’s critical to be, and stay,<br />
competitive. <strong>ASIS</strong> professional certifications<br />
convey competence and credibility—providing<br />
<strong>the</strong> edge required to advance and achieve<br />
professional goals. Learn <strong>the</strong> steps to achieving<br />
certification and how you can leverage your<br />
credentials to stand out among your peers and<br />
advance in your security career.<br />
Session two: Projecting Confidence in <strong>the</strong><br />
Workplace<br />
You have been told to carry yourself with<br />
confidence. Until now, you have not been told<br />
how to do so. Join us and master <strong>the</strong> skills you<br />
need to project confidence in <strong>the</strong> workplace.<br />
Session three: mastering Situational leadership<br />
This session, led by Natalie Runyon, Goldman<br />
Sachs Global Security and CSO Leadership<br />
Training, will provide tools to help you know when<br />
to be strong and decisive and when to be<br />
14 <strong>ASIS</strong> 2011 <strong>Anticipate</strong> <strong>the</strong> <strong>unexpected</strong>. The security tools, techniques, and talent for tomorrow.
collaborative and inclusive, and how to adapt<br />
your leadership and communication styles<br />
appropriately.<br />
Session Four: Becoming a CSo<br />
Climbing <strong>the</strong> corporate ladder is fraught with<br />
obstacles and challenges. Listen as experienced<br />
CSO Marene Allison, Worldwide Vice President of<br />
Information Security at Johnson & Johnson,<br />
shares her experiences and advice on attaining<br />
one of <strong>the</strong> highest professional levels in <strong>the</strong><br />
corporate arena.<br />
networking Reception<br />
Tuesday, September 20, 4:45 pm–5:45 pm<br />
Come toge<strong>the</strong>r and connect with peers for a<br />
special hour of networking and discussions<br />
hosted by <strong>the</strong> <strong>ASIS</strong> Women in Security Group.<br />
Enjoy cocktails in a relaxing setting as you<br />
become reacquainted with colleagues and expand<br />
your worldwide network of professional contacts.<br />
Women in Security Keynote Breakfast<br />
Wednesday, September 21, 7:00 am–8:00 am<br />
Accomplished business consultant, coach, and<br />
trainer Susan Mazza, Women’s Business Center,<br />
Florida Institute of Technology, shares her unique<br />
understanding of human systems and passion for<br />
instigating leadership. Discover and inspire <strong>the</strong><br />
leader in you as you learn to unlock <strong>the</strong> potential<br />
of <strong>the</strong> human spirit.<br />
Reaching Forward, Reaching Back:<br />
mentoring Women in Security<br />
Wednesday, September 21<br />
11:00 am–12:00 noon<br />
This session will provide hands-on tools to assist<br />
in recruitment, retention, and development of<br />
women in <strong>the</strong> security environment. Learn from<br />
your colleagues how mentoring has been an<br />
invaluable part of <strong>the</strong>ir professional experience,<br />
and walk away from <strong>the</strong> session with specific how<br />
to’s and next steps.<br />
Terri Howard, Director, Crisis Management, FEI Behavioral<br />
Health<br />
younG PRoFESSIonAlS<br />
Make new connections and streng<strong>the</strong>n your<br />
professional network at <strong>ASIS</strong> 2011 by<br />
attending events such as <strong>the</strong>se with peers<br />
and established practitioners.<br />
young Professionals Reception<br />
(CSo Roundtable members Invited)<br />
Sunday, September 18, 5:00 pm–6:00 pm<br />
Engage, listen, and learn from peers and<br />
high-level industry leaders during this dynamic<br />
networking reception hosted by <strong>the</strong> Young<br />
Professionals Group. Three stimulating,<br />
20-second presentations from accomplished<br />
industry leaders on leadership, advancement,<br />
and achievement create <strong>the</strong> basis for an hour of<br />
thought-provoking conversation and discussion.<br />
President’s Reception—networking<br />
With <strong>the</strong> CSo Roundtable<br />
September 20, 8:30 pm–10:00 pm<br />
Universal’s Islands of Adventure®<br />
Join your peers and CSO Roundtable members<br />
for a private reception held at <strong>the</strong> President’s<br />
Reception. Enjoy top-flight beverages and hors<br />
d’oeuvres while you mingle with peers and senior<br />
leaders in a relaxed atmosphere. By invitation.<br />
Becoming a trusted Advisor to<br />
<strong>the</strong> CSo<br />
Wednesday, September 21, 1:45 pm–3:00 pm<br />
Many chief security officers hire multiple<br />
deputies, each with different backgrounds and<br />
skill sets, to be subject matter experts and<br />
trusted advisors on a host of threats. Those who<br />
advance in <strong>the</strong>ir organizations to become deputies<br />
to <strong>the</strong> CSO are provided with a great learning<br />
opportunity—not to mention a chance to step up<br />
into <strong>the</strong> CSO position some day. But how do you<br />
get to become a deputy in <strong>the</strong> first place? This<br />
panel discussion, with deputy CSOs from major<br />
multinational companies, will provide some ideas<br />
as well as answer questions from <strong>the</strong> audience.<br />
Steve Braden, CPP, Vice President, Corporate Security<br />
Services, Capital One Bank; Bryan Fort, CPP, Corporate<br />
Security Manager, McCormick & Co., Inc.; Scott Lindahl,<br />
Director Corporate Security, Kellogg Company; Bill Ovca,<br />
President, Ovca Associates, Inc.<br />
“<strong>ASIS</strong> International is <strong>the</strong> most<br />
comprehensive educational and<br />
networking resource in <strong>the</strong><br />
security field.<br />
Daniel H. Kropp, CPP<br />
Director, Physical Security<br />
Towers Watson<br />
September 19–22, 2011 | Orange County Convention Center | Orlando, Florida | www.asis2011.org 15
Focus on homeland Security<br />
this year’s comprehensive education program includes 30 sessions in <strong>the</strong> homeland<br />
security track. If you’re responsible for protecting <strong>the</strong> homeland, <strong>the</strong>se topics,<br />
presented by leading experts from government and industry, may be of special<br />
interest to you. But don’t limit yourself to <strong>the</strong>se sessions—you’re sure to find<br />
additional relevant topics throughout <strong>the</strong> program. (Sessions begin on page 18.)<br />
Monday SEPtEmBER 19<br />
11:00 am–12:00 noon<br />
2106 Israeli Security: unconventional<br />
threats, unconventional methods<br />
Oren Raz, Head of Security, Consulate General of Israel<br />
to New England; Amit Gavish, CPP, General Manager,<br />
North America, BriefCam; Steve Surfaro, Industry Liaison,<br />
Axis Communications<br />
2108 Protection of Corporate/General<br />
Aviation Aircraft, hangers, and Airports<br />
Dr. Daniel Benny, CPP, PCI, Security Discipline Chair,<br />
Embry Riddle Aeronautical University Worldwide<br />
2109 <strong>the</strong> Evolving Concerns of Food<br />
Defense Related to Economically motivated<br />
Adulteration (EmA) and Compliance With<br />
<strong>the</strong> Food Safety modernization Act (FSmA)<br />
Shaun Kennedy, Director, National Center for Food<br />
Protection and Defense<br />
2118 national Security Information:<br />
top Five Aspects to Successfully Protecting<br />
our Secrets<br />
Dorene Colwell, Director Special Security Programs, Office<br />
of Intelligence and Analysis, Department of <strong>the</strong> Treasury<br />
LAw ENFOrCEMENt/<br />
MILItAry APPrECIAtION dAy<br />
Wednesday, September 21<br />
If you are an active law enforcement or<br />
military professional, you are invited to<br />
attend <strong>the</strong> keynote with Vicente Fox, as<br />
well as Wednesday’s sessions and <strong>the</strong><br />
Exhibits—at no charge. To obtain your<br />
complimentary registration for this special<br />
day, please register onsite in Orlando at<br />
<strong>ASIS</strong> Registration. Government or military<br />
photo ID is required.<br />
1:45 pm –3:00 pm<br />
2203 Video Quality in Public Safety: First<br />
Responder Case Studies<br />
Steve Surfaro, Industry Liaison, Axis Communications;<br />
Anna Paulson, Electronics Engineer, VQIPS Lead, U.S.<br />
Department of Commerce; Donald Zoufal, Director, SDI;<br />
William Badertscher, CPP, Senior Engineer for Facility and<br />
Security Control Systems, Georgetown University; Larry<br />
Flournoy, Associate Director, Texas A&M University; Robert<br />
Rhoads, Telecommunications Specialist, U.S. Department<br />
of Homeland Security; James Prokop, PSP, Deputy<br />
Program Manager, U.S. Department of Homeland Security<br />
2204 America’s Vulnerable Ports and<br />
Waterways: Current Issues in maritime<br />
Security<br />
Laura Hains, CPP, Maritime Security Specialist,<br />
Independent Security Consultant; Laurie Thomas, Maritime<br />
Security Coordinator, University of Findlay<br />
2205 Separating Fact From Fiction: <strong>the</strong><br />
Food Safety modernization Act of 2011<br />
Brian Stegmann, Senior Engineering & Food Safety<br />
Manager, Corn Products International; Mat<strong>the</strong>w Ryan,<br />
Director Corporate Security, The Hershey Company; Frank<br />
Pisciotta, President, Business Protection Specialists, Inc.<br />
2208 What’s new on <strong>the</strong> Floor?<br />
Howard Belfor, CPP, President, Belfor & Associates, LLC;<br />
Ronald Lander, CPP, Chief Specialist, Ultrasafe Security<br />
Solutions<br />
2213 Cyber Jihad: use of <strong>the</strong> Virtual World<br />
Jeffrey Bardin, Chief Security Strategist, Treadstone 71<br />
2216 Reducing Risk for Elected officials<br />
Robert Oatman, CPP, President, R.L. Oatman &<br />
Associates, Inc.<br />
4:30 pm–5:30 pm<br />
2311 Building on <strong>the</strong> Foundation: more on<br />
Arabs and Islam<br />
Nawar Shora, CEO, Shams Training & Development<br />
2319 Insider threat: A national Concern<br />
Douglas Thomas, Principal Deputy Director, Office of <strong>the</strong><br />
National Counterintelligence Executive<br />
2320 Protecting America’s Electric Grid<br />
Brian M. Harrell, Sr., CPP, Manager of Critical<br />
Infrastructure Protection, North American Electric Reliability<br />
Corporation (NERC); Mark Wea<strong>the</strong>rford, Vice President/<br />
Chief Security Officer, North American Electric Reliability<br />
Corporation (NERC)<br />
16 <strong>ASIS</strong> 2011 <strong>Anticipate</strong> <strong>the</strong> <strong>unexpected</strong>. The security tools, techniques, and talent for tomorrow.
Tuesday SEPtEmBER 20<br />
11:00 am–12:00 noon<br />
3107 Considerations and Advancements<br />
in Providing a Defended Site Perimeter<br />
Joseph L. Smith, PSP, Director/Senior Vice President,<br />
Applied Research Associates<br />
3109 update: <strong>the</strong> u.S. Department of<br />
homeland Security and <strong>the</strong> Chemical<br />
Facility Anti-terrorism Standards<br />
Sue Armstrong, Deputy Assistant Secretary, U.S.<br />
Department of Homeland Security<br />
3115 Rail Security: Protecting <strong>the</strong><br />
Customer’s lading<br />
Larry Schuck, CPP, President, LarMar Security<br />
Consulting, LLC<br />
3119 Protecting your Business:<br />
understanding Islam and Islamofacism<br />
Michael Trapp, CPP, Director, Corporate Security, Tesoro<br />
Companies, Inc.<br />
3180 Architecting and Building a Secure<br />
Virtual Infrastructure and Private Cloud<br />
Rob Randell, Staff Security and Compliance Specialist,<br />
VMware, Inc.<br />
1:45 pm–3:00 pm<br />
3208 It Security Council Series: Is <strong>the</strong><br />
Power Infrastructure Secure? utility and<br />
Smart Grid Security<br />
Maureen McGovern, President, KSB Solutions; Mark<br />
Schreiber, CPP, Design Engineering Specialist, Fluor<br />
Corporation; Sunil Kumar, Senior Solutions Consultant,<br />
Alert Enterprise, (ISC) 2 Appointee; Cpt. Werner Preining,<br />
CPP, Responsible for European Operations, Interpool<br />
Security, Ltd.<br />
3210 <strong>the</strong> Rise of Domestic terrorism<br />
Sean Joyce, Executive Assistant Director, Federal Bureau<br />
of Investigation<br />
3214 Soft targets<br />
James C. Reynolds, CPP, Director of Safety and Security,<br />
Hilton Worldwide<br />
4:30 pm–5:30 pm<br />
3303 Integrator Series: transportation<br />
and Port Security Solutions<br />
Jose Gomez, Port Authority New York New Jersey;<br />
Hector Pesquera, Port of Miami<br />
3313 Defense Security Service Report<br />
to <strong>ASIS</strong><br />
Stan Sims, Director, Defense Security Service; Drew<br />
Winneberger, Director, Industrial Policy and Programs,<br />
Defense Security Service<br />
Wednesday SEPtEmBER 21<br />
11:00 am–12:00 noon<br />
4102 Public-Private Partnership in<br />
Emergency Planning and Florida’s Regional<br />
Domestic Security task Force Concept<br />
Joyce Dawley, Co-Chair, RDSTF5; Robert Hansel, Co-Chair,<br />
RDSTF5; Karen Weaver, Regional Critical Infrastructure<br />
Coordinator<br />
4120 <strong>the</strong> DhS office of Infrastructure<br />
Protection and <strong>the</strong> Ah&lA—Resources<br />
for hotels<br />
Bill Schweigart, U.S. Department of Homeland Security;<br />
Victor Glover, CLSD–Senior Vice President, Safety and<br />
Security, Accor North America<br />
1:45 pm–2:45 pm<br />
4201 Public-Private Partnership in<br />
Intelligence Sharing: <strong>the</strong> Central Florida<br />
Intelligence eXchange (CFIX)<br />
Robert Lefiles, Director of <strong>the</strong> State Fusion Center, FDLE;<br />
Cpt. Dave Ogden, CFIX Director, Orange County Sheriff’s<br />
Office; Kristie Toruno, CFIX Intelligence Liaison Officer<br />
Coordinator; Larry Steiffel, CPP, CFIX Board Member, Walt<br />
Disney World Security<br />
4204 Integrator Series: Critical Infrastructure<br />
Security Solutions (Energy, Water, Gas)<br />
Speakers to be announced.<br />
4208 In our neighborhood: Domestic terror<br />
Groups and <strong>the</strong>ir tactics<br />
Rusty Capps, President, CT/CI Training Partners, LLC;<br />
Deborah (Deedee) Collins, Executive Director, National<br />
Security Training Institute<br />
4212 Gaining Insight on mexico’s Crisis<br />
Kurt Norrigan, CPP, President, Kamen & Associates, Inc.<br />
4219 lodging Partnerships With<br />
law Enforcement<br />
Paul Frederick, CPP, American Hotel and Lodging<br />
Association and Chairman, Loss Prevention Committee and<br />
Director, Global Safety and Security, Hilton Worldwide, Inc.;<br />
Harvey “Skip” Brandt, CPP, Director of Security, Boston<br />
Park Plaza Hotel and Towers; Local and Federal Law<br />
Enforcement from Orange County Florida Sheriff’s<br />
Tourism Police<br />
September 19–22, 2011 | Orange County Convention Center | Orlando, Florida | www.asis2011.org 17
MONDAY, sEPTEMbEr 19<br />
Schedule-aT-Glance<br />
all sessions will be held at <strong>the</strong> Orange county convention center.<br />
11:00 am–12:00 noon<br />
2101 <strong>ASIS</strong> Standards: Auditing for<br />
Improvement—Security Risk and Resilience<br />
Auditing<br />
2102 Future Threats and Mitigation in <strong>the</strong><br />
Air Express Industry: Why Cross-Company<br />
Communication is Critical<br />
2103 Integrator Series: Collaborative/<br />
Consultative Selling<br />
2104 Organized Retail Crime Update: We Have<br />
Come a Long Way<br />
2105 War-Driving: Drive, Detect, and Defense of<br />
Wireless Networks<br />
2106 Israeli Security: Unconventional Threats,<br />
Unconventional Methods<br />
2107 School Security Used to Be So Easy! The<br />
Changing Challenges in K–12 Education<br />
2108 Protection of Corporate/General Aviation<br />
Aircraft, Hangers, and Airports<br />
2109 The Evolving Concerns of Food Defense<br />
Related to Economically Motivated Adulteration<br />
(EMA) and Compliance With <strong>the</strong> Food Safety<br />
Modernization Act (FSMA)<br />
2110 IT Security Council Series: Cloud<br />
Computing for <strong>the</strong> Physical Security Practitioner<br />
2111 Seek and Ye Shall Be Sued: Using Social<br />
Networking Sites to Manage Risk Without Risking<br />
Litigation<br />
2112 The Quantum Leap in Security Lighting:<br />
LED and Induction Lighting<br />
2113 Therefore Go: Security Considerations for<br />
Short-Term Mission Teams<br />
2114 Creating and Implementing an Internal<br />
Standardized Training Program for Your Security<br />
Organization<br />
2115 Business Case for Security: Creative Ways<br />
to Show Security’s Proposition and Profitability<br />
2116 A Practical and Technological Approach to<br />
Managing Workplace Violence<br />
2117 Corporate Account Takeover: Online and In<br />
<strong>the</strong> Real World<br />
2118 National Security Information: Top Five<br />
Aspects to Successfully Protecting Our Secrets<br />
2180 Next Generation Cloud Security<br />
Compliance<br />
2181 Critical Infrastructure Protection and<br />
Risk Management<br />
2182 Integrating Security Concepts Into System<br />
and Application Design<br />
2183 Yes You Can: How to Securely Deploy and<br />
Manage Enterprise Mobile Devices<br />
2184 A Practical Guide to Implementing a Risk<br />
Management Strategy<br />
2185 Introduction to <strong>the</strong> Software Assurance<br />
Track<br />
LEVEL<br />
Arch/Eng/Design<br />
Crime/Loss Prevention<br />
Crisis Management<br />
Critical Infrastructure<br />
Global<br />
Government/Military<br />
Homeland Security<br />
Information/IT Security<br />
Investigations<br />
Legal<br />
Management<br />
Physical Security<br />
Professional Development<br />
Terrorism<br />
Young Professionals<br />
Systems Integrator NEW<br />
Application Security<br />
Cloud Security<br />
Governance, Regulation,<br />
and Compliance<br />
Mobile Security and<br />
Social Networking<br />
Swiss Army Knife<br />
▲ X<br />
▲ X X<br />
● X X X X X<br />
■ X<br />
▲ X X<br />
● X X X X<br />
■ X X X<br />
■ X X X<br />
▲ X X X<br />
● X X<br />
▲ X X<br />
■ X X<br />
● X X X X<br />
■ X X X<br />
■ X<br />
▲ X X X<br />
▲ X X X<br />
● X X X X X<br />
■ X X X X X X<br />
■ X X X X<br />
■ X X X X<br />
■ X X X X<br />
■ X X X X<br />
■ X X X<br />
18 Asis 2011 <strong>Anticipate</strong> <strong>the</strong> <strong>unexpected</strong>. The security tools, techniques, and talent for tomorrow.<br />
(ISC) 2 Security Congress
1:45 pm –3:00 pm<br />
MONDAY<br />
LEVEL KEY: ● Fundamental ■ Intermediate ▲ Advanced<br />
(ISC) 2 Security Congress<br />
LEVEL<br />
Arch/Eng/Design<br />
Crime/Loss Prevention<br />
Crisis Management<br />
Critical Infrastructure<br />
Global<br />
Government/Military<br />
Homeland Security<br />
Information/IT Security<br />
Investigations<br />
Legal<br />
Management<br />
Physical Security<br />
Professional Development<br />
Terrorism<br />
Young Professionals<br />
Systems Integrator NEW<br />
Application Security<br />
Cloud Security<br />
Governance, Regulation,<br />
and Compliance<br />
Mobile Security and<br />
Social Networking<br />
Swiss Army Knife<br />
2201 <strong>ASIS</strong> Standards: Preparedness Basics—<br />
Learn How to Protect Your Business and Supply<br />
Chain<br />
2202 Integrator Series: Design Your Best Physical<br />
■ X<br />
Security Solution for <strong>the</strong> Corporate Security<br />
Campus<br />
● X X X X X<br />
2203 Video Quality in Public Safety: First<br />
Responder Case Studies<br />
■ X X X X X<br />
2204 America’s Vulnerable Ports and Waterways:<br />
Current Issues in Maritime Security<br />
■ X X X X X X<br />
2205 Separating Fact From Fiction: The Food<br />
Safety Modernization Act of 2011<br />
2206 IT Security Council Series: Who Are You,<br />
■ X X X<br />
and Why Should I Trust You? Current Trends in<br />
Identity and Access Management<br />
■ X<br />
2207 The Process of Investigation and <strong>the</strong><br />
Fundamentals of Fact-Finding<br />
■ X X X X X X<br />
2208 What’s New on <strong>the</strong> Floor? ● X X X X X X X X X X X X X X<br />
2209 What It Takes to Be a Security Executive<br />
Today<br />
2210 Getting Executive Buy-In for Corporate<br />
▲ X X<br />
Security, Business Continuity, and Crisis<br />
Management<br />
■ X X X<br />
2211 Beyond Statistics: What Crimes are Faith-<br />
Based Organizations Really Facing in <strong>the</strong> U.S.?<br />
■ X X X<br />
2212 Premises Liability: A Trial Lawyer’s Hints for<br />
<strong>the</strong> Security Professional<br />
▲ X X X<br />
2213 Cyber Jihad: Use of <strong>the</strong> Virtual World ■ X X X X X X X<br />
2214 Five Common Mistakes Interviewers Make/<br />
Five Successful Strategies<br />
■ X X X<br />
2215 Should You Have Known: Lessons Learned<br />
From a Multiple Homicide in <strong>the</strong> Workplace<br />
▲ X X X X X<br />
2216 Reducing Risk for Elected Officials ■ X X X X X<br />
2217 Security’s Role in Managing Successful<br />
Events<br />
■ X X X X X<br />
2218 Crisis Management and Social Media—<strong>the</strong><br />
New Opportunity<br />
■ X X X X<br />
2219 Tools for a Successful Job Search:<br />
Resumes, Cover Letters, LinkedIn Profiles<br />
■ X X<br />
2280 Using <strong>the</strong> Cloud Security Alliance GRC<br />
Stack to Attest Vendor Compliance<br />
■ X X X X<br />
2281 Managing Privacy and Security: The CISO/<br />
CPO Dialogue<br />
■ X X X<br />
2282 Software Security: Is OK Good Enough? ■ X X X<br />
2283 How to Use Mobile Devices Correctly:<br />
Setting up Security Guardrails<br />
■ X X X X X<br />
2284 New and Pending GRC Legislation and<br />
How It Impacts Your Organization<br />
■ X X X X<br />
September 19–22, 2011 | Orange County Convention Center | Orlando, Florida | www.asis2011.org 19
MONDAY, sEPTEMbEr 19<br />
Schedule-aT-Glance<br />
all sessions will be held at <strong>the</strong> Orange county convention center.<br />
4:30 pm–5:30 pm<br />
LEVEL<br />
Arch/Eng/Design<br />
Crime/Loss Prevention<br />
Crisis Management<br />
Critical Infrastructure<br />
Global<br />
Government/Military<br />
Homeland Security<br />
Information/IT Security<br />
Investigations<br />
Legal<br />
Management<br />
Physical Security<br />
Professional Development<br />
Terrorism<br />
Young Professionals<br />
Systems Integrator NEW<br />
Application Security<br />
Cloud Security<br />
Governance, Regulation,<br />
and Compliance<br />
Mobile Security and<br />
Social Networking<br />
Swiss Army Knife<br />
2301 <strong>ASIS</strong> Standards: Learn How to Conduct a<br />
Business Impact Analysis<br />
■ X<br />
2302 Security Risk Management in Remote<br />
Site Mining<br />
■ X X X<br />
2303 Integrator Series: Best Practices in<br />
Integrated School Security: K–12<br />
● X X X X X X X<br />
2304 Special Events Security in <strong>the</strong> City of<br />
Orlando: Best Practices, Operations, Technology<br />
■ X X X X X X<br />
2305 High-Rise Security ■ X X X<br />
2306 IT Security Council Series: Forensics and<br />
E-Discovery<br />
● X X X<br />
2307 Generate Cash by Uninvesting in Security<br />
Equipment Services<br />
■ X X X X<br />
2308 To Arm or Not to Arm? ■ X X X X<br />
2309 Information and Data Security While Away<br />
From <strong>the</strong> Office<br />
● X X<br />
2310 Understanding <strong>the</strong> Shifting of Risk: A<br />
Moving Target<br />
■ X X X<br />
2311 Building on <strong>the</strong> Foundation: More on Arabs<br />
and Islam<br />
● X X X<br />
2312 New Security Standard in China and Your<br />
Business<br />
● X X X<br />
2313 Advanced Internet/Social Network<br />
Investigations and Background Checks<br />
▲ X X X<br />
2314 How to Create Your Security Manual ● X X X X X X X X X<br />
2315 Get Ready for <strong>the</strong> Aftermath: Post Incident<br />
Management<br />
● X X X X<br />
2316 Is Your Workforce Ready to Travel to High-<br />
Risk Destinations? What You Need to Know Now<br />
■ X X X X<br />
2317 Security Excellence: Tools to Enhance<br />
Security’s Mission<br />
■ X X X X X<br />
2318 Initiating and Conducting Internal<br />
Investigations in Multi-National Corporations<br />
■ X X X X<br />
2319 Insider Threat: A National Concern ■ X X X<br />
2320 Protecting America’s Electric Grid ■ X X X X<br />
2380 Cloud Incident Response ■ X X X<br />
2381 Cyber Security and <strong>the</strong> Socio-Political<br />
Landscape: Going Beyond <strong>the</strong> Technology<br />
■ X X X X<br />
2382 The Economics of Failure<br />
2383 Mobile Devices: Employee Monitoring and<br />
■ X X X<br />
Data Loss Prevention in Light of <strong>the</strong> Expectation<br />
of Privacy<br />
■ X X X X X<br />
2385 Why Do Developers Make These Dangerous<br />
Software Errors?<br />
■ X X<br />
20 Asis 2011 <strong>Anticipate</strong> <strong>the</strong> <strong>unexpected</strong>. The security tools, techniques, and talent for tomorrow.<br />
(ISC) 2 Security Congress
MONDAY, sEPTEMbEr 19 • 11:00 am–12:00 noon<br />
11:00 am–12:00 noon<br />
2101 Asis standards: Auditing for<br />
improvement—security risk and<br />
resilience Auditing<br />
▲ Advanced<br />
Security, risk, and resilience auditing is essential<br />
for identifying business opportunities and process<br />
improvements. auditing verifies conformance<br />
with standards and industry best practices,<br />
identifies cost savings, and is essential for <strong>the</strong><br />
self-declaration process in <strong>the</strong> uS-dhS PS-Prep<br />
Program. learn how to establish and conduct<br />
a credible security, risk, and resilience auditing<br />
program using <strong>the</strong> International Standard<br />
ISO 19011—<strong>the</strong> same auditing techniques<br />
used by professional auditors and third party<br />
certification bodies.<br />
Dr. Marc Siegel, Commissioner, <strong>ASIS</strong> Global Standards<br />
Initiative, <strong>ASIS</strong> International; Lisa DuBrock, CPA, CBCP,<br />
Managing Partner, The Radian Group, LLC<br />
Sponsored by <strong>the</strong> <strong>ASIS</strong> Standards and Guidelines<br />
Commission<br />
2102 Future Threats and Mitigation<br />
in <strong>the</strong> Air Express industry: Why<br />
Cross-Company Communication<br />
is Critical<br />
▲ Advanced<br />
The air cargo express industry is facing greater<br />
security challenges. Threats from terrorist<br />
organizations and attempts to place explosive<br />
devices in cargo have resulted in additional<br />
regulation. air express relies on speed to<br />
differentiate it from <strong>the</strong> rest of <strong>the</strong> cargo industry.<br />
Increased documentation, compliance, and<br />
regulatory requirements impact <strong>the</strong> critical benefit<br />
that air cargo seeks to deliver. What methodologies<br />
are currently available to protect cargo? can new<br />
technologies provide all <strong>the</strong> answers? learn how<br />
<strong>the</strong> industry can be more pro-active in lobbying<br />
governments and promoting its own solutions.<br />
understand existing and future threats and<br />
possible solutions that could be adopted to<br />
mitigate risks and streng<strong>the</strong>n our industry.<br />
Simon Roberts, Vice President, Security, DHL<br />
MONDAY<br />
LEVEL KEY: ● Fundamental ■ Intermediate ▲ Advanced<br />
2103 integrator series:<br />
Collaborative/Consultative selling<br />
● Fundamental<br />
In this key session framing <strong>the</strong> integrator track,<br />
you’ll learn collaborative and consultative<br />
techniques to take <strong>the</strong> important steps to mutual<br />
success with your end user. learn how to identify<br />
needs first, <strong>the</strong>n follow through with products and<br />
services. Sell within your ability to deliver and<br />
where <strong>the</strong>re are market needs and opportunities.<br />
There is a difference between consultation<br />
and collaboration: create value with users by<br />
partnering. Become innovative and proactive<br />
in adding to each partner’s business success.<br />
Finally, you’ll learn <strong>the</strong> consultative Sales Process<br />
to become <strong>the</strong> consultant your customers cannot<br />
afford to be without!<br />
Frank DeFina, Samsung; Bill Bozeman, President, PSA<br />
Security Network<br />
2104 Organized retail Crime Update:<br />
We Have Come a Long Way<br />
■ Intermediate<br />
Organized retail crime is responsible for $30<br />
billion in losses to retailers annually. The retail<br />
industry has mounted <strong>the</strong> fight against ORc<br />
gangs and fences with databases like leRPnet<br />
that function nationally, to efforts by individual<br />
investigators’ networks. This session explores<br />
various techniques, partnerships, and mitigation<br />
strategies that are proving effective. The<br />
presentation ends with an update on hR 5932,<br />
<strong>the</strong> Organized Retail Theft Investigation and<br />
Prosecution act of 2010.<br />
Alan Greggo, CPP, Founder/CEO, Profit RX, LLC; Mark<br />
McClain, Director of Investigations, Asset Protection<br />
Division, Wal-Mart Stores, Inc.<br />
Sponsored by <strong>the</strong> <strong>ASIS</strong> Retail Loss Prevention Council<br />
2105 War-Driving: Drive, Detect, and<br />
Defense of Wireless Networks<br />
▲ Advanced<br />
With <strong>the</strong> increasing use of wireless access points<br />
for computer networks accessed by numerous<br />
types of devices, <strong>the</strong> possibility of exploiting <strong>the</strong><br />
exposures and vulnerabilities of <strong>the</strong>se systems<br />
is becoming more prevalent. even with <strong>the</strong><br />
constant changing of technologies to safeguard<br />
<strong>the</strong>se networks, <strong>the</strong> opportunities for individuals<br />
to attempt to penetrate <strong>the</strong> systems are on <strong>the</strong><br />
rise. learn <strong>the</strong> basics of wireless networks, <strong>the</strong><br />
controls that exist, <strong>the</strong> latest techniques used<br />
by perpetrators, and fur<strong>the</strong>r enhancements to<br />
providing a more secure environment.<br />
Alan Nutes, CPP, Senior Manager, Security and Incident<br />
Management, Newell Rubbermaid<br />
September 19–22, 2011 | Orange County Convention Center | Orlando, Florida | www.asis2011.org 21
Education sessions: 2000 Series<br />
MONDAY, sEPTEMbEr 19 • 11:00 am–12:00 noon<br />
2106 israeli security: Unconventional<br />
Threats, Unconventional Methods<br />
● Fundamental<br />
This session exposes you to global perspectives<br />
on protecting government buildings and embassies,<br />
defense industries, scientific installations,<br />
industrial plants, and a national airline. a fusion<br />
of unconventional physical security methods and<br />
technology will deliver a controversial journey<br />
through an environment of adapting threats.<br />
Oren Raz, Head of Security, Consulate General of Israel<br />
to New England; Amit Gavish, CPP, General Manager,<br />
North America, BriefCam; Steve Surfaro, Industry Liaison,<br />
Axis Communications<br />
Sponsored by <strong>the</strong> <strong>ASIS</strong> Physical Security Council<br />
2107 school security Used to be<br />
so Easy! The Changing Challenges<br />
in K–12 Education<br />
■ Intermediate<br />
Tweets, friending, cyber bullying, and sexting<br />
are terms that are difficult to understand, much<br />
less control. What are <strong>the</strong> latest technology<br />
threats and how can <strong>the</strong>y impact an o<strong>the</strong>rwise<br />
safe learning environment? Gangs and <strong>the</strong> violent<br />
student are new challenges. abusive parents<br />
have to be considered. how do you develop a<br />
threat assessment policy? What about workplace<br />
violence—can physical access control and<br />
surveillance help? What type of policies should<br />
be developed and enforced? We’ll assess <strong>the</strong><br />
shrinking physical security budgets in public and<br />
private schools and provide practical, effective<br />
solutions.<br />
Michael Ganio, Senior Manager, Orange County Public<br />
Schools; Fredrik Nilsson, General Manager, Axis<br />
Communications; Conan Bickford, Security, Safety and<br />
Transportation Manager, Lake Highland Preparatory School;<br />
Paul Timm, PSP, President, RETA Security, Inc.<br />
Sponsored by <strong>the</strong> <strong>ASIS</strong> Educational Institutions Security<br />
Council and Physical Security Council<br />
2108 Protection of Corporate/<br />
General Aviation Aircraft, Hangers,<br />
and Airports<br />
■ Intermediate<br />
Gain insight into <strong>the</strong> threats against private and<br />
corporate aviation aircraft, hangers, and airports.<br />
a preview of operational and physical security<br />
measures that can be implemented in <strong>the</strong> private<br />
and corporate aviation community will be<br />
conducted as well as an overview of <strong>the</strong> research<br />
on <strong>the</strong> effectiveness of <strong>the</strong> aircraft Owners and<br />
Pilots association airport Watch program.<br />
Dr. Daniel Benny, CPP, PCI, Security Discipline Chair,<br />
Embry Riddle Aeronautical University Worldwide<br />
Sponsored by <strong>the</strong> <strong>ASIS</strong> Transportation Council<br />
2109 The Evolving Concerns of Food<br />
Defense related to Economically<br />
Motivated Adulteration (EMA) and<br />
Compliance With <strong>the</strong> Food safety<br />
Modernization Act (FsMA)<br />
▲ Advanced<br />
Food defense burst onto <strong>the</strong> scene with <strong>the</strong><br />
realization that al Qaeda was considering attacks<br />
on food and agriculture. Potential threats have<br />
expanded rapidly including <strong>the</strong> growing recognition<br />
of eMa. The President’s Food Safety Interagency<br />
Working Group established <strong>the</strong> goal of improving<br />
<strong>the</strong> government’s ability to target foods and<br />
ingredients more likely to be utilized for eMa in<br />
order to focus <strong>the</strong>ir inspection and surveillance<br />
efforts. learn how an organization’s capabilities<br />
for identifying product risk for eMa can be<br />
improved.<br />
Shaun Kennedy, Director, National Center for Food<br />
Protection and Defense<br />
Sponsored by <strong>the</strong> <strong>ASIS</strong> Agriculture and Food Security<br />
Council<br />
2110 iT security Council series:<br />
Cloud Computing for <strong>the</strong> Physical<br />
security Practitioner<br />
● Fundamental<br />
What do you need to know to be relevant in <strong>the</strong><br />
discussion about cloud computing for physical<br />
security services? This session helps you ask <strong>the</strong><br />
right questions to maximize <strong>the</strong> benefits of cloud<br />
computing to <strong>the</strong> business, mitigate risk, and<br />
earn you a seat at <strong>the</strong> table. Topics include cloud<br />
service and deployment models and how <strong>the</strong>y<br />
apply to security services and applications, best<br />
practice concepts, risk management, business<br />
drivers, and applicable security considerations<br />
for moving to a Software-as-a-Service (SaaS)<br />
model. learn about <strong>the</strong> tools currently endorsed<br />
by <strong>the</strong> cloud Security alliance and how <strong>the</strong>y will<br />
be applicable within your environment.<br />
Brian McIlravey, CPP, Vice President, Professional<br />
Services and Business Development, PPM 2000, Inc.;<br />
Steven Yanagimachi, CISSP, Security Advisor, The Boeing<br />
Company; Shayne Bates, CPP, CISM, CHS-V, Director,<br />
Security Cloud Strategy, LMC Consulting, Microsoft GSO,<br />
(ISC) 2 Appointee; Benjamin Butchko, CPP, President/<br />
CEO, Butchko Security Solutions<br />
Sponsored by <strong>the</strong> <strong>ASIS</strong> Information Technology Security<br />
Council<br />
22 Asis 2011 <strong>Anticipate</strong> <strong>the</strong> <strong>unexpected</strong>. The security tools, techniques, and talent for tomorrow.
MONDAY, sEPTEMbEr 19 • 11:00 am–12:00 noon<br />
2111 seek and Ye shall be sued:<br />
Using social Networking sites<br />
to Manage risk Without risking<br />
Litigation<br />
▲ Advanced<br />
The social networking revolution has changed<br />
<strong>the</strong> modern workplace and <strong>the</strong> way our employees<br />
and customers communicate. Sites such as<br />
Facebook, MySpace, Twitter, and linkedIn contain<br />
a wealth of personal information. Is it lawful for<br />
employers to use this information for business<br />
purposes? This fascinating and fast-paced<br />
session demonstrates how <strong>the</strong>se sites function<br />
and reveals some of <strong>the</strong> amazing data <strong>the</strong>y<br />
contain. learn how to safely and legally use <strong>the</strong>se<br />
resources without exposing yourself or your<br />
organization to unnecessary and costly litigation.<br />
James Burke, Partner, Wilson Elser, Moskowitz, Edelman<br />
and Dicker; Elizabeth Ho Sing, Wilson Elser, LLP; Eugene<br />
Ferraro, CPP, PCI, CEO/Founder, Business Controls, Inc.<br />
2112 The Quantum Leap in security<br />
Lighting: LED and induction Lighting<br />
■ Intermediate<br />
compare traditional lighting systems with <strong>the</strong> next<br />
generation of security lighting: led and induction<br />
lighting. analysis of energy consumption, return<br />
on investment, quality and quantity of lighting,<br />
light trespass, and pollution considerations are<br />
covered. leed and GReen point considerations<br />
are provided. case studies demonstrate proper<br />
applications of this revolution of lighting<br />
technology and its impact on <strong>the</strong> security world.<br />
Randy Atlas, Ph.D., CPP, AIA, Vice President, Atlas Safety<br />
& Security Design, Inc.<br />
Sponsored by <strong>the</strong> <strong>ASIS</strong> Security Architecture and<br />
Engineering Council<br />
2113 Therefore Go: security<br />
Considerations for short-Term<br />
Mission Teams<br />
● Fundamental<br />
every year thousands of people travel overseas<br />
to participate in short-term, faith-based relief<br />
projects. These initiatives vary widely in scope<br />
and can include everything from building and<br />
educational projects to disaster relief and medical<br />
assistance. This presentation provides a 10-step<br />
process for security planning in support of <strong>the</strong>se<br />
mission trips.<br />
Scott Watson, CPP, Principal Consultant/CEO, S.A. Watson<br />
and Associates, LLC<br />
Sponsored by <strong>the</strong> <strong>ASIS</strong> Cultural Properties Council<br />
MONDAY<br />
LEVEL KEY: ● Fundamental ■ Intermediate ▲ Advanced<br />
2114 Creating and implementing<br />
an internal standardized Training<br />
Program for Your security Organization<br />
■ Intermediate<br />
With <strong>the</strong> complexities of operating a fully<br />
functional security organization, <strong>the</strong> creation,<br />
implementation, and operation of a dedicated<br />
training program is essential. Without a<br />
standardized training curriculum, organizations<br />
risk inconsistent results, less than optimal<br />
productivity, decreased morale, potential lawsuits,<br />
and more. This session presents a comprehensive<br />
training model. learn how to create, implement,<br />
and track a training plan which supports <strong>the</strong> goals<br />
and objectives of your business mission. explore<br />
various learning styles, enterprise-wide systems,<br />
and <strong>the</strong> benefits of a feedback component. If<br />
your organization lacks a fundamental training<br />
curriculum, operates an outdated training system,<br />
or considers training an outsourcing issue, this<br />
session is for you.<br />
Jeffrey P. Grossmann, Esq., Assistant Professor/Director<br />
Homeland and Corporate Security Program, St. John’s<br />
University<br />
Sponsored by <strong>the</strong> <strong>ASIS</strong> Academic Programs and Training<br />
Council<br />
2115 business Case for security:<br />
Creative Ways to show security’s<br />
Proposition and Profitability<br />
■ Intermediate<br />
as organizational security budgets continue<br />
to erode, it is essential for security leaders to<br />
have and apply business acumen to program<br />
management. This session provides security<br />
managers with insights and strategies for<br />
developing <strong>the</strong>ir business case when building<br />
security program budgets and presenting <strong>the</strong>m<br />
to c-suite leadership. essential financial concepts,<br />
along with <strong>the</strong> development of metrics, will be<br />
discussed. In addition, examples where Security<br />
was seen as “heroic” for changing delivery<br />
models will be given. Presenters bring extensive<br />
real-world security management and consulting<br />
experience to this timely topic.<br />
Elliot Boxerbaum, CPP, President/CEO, Security Risk<br />
Management Consultants, Inc.; Bonnie Michelman, CPP,<br />
Director of Police, Security and Outside Services,<br />
Massachusetts General Hospital<br />
Sponsored by <strong>the</strong> <strong>ASIS</strong> Healthcare Council<br />
September 19–22, 2011 | Orange County Convention Center | Orlando, Florida | www.asis2011.org 23
Education sessions: 2000 Series<br />
MONDAY, sEPTEMbEr 19 • 11:00 am–12:00 noon<br />
2116 A Practical and Technological<br />
Approach to Managing Workplace<br />
Violence<br />
▲ Advanced<br />
effectively managing potential threats of violence<br />
that may impact <strong>the</strong> workplace entails utilizing<br />
a framework based on industry best practices,<br />
collaborative partnerships, and technology. This<br />
presentation provides an overview of <strong>the</strong> threat<br />
management framework used by <strong>the</strong> Microsoft<br />
Global Security Investigations team. hear how<br />
<strong>the</strong> team assesses potential threats of violence<br />
and specific security strategies used to mitigate<br />
possible threats to its staff and facilities. The<br />
presentation also reviews organization-specific<br />
approaches and challenges to delivering threat<br />
management services on a global scale.<br />
James Louie, Group Investigations Manager, Microsoft<br />
Corporation<br />
2117 Corporate Account Takeover:<br />
Online and in <strong>the</strong> real World<br />
▲ Advanced<br />
This presentation covers <strong>the</strong> tools, techniques,<br />
and tactics of <strong>the</strong> online fraudster targeting large<br />
corporate accounts for financial gain via account<br />
Takeover (aTO). Specific schemes being utilized<br />
will be discussed as well as emerging threats.<br />
understand best practices for preventing this type<br />
of fraud as well as advanced controls that will<br />
help you protect your own company.<br />
Mat<strong>the</strong>w Harper, Group Vice President, Client<br />
Au<strong>the</strong>ntication, SunTrust<br />
2118 National security information:<br />
Top Five Aspects to successfully<br />
Protecting Our secrets<br />
● Fundamental<br />
Protecting vital national security assets is<br />
becoming much more complicated and <strong>the</strong><br />
challenge to keep up can be overwhelming. The<br />
name of <strong>the</strong> game in national security is change,<br />
and at a scale and pace that is unprecedented.<br />
This presentation offers a clear outlook on<br />
what is really important and opens <strong>the</strong> floor for<br />
discussion. Taking a look at <strong>the</strong> Top Five can<br />
assist you in responding to <strong>the</strong> many threats<br />
and risks in today’s changing landscape.<br />
Dorene Colwell, Director Special Security Programs, Office<br />
of Intelligence and Analysis, Department of <strong>the</strong> Treasury<br />
2180 Next Generation Cloud security<br />
Compliance<br />
■ Intermediate<br />
Security in <strong>the</strong> cloud requires automated<br />
provisioning, continuous monitoring, and reporting<br />
on control effectiveness over time—especially<br />
important for any regulated industry which uses<br />
ei<strong>the</strong>r public or private cloud resources. elastic<br />
provisioning of cloud resources must also include<br />
adaptive security and privacy controls. Guidance<br />
on creating a next generation security compliance<br />
framework which is inherently tied to industry<br />
standards is given and regulatory frameworks<br />
will be presented.<br />
Robert Weronick, CPP, Director of Global Security, Alexion<br />
Pharmaceuticals, Inc.<br />
2181 Critical infrastructure<br />
Protection and risk Management<br />
■ Intermediate<br />
Whe<strong>the</strong>r it’s keeping <strong>the</strong> lights on, financial<br />
markets running, or fresh water flowing from our<br />
taps, critical Infrastructure permeates every<br />
aspect of our daily life. In this interactive panel<br />
discussion, we’ll explore how risk management<br />
practices shape <strong>the</strong> protection of our very way<br />
of life. The role of a risk-based approach to<br />
protecting <strong>the</strong> nation’s critical infrastructure is<br />
crucial to providing <strong>the</strong> best possible security<br />
program for <strong>the</strong> limited resources at our disposal.<br />
In this panel discussion, we’ll hear from all sides<br />
of <strong>the</strong> issue.<br />
Mark Wea<strong>the</strong>rford, Vice President/CSO, NERC;<br />
Diana-Lynn Contesti, Board Chairperson, (ISC) 2 ; Allan<br />
McDougall, Principle, Evolutionary Security Management<br />
“Absolutely <strong>the</strong> best conference for<br />
learning, obtaining information on<br />
state-of-<strong>the</strong>-art technology, and for<br />
networking.”<br />
carl Mountain<br />
Senior Investigator, Global Security<br />
Microsoft<br />
24 Asis 2011 <strong>Anticipate</strong> <strong>the</strong> <strong>unexpected</strong>. The security tools, techniques, and talent for tomorrow.
MONDAY, sEPTEMbEr 19 • 11:00 am–12:00 noon<br />
2182 integrating security Concepts<br />
into system and Application Design<br />
■ Intermediate<br />
Integrating security requirements and controls<br />
into business processes, applications, and<br />
systems has proven to be a nearly impossible<br />
challenge for most organizations. Typically,<br />
security is approached as an afterthought long<br />
after <strong>the</strong> ability to design effective security<br />
solutions has passed. This session provides<br />
solutions to that problem and explains how every<br />
security manager and every organization can<br />
work toge<strong>the</strong>r to build business solutions that<br />
are resilient, reliable, and secure.<br />
Kevin Henry, Owner, KMHenry and Affiliates<br />
Management, Inc.<br />
2183 Yes You Can: How to securely<br />
Deploy and Manage Enterprise<br />
Mobile Devices<br />
■ Intermediate<br />
adopting smartphones and tablet devices will<br />
give your organization a competitive business<br />
advantage. however, <strong>the</strong> risks associated with a<br />
haphazard roll-out of mobile devices can decimate<br />
those benefits and result in a very expensive<br />
security incident. With <strong>the</strong> right information, an<br />
organization can have <strong>the</strong> best of both worlds:<br />
competitive advantage plus a secure mobile<br />
infrastructure. This presentation provides you with<br />
<strong>the</strong> information you need including mobile device<br />
security policies, employee training expectations,<br />
device hardening details, centralized management<br />
options, and more.<br />
Jerod Brennen, Senior Security Analyst, Jacadis<br />
MONDAY<br />
LEVEL KEY: ● Fundamental ■ Intermediate ▲ Advanced<br />
2184 A Practical Guide to<br />
implementing a risk Management<br />
strategy<br />
■ Intermediate<br />
Risk management has received a lot of attention<br />
as security practitioners begin to focus <strong>the</strong>ir<br />
efforts on raising <strong>the</strong>ir profile with executive<br />
leadership. learn from your peers as we discuss<br />
<strong>the</strong> successes and failures on <strong>the</strong> path to create<br />
a risk management program from <strong>the</strong> ground up.<br />
Implementing an effective risk management<br />
strategy can be a daunting task and has eluded<br />
even <strong>the</strong> most seasoned security professionals.<br />
The panelists share <strong>the</strong>ir greatest hits and a few<br />
misses on <strong>the</strong> path to effective risk management.<br />
Brandon Dunlap, President, Brightfly Consulting; Chris<br />
Trautwein, Information Security Officer, (ISC) 2 ; Michael D.<br />
Kelly, Technical Architecture Consultant, Security, Target<br />
Corp.<br />
2185 introduction to <strong>the</strong> software<br />
Assurance Track<br />
■ Intermediate<br />
For <strong>the</strong> nation’s critical infrastructure to be<br />
reliable, resilient, robust, and secure, <strong>the</strong><br />
software supporting it must also have <strong>the</strong> same<br />
qualities. a broad spectrum of critical applications<br />
and infrastructure, from process control systems<br />
to commercial application, depend on secure<br />
software. an estimated 90 percent of reported<br />
security incidents result from exploits against<br />
defects in <strong>the</strong> design of software. Therefore,<br />
ensuring <strong>the</strong> integrity and resiliency of software is<br />
vital to protecting <strong>the</strong> infrastructure from threats<br />
and reducing overall risk from cyber-attacks. To<br />
ensure system reliability, it is critical to include<br />
provisions for built-in security of <strong>the</strong> enabling<br />
software.<br />
Joe Jarzombek, Director of Software Assurance, U.S.<br />
Department of Homeland Security<br />
September 19–22, 2011 | Orange County Convention Center | Orlando, Florida | www.asis2011.org 25
Education sessions: 2000 Series<br />
MONDAY, sEPTEMbEr 19 • 1:45 pm –3:00 pm<br />
1:45 pm –3:00 pm<br />
2201 Asis standards: Preparedness<br />
basics—Learn How to Protect Your<br />
business and supply Chain<br />
■ Intermediate<br />
Preparedness supports <strong>the</strong> mission of your<br />
business and supply chain. all businesses<br />
are unique and need to tailor design <strong>the</strong>ir<br />
preparedness programs to optimize business<br />
opportunities. This session examines <strong>the</strong> basic<br />
principles of establishing a preparedness<br />
program for your business and throughout your<br />
supply chain by using <strong>the</strong> new ISO 31000 Risk<br />
Management Standard.<br />
Robert Weronick, CPP, Director of Global Security,<br />
Alexion Pharmaceuticals, Inc.<br />
Sponsored by <strong>the</strong> <strong>ASIS</strong> Standards and Guidelines<br />
Commission<br />
2202 integrator series: Design Your<br />
best Physical security solution for<br />
<strong>the</strong> Corporate security Campus<br />
● Fundamental<br />
learn directly from corporate security directors<br />
about <strong>the</strong> challenges <strong>the</strong>y face and <strong>the</strong> services<br />
you can provide to benefit <strong>the</strong>m. understand <strong>the</strong><br />
issues, challenges, and solutions for securing<br />
corporate campuses. examine whe<strong>the</strong>r to have<br />
a command center or field security. learn about<br />
remote entry processes. explore how to deal with<br />
surrounding crime. consider intellectual property<br />
<strong>the</strong>ft and more.<br />
Ed Bacco, Amazon; Robert Arntson, Amazon; Terry Jordan,<br />
SeaWorld; Nicole McDargh, CPP, Securitas<br />
If you’re not an <strong>ASIS</strong><br />
member—join now<br />
and save up to $340<br />
on your registration.<br />
See www.asis2011.org/registration<br />
for details.<br />
2203 Video Quality in Public safety:<br />
First responder Case studies<br />
■ Intermediate<br />
Video Quality in Public Safety (VQIPS) is a<br />
forward-thinking group combining collective<br />
professional experience and standards<br />
development. learn about <strong>the</strong>ir work that will<br />
become your tool for measuring video quality<br />
and selecting <strong>the</strong> right solutions right for your<br />
use. The VQIPS web-based portal has become<br />
a useful resource and a future standard,<br />
supporting any size municipality. come and<br />
be a part of this effort!<br />
Steve Surfaro, Industry Liaison, Axis Communications;<br />
Anna Paulson, Electronics Engineer, VQIPS Lead, U.S.<br />
Department of Commerce; Donald Zoufal, Director, SDI;<br />
William Badertscher, CPP, Senior Engineer for Facility and<br />
Security Control Systems, Georgetown University; Larry<br />
Flournoy, Associate Director, Texas A&M University; Robert<br />
Rhoads, Telecommunications Specialist, U.S. Department<br />
of Homeland Security; James Prokop, PSP, Deputy<br />
Program Manager, U.S. Department of Homeland Security<br />
Sponsored by <strong>the</strong> <strong>ASIS</strong> Physical Security Council<br />
2204 America’s Vulnerable Ports<br />
and Waterways: Current issues in<br />
Maritime security<br />
■ Intermediate<br />
The u.S. Maritime Transportation System (MTS)<br />
contributes more than $750 billion annually to <strong>the</strong><br />
u.S. gross domestic product, and sustains more<br />
than 13 million jobs. It is a complex intermodal<br />
system containing over 25,000 miles of navigable<br />
waterways. This session begins with an update on<br />
current laws and regulations governing maritime<br />
security and goes on to discuss a major shortfall—<strong>the</strong><br />
threat from unsecure foreign ports which threatens<br />
<strong>the</strong> very core of our national Maritime defense.<br />
Laura Hains, CPP, Maritime Security Specialist,<br />
Independent Security Consultant; Laurie Thomas, Maritime<br />
Security Coordinator, University of Findlay<br />
Sponsored by <strong>the</strong> <strong>ASIS</strong> Transportation Council<br />
26 Asis 2011 <strong>Anticipate</strong> <strong>the</strong> <strong>unexpected</strong>. The security tools, techniques, and talent for tomorrow.
MONDAY, sEPTEMbEr 19 • 1:45 pm –3:00 pm<br />
2205 separating Fact From Fiction:<br />
The Food safety Modernization Act<br />
of 2011<br />
■ Intermediate<br />
This session examines <strong>the</strong> new regulation’s<br />
impact on regulated facilities and <strong>the</strong>ir security<br />
practitioners to clarify misconceptions. It covers<br />
both <strong>the</strong> scientific and traditional security<br />
requirements associated with <strong>the</strong> regulatory<br />
concepts of food safety versus food defense, and<br />
<strong>the</strong> required skills and competencies of outside<br />
security consultants. attendance is a must for<br />
regulated food security managers whose<br />
organizations may not have <strong>the</strong> same resources<br />
of a larger organization to implement <strong>the</strong> new<br />
requirements.<br />
Brian Stegmann, Senior Engineering & Food Safety<br />
Manager, Corn Products International; Mat<strong>the</strong>w Ryan,<br />
Director Corporate Security, The Hershey Company; Frank<br />
Pisciotta, President, Business Protection Specialists, Inc.<br />
Sponsored by <strong>the</strong> <strong>ASIS</strong> Agriculture and Food Security<br />
Council<br />
2206 iT security Council series: Who<br />
Are You, and Why should i Trust You?<br />
Current Trends in identity and Access<br />
Management<br />
■ Intermediate<br />
logging onto an enterprise network or a cloudbased<br />
application needs to be as secure as<br />
entering a physical facility, yet today’s security<br />
professionals often find <strong>the</strong>mselves hard-pressed<br />
to protect both physical and logical assets and<br />
comply with stringent government mandates.<br />
learn about <strong>the</strong> current best practices to control<br />
identity and manage access to corporate assets<br />
by trusted parties. Gain a solid understanding<br />
of <strong>the</strong> technologies, standards, regulations,<br />
business challenges, and <strong>the</strong> questions to ask<br />
related to identity and access management.<br />
discuss new and emerging trends.<br />
Gary Klinefelter, Principal, Creative Innovation Strategies;<br />
Don Fergus, Vice President/CSO, Intekras, Inc.; Sal<br />
D’Agostino, CEO, IDmachines, LLC; Jose Hernandez,<br />
Director Information Security, Fluor Corporation<br />
Sponsored by <strong>the</strong> <strong>ASIS</strong> Information Technology Security<br />
Council<br />
MONDAY<br />
LEVEL KEY: ● Fundamental ■ Intermediate ▲ Advanced<br />
2207 The Process of investigation<br />
and <strong>the</strong> Fundamentals of Fact-Finding<br />
■ Intermediate<br />
Proper and ethical investigations are complex<br />
undertakings, fraught with potential for legal<br />
liability. When done properly and ethically, <strong>the</strong>y<br />
combine an intricate mixture of skill, experience,<br />
and luck. This session introduces you to <strong>the</strong><br />
Process of Investigation® and <strong>the</strong> fundamentals of<br />
fact-finding. Review how to safely and legally<br />
conduct investigations while obtaining <strong>the</strong> best<br />
return on investment of time and resources.<br />
Review <strong>the</strong> eight methods of investigation, <strong>the</strong><br />
secrets of modern case management, evidence<br />
analysis, and <strong>the</strong> practical aspects of effective<br />
report writing.<br />
Eugene Ferraro, CPP, PCI, CEO/Founder, Business<br />
Controls, Inc.<br />
2208 What’s New on <strong>the</strong> Floor?<br />
● Fundamental<br />
Make <strong>the</strong> most efficient use of your time by<br />
learning where new and innovative products<br />
can be found on <strong>the</strong> exhibit floor spanning over<br />
230,000 square feet! The session highlights<br />
both physical and information technology<br />
security products.<br />
Howard Belfor, CPP, President, Belfor & Associates, LLC;<br />
Ronald Lander, CPP, Chief Specialist, Ultrasafe Security<br />
Solutions<br />
Sponsored by <strong>the</strong> <strong>ASIS</strong> Physical Security Council and<br />
Information Technology Security Council<br />
2209 What it Takes to be a security<br />
Executive Today<br />
▲ Advanced<br />
developing world-class risk mitigation for your<br />
organization is key to succeeding as a security<br />
executive today. hear from two senior leaders<br />
as <strong>the</strong>y discuss aligning security and crossfunctional<br />
risk mitigation with operational<br />
strategies, effectively communicating <strong>the</strong><br />
value proposition to <strong>the</strong> c-Suite and diverse<br />
stakeholders, and ensuring that programs both<br />
align with <strong>the</strong> core strategic plan and protect<br />
<strong>the</strong> brand. learn how mentoring/job shadowing<br />
can help your future leaders engage, grow within<br />
<strong>the</strong>ir role, identify best practices, and provide<br />
lasting depth/breadth in your organization.<br />
Michael Howard, General Manager, Chief Security Officer<br />
Microsoft Global Security, Microsoft Corporation; Francis<br />
D’Addario, CPP, CFE, Emeritus Faculty, Strategic Influence<br />
and Innovation, Security Executive Council (SEC)<br />
September 19–22, 2011 | Orange County Convention Center | Orlando, Florida | www.asis2011.org 27
Education sessions: 2000 Series<br />
MONDAY, sEPTEMbEr 19 • 1:45 pm –3:00 pm<br />
2210 Getting Executive buy-in<br />
for Corporate security, business<br />
Continuity, and Crisis Management<br />
■ Intermediate<br />
This session provides practical guidelines for<br />
working with senior executives to obtain support<br />
for corporate security, business continuity, and<br />
crisis preparedness. learn successful strategies<br />
for obtaining full senior-level support, how to<br />
communicate when high-consequence warning<br />
signs are being ignored, and how to provide your<br />
executive sponsor with <strong>the</strong> tools needed to keep<br />
<strong>the</strong> leadership team involved in prevention and<br />
preparedness efforts over time.<br />
Bruce T. Bly<strong>the</strong>, CEO, Crisis Management International, Inc.<br />
Sponsored by <strong>the</strong> <strong>ASIS</strong> Crisis Management and Business<br />
Continuity Council<br />
2211 beyond statistics: What<br />
Crimes are Faith-based Organizations<br />
really Facing in <strong>the</strong> U.s.?<br />
■ Intermediate<br />
Statistics can often be misleading, and even <strong>the</strong><br />
Justice department’s crime statistics are not<br />
totally accurate, especially when it comes to<br />
analyzing crimes against religious organizations.<br />
In this panel discussion, security professionals<br />
from different faiths will look deeper into <strong>the</strong><br />
problem that houses of worship in <strong>the</strong> united<br />
States are facing and why <strong>the</strong> numbers do not<br />
accurately portray <strong>the</strong> whole picture.<br />
Jeffrey Hawkins, Manager, Security Management<br />
Education Outreach, American Military University; Nawar<br />
Shora, CEO, Shams Training & Development; Chris Delia,<br />
Director of Security, Anti-Defamation League; Jeffrey<br />
Berrett, Director of Protective Operations, Church of Jesus<br />
Christ of Latter-day Saints<br />
Sponsored by <strong>the</strong> <strong>ASIS</strong> Cultural Properties Council<br />
2212 Premises Liability: A Trial<br />
Lawyer’s Hints for <strong>the</strong> security<br />
Professional<br />
▲ Advanced<br />
This session examines what types of premises<br />
are subject to negligent security cases, what<br />
kind of injuries give rise to <strong>the</strong>se cases, <strong>the</strong> duty<br />
of <strong>the</strong> commercial property owner, how to assess<br />
<strong>the</strong> crime situation, common security measures<br />
discussed in <strong>the</strong>se cases, and proper use of<br />
marketing materials.<br />
Michael Haggard, Esq., The Haggard Law Firm<br />
2213 Cyber Jihad: Use of <strong>the</strong> Virtual<br />
World<br />
■ Intermediate<br />
The Internet is <strong>the</strong> platform of choice for cyber<br />
jihadis to recruit and communicate sensitive<br />
information. Osama Bin laden indicated long<br />
ago that 90% of <strong>the</strong> battle is information. This<br />
session takes you through <strong>the</strong> actual sites<br />
analyzed and <strong>the</strong>ir use of <strong>the</strong> cloud, and <strong>the</strong>ir<br />
publishing techniques and tools for information<br />
dissemination that goes viral. Review <strong>the</strong>ir<br />
expertise in awareness and training while using<br />
our tools and techniques against us. In addition,<br />
examine how cyber jihadis use <strong>the</strong> Internet in <strong>the</strong><br />
radicalization process, in asymmetrical warfare,<br />
and how huMInT and OSInT can be used to<br />
counter <strong>the</strong>ir activities.<br />
Jeffrey Bardin, Chief Security Strategist, Treadstone 71<br />
Sponsored by <strong>the</strong> <strong>ASIS</strong> Global Terrorism, Political<br />
Instability, and International Crime Council<br />
2214 Five Common Mistakes<br />
interviewers Make/Five successful<br />
strategies<br />
■ Intermediate<br />
The process of sitting down across from a<br />
suspect employee and asking questions to obtain<br />
evidence or an admission of guilt is not something<br />
that comes naturally to most people. despite<br />
training, <strong>the</strong>re are common mistakes made by<br />
inexperienced interviewers which can create<br />
barriers to communication, and ultimately a lack<br />
of cooperation and information. learn valuable<br />
tips for performing a personal assessment of<br />
interview habits, as well as several best practices<br />
to use when in <strong>the</strong> room.<br />
Randy Tennison, CPP, Financial Analyst, Internal<br />
Investigations, Walt Disney Parks and Resorts<br />
2215 should You Have Known:<br />
Lessons Learned From a Multiple<br />
Homicide in <strong>the</strong> Workplace<br />
▲ Advanced<br />
Many cases of workplace homicide perpetrated<br />
by an employee show that <strong>the</strong>re were numerous<br />
‘warning signs’ which first-line supervisors failed<br />
to ei<strong>the</strong>r recognize or respond to. In such cases<br />
it can be argued that, had such recognition and<br />
response taken place, <strong>the</strong> ultimate outcome of<br />
violence might have been prevented. This session<br />
draws upon practical lessons learned from a<br />
recent internal investigation of a multiple<br />
workplace homicide. learn how to identify risk<br />
factors and explore <strong>the</strong>ir impact on <strong>the</strong> evolving<br />
case; develop response options; identify internal/<br />
external resources; and identify obstacles that<br />
restrain supervisors from responding proactively.<br />
John Lane, Vice President, Crisis and Resilience Consulting,<br />
Control Risks<br />
28 Asis 2011 <strong>Anticipate</strong> <strong>the</strong> <strong>unexpected</strong>. The security tools, techniques, and talent for tomorrow.
MONDAY, sEPTEMbEr 19 • 1:45 pm –3:00 pm<br />
2216 reducing risk for Elected<br />
Officials<br />
■ Intermediate<br />
executive protection specialists cannot<br />
necessarily stop an attack like <strong>the</strong> attempted<br />
assassination of congresswoman Giffords, but<br />
<strong>the</strong>y may be able to frustrate a would-be attacker<br />
to <strong>the</strong> point where that person is effectively<br />
deterred. learn a practical, six-part approach<br />
to protecting a public figure or o<strong>the</strong>r persons<br />
(such as a corporate executive) at public events.<br />
Robert Oatman, CPP, President, R.L. Oatman &<br />
Associates, Inc.<br />
2217 security’s role in Managing<br />
successful Events<br />
■ Intermediate<br />
Sony hosted over 5,000 guests at <strong>the</strong> FIFa World<br />
cup in South africa. Their key objective was to<br />
provide an enjoyable and safe experience for all.<br />
Operating in an unfamiliar territory added to <strong>the</strong><br />
complexity in protecting each and every guest.<br />
The scope of responsibility included: translation<br />
services, a 24-hour hotline, incident management,<br />
emergency response, armed protection staff, and<br />
o<strong>the</strong>r major endeavors. Sony will undertake this<br />
on a bigger scale at <strong>the</strong> World cup in Brazil. In<br />
addition, Sony’s music, movie, and television<br />
business has unique challenges relative to <strong>the</strong><br />
protection of personnel. Security’s role is an<br />
integral one.<br />
Stevan Bernard, Senior Vice President, Sony Pictures<br />
Entertainment; John Rendeiro, Vice President, Global<br />
Security and Intelligence, International SOS Assistance, Inc.<br />
Sponsored by <strong>the</strong> <strong>ASIS</strong> Utilities Security Council<br />
2218 Crisis Management and social<br />
Media—<strong>the</strong> New Opportunity<br />
■ Intermediate<br />
Social media is <strong>the</strong> most active and volatile<br />
method of dispersing information in <strong>the</strong> world<br />
today. This sudden, widespread emergence has<br />
led to several challenges for crisis management<br />
professionals at all levels. however, with <strong>the</strong> right<br />
attitude and management approach, social media<br />
offers new, unique opportunities. experts in <strong>the</strong><br />
field have noted how social media has become a<br />
power tool for maximizing real-time situational<br />
awareness, and how it has significantly aided <strong>the</strong><br />
management of numerous crisis events. This<br />
workshop will broaden your understanding of how<br />
social media is effectively used before, during,<br />
and after a crisis event.<br />
Terri Howard, Director, Crisis Management, FEI Behavioral<br />
Health; Vivian Marinelli, Senior Director, Crisis Management,<br />
FEI Behavioral Health; Shawn Flaugher, Security Consulting<br />
and Design, Duke University & Health System<br />
Sponsored by <strong>the</strong> <strong>ASIS</strong> Crisis Management and Business<br />
Continuity Council<br />
MONDAY<br />
LEVEL KEY: ● Fundamental ■ Intermediate ▲ Advanced<br />
2219 Tools for a successful Job<br />
search: resumes, Cover Letters,<br />
Linkedin Profiles<br />
■ Intermediate<br />
has it been ‘forever’ since you’ve been in a job<br />
search? For most people, writing a resume<br />
is a chore that results in a two- or three-page<br />
‘career obituary’ that does nothing to capture <strong>the</strong><br />
attention of potential employers. learn to navigate<br />
<strong>the</strong> complex, sometimes frustrating world of job<br />
searching. This session will help you create an<br />
eye-popping, content-rich resume and cover letter<br />
that positions you as an expert in your industry.<br />
Kimberly Schneiderman, City Career Services<br />
2280 Using <strong>the</strong> Cloud security<br />
Alliance GrC stack to Attest<br />
Vendor Compliance<br />
■ Intermediate<br />
Outsourcing critical business functions into <strong>the</strong><br />
cloud can result in challenges of maintaining<br />
assurance and control over legal and regulatory<br />
obligations for data management and protection.<br />
The cloud Security alliance offers a solution<br />
in <strong>the</strong> cSa GRc (Governance, Risk Management,<br />
and compliance) Stack, a toolkit designed for<br />
peeling back and revealing those layers of<br />
accountability and responsibility between cloud<br />
service providers and <strong>the</strong>ir tenants. learn about<br />
<strong>the</strong> cSa GRc and how <strong>the</strong> IeTF/nIST ScaP<br />
standard can be used for continuous monitoring<br />
of cloud vendors compliance status, as well as<br />
how trusted computing technologies enable/<br />
maintain a security posture.<br />
Dr. Marlin Pohlman, EMC, Chief Governance Officer,<br />
Office of <strong>the</strong> CTO; Becky Swain, Program Manager, Security<br />
Assurance Services, CSPO, Cisco<br />
2281 Managing Privacy and security:<br />
The CisO/CPO Dialogue<br />
■ Intermediate<br />
Managing and protecting data in <strong>the</strong> global<br />
information economy demands coordination<br />
between an organization’s privacy and information<br />
security teams. With <strong>the</strong> precipitous rise in<br />
reported security incidents, it is paramount that<br />
<strong>the</strong>se groups work toge<strong>the</strong>r effectively. This<br />
presentation presents an overview of managing<br />
privacy and communicating with <strong>the</strong> ‘o<strong>the</strong>r’ side<br />
to deliver compressive and compliant programs<br />
for your organization.<br />
Leslie Lambert; Michelle Dennedy; Hord Tipton, Executive<br />
Director, (ISC) 2<br />
September 19–22, 2011 | Orange County Convention Center | Orlando, Florida | www.asis2011.org 29
Education sessions: 2000 Series<br />
MONDAY, sEPTEMbEr 19 • 1:45 pm –3:00 pm • 4:30 pm–5:30 pm<br />
2282 software security: is OK<br />
Good Enough?<br />
■ Intermediate<br />
how does an organization—short of a breach—<br />
justify expending critical resources to build<br />
more secure software? Given <strong>the</strong> current status<br />
of software security efforts and <strong>the</strong> struggles<br />
for business justification, industry would be<br />
well-served to look outside <strong>the</strong> security and<br />
information technology fields to o<strong>the</strong>r models<br />
for justification efforts. For example, <strong>the</strong> history<br />
of food safety, building codes, and <strong>the</strong> financial<br />
system provide lessons from which <strong>the</strong> software<br />
security industry can draw examples. This<br />
presentation discusses <strong>the</strong>se models and what<br />
can be learned to help security officers and<br />
software project owners build cases for software<br />
security initiatives.<br />
John Dickson, Principal, The Denim Group<br />
2283 How to Use Mobile Devices<br />
Correctly: setting up security<br />
Guardrails<br />
■ Intermediate<br />
With a workforce growing more dependent on<br />
mobile devices every day—and often commingling<br />
personal and business use across many devices<br />
—<strong>the</strong> need to properly manage access, data,<br />
and appropriate use is of an equally growing<br />
concern for today’s security professional. Join<br />
Winn Schwartau and Spencer Wilcox, as Pam<br />
Fusco moderates what promises to be a lively<br />
discussion around <strong>the</strong> legal, technical, and<br />
organizational issues that come with enabling<br />
and managing security in a mobile workforce.<br />
Brandon Dunlap, President, Brightfly Consulting; Winn<br />
Schwartau, Chairman of <strong>the</strong> Board, Mobile Active Defense;<br />
A. Spencer Wilcox, CPP, Supervisor, Compliance Services<br />
Constellation Energy<br />
“The seminar sessions are<br />
very good and valuable for<br />
recertification.”<br />
c.J. Rodden, cPP<br />
Director of Security<br />
hyatt hotels & Resorts<br />
2284 New and Pending GrC<br />
Legislation and How it impacts<br />
Your Organization<br />
■ Intermediate<br />
With several new pieces of legislation and<br />
regulations being considered at <strong>the</strong> federal level,<br />
what kind of impact will <strong>the</strong>se new rules have on<br />
organizations and <strong>the</strong>ir compliance efforts? Join<br />
this panel as <strong>the</strong>y discuss those regulations that<br />
are closest to being enacted and what you can do<br />
to prepare for <strong>the</strong> changes that <strong>the</strong>y will bring.<br />
4:30 pm–5:30 pm<br />
2301 Asis standards: Learn How to<br />
Conduct a business impact Analysis<br />
■ Intermediate<br />
The business impact analysis serves as <strong>the</strong><br />
foundation for decision making when designing a<br />
business continuity program and establishing a<br />
cost-effective business continuity plan. how do<br />
you conduct a thorough business impact analysis<br />
to prioritize <strong>the</strong> activities needed to establish an<br />
effective business continuity program? The new<br />
aSIS Business continuity Management Systems<br />
anSI Standard will be examined in <strong>the</strong> context of<br />
managing a continuity program.<br />
Brian Zawada, Director, Business Continuity Solution,<br />
General Electric Company; Donald Bryne, Consultant,<br />
Resiliency Plus<br />
Sponsored by <strong>the</strong> <strong>ASIS</strong> Standards and Guidelines<br />
Commission<br />
2302 security risk Management in<br />
remote site Mining<br />
■ Intermediate<br />
PT. IncO is part of <strong>the</strong> Vale nickel business group,<br />
<strong>the</strong> second largest mining company in <strong>the</strong> world.<br />
PT. IncO has been operating mining and smelting<br />
activities in a remote area of Indonesia since<br />
1968. dealing with conflict, local customs, and<br />
culture diversity, <strong>the</strong> site is designed with an<br />
inclusive approach to <strong>the</strong> local community<br />
environment. during its 42 years of operation in<br />
Indonesia, PT. IncO has successfully managed<br />
security threats and challenges with great<br />
efficiency. harmony between security programs<br />
and a successful community development<br />
program have been instrumental in this success.<br />
Surya Suhendra, Director of Security, PT. International<br />
Nickel Indonesia, Tbk; Andrew Northover, Managing<br />
Director, OPTARE Systems<br />
30 Asis 2011 <strong>Anticipate</strong> <strong>the</strong> <strong>unexpected</strong>. The security tools, techniques, and talent for tomorrow.
MONDAY, sEPTEMbEr 19 • 4:30 pm–5:30 pm<br />
2303 integrator series: best<br />
Practices in integrated school<br />
security: K–12<br />
● Fundamental<br />
learn directly from school security practitioners<br />
and agency professionals about <strong>the</strong> challenges<br />
<strong>the</strong>y face and <strong>the</strong> services integrators can<br />
provide to best meet <strong>the</strong> needs of <strong>the</strong>se clients.<br />
Topics include analyzing surveillance needs,<br />
understanding student safety and how to deal<br />
with <strong>the</strong> violent student, and executing threat<br />
assessment plans. learn how to deal with<br />
pornography on campus as well as bullying and<br />
fights. Mobile monitoring and event response<br />
considerations are also covered.<br />
Mike Ganio, Orange County Public Schools; Conan<br />
Bickford, West Highland School<br />
2304 special Events security in<br />
<strong>the</strong> City of Orlando: best Practices,<br />
Operations, Technology<br />
■ Intermediate<br />
are you charged with security at special events?<br />
do you need to cover a large area: campus,<br />
downtown, or entertainment complex? Will you<br />
have to deploy a video surveillance system in a<br />
matter of days or hours? are you looking into<br />
wireless as a possible solution, but concerned<br />
about security, reliability, and speed? If you are<br />
a security director, integrator, or consultant,<br />
don’t miss this session packed with how-to’s<br />
and real-world deployment examples. Get <strong>the</strong><br />
information you need to ensure successful video<br />
surveillance for special events.<br />
Jeffery Blye, Detective, City of Orlando Police Department;<br />
Ksenia Coffman, Marketing Manager, Firetide; Steve<br />
Surfaro, Industry Liaison, Axis Communications<br />
Sponsored by <strong>the</strong> <strong>ASIS</strong> Global Terrorism, Political<br />
Instability, and International Crime Council<br />
2305 High-rise security<br />
■ Intermediate<br />
This fast-paced discussion focuses on best<br />
practices established in <strong>the</strong> post 9/11 world for<br />
mid- and high-rise office building environments.<br />
Topics include methodologies used for full or<br />
partial building evacuations and shelter-in-place.<br />
hear how to balance customer service with<br />
a dynamic security program to gain tenant<br />
confidence. Incorporate state-of-<strong>the</strong>-art<br />
technology to protect your assets. discuss<br />
implementing an all hazards response plan that<br />
clearly outlines duties and responsibilities for<br />
security directors and <strong>the</strong> property management<br />
team to address life-threatening emergencies.<br />
Carlos Villarreal, Senior Vice President, Commercial Real<br />
Estate Division, Whelan Security<br />
Sponsored by <strong>the</strong> <strong>ASIS</strong> Commercial Real Estate Council<br />
MONDAY<br />
LEVEL KEY: ● Fundamental ■ Intermediate ▲ Advanced<br />
2306 iT security Council series:<br />
Forensics and E-Discovery<br />
● Fundamental<br />
non-practitioners will receive a comprehensive<br />
overview of <strong>the</strong> fields of digital forensics and<br />
e-discovery. Gain a basic working knowledge<br />
including vocabulary, concepts, application in<br />
<strong>the</strong> corporate environment, and emerging trends.<br />
Review information forensics (data recovery),<br />
formal forensics, and e-discovery. analyze <strong>the</strong><br />
differences and <strong>the</strong> uses, capabilities, and<br />
limitations of each, and consider <strong>the</strong> legal<br />
ramifications. discuss best practices in <strong>the</strong><br />
areas of specific skill requirements, strategies,<br />
and controls for each category of forensic<br />
examination.<br />
Andrew Neal, President, Southwest Digital Laboratory;<br />
Kevin Ripa, Director of Computer Forensic, Advanced<br />
Surveillance Group; Eric Sifford, Human/Signals<br />
Intelligence, U.S. Army, (ISC) 2 Appointee; Kelly “KJ”<br />
Kuchta, CPP, CFE, President, Forensics Consulting<br />
Solutions, LLC; Robin Harris-Walker, CPP, Harris Nibor<br />
International<br />
Sponsored by <strong>the</strong> <strong>ASIS</strong> Information Technology Security<br />
Council<br />
2307 Generate Cash by Uninvesting<br />
in security Equipment services<br />
■ Intermediate<br />
are you paying more than necessary to<br />
maintain your physical security equipment, or<br />
paying for a level of service that can be reduced<br />
without affecting performance? an experienced<br />
panel representing equipment owners and<br />
service providers identifies <strong>the</strong> most common<br />
and significant cost-drivers associated with<br />
maintenance and service. They will <strong>the</strong>n<br />
demonstrate, through real life examples,<br />
alternatives and containment strategies to<br />
minimize <strong>the</strong>ir impact on <strong>the</strong> security budget.<br />
also, understand <strong>the</strong> strategic importance of<br />
competitive bidding.<br />
John Kerster, President, Security Design Associates, Inc.;<br />
Jeffrey Ryder, CPP, PSP, Senior Physical Security<br />
Specialist, Protective Services Police Department, Strategic<br />
Services Bureau Department of Real Estate Services, City<br />
of Washington, DC; John Bodolay, Founder, Acme Technical<br />
Group, LLC<br />
“This is <strong>the</strong> largest security<br />
products show in <strong>the</strong> world,<br />
it is a must-attend event.”<br />
Rudy Wolter<br />
Senior Vice President/Director of<br />
Security<br />
cITI<br />
September 19–22, 2011 | Orange County Convention Center | Orlando, Florida | www.asis2011.org 31
Education sessions: 2000 Series<br />
MONDAY, sEPTEMbEr 19 • 4:30 pm–5:30 pm<br />
2308 To Arm or Not to Arm?<br />
■ Intermediate<br />
decades of decline in <strong>the</strong> number of armed<br />
security officers were reversed following 9/11.<br />
While <strong>the</strong> decision to arm or recommend <strong>the</strong><br />
arming of officers is both controversial and<br />
emotional, it must be based both on solid data,<br />
quantifiable objectives, and a commitment to<br />
<strong>the</strong> safety of all concerned. This presentation,<br />
a case study of <strong>the</strong> actual decision-making<br />
process that resulted in <strong>the</strong> arming of a hospital<br />
security department, covers all aspects, from<br />
data-ga<strong>the</strong>ring to program implementation.<br />
Anthony N. Potter, CPP, CHPA-F, Senior Director of Public<br />
Safety, Novant Health<br />
2309 information and Data security<br />
While Away From <strong>the</strong> Office<br />
● Fundamental<br />
domestically and internationally, travelers need<br />
to be aware of <strong>the</strong> dangers that surround <strong>the</strong>m<br />
while on personal or business trips. Technology<br />
used by criminals like WiFi snooping, “evil twins,”<br />
bluetooth surveillance, cloud hacking, GPS<br />
tracking, and o<strong>the</strong>rs have been <strong>the</strong> downfall of<br />
many businesses and <strong>the</strong>ir competitive intelligence.<br />
This popular session cites case studies,<br />
shows examples of tools used by thieves, and<br />
give tips and pointers to lower <strong>the</strong> risk to travelers<br />
and <strong>the</strong>ir data.<br />
J. Keith Flannigan, Ph.D., CMAS, Director, International<br />
Dynamics Research Corp.; Ronald Lander, CPP, CMAS,<br />
Chief Specialist, Ultrasafe Security Solutions; Roy<br />
Wilkinson, Ph.D., CMAS, CISSP, President, SPI Services<br />
2310 Understanding <strong>the</strong> shifting of<br />
risk: A Moving Target<br />
■ Intermediate<br />
Protecting a fixed facility is just one step. What<br />
about <strong>the</strong> product in transport from a facility<br />
perspective? This session looks at handling<br />
steps including multi-distribution warehousing,<br />
diversion, long route concerns, contaminated<br />
trailers, drivers, overnight unsecured yards,<br />
contractor or temporary services operating <strong>the</strong><br />
warehouse, delivery confirmation, and customer<br />
verification measures. It explores <strong>the</strong> steps<br />
being taken along <strong>the</strong> food supply chain to<br />
protect our food. It also highlights potential<br />
changes stemming from <strong>the</strong> current regulatory<br />
environment.<br />
Dan Walters, CPP, Manager of Security & Environmental<br />
Risk, CF Industries; Judy Fadden<br />
Sponsored by <strong>the</strong> <strong>ASIS</strong> Agriculture and Food Security<br />
Council<br />
2311 building on <strong>the</strong> Foundation:<br />
More on Arabs and islam<br />
● Fundamental<br />
This session starts with a pop quiz (this same<br />
quiz and session have been used in FBI, dOJ, and<br />
dhS trainings.) Then join in an interactive dialogue<br />
to address <strong>the</strong> misconceptions and perceptions<br />
about <strong>the</strong> Muslim and arab communities. Social<br />
and behavioral norms and mores, basic history<br />
and geography, Jihad, and o<strong>the</strong>r subjects that<br />
interest <strong>the</strong> audience will be addressed.<br />
Nawar Shora, CEO, Shams Training & Development<br />
Sponsored by <strong>the</strong> <strong>ASIS</strong> Cultural Properties Council<br />
2312 New security standard in China<br />
and Your business<br />
● Fundamental<br />
as china becomes a new economic powerhouse,<br />
more investors are becoming interested in it.<br />
Yet because of cultural differences between<br />
<strong>the</strong> east and West, a simple investment could<br />
become a complicated disaster. It is vital for<br />
investors to understand <strong>the</strong> importance of<br />
protecting <strong>the</strong>ir investments. Private security<br />
is one solution. Gain insight as <strong>the</strong> speakers<br />
share over 30 years of practical experiences<br />
on why, when, what, where, and how.<br />
Jack Chu, President, RA Consultants Limited; Hawn Chu,<br />
Consultant, RA Consultants Limited<br />
Sponsored by <strong>the</strong> <strong>ASIS</strong> Investigations Council<br />
2313 Advanced internet/social<br />
Network investigations and<br />
background Checks<br />
▲ Advanced<br />
Open sources go far beyond what is available in<br />
Google and Facebook, as well as o<strong>the</strong>r popular<br />
sites. This session looks beyond <strong>the</strong> obvious<br />
services into social networks and similar media<br />
to locate assets, discover company leaks, protect<br />
reputations, track down anonymous users, and<br />
expand <strong>the</strong> arsenal of resources available but<br />
unknown to <strong>the</strong> security professional. In addition,<br />
we’ll discuss <strong>the</strong> obvious pitfalls that most<br />
practitioners fall into when investigating <strong>the</strong>se<br />
new media.<br />
Cynthia He<strong>the</strong>rington, President, He<strong>the</strong>rington Group<br />
32 Asis 2011 <strong>Anticipate</strong> <strong>the</strong> <strong>unexpected</strong>. The security tools, techniques, and talent for tomorrow.
MONDAY, sEPTEMbEr 19 • 4:30 pm–5:30 pm<br />
2314 How to Create Your security<br />
Manual<br />
● Fundamental<br />
First, you will review <strong>the</strong> need for a manual and<br />
<strong>the</strong> absolute do’s and don’ts of writing it. Then<br />
<strong>the</strong> session takes you right into <strong>the</strong> nuts and bolts<br />
of writing one. Starting with a format, an outline,<br />
and how to delegate <strong>the</strong> written material, you will<br />
leave this class with written material that can be<br />
used in your own organization’s manual. a must<br />
for every security professional!<br />
Darrell Clifton, CPP, Director of Security, Circus Circus<br />
Hotel Casino; Alan Zajic, CPP, Security Consultant, AWZ<br />
Consulting<br />
2315 Get ready for <strong>the</strong> Aftermath:<br />
Post incident Management<br />
● Fundamental<br />
emergency and crisis plans normally prepare us<br />
for known dangers and/or hazards, acting as a<br />
guide to navigate <strong>the</strong> operations with limited, to<br />
no, damage. When all is said and done and <strong>the</strong><br />
hazard is gone, what <strong>the</strong>n? Many issues, from<br />
media to employee concerns, could still arise.<br />
Media communications, claims management,<br />
employee counseling, and o<strong>the</strong>r issues are<br />
realities that will surface. You should be prepared<br />
for everything that comes after <strong>the</strong> dust settles.<br />
James C. Reynolds, CPP, Hilton Worldwide<br />
2316 is Your Workforce ready to<br />
Travel to High-risk Destinations?<br />
What You Need to Know Now<br />
■ Intermediate<br />
The need for organizations to send employees to<br />
high-risk destinations for critical work remains<br />
ever present, even in our digitally connected<br />
world. Security managers work hard to prepare<br />
<strong>the</strong>ir travelers for <strong>the</strong> sometimes unprecedented<br />
security challenges inherent to remote or<br />
politically unstable locales. This advance work not<br />
only protects employees but helps avoid <strong>the</strong> costs<br />
of a failed assignment. discover best practices<br />
around identifying, preparing, and assisting<br />
travelers who venture to high-risk destinations.<br />
John Rendeiro, Vice President, Global Security and<br />
Intelligence, International SOS Assistance, Inc.; Bob<br />
Falconi, CPP, Director, Corporate Security and Safety,<br />
Symantec; Michael Clements, Director of Global Protective<br />
Services, Hitachi Data Systems<br />
MONDAY<br />
LEVEL KEY: ● Fundamental ■ Intermediate ▲ Advanced<br />
2317 security Excellence: Tools<br />
to Enhance security’s Mission<br />
■ Intermediate<br />
Today’s response to threats and risk demands<br />
proactive strategies which address a range<br />
of security and business program elements.<br />
These elements must be correctly selected,<br />
implemented, and maintained, as well as<br />
scalable, mutually supporting, measurable, and<br />
capable of integration with one ano<strong>the</strong>r. To assist,<br />
<strong>the</strong> availability of existing and emerging security<br />
standards facilitates <strong>the</strong> path to excellence. The<br />
presentation discusses what this process might<br />
look like and offers tools that will assist.<br />
Phillip Banks, CPP, PE, Director, The Banks Group, Inc.;<br />
Dennis Shepp, CPP, PCI, President, Dennis Shepp Security<br />
Management Consultant, Inc.<br />
2318 initiating and Conducting<br />
internal investigations in<br />
Multi-National Corporations<br />
■ Intermediate<br />
Research from various sources indicates that<br />
economic crime (including fraud, corruption,<br />
and economic espionage) impacts on <strong>the</strong> vast<br />
majority of international corporations. Initiating,<br />
conducting, and managing investigations into<br />
suspected cases provides a wide range of<br />
challenges for corporate security professionals.<br />
at <strong>the</strong> same time, increasing regulation across<br />
<strong>the</strong> globe and many sectors means that <strong>the</strong><br />
importance of providing results to support <strong>the</strong><br />
business is becoming more important. Review <strong>the</strong><br />
investigative process, focusing on <strong>the</strong> challenges<br />
associated with cross-border operations and<br />
multi-jurisdictional environments.<br />
Dr. Christoph Rojahn, Senior Manager, Forensic & Dispute<br />
Services, Deloitte AG<br />
2319 insider Threat: A National<br />
Concern<br />
■ Intermediate<br />
In today’s increasingly wired and global world,<br />
foreign intelligence services, criminals, and private<br />
sector spies are increasingly focused on american<br />
companies. Their efforts compromise intellectual<br />
property, trade secrets, and technological<br />
developments that are <strong>the</strong> key to both our national<br />
security and long-term economic prosperity.<br />
To thrive, firms must focus on corporate threat<br />
vectors using both a security and a counterintelligence<br />
(cI) lens. hear how companies can leverage<br />
<strong>the</strong>ir current defensive security capabilities and<br />
develop new ones to create a strong cI posture<br />
designed to protect a company’s most vital<br />
secrets, while streng<strong>the</strong>ning u.S. economic security.<br />
Douglas Thomas, Principal Deputy Director, Office of <strong>the</strong><br />
National Counterintelligence Executive<br />
Sponsored by <strong>the</strong> <strong>ASIS</strong> Defense and Intelligence Council<br />
September 19–22, 2011 | Orange County Convention Center | Orlando, Florida | www.asis2011.org 33
Education sessions: 2000 Series<br />
MONDAY, sEPTEMbEr 19 • 4:30 pm–5:30 pm<br />
2320 Protecting America’s<br />
Electric Grid<br />
■ Intermediate<br />
The north american electric Reliability<br />
corporation’s (neRc) mission is to ensure <strong>the</strong><br />
reliability of <strong>the</strong> north american bulk power<br />
system, and much is being done to protect <strong>the</strong><br />
largest, most reliable grid on <strong>the</strong> earth. learn<br />
what neRc is doing to secure <strong>the</strong> grid from cyber<br />
and physical attacks. In addition, neRc will<br />
discuss security initiatives, <strong>the</strong> ongoing threat<br />
to industrial control systems, and <strong>the</strong> critical<br />
Infrastructure Protection (cIP) Reliability Standards.<br />
Brian M. Harrell, Sr., CPP, Manager of Critical<br />
Infrastructure Protection, North American Electric Reliability<br />
Corporation (NERC); Mark Wea<strong>the</strong>rford, Vice President/<br />
Chief Security Officer, North American Electric Reliability<br />
Corporation (NERC)<br />
Sponsored by <strong>the</strong> <strong>ASIS</strong> Utilities Security Council<br />
2380 Cloud incident response<br />
■ Intermediate<br />
The cloud. Where small and large organizations<br />
are going and have gone. You want to be in <strong>the</strong><br />
cloud, but how do you protect it? If an incident<br />
were to occur, would you know? how will you<br />
detect, notify, isolate, and contain cloud-based<br />
incidents? explore a strategic approach to<br />
improving IR awareness and detection to meet <strong>the</strong><br />
cloud’s elevated demands. learn to analyze your<br />
IR requirements across <strong>the</strong> IaaS, SaaS, and PaaS<br />
platforms; how to talk with your vendor; risks to<br />
management; and IR containment, recovery, and<br />
evaluation test procedures.<br />
Erika Voss, Consultant, CGI Federal; James Hewitt,<br />
Director of Security Governance, CGI<br />
2381 Cyber security and <strong>the</strong><br />
socio-Political Landscape:<br />
Going beyond <strong>the</strong> Technology<br />
■ Intermediate<br />
Today, emerging issues around online security<br />
go beyond <strong>the</strong> threats to technology and its<br />
vulnerabilities. Threats are compounded by nation<br />
states engaging in cyber war as well as on-line<br />
criminals committing fraud for financial gain. With<br />
more people globally coming online and becoming<br />
Internet savvy, <strong>the</strong>re is an associated political<br />
and social impact, as well as <strong>the</strong> rise of using new<br />
media for politically motivated objectives leading<br />
to new forms of manipulation and exploitation.<br />
cyber security is no longer just about protecting<br />
servers and networks from malware, denial-of-<br />
Service, and online compromise of information.<br />
Freddy Tan, Chief Security Advisor, Microsoft Asia<br />
2382 The Economics of Failure<br />
■ Intermediate<br />
In this session, we will discuss how much<br />
secure code costs in <strong>the</strong> software lifecycle. We<br />
will also look at how much patch management<br />
can impact <strong>the</strong> budgets of an organization as<br />
well as o<strong>the</strong>r good security practices. We also<br />
will compare all of <strong>the</strong> secure measures we take<br />
and <strong>the</strong>n consider if it is worth it. In which areas<br />
can we just assume <strong>the</strong> risk?<br />
Eric Irvin, Solutions Architect, Alert Logic<br />
2383 Mobile Devices: Employee<br />
Monitoring and Data Loss Prevention<br />
in Light of <strong>the</strong> Expectation of Privacy<br />
■ Intermediate<br />
IT and business has long believed that <strong>the</strong>y<br />
own <strong>the</strong> data that traverses <strong>the</strong>ir networks. as<br />
long as a banner and a policy existed informing<br />
users that no reasonable expectation of privacy<br />
existed, <strong>the</strong>n it was perfectly legitimate to<br />
read, review, and record that data—until now.<br />
Based on three recent court cases, a company<br />
may be infringing upon an employee’s right to<br />
privacy if <strong>the</strong> company reads, reviews, or records<br />
that employee’s data traffic under certain<br />
circumstances. In this session we will discuss<br />
best practices and possible ramifications of <strong>the</strong><br />
use of standard security and compliance<br />
monitoring tools, in light of recent case law.<br />
A. Spencer Wilcox, CPP, Supervisor, Compliance Services,<br />
Constellation Energy<br />
2385 Why Do Developers Make<br />
These Dangerous software Errors?<br />
■ Intermediate<br />
aimed at <strong>the</strong> entire development and acquisition<br />
lifecycle, <strong>the</strong> Masters of Software assurance<br />
(MSwa) adapts software engineering to software<br />
assurance (Swa). The MSwa Reference curriculum<br />
achieved Ieee and acM recognition. at <strong>the</strong><br />
community college level, Software assurance<br />
Mobile Instruction (SaMI) is an iPad-based<br />
curriculum application set up for distance learning<br />
with a myriad of pre-loaded resources. The<br />
cybersecurity community supports <strong>the</strong> current<br />
developer workforce through free resources such<br />
as pocket guides. The Swa Forum Processes and<br />
Practices Working Group developed Swa<br />
benchmarking resources that syn<strong>the</strong>size existing<br />
software assurance best practices for use by<br />
development organizations addressing application<br />
security.<br />
34 Asis 2011 <strong>Anticipate</strong> <strong>the</strong> <strong>unexpected</strong>. The security tools, techniques, and talent for tomorrow.
TUEsDAY, sEPTEMbEr 20<br />
Schedule-aT-Glance<br />
all sessions will be held at <strong>the</strong> Orange county convention center.<br />
8:00 am–9:00 am: KEYNOTE: Jeb Bush, Governor of Florida, 1999–2007<br />
11:00 am–12:00 noon<br />
TUESDAY<br />
LEVEL KEY: ● Fundamental ■ Intermediate ▲ Advanced<br />
(ISC) 2 Security Congress<br />
LEVEL<br />
Arch/Eng/Design<br />
Crime/Loss Prevention<br />
Crisis Management<br />
Critical Infrastructure<br />
Global<br />
Government/Military<br />
Homeland Security<br />
Information/IT Security<br />
Investigations<br />
Legal<br />
Management<br />
Physical Security<br />
Professional Development<br />
Terrorism<br />
Young Professionals<br />
Systems Integrator NEW<br />
Application Security<br />
Cloud Security<br />
Governance, Regulation,<br />
and Compliance<br />
Mobile Security and<br />
Social Networking<br />
Swiss Army Knife<br />
3101 <strong>ASIS</strong> Standards: Conducting a Risk<br />
Assessment—<strong>the</strong> Foundation for Successful<br />
Risk Management<br />
■ X<br />
3102 Security Engineering in High Threat<br />
Environments<br />
3103 Crime, Terror, or Natural Disasters:<br />
■ X X<br />
Medical/Preparedness Expertise/Critical<br />
Considerations for <strong>the</strong> Security Professional<br />
▲ X X<br />
3104 Integrator Series: Securing <strong>the</strong> University—<br />
Meeting Threats Inside and Out<br />
3105 Setting <strong>the</strong> Standard: A Roundup of <strong>the</strong><br />
● X X X X X X<br />
Physical and Logical Technology Standards<br />
Affecting <strong>the</strong> Security Industry<br />
▲ X X X X X<br />
3106 Security Officer Training, Post Orders, and<br />
Negligence<br />
■ X X X<br />
3107 Considerations and Advancements in<br />
Providing a Defended Site Perimeter<br />
● X X X X X X<br />
3108 Excellence in High-Impact Security<br />
Education Training<br />
3109 Update: The U.S. Department of<br />
▲ X X X X<br />
Homeland Security and <strong>the</strong> Chemical Facility<br />
Anti-Terrorism Standards<br />
■ X X X X<br />
3110 Security Architecture and Engineering,<br />
Part 1: Basis of Security Design<br />
■ X X X X X<br />
3111 Lessons Learned: Trends in Extreme<br />
Violence in <strong>the</strong> Workplace<br />
■ X X X X<br />
3112 IT Security Council Series: Cyber Security<br />
3113 What, Me Worry? The Global Privacy<br />
● X<br />
Movement and Its Implications for <strong>the</strong> Modern<br />
Security Practitioner<br />
■ X X X<br />
3114 Managing <strong>the</strong> Corporate Security Culture<br />
Change<br />
▲ X X<br />
3115 Rail Security: Protecting <strong>the</strong> Customer’s<br />
Lading<br />
● X X X X X<br />
3116 Protests, Demonstrations, and Civil Unrest:<br />
Crisis Action Planning in Sou<strong>the</strong>ast Asia<br />
■ X X X X<br />
3117 Countering Business/Industrial Espionage<br />
in a Global Marketplace<br />
▲ X X X X X<br />
3118 Bolster Your Leadership Bucket List: 25<br />
‘Must Have’ Experiences for Security Leaders<br />
■ X X X X<br />
3119 Protecting Your Business: Understanding<br />
Islam and Islamofacism<br />
● X X X<br />
3180 Architecting and Building a Secure Virtual<br />
Infrastructure and Private Cloud<br />
■ X X X<br />
3181 Data Integrity Debate ■ X X X X<br />
3182 Security ‘App-Titude’ ■ X X X<br />
3183 The ABCs of Global Mobile Enterprise<br />
Compliance<br />
■ X X X X X<br />
3184 Control and Harmonization of Compliance<br />
Efforts Across Multiple Regulations<br />
■ X X X X X<br />
3185 Improve Your SDLC With CAPEC and CWE ■ X X X<br />
September 19–22, 2011 | Orange County Convention Center | Orlando, Florida | www.asis2011.org 35
TUEsDAY, sEPTEMbEr 20<br />
Schedule-aT-Glance<br />
all sessions will be held at <strong>the</strong> Orange county convention center.<br />
1:45 pm –3:00 pm<br />
LEVEL<br />
Arch/Eng/Design<br />
Crime/Loss Prevention<br />
Crisis Management<br />
Critical Infrastructure<br />
Global<br />
Government/Military<br />
Homeland Security<br />
Information/IT Security<br />
Investigations<br />
Legal<br />
Management<br />
Physical Security<br />
Professional Development<br />
Terrorism<br />
Young Professionals<br />
Systems Integrator NEW<br />
Application Security<br />
Cloud Security<br />
Governance, Regulation,<br />
and Compliance<br />
Mobile Security and<br />
Social Networking<br />
Swiss Army Knife<br />
3201 <strong>ASIS</strong> Standards: Explore Resilience and<br />
Risk Management Around <strong>the</strong> World<br />
■ X<br />
3202 Integrator Series: Securing Healthcare<br />
Security—Compliance, Protection, and Diversity<br />
● X X X X X<br />
3203 Retail Loss Prevention: Crisis Management,<br />
Technology, and Management Effectiveness<br />
▲ X X X<br />
3204 Surveillance and Threat Detection:<br />
Prevention vs. Mitigation<br />
■ X X X<br />
3205 Explosion-Induced Injuries and Protective<br />
Gear<br />
▲ X X<br />
3206 Security Architecture and Engineering,<br />
Part 2: Systems Design and Engineering<br />
● X X X<br />
3207 Supply Chain Security: The New Normal<br />
3208 IT Security Council Series: Is <strong>the</strong> Power<br />
▲ X X X X X X<br />
Infrastructure Secure? Utility and Smart Grid<br />
Security<br />
● X X X X X<br />
3209 Black Leaders in <strong>the</strong> Security Industry ● X X<br />
3210 The Rise of Domestic Terrorism ▲ X X X X X X<br />
3211 The Security Metrics Challenge ▲ X<br />
3212 Disaster in <strong>the</strong> Data Center! Are You<br />
Prepared?<br />
■ X X X X<br />
3214 Soft Targets ● X X X X X X<br />
3215 Background Checks Under Fire: A Legal<br />
Update<br />
■ X X X<br />
3216 Integrated Operational Risk Management:<br />
A Look Inside Westinghouse<br />
■ X X X X<br />
3217 Supply Chain Security: The Americas ■ X X X X<br />
3218 Protection Intelligence: Putting It in <strong>the</strong><br />
Hands of Potential Targets<br />
3219 Caution Advised: The Use of Social<br />
● X X X X X<br />
Networking Sites, Search Engines, and Web 2.0<br />
to Screen Applicants<br />
■ X X<br />
3220 Getting From Here to There: Advancing In<br />
<strong>the</strong> Security Field<br />
● X<br />
3280 Forensics and <strong>the</strong> Cloud<br />
3282 Picking <strong>the</strong> Right Tool for <strong>the</strong> Job:<br />
■ X X X X<br />
Using Vendor Tools to Aid in <strong>the</strong> Development<br />
of Secure Code<br />
■ X X<br />
3283 Mobile Applications: Managing Enterprise<br />
Risk and Exploitation<br />
3284 Putting Your House in Order—Business<br />
■ X X X X<br />
Intelligence Ga<strong>the</strong>red From 100+ Sustainable<br />
IT-GRC Implementations<br />
■ X X X<br />
3285 Risk Analysis and Measurement With<br />
CWRAF<br />
■ X X<br />
36 Asis 2011 <strong>Anticipate</strong> <strong>the</strong> <strong>unexpected</strong>. The security tools, techniques, and talent for tomorrow.<br />
(ISC) 2 Security Congress
4:30 pm–5:30 pm<br />
TUESDAY<br />
LEVEL KEY: ● Fundamental ■ Intermediate ▲ Advanced<br />
LEVEL<br />
Arch/Eng/Design<br />
Crime/Loss Prevention<br />
Crisis Management<br />
Critical Infrastructure<br />
Global<br />
Government/Military<br />
Homeland Security<br />
Information/IT Security<br />
Investigations<br />
Legal<br />
Management<br />
Physical Security<br />
Professional Development<br />
Terrorism<br />
Young Professionals<br />
Systems Integrator NEW<br />
Application Security<br />
Cloud Security<br />
Governance, Regulation,<br />
and Compliance<br />
Mobile Security and<br />
Social Networking<br />
Swiss Army Knife<br />
3301 The International Code of Conduct for<br />
Private Security Service Providers: A New<br />
Benchmark for Quality<br />
▲ X X X X X<br />
3302 Customer Satisfaction Catalyzing an<br />
Enhanced Security Environment in Organizations<br />
▲ X X X<br />
3303 Integrator Series: Transportation and Port<br />
Security Solutions<br />
3304 Innovation or Confusion? How Will High-<br />
● X X X X X X X<br />
Tech Industries Impact Electronic Security<br />
Systems?<br />
3305 Security Architecture and Engineering,<br />
● X X X X<br />
Part 3: Creating and Communicating <strong>the</strong><br />
Security System<br />
▲ X X X<br />
3306 IT Security Council Series: Federal<br />
Information Security<br />
● X X<br />
3307 Your Career Is Your Currency. What Is It<br />
■<br />
Worth? Steps to Building or Transitioning Careers<br />
X X X<br />
3308 Role Model: Creating a Positive Security<br />
Culture<br />
■ X X X<br />
3309 Security Reserve Corps ▲ X X X<br />
3310 Profiting From Organizational Resilience:<br />
The Role of <strong>the</strong> Chief Security Officer<br />
■ X X X<br />
3311 Security Officer Training: What Really<br />
Works—and What Doesn’t<br />
● X X<br />
3312 Protecting Your Brand Online: Success<br />
Stories on How to Tame <strong>the</strong> Internet<br />
■ X X X<br />
3313 Defense Security Service Report to <strong>ASIS</strong> ▲ X X X X<br />
3314 Preventing an Active Shooter Incident ● X X X X X<br />
3315 Technology Upgrades: From Concept to<br />
Installation<br />
▲ X X X<br />
3316 Making Suspicious Activity Reporting Work<br />
for You<br />
3317 How Vulnerable Is Your Data? Cost-<br />
● X X X<br />
Effective Best Practices to Safeguard Against<br />
Data Breaches<br />
▲ X X X<br />
3318 <strong>Anticipate</strong> <strong>the</strong> Unexpected? Understanding<br />
<strong>the</strong> Threat<br />
▲ X X<br />
3319 NASA’s Next Mission: Mars Science Lab –<br />
Curiosity Rover<br />
3320 Growing Your Bench: A Comprehensive<br />
● X<br />
Success Plan for <strong>the</strong> Discovery, Retention, and<br />
Development of Top Security Employees<br />
● X X<br />
3380 Debate—Collecting of Personal Information<br />
From <strong>the</strong> Cloud<br />
■ X X X X X<br />
3381 Psychological Principles in Social<br />
Engineering<br />
■ X X X X X<br />
3383 Impact of Social Networking on Security<br />
Threats<br />
■ X X X X X<br />
3384 A Guide to Security Metrics ■ X X X X<br />
3385 Software Assurance Panel Wrap-up ■ X<br />
(ISC) 2 Security Congress<br />
September 19–22, 2011 | Orange County Convention Center | Orlando, Florida | www.asis2011.org 37
Education sessions: 3000 Series<br />
TUEsDAY, sEPTEMbEr 20 • 8:00 am–9:00 am • 11:00 am–12:00 noon<br />
8:00 am–9:00 am<br />
11:00 am–12:00 noon<br />
KEYNOTE<br />
Jeb bush<br />
Governor of Florida,<br />
1999–2007<br />
See page 4 for keynote<br />
description.<br />
3101 Asis standards: Conducting<br />
a risk Assessment—<strong>the</strong> Foundation<br />
for successful risk Management<br />
■ Intermediate<br />
The risk assessment process provides <strong>the</strong><br />
foundation for a successful program of security<br />
and risk management. learn to create a reliable<br />
and repeatable risk assessment process. The<br />
ISO 31000 Risk Management Standard provides<br />
a process for risk management widely accepted<br />
around <strong>the</strong> globe. This session takes you stepby-step<br />
through <strong>the</strong> risk assessment process<br />
described in <strong>the</strong> standard.<br />
Dr. Marc Siegel, Commissioner, <strong>ASIS</strong> Global Standards<br />
Initiative, <strong>ASIS</strong> International; Peter Brian Boyce, Senior<br />
Business Manager, Security Management Systems–Asia,<br />
Lloyds Register Quality Assurance<br />
Sponsored by <strong>the</strong> <strong>ASIS</strong> Standards and Guidelines<br />
Commission<br />
3102 security Engineering in<br />
High Threat Environments<br />
■ Intermediate<br />
Security engineering provides vulnerability<br />
assessments and new and retrofit designs for<br />
protecting people, structures, and business<br />
operations from terrorist attacks. In high threat<br />
environments, <strong>the</strong>re are often no predetermined<br />
design criteria, and <strong>the</strong> threats are fluid and can<br />
worsen rapidly. The security engineering team<br />
must consider: multiple threats, often in<br />
combination as complex attacks become more<br />
prevalent; long to non-existent response times<br />
from local law enforcement; safe haven and<br />
evacuation requirements in hostile territories;<br />
and limited access to sophisticated building<br />
techniques and materials.<br />
Hollice Stone, President, Stone Security Engineering, PC<br />
3103 Crime, Terror, or Natural<br />
Disasters: Medical/Preparedness<br />
Expertise/Critical Considerations<br />
for <strong>the</strong> security Professional<br />
▲ Advanced<br />
emerging diseases and environmental hazards<br />
of all types can compromise <strong>the</strong> pillars of<br />
corporate security. When operating in unstable<br />
environments, obtaining medical preparedness<br />
expertise is essential to security planning. Too<br />
often such expertise is ignored or sought only<br />
as <strong>the</strong> emergency occurs instead of beforehand.<br />
Preparedness experts can enhance <strong>the</strong> likelihood<br />
of successfully functioning in dangerous environments.<br />
There’s an urgent need for security and<br />
med-prep experts to collaborate. Best practices<br />
based upon assisting clients world-wide will be<br />
discussed.<br />
Dr. Robin McFee, Medical Director, Threat Science<br />
Sponsored by <strong>the</strong> <strong>ASIS</strong> Global Terrorism, Political<br />
Instability, and International Crime Council<br />
3104 integrator series: securing<br />
<strong>the</strong> University—Meeting Threats<br />
inside and Out<br />
● Fundamental<br />
hear from campus safety, security practitioners,<br />
and agency professionals as <strong>the</strong>y address what<br />
<strong>the</strong>ir biggest needs are and how you can satisfy<br />
<strong>the</strong>m as integration professionals. learn about<br />
violent trends on campus. understand student<br />
safety concerns. examine emergency<br />
communications. consider substance abuse,<br />
illegal items, and more.<br />
Raymond Thrower, Gustavus University; William<br />
Badertscher, Georgetown University<br />
“The seminar is an opportunity to<br />
attend topical security sessions,<br />
network with similarly focused<br />
professionals, and learn about new<br />
products and innovations.”<br />
Scott conner<br />
Senior Government/Military Sales<br />
Representative<br />
Onity<br />
38 Asis 2011 <strong>Anticipate</strong> <strong>the</strong> <strong>unexpected</strong>. The security tools, techniques, and talent for tomorrow.
TUEsDAY, sEPTEMbEr 20 • 11:00 am–12:00 noon<br />
3105 setting <strong>the</strong> standard:<br />
A roundup of <strong>the</strong> Physical and<br />
Logical Technology standards<br />
Affecting <strong>the</strong> security industry<br />
▲ Advanced<br />
Industry standards creep into security solutions<br />
on three main fronts: operational standards, IT<br />
standards, and government standards. each<br />
affects different components of a system and<br />
protects physical security or logical security.<br />
But, if not properly understood and integrated,<br />
standards can complicate a project much more<br />
than help it. This session discusses <strong>the</strong> main<br />
standards affecting <strong>the</strong> industry today—from<br />
OnVIF to hdTV to IcaM to 802.11x and everything<br />
in between—as well as working with <strong>the</strong> respective<br />
industry associations to maximize your<br />
performance.<br />
Ray Bernard, PSP, President and Principal Consultant,<br />
Ray Bernard Consulting Services; Steve Surfaro, Industry<br />
Liaison, Axis Communications; Ronald Martin, CPP,<br />
Physical Security Specialist, U.S. Government<br />
3106 security Officer Training, Post<br />
Orders, and Negligence<br />
■ Intermediate<br />
This panel discussion reviews <strong>the</strong> intricacies<br />
of how training and post orders have to be<br />
interrelated from an operational and liability<br />
aspect. It discusses who or which company may<br />
be held liable, past incidents of where guard<br />
companies had to pay out large sums due to<br />
a lack of quality training and post orders, and<br />
how to properly write and create <strong>the</strong> correct<br />
post orders procedure for your guard force.<br />
Gary Kuty, President/CEO, Kuty and Associates, LLC;<br />
Jeffrey Slotnick, PSP, President, Setracon Incorporated;<br />
Steven Bucklin, President/CEO, Glenbrook Security<br />
Services, Inc.; Bruce Brownyard, Principal, Brownyard<br />
Programs, Ltd.<br />
Sponsored by <strong>the</strong> <strong>ASIS</strong> Private Security Services Council<br />
TUESDAY<br />
LEVEL KEY: ● Fundamental ■ Intermediate ▲ Advanced<br />
3107 Considerations and<br />
Advancements in Providing a<br />
Defended site Perimeter<br />
● Fundamental<br />
The four main functions of any comprehensive<br />
physical security program are to deter, detect,<br />
delay, and respond to a threat. a well-planned<br />
perimeter can deter an aggressor by increasing<br />
<strong>the</strong> perceived difficulty of attack, support <strong>the</strong><br />
implementation and function of detection<br />
sensors, and delay an aggressor, providing <strong>the</strong><br />
security force time to respond to an attack. This<br />
presentation discusses <strong>the</strong> basics as well as<br />
recent advancements in meeting <strong>the</strong> challenge<br />
of providing cost effective and architecturally<br />
acceptable barriers.<br />
Joseph L. Smith, PSP, Director/Senior Vice President,<br />
Applied Research Associates<br />
3108 Excellence in High-impact<br />
security Education Training<br />
▲ Advanced<br />
Garner valuable insight into designing high-impact/<br />
high-return security education and awareness<br />
training programs that are responsive, serve <strong>the</strong><br />
business, and foster an environment that protects<br />
our nation’s secrets. learn best practices that have<br />
been proven to help you effectively communicate<br />
and involve your management and employees in<br />
efforts that will deliver positive results. This<br />
presentation offers a variety of tools essential to<br />
any security professional’s toolkit and will assist in<br />
delivering lasting security messages guaranteed<br />
to deliver positive results with your employees.<br />
Robert Rogalski, Director, Corporate Security & Safety,<br />
RAND Corporation; Deborah (Deedee) Collins, Executive<br />
Director, National Security Training Institute; Michael<br />
Frazier, CPP, Senior Security Manager, Booz Allen Hamilton<br />
Sponsored by <strong>the</strong> <strong>ASIS</strong> Defense and Intelligence Council<br />
3109 Update: The U.s. Department of<br />
Homeland security and <strong>the</strong> Chemical<br />
Facility Anti-Terrorism standards<br />
■ Intermediate<br />
The united States faces a persistent and evolving<br />
threat from both foreign and domestic terrorist<br />
organizations. an attack on a high-risk chemical<br />
facility has <strong>the</strong> potential to cause serious adverse<br />
effects. learn what <strong>the</strong> dhS is doing to secure<br />
<strong>the</strong> nation’s high-risk chemical facilities and how<br />
to maximize <strong>the</strong> security at your facility through<br />
<strong>the</strong> cFaTS program. Work with dhS to find out<br />
if your facility is high risk, and <strong>the</strong> security<br />
measures you can implement to protect your<br />
facility from a variety of terrorist attacks.<br />
Sue Armstrong, Deputy Assistant Secretary, U.S.<br />
Department of Homeland Security<br />
Sponsored by <strong>the</strong> <strong>ASIS</strong> Utility Security Council<br />
September 19–22, 2011 | Orange County Convention Center | Orlando, Florida | www.asis2011.org 39
Education sessions: 3000 Series<br />
TUEsDAY, sEPTEMbEr 20 • 11:00 am–12:00 noon<br />
3110 security Architecture and<br />
Engineering, Part 1: basis of<br />
security Design<br />
■ Intermediate<br />
understanding <strong>the</strong> security system design<br />
process is absolutely critical for all stakeholders<br />
involved. Before anyone begins talking about<br />
security solutions, project initiators have to<br />
understand <strong>the</strong> process and key players involved.<br />
learn about <strong>the</strong> process espoused by <strong>the</strong> aSIS<br />
Security architecture and engineering council<br />
from establishing <strong>the</strong> need for security, through<br />
asset and risk assessment, and development of<br />
functional requirements, to identifying preliminary<br />
mitigation measures. The session wraps up by<br />
helping you avoid <strong>the</strong> adage “Be careful what you<br />
asked for…you may get it!” (See Part 2, session<br />
3206, on page 44.)<br />
J. Kelly Stewart, Director of Corporate Security, Intelsat;<br />
Mark Schreiber, CPP, Design Engineering Specialist, Fluor<br />
Corporation<br />
Sponsored by <strong>the</strong> <strong>ASIS</strong> Security Architecture and<br />
Engineering Council<br />
3111 Lessons Learned: Trends in<br />
Extreme Violence in <strong>the</strong> Workplace<br />
■ Intermediate<br />
unfortunately, <strong>the</strong> possibility of an active shooter<br />
situation happening in our communities is a reality<br />
everyone has to deal with. although no one is<br />
exempt from <strong>the</strong> threat, you can be part of <strong>the</strong><br />
solution. Through knowledge and awareness,<br />
you can fill <strong>the</strong> ‘extreme danger gap’ of time until<br />
first responders arrive. Topics include recognizing<br />
pre-incident indicators, <strong>the</strong> survival mindset,<br />
courses of action during an active shooter event,<br />
and response when law enforcement arrives.<br />
Randy Spivey, CEO/Founder, The Center for Personal<br />
Protection and Safety; Roger Aldrich, Director of Training,<br />
Center for Personal Protection and Safety<br />
Sponsored by <strong>the</strong> <strong>ASIS</strong> Crisis Management and Business<br />
Continuity Council<br />
“This is <strong>the</strong> place for <strong>the</strong><br />
most up-to-date and best<br />
directed information in <strong>the</strong><br />
security industry.”<br />
allan cravalho, cPP<br />
Vice President, Engineering<br />
Warren associates<br />
3112 iT security Council series:<br />
Cyber security<br />
● Fundamental<br />
cyber security has become a catch-all phrase.<br />
learn what cyber security really means and <strong>the</strong><br />
critical security threats and attack vectors that<br />
corporations must understand to protect <strong>the</strong>ir<br />
assets and market share. discover your role and<br />
responsibilities in <strong>the</strong> new environment where<br />
physical, personnel, and IT security are converging<br />
into an interleaved discipline. Receive a current<br />
state report that identifies four major types of<br />
security threats. Identify <strong>the</strong> steps individuals,<br />
companies, and agencies can take to protect<br />
<strong>the</strong>mselves, <strong>the</strong>ir assets, <strong>the</strong>ir customers, and<br />
ultimately <strong>the</strong>ir bottom line from <strong>the</strong> threats.<br />
Mark Schreiber, CPP, Design Engineering Specialist, Fluor<br />
Corporation; Don Fergus, Vice President/CS, Intekras, Inc.;<br />
David Morgan, Associate, (ISC) 2 Appointee, Booz Allen<br />
Hamilton; Coleman L. Wolf, CPP, CISSP, ESD<br />
Sponsored by <strong>the</strong> <strong>ASIS</strong> Information Technology Security<br />
Council<br />
3113 What, Me Worry? The<br />
Global Privacy Movement and<br />
its implications for <strong>the</strong> Modern<br />
security Practitioner<br />
■ Intermediate<br />
The global privacy movement has changed <strong>the</strong><br />
expectations of our employees and customers,<br />
while <strong>the</strong> Internet and <strong>the</strong> technologies it supports<br />
allow access to information never before available.<br />
This fascinating and fast-paced session will<br />
explain how <strong>the</strong>se technologies function and<br />
why privacy advocates are so concerned. You will<br />
also be shown how to safely and legally use this<br />
information without exposing yourself and your<br />
organization to unnecessary and costly litigation<br />
while respecting <strong>the</strong> privacy of those whom <strong>the</strong><br />
organization touches.<br />
Eugene Ferraro, CPP, PCI, CEO/Founder, Business<br />
Controls, Inc.<br />
3114 Managing <strong>the</strong> Corporate<br />
security Culture Change<br />
▲ Advanced<br />
every security professional sooner or later runs<br />
into difficulties with embedding a company-wide<br />
buy-in for meeting security regulations deployed<br />
to protect core organization assets and values.<br />
developing a comprehensive awareness program<br />
is an essential task to be done, but before doing<br />
so, a broader understanding of organizational<br />
behavior must be obtained. This lecture uncovers<br />
<strong>the</strong> aspects of <strong>the</strong> organization culture to point<br />
at its particular elements, and to discuss related<br />
implications for security practitioners.<br />
Radek Havliš, CPP, Vice President Business Security, BCM<br />
and Facility Management, T-Mobile Czech Republic<br />
40 Asis 2011 <strong>Anticipate</strong> <strong>the</strong> <strong>unexpected</strong>. The security tools, techniques, and talent for tomorrow.
TUEsDAY, sEPTEMbEr 20 • 11:00 am–12:00 noon<br />
3115 rail security: Protecting <strong>the</strong><br />
Customer’s Lading<br />
● Fundamental<br />
This session will report on <strong>the</strong> existence of<br />
railroad police departments and how <strong>the</strong>y function<br />
in <strong>the</strong>ir efforts to protect a customer’s freight.<br />
Information on <strong>the</strong> various security and police<br />
functions that <strong>the</strong> four or five major railroads<br />
currently have in place will be provided. Physical<br />
security of facilities, specialized investigative and<br />
response units, as well as proactive efforts will be<br />
discussed. Teamwork with o<strong>the</strong>r agencies will also<br />
be covered.<br />
Larry Schuck, CPP, President, LarMar Security<br />
Consulting, LLC<br />
3116 Protests, Demonstrations,<br />
and Civil Unrest: Crisis Action<br />
Planning in sou<strong>the</strong>ast Asia<br />
■ Intermediate<br />
World events continue to highlight <strong>the</strong> importance<br />
of establishing a crisis action plan as part of an<br />
overall risk management program. Plans must<br />
take into account <strong>the</strong> customs, culture, and<br />
operating environment of each location. Protests,<br />
demonstrations, and civil unrest occasionally<br />
turn violent, threatening <strong>the</strong> safety and security<br />
of personnel and disrupting business interests.<br />
learn to develop a crisis action plan for Sou<strong>the</strong>ast<br />
asia through actual case studies focusing on <strong>the</strong><br />
2010 politically-fueled riots in Bangkok, Thailand<br />
and <strong>the</strong> Tanjung Priok Port district expansion riot<br />
in Jakarta, Indonesia.<br />
Scott Bernat, Chief of U.S. Military Security, Resident<br />
Agent in Charge, U.S. Naval Criminal Investigative Service<br />
(NCIS)/Force Protection Detachment Indonesia<br />
3117 Countering business/industrial<br />
Espionage in a Global Marketplace<br />
▲ Advanced<br />
The business impact of industrial espionage<br />
is often not fully understood by security<br />
professionals or senior management. after<br />
explaining <strong>the</strong> business consequences, this<br />
presentation examines <strong>the</strong> global business<br />
spying threats using real-world, mini-case studies.<br />
It examines typical business organizational<br />
vulnerabilities, how to close those vulnerabilities,<br />
and developing a comprehensive risk-based<br />
proprietary information protection program that<br />
is tailored to <strong>the</strong> threat and protects <strong>the</strong> most<br />
critical business information.<br />
Bruce Wimmer, CPP, Director of Global Consulting,<br />
Pinkerton Consulting & Investigations<br />
TUESDAY<br />
LEVEL KEY: ● Fundamental ■ Intermediate ▲ Advanced<br />
3118 bolster Your Leadership bucket<br />
List: 25 ‘Must Have’ Experiences for<br />
security Leaders<br />
■ Intermediate<br />
explore 25 “must have” experiences that will<br />
propel you to become a leader who makes an<br />
impact in today’s challenging global work<br />
environment. hear firsthand from a c-Suite<br />
executive at one of <strong>the</strong> largest security service<br />
providers in <strong>the</strong> united States as he shares his<br />
unique perspectives on <strong>the</strong> leadership discipline.<br />
hear how targeted activities and opportunities<br />
create strengths and visibility that opens doors<br />
for professional growth. Business fundamentals,<br />
building leadership character, and career<br />
management goals to pursue while building your<br />
own leadership Bucket list will be covered.<br />
Ty Richmond, CPP, Chief Operating Officer, Andrews<br />
International<br />
3119 Protecting Your business:<br />
Understanding islam and<br />
islamofacism<br />
● Fundamental<br />
From a “lone actor” at a major army base to<br />
coordinated attacks on american-owned<br />
businesses abroad, Islamic-based terror attacks<br />
continue to cost countless lives and billions<br />
of dollars to companies at home and abroad.<br />
Focused on <strong>the</strong> security professional, this<br />
presentation will look at <strong>the</strong> founding, evolution,<br />
and current state of Islam, including <strong>the</strong> violent<br />
events shaping today’s headlines. understand<br />
<strong>the</strong> re-emergence of Jihad fueled by over<br />
10 trillion dollars in OPec since 1973, and<br />
millions of Muslim migrants settling in <strong>the</strong> West.<br />
The exploitation of western technology is critical<br />
to every member of <strong>the</strong> security and law<br />
enforcement communities.<br />
Michael Trapp, CPP, Director, Corporate Security, Tesoro<br />
Companies, Inc.<br />
Sponsored by <strong>the</strong> <strong>ASIS</strong> Global Terrorism, Political<br />
Instability, and International Crime Council<br />
September 19–22, 2011 | Orange County Convention Center | Orlando, Florida | www.asis2011.org 41
Education sessions: 3000 Series<br />
TUEsDAY, sEPTEMbEr 20 • 11:00 am–12:00 noon<br />
3180 Architecting and building a<br />
secure Virtual infrastructure and<br />
Private Cloud<br />
■ Intermediate<br />
Many fail to realize that virtualization is <strong>the</strong> key<br />
technology enabling cloud computing, so it is<br />
imperative to understand <strong>the</strong> security aspects of<br />
virtualization, <strong>the</strong> concept of multi-tenancy in <strong>the</strong><br />
cloud, how this changes data center operations,<br />
and best practices to account for those changes.<br />
In this session, key considerations in architecting<br />
and building a secure private cloud will be<br />
discussed. You will be able to define <strong>the</strong> private<br />
cloud and multi-tenancy, and learn how to<br />
architect a private cloud to achieve secure<br />
multi-tenancy, <strong>the</strong> key tools needed to ensure<br />
isolation between tenants, and best practices in<br />
securing <strong>the</strong> underlying virtual infrastructure.<br />
Rob Randell, Staff Security and Compliance Specialist,<br />
VMware, Inc.<br />
3181 Data integrity Debate<br />
■ Intermediate<br />
data integrity, one of <strong>the</strong> four core concepts of<br />
information security, is critical to all organizations.<br />
The integrity of data needs be ensured whe<strong>the</strong>r<br />
data is in transit or at rest, and changes made<br />
only when authorized. how can organizations<br />
achieve something so important? listen as a<br />
cISO and a cSO debate <strong>the</strong> topic and interact with<br />
<strong>the</strong> audience to take questions and provide tips in<br />
what is sure to be an informative and entertaining<br />
session.<br />
John Petrie, CISO, Heartland Clark; Preston Wood, CSO,<br />
Zion Bank<br />
3182 security ‘App-Titude’<br />
■ Intermediate<br />
can ignorance be bliss in a world that is rife with<br />
vulnerabilities and threat agents that wish to<br />
exploit <strong>the</strong>m? What is <strong>the</strong> attitude that many have<br />
toward application security? Who can you call an<br />
expert in application security in this day and age?<br />
come for a fun-filled and informative session on<br />
what it takes to develop secure applications and<br />
increase your security ‘app-titude’! Technologists<br />
and management professionals are welcome. You<br />
would not want to miss this!<br />
Mano Paul, CEO, SecuRisk Solutions<br />
3183 The AbCs of Global Mobile<br />
Enterprise Compliance<br />
■ Intermediate<br />
Organizations have spent millions of dollars on<br />
developing and maintaining data, security, and<br />
privacy compliance mechanisms to adhere to<br />
hIPaa, GlBa, PcI, and o<strong>the</strong>rs around <strong>the</strong> world.<br />
Globally, almost a hundred laws exist, and most<br />
of <strong>the</strong> 50 united States have privacy and security<br />
laws and guidelines. This discussion addresses<br />
why smart phone compliance has been such a<br />
challenge and offers a moderately technical<br />
discussion on what security professionals can<br />
do in <strong>the</strong> short term to make <strong>the</strong>ir mobile devices<br />
compliant with <strong>the</strong>ir wired enterprises. handouts<br />
will help you assess your own compliance<br />
postures.<br />
Winn Schwartau, Chairman of <strong>the</strong> Board, Mobile Active<br />
Defense<br />
3184 Control and Harmonization<br />
of Compliance Efforts Across<br />
Multiple regulations<br />
■ Intermediate<br />
The presentation discusses strategies for<br />
syn<strong>the</strong>sizing <strong>the</strong> information security related<br />
legal obligations faced by many organizations,<br />
with <strong>the</strong>ir internal risk management needs and<br />
priorities, in a comprehensive and effective<br />
security program. areas of focus include: what<br />
government regulators expect in an information<br />
security program; how to balance inconsistent and<br />
conflicting legal requirements; prioritizing legal<br />
requirements based on <strong>the</strong> expected improvement<br />
in legal compliance and reduction of potential<br />
security incidents that tend to initiate government<br />
investigations; and integrating requirements of<br />
contracts into <strong>the</strong> information security program.<br />
Mark Paulding, Attorney, HoganLovells US, LLP<br />
42 Asis 2011 <strong>Anticipate</strong> <strong>the</strong> <strong>unexpected</strong>. The security tools, techniques, and talent for tomorrow.
3185 improve Your sDLC With<br />
CAPEC and CWE<br />
■ Intermediate<br />
unfortunately, many organizations are still<br />
focused exclusively on operational security,<br />
specifically <strong>the</strong> detection and remediation of<br />
exploitable applications. In contrast, developers<br />
are concerned with functional requirements and<br />
shipping dates for <strong>the</strong>ir applications. how can<br />
organizations reduce code vulnerabilities and<br />
improve <strong>the</strong>ir Sdlc approaches with caPec and<br />
cWe? This presentation shows how to avoid<br />
making <strong>the</strong> “Top 25 Most dangerous Software<br />
errors” by providing lessons learned from various<br />
application development teams through <strong>the</strong> Sdlc,<br />
and real-world examples of how organizations can<br />
use <strong>the</strong>se measurement tools to set priorities and<br />
make practical risk-based decisions. See real<br />
exploitation scenarios that were made possible by<br />
<strong>the</strong> smallest of errors.<br />
Speakers to be determined<br />
1:45 pm–3:00 pm<br />
3201 Asis standards: Explore<br />
resilience and risk Management<br />
Around <strong>the</strong> World<br />
■ Intermediate<br />
an international panel will explore how resilience<br />
and risk management are changing <strong>the</strong> way<br />
businesses manage <strong>the</strong>ir risks in countries<br />
around <strong>the</strong> world. What do you need to know to<br />
conduct a global business? What changes and<br />
standards are on <strong>the</strong> horizon? how will this affect<br />
your supply chain? Find out in this informative<br />
session.<br />
Peter Brian Boyce, Senior Business Manager, Security<br />
Management Systems–Asia, Lloyds Register Quality<br />
Assurance; Dr. Marc Siegel, Commissioner, <strong>ASIS</strong> Global<br />
Standards Initiative, <strong>ASIS</strong> International; Jose-Miguel<br />
Sobron, Crisis Management Support, United Nations Unit;<br />
Grant Lecky, National Coordinator BCP, Citizenship and<br />
Immigration, Canada<br />
Sponsored by <strong>the</strong> <strong>ASIS</strong> Standards and Guidelines<br />
Commission<br />
TUESDAY<br />
LEVEL KEY: ● Fundamental ■ Intermediate ▲ Advanced<br />
TUEsDAY, sEPTEMbEr 20 • 11:00 am–12:00 noon • 1:45 pm–3:00 pm<br />
“The scale and scope of this<br />
seminar makes it <strong>the</strong> most<br />
cost-effective event of <strong>the</strong> year.”<br />
Scott derby<br />
Vice President<br />
State Street corporation<br />
3202 integrator series: securing<br />
Healthcare security—Compliance,<br />
Protection, and Diversity<br />
● Fundamental<br />
leading healthcare practitioners will reveal <strong>the</strong>ir<br />
biggest challenges and what <strong>the</strong>y expect from<br />
today’s systems integrator. understand hIPaa<br />
compliance requirements. learn about infant/<br />
patient RFId systems. evaluate leveraging<br />
infrastructure and OR surveillance for education.<br />
examine violent patients and violence in facilities.<br />
learn about remote diagnosis, triage, and more.<br />
Bonnie Michelman, CPP, Director Police Security Outside<br />
Services, Massachusetts General Hospital; Mike<br />
Cummings, Aurora Healthcare<br />
3203 retail Loss Prevention: Crisis<br />
Management, Technology, and<br />
Management Effectiveness<br />
▲ Advanced<br />
Retail loss prevention executives will discuss<br />
three critical functional areas of lP programs:<br />
crisis Management—from natural disasters<br />
to shootings, effective management of crisis<br />
situations can secure against loss of life and<br />
protect <strong>the</strong> company’s brand and identity;<br />
Technology utilization—<strong>the</strong> pace of changing<br />
technology is staggering and retail lP executives<br />
must identify innovations that bring immediate<br />
value to <strong>the</strong> organization; Management<br />
effectiveness—without effective lP management<br />
and leadership, organizations often do not<br />
embrace <strong>the</strong> proactive measures needed to<br />
protect <strong>the</strong> organization.<br />
William Alford, President, International Lighthouse Group,<br />
Inc.; Mark Gaudette, Director of Loss Prevention, Big Y<br />
Foods; Kathleen Smith, Vice President–Loss Prevention,<br />
Safeway; Jumbi Edubehram, Vice President–Business<br />
Development, Next Level Security; Greg Brumley, CPP,<br />
Senior Director, Loss Prevention, T-Mobile, U.S.<br />
Sponsored by <strong>the</strong> <strong>ASIS</strong> Retail Loss Prevention Council<br />
September 19–22, 2011 | Orange County Convention Center | Orlando, Florida | www.asis2011.org 43
Education sessions: 3000 Series<br />
TUEsDAY, sEPTEMbEr 20 • 1:45 pm–3:00 pm<br />
3204 surveillance and Threat<br />
Detection: Prevention vs. Mitigation<br />
■ Intermediate<br />
damage mitigation through increased physical<br />
security must evolve to include a new and<br />
proactive approach of attack prevention through<br />
<strong>the</strong> identification and disruption of pre-attack<br />
and pre-operational planning, and surveillance<br />
activities. Gain a unique look at how to<br />
encapsulate criminal and terrorist surveillance,<br />
analyze suspicious activity reports, and utilize a<br />
threat-based surveillance detection protection<br />
program to increase probability of prevention<br />
while streamlining protection assets and cost<br />
effectiveness.<br />
Richard Kirchner, Jr., Special Agent Senior Law<br />
Enforcement Supervisor, Pentagon Force Protection Agency<br />
3205 Explosion-induced injuries and<br />
Protective Gear<br />
▲ Advanced<br />
Potential injuries caused by blast exposures<br />
are of interest to military and law enforcement<br />
personnel exposed to blast in <strong>the</strong> course of<br />
doing breaching maneuvers, operating weapons<br />
that produce back-blast, performing explosive<br />
ordnance disposal, or at risk of exposure to<br />
terrorist bombs. understanding <strong>the</strong>se effects is<br />
essential to adopting safe operating procedures<br />
and minimizing risk. This session addresses <strong>the</strong><br />
state of knowledge pertaining to <strong>the</strong> bio-effects<br />
of blast, in general, and neurological effects, in<br />
particular, and provides proven recommendations.<br />
Nancy Renfroe, PSP, Vice President and Division Manager,<br />
Applied Research Associates (ARA); Lee Ann Young,<br />
Science and Technology Advisor, Applied Research<br />
Associates (ARA)<br />
Sponsored by <strong>the</strong> <strong>ASIS</strong> Fire and Life Safety Council<br />
3206 security Architecture and<br />
Engineering, Part 2: systems Design<br />
and Engineering<br />
● Fundamental<br />
You’ve established your security system<br />
requirements. now <strong>the</strong>y must be met in <strong>the</strong><br />
design of your system. learn how a security<br />
system design is developed and how bid and<br />
construction documents are prepared. explore<br />
how to achieve a good design and establish<br />
requirements for hardware and software,<br />
operation and technical procedures, facility<br />
support, and construction. hear about design<br />
documentation such as engineering drawings,<br />
equipment bid specifications, bill of materials,<br />
installation specifications, and cost estimates.<br />
(See Part 3, session 3305, page 49.)<br />
Frank M. Carpency, CPP, PSP, Principal and Chief<br />
Engineer, Carpency and Associates, LLC; Robert Pearson,<br />
PE, President, The Peotectorate Corporation<br />
Sponsored by <strong>the</strong> <strong>ASIS</strong> Security Architecture and<br />
Engineering Council<br />
3207 supply Chain security: The<br />
New Normal<br />
▲ Advanced<br />
discuss recent events, mitigation strategies,<br />
best practices, and international supply chain<br />
security programs with o<strong>the</strong>r security professionals.<br />
The panel discussion is intended to draw out<br />
critical insights into <strong>the</strong> collateral benefits of<br />
supply chain security. Speakers will present ‘real<br />
life’ business cases to demonstrate <strong>the</strong> successes<br />
for companies which join <strong>the</strong>se programs and<br />
certifications, and <strong>the</strong> expected ROI.<br />
Carlos Velez, COL (Retired), Global Supply Chain Security<br />
Director, Johnson & Johnson; Laura Hains, CPP, Security<br />
Specialist, Independent Security Consultant; JJ Coughlin,<br />
Director, Law Enforcement Services, LoJack Supply Chain<br />
Integrity; John Sharp, CPP, Vice President, Sharp Global<br />
Partner, Ltd.; Russ Phillips, Principal, MMTS Group<br />
Sponsored by <strong>the</strong> <strong>ASIS</strong> Transportation Council<br />
“An unrivalled fountain of knowledge and<br />
technology specifically pertaining to<br />
<strong>the</strong> security world.”<br />
Jeff Gwinnett<br />
Facilities Coordinator<br />
loyaltyOne<br />
44 Asis 2011 <strong>Anticipate</strong> <strong>the</strong> <strong>unexpected</strong>. The security tools, techniques, and talent for tomorrow.
TUEsDAY, sEPTEMbEr 20 • 1:45 pm–3:00 pm<br />
3208 iT security Council series: is<br />
<strong>the</strong> Power infrastructure secure?<br />
Utility and smart Grid security<br />
● Fundamental<br />
learn about <strong>the</strong> impact of <strong>the</strong> north american<br />
electric Reliability corporation (neRc), critical<br />
Infrastructure Protection (cIP), and national<br />
Institute of Standards and Technology (nIST)<br />
7628 relative to <strong>the</strong> security practitioner,<br />
particularly those with interest in <strong>the</strong> utility<br />
domain. Receive a general overview of smart grid<br />
and <strong>the</strong> cost of attacks. examine <strong>the</strong> physical<br />
and systems security implications and concerns,<br />
and disaster recovery and response activities.<br />
Maureen McGovern, President, KSB Solutions; Mark<br />
Schreiber, CPP, Design Engineering Specialist, Fluor<br />
Corporation; Sunil Kumar, Senior Solutions Consultant,<br />
Alert Enterprise, (ISC) 2 Appointee; Cpt. Werner Preining,<br />
CPP, Responsible for European Operations, Interpool<br />
Security, Ltd.<br />
Sponsored by <strong>the</strong> <strong>ASIS</strong> Information Technology Security<br />
Council<br />
3209 black Leaders in <strong>the</strong> security<br />
industry<br />
● Fundamental<br />
The goal of this panel discussion is to mentor<br />
and encourage o<strong>the</strong>r black security professionals<br />
to continue to develop and excel within <strong>the</strong><br />
industry. The panel examines mentoring,<br />
leadership and career development, continuing<br />
education, certification, and <strong>the</strong> glass ceiling.<br />
candid discussions of challenges and <strong>the</strong>ir<br />
solutions will be shared and explored for postpresentation,<br />
real-world application. This will be<br />
a highly interactive session with audience<br />
participation.<br />
Donald Knox, CPP, Security and Crisis Management<br />
Analyst, Caterpillar; Basil Steele, CPP, Senior Manager<br />
Nuclear Security Program, Sandia National Laboratories;<br />
Loretta Veney, CPP, Owner, Superior Training Solutions;<br />
Leslie Cole, Sr., CPP, Principal Consultant, Leslie Cole<br />
Associates, Inc.; Ray Van Hook, CPP, Executive Director of<br />
Campus Security, The School of The Art Institute of Chicago<br />
Sponsored by <strong>the</strong> International Organization of Black<br />
Security Executives<br />
TUESDAY<br />
LEVEL KEY: ● Fundamental ■ Intermediate ▲ Advanced<br />
3210 The rise of Domestic Terrorism<br />
▲ Advanced<br />
This presentation will discuss how <strong>the</strong> FBI<br />
categorizes domestic terrorism—which <strong>the</strong> FBI<br />
defines as <strong>the</strong> unlawful use of force or violence<br />
against persons or property to intimidate or<br />
coerce a government, civilian population, or any<br />
segment <strong>the</strong>reof, in fur<strong>the</strong>rance of political or<br />
social objectives—by <strong>the</strong> ideological motivations<br />
of <strong>the</strong> threats. This process helps <strong>the</strong> FBI to<br />
effectively manage and investigate acts of<br />
domestic terrorism and associated individuals.<br />
The FBI assesses <strong>the</strong> top five domestic terrorism<br />
threats are militia extremism, white supremacy<br />
extremism, abortion extremism, sovereign citizen<br />
extremism, and animal rights and environmental<br />
extremism.<br />
Sean Joyce, Executive Assistant Director, Federal Bureau<br />
of Investigation<br />
Sponsored by <strong>the</strong> <strong>ASIS</strong> Global Terrorism, Political<br />
Instability, and International Crime Council<br />
3211 The security Metrics Challenge<br />
▲ Advanced<br />
how do you present senior business and<br />
government leaders with <strong>the</strong> security risk<br />
management and performance measures <strong>the</strong>y<br />
need to reasonably assure protection—while also<br />
maintaining an effective ROI? compare <strong>the</strong> best<br />
practices of top security professionals as <strong>the</strong>y<br />
demonstrate <strong>the</strong>ir proven methods for devising<br />
risk-managed proposals to help <strong>the</strong>ir executives<br />
make key security budgeting decisions affecting<br />
<strong>the</strong>ir businesses and missions.<br />
James Shamess, CPP, Senior Advisor, Security Policy and<br />
Oversight, U.S. Air Force; Jeffrey C. Dodson, Vice<br />
President, Security Integration, BAE Systems; Timothy<br />
McQuiggan, Director, Security and Fire Protection, Boeing<br />
Defense, Space and Security<br />
Sponsored by <strong>the</strong> <strong>ASIS</strong> Defense and Intelligence Council<br />
3212 Disaster in <strong>the</strong> Data Center!<br />
Are You Prepared?<br />
■ Intermediate<br />
You are in charge of <strong>the</strong> security and information<br />
integrity for your multimillion dollar company.<br />
are you prepared? do you know what to do next?<br />
have you practiced a plan? This session will<br />
discuss several case studies and give tips on how<br />
to effectively prepare your facility for almost any<br />
disaster. Walk away with resources and tips on<br />
how to keep your company running effectively<br />
as soon as possible.<br />
Ronald Lander, CPP, Chief Specialist, Ultrasafe Security<br />
Solutions; Cpt. Werner Preining, CPP, Responsible for<br />
European Operations, Interpool Security, Ltd.<br />
Sponsored by <strong>the</strong> <strong>ASIS</strong> Crisis Management and Business<br />
Continuity Council<br />
September 19–22, 2011 | Orange County Convention Center | Orlando, Florida | www.asis2011.org 45
Education sessions: 3000 Series<br />
TUEsDAY, sEPTEMbEr 20 • 1:45 pm–3:00 pm<br />
3214 soft Targets<br />
● Fundamental<br />
Industry and government protection leaders share<br />
insight on <strong>the</strong> numerous challenges of securing<br />
soft targets in today’s changing environment.<br />
What makes a target soft, what makes it unique<br />
and challenging when evaluating risk assessments<br />
and/or in deploying security measures? The panel<br />
shares first-hand experiences, knowledge, and<br />
processes to shed light on <strong>the</strong> growing risk<br />
associated with soft targets. Whe<strong>the</strong>r you are a<br />
soft target, are responsible for employee travel<br />
and events, and/or charged with executive<br />
protection, you will gain a clearer understanding<br />
of this security phenomenon.<br />
James C. Reynolds, CPP, Director of Safety and Security,<br />
Hilton Worldwide<br />
Sponsored by <strong>the</strong> <strong>ASIS</strong> Global Terrorism, Political<br />
Instability, and International Crime Council<br />
3215 background Checks Under Fire:<br />
A Legal Update<br />
■ Intermediate<br />
Background screening practices are facing a<br />
firestorm of legal scrutiny, restrictions, and<br />
media criticism as evidenced by recent actions<br />
filed by <strong>the</strong> eeOc, laws targeting <strong>the</strong> use of credit<br />
and criminal data, and “ban <strong>the</strong> box” initiatives<br />
limiting <strong>the</strong> access to critical applicant information.<br />
Yet high profile shootings and widely<br />
publicized threats to workplace safety have left<br />
many wondering why more cannot be done to<br />
protect <strong>the</strong> workplace and <strong>the</strong> public. Security<br />
professionals are caught in <strong>the</strong> crosshairs. This<br />
session will arm you with a critical legal update<br />
and recommended best practices.<br />
Angela Bosworth, Executive Vice President, General<br />
Counsel, OPENonline<br />
3216 integrated Operational<br />
risk Management: A Look inside<br />
Westinghouse<br />
■ Intermediate<br />
understand <strong>the</strong> importance of an integrated<br />
operational risk program highlighting all assets:<br />
people, facilities, supply chain, and intellectual<br />
property. as global operational threats continue to<br />
increase, proactive programs are more important<br />
than ever. These threats can range from natural<br />
disasters to health to civil unrest to <strong>the</strong> cyber<br />
world. The first part of this session will outline <strong>the</strong><br />
key program considerations, while <strong>the</strong> second<br />
part will study a specific program employed by<br />
Westinghouse.<br />
Russell Cline, Corporate Security Director, Westinghouse<br />
Electric Company; Bruce McIndoe, President, iJET<br />
Intelligent Risk Systems<br />
3217 supply Chain security:<br />
The Americas<br />
■ Intermediate<br />
This session defines <strong>the</strong> scope and effect of<br />
cargo crime in <strong>the</strong> americas. understand <strong>the</strong><br />
need to have an effective cargo and supply chain<br />
security program for companies who move<br />
cargo in/out/through <strong>the</strong> amercias. Methods<br />
of protecting <strong>the</strong> supply chain and investigative<br />
best practices will be covered.<br />
Art Arway, CPP, Vice President/Regional Head of Security,<br />
Amercias, DHL Global Forwarding<br />
3218 Protection intelligence: Putting<br />
it in <strong>the</strong> Hands of Potential Targets<br />
● Fundamental<br />
Violence in Mexico often surpasses <strong>the</strong> abilities<br />
of authorities to immediately control dangerous<br />
situations. Mexicans have turned to each o<strong>the</strong>r to<br />
provide crucial and immediate information so as<br />
to avoid dangerous situations. learn <strong>the</strong> different<br />
methods utilized to disperse this information,<br />
how <strong>the</strong> populace has evolved in using social<br />
networks and communication mediums, and <strong>the</strong><br />
weaknesses of <strong>the</strong>se information mediums.<br />
actual case histories of violence and how citizens<br />
are utilizing <strong>the</strong>se information mediums will be<br />
discussed and analyzed. Methods to determine<br />
false or malicious information will be shown.<br />
Andrew Potts, Jr., Director, Cuspis S.A. de C. V.; Valdemar<br />
Valdez, Security Manager, Operadora Mega<br />
3219 Caution Advised: The Use<br />
of social Networking sites, search<br />
Engines, and Web 2.0 to screen<br />
Applicants<br />
■ Intermediate<br />
employers and security professionals have<br />
discovered a treasure trove of information on<br />
potential job applicants by using social networking<br />
sites, such as MySpace or Facebook, and search<br />
engines. however, just because something is<br />
available online does not mean <strong>the</strong>re is no legal<br />
risk involved or ensure <strong>the</strong> information is factual.<br />
This session examines <strong>the</strong> pros and cons of<br />
employers utilizing such tools. Through case<br />
studies and reviewing web sites, you will see<br />
visually how <strong>the</strong>se sites work, what <strong>the</strong>y contain,<br />
and <strong>the</strong> potential legal landmines and practical<br />
risks involved.<br />
Lester Rosen, Attorney at Law<br />
46 Asis 2011 <strong>Anticipate</strong> <strong>the</strong> <strong>unexpected</strong>. The security tools, techniques, and talent for tomorrow.
TUEsDAY, sEPTEMbEr 20 • 1:45 pm–3:00 pm<br />
3220 Getting From Here to There:<br />
Advancing in <strong>the</strong> security Field<br />
● Fundamental<br />
With <strong>the</strong> ever changing world of <strong>the</strong> private<br />
security sector, learning what it takes to ‘move up<br />
<strong>the</strong> ladder’ can be challenging and confusing. a<br />
panel of security veterans tell it like it is for those<br />
ready to move up.<br />
Jeffrey Hawkins, Manager, Security Management<br />
Education Outreach, American Military University; Jeffrey<br />
Slotnick, CPP, PSP, President, Setracon Incorporated; Ray<br />
Van Hook, CPP, Executive Director of Campus Security, The<br />
School of The Art Institute<br />
3280 Forensics and <strong>the</strong> Cloud<br />
■ Intermediate<br />
due to <strong>the</strong> explosion of applications for cloud<br />
computing, a new practice has emerged in<br />
“cloud forensics.” In fact, <strong>the</strong> u.S. department<br />
of Justice has begun to focus efforts in this area.<br />
Who controls <strong>the</strong> evidence, including collection,<br />
preservation, and validation of information<br />
contained within <strong>the</strong> cloud? What happens if that<br />
cloud is outside <strong>the</strong> united States? This session<br />
attempts to explain what <strong>the</strong> cloud and forensics<br />
mean in relation to one ano<strong>the</strong>r.<br />
3282 Picking <strong>the</strong> right Tool for<br />
<strong>the</strong> Job: Using Vendor Tools to Aid in<br />
<strong>the</strong> Development of secure Code<br />
■ Intermediate<br />
Building secure code is a top priority for<br />
organizations today. as criminals move from<br />
attacks against <strong>the</strong> operating system to third<br />
party applications, organizations find <strong>the</strong>mselves<br />
on <strong>the</strong> receiving end of attacks. developing<br />
secure code is not only technically challenging,<br />
but is inherently difficult due to a variety of factors<br />
including interaction with o<strong>the</strong>r code, and new<br />
attacks. Many vendors have released tools to aid<br />
developers in this endeavor. This session looks<br />
at <strong>the</strong> application security products market and<br />
discusses some of <strong>the</strong> options that organizations<br />
have in choosing a tool.<br />
Robert Ayoub, Global Program Director, Network Security,<br />
Information & Communication Technologies, Frost and<br />
Sullivan<br />
TUESDAY<br />
LEVEL KEY: ● Fundamental ■ Intermediate ▲ Advanced<br />
3283 Mobile Applications: Managing<br />
Enterprise risk and Exploitation<br />
■ Intermediate<br />
an emerging trend is for large organizations to<br />
shift mobile device ownership and maintenance<br />
to <strong>the</strong>ir employees to reduce business costs.<br />
at <strong>the</strong> crossroads of this shift in IT governance<br />
are smartphone applications and <strong>the</strong>ir ability<br />
to access corporate resources and intellectual<br />
property. not all smartphone applications are<br />
created equal. Most organizations lack formal<br />
processes to support centralized device<br />
management, secure application distribution,<br />
software security, and privacy control. Vetting<br />
risk becomes increasingly embedded into <strong>the</strong><br />
converged mobile and Intranet architectures.<br />
This session presents a mobile application risk<br />
management framework which addresses<br />
assessment and mitigation techniques.<br />
Richard Tychansky, Information Assurance Engineer,<br />
Lockheed Martin Corporation<br />
3284 Putting Your House in Order—<br />
business intelligence Ga<strong>the</strong>red<br />
From 100+ sustainable iT-GrC<br />
implementations<br />
■ Intermediate<br />
Review best practices and concepts from<br />
real-world IT GRc implementations proven to<br />
work for 100+ organizations. decipher when to<br />
apply various risk assessment methodologies<br />
(top-down vs. bottom-up; threat-based vs.<br />
business criticality). Gain an understanding<br />
of existing controls framework and selecting<br />
appropriate frameworks based on <strong>the</strong> target areas<br />
and relevant regulations. Review techniques for<br />
avoiding pitfalls of controls catalogue overload.<br />
case studies highlight challenges of <strong>the</strong> IT GRc<br />
program roll-out and exploring technology to<br />
match <strong>the</strong> organization’s needs and<br />
methodologies.<br />
Vivek Shivananda, Founder/CEO, Rsam<br />
“The seminar and Exhibits is<br />
<strong>the</strong> best source for staying<br />
current in <strong>the</strong> industry and<br />
reviewing products.”<br />
Mike Bruggeman<br />
Director, Global Security<br />
General Motors<br />
September 19–22, 2011 | Orange County Convention Center | Orlando, Florida | www.asis2011.org 47
Education sessions: 3000 Series<br />
TUEsDAY, sEPTEMbEr 20 • 1:45 pm–3:00 pm • 4:30 pm–5:30 pm<br />
3285 risk Analysis and<br />
Measurement With CWrAF<br />
■ Intermediate<br />
The common Weakness Risk analysis Framework<br />
(cWRaF) uses <strong>the</strong> common Weakness Scoring<br />
System (cWSS) scoring criteria with cWe to<br />
provide measures for prioritizing risk mitigation<br />
efforts and focusing secure coding practices.<br />
cWRaF enables targeted specification of “Top-n”<br />
cWe lists that are relevant to specified technologies<br />
used within specific business domains.<br />
In this session, construct multiple cWRaF<br />
vignettes for specific business domains, see<br />
how <strong>the</strong> decisions made during vignette definition<br />
affect <strong>the</strong> assessment of risk for individual<br />
weaknesses, and be able to provide input to<br />
refine <strong>the</strong> concepts in cWRaF and identify<br />
business domains that would benefit from cWRaF.<br />
Bob Martin, Principle Engineer, The MITRE Corporation;<br />
Richard Struse, Deputy Director of Software Assurance<br />
Program, U.S. Department of Homeland Security<br />
4:30 pm–5:30 pm<br />
3301 The international Code of<br />
Conduct for Private security service<br />
Providers: A New benchmark for<br />
Quality<br />
▲ Advanced<br />
corporations worldwide increasingly operate in<br />
regions where security remains an essential<br />
part of conducting daily operations. Often <strong>the</strong><br />
most effective way to meet this need is by<br />
hiring a private security service provider. The<br />
resulting security, however, may seriously impact<br />
shareholder value, reputation, or community<br />
initiatives. how should security directors ensure<br />
<strong>the</strong>y select <strong>the</strong> right security partner? This<br />
session provides an overview of <strong>the</strong> International<br />
code of conduct, <strong>the</strong> anSI/aSIS standards under<br />
development to make <strong>the</strong> code actionable, and<br />
plans to draft an international governance<br />
mechanism for private security service providers.<br />
Mark DeWitt, Deputy General Counsel/Vice President,<br />
Government and Regulatory Affairs, Triple Canopy<br />
3302 Customer satisfaction<br />
Catalyzing an Enhanced security<br />
Environment in Organizations<br />
▲ Advanced<br />
Successful organizations where security has<br />
been centric to success have discovered that<br />
staff support and participation is crucial to<br />
ensure high levels of security environment/<br />
culture. The easiest but erroneous methodology<br />
widely adopted to address security concerns<br />
is to pump money, which is granted after any<br />
media-tracked security incident, for acquisition<br />
of security equipment. Staff attending customers<br />
are trained to look out for physiological details<br />
in a very non-intrusive manner. Investing wisely<br />
to educate and train our staff (non-security<br />
personnel), and stressing upon <strong>the</strong> importance<br />
of <strong>the</strong>ir contribution on <strong>the</strong> detection/prevention<br />
of security-related incidents, would pay dividends<br />
to enhancing security.<br />
Paul Devassy, CPP, Corporate Security Manager–India,<br />
Henkel India<br />
3303 integrator series: Transportation<br />
and Port security solutions<br />
● Fundamental<br />
Security professionals from two of <strong>the</strong> largest<br />
north american ports will reveal how <strong>the</strong>y make<br />
decisions concerning <strong>the</strong>ir security and antiterrorism<br />
programs. learn about perimeter<br />
security and maintaining sterile areas. examine<br />
surveillance best practices for multiple agencies<br />
including traffic monitoring. Receive information<br />
on protecting critical borders and crossings.<br />
Study entry screening and more.<br />
Jose Gomez, Port Authority New York New Jersey;<br />
Hector Pesquera, Port of Miami<br />
3304 innovation or Confusion? How<br />
Will High-Tech industries impact<br />
Electronic security systems?<br />
● Fundamental<br />
The rapid advances in technology can positively<br />
or negatively influence you every day as a physical<br />
security professional. This session examines <strong>the</strong><br />
most promising technologies for our industry—<br />
hd, hosted services, networking and computing<br />
technologies, and video analytics—and outlines<br />
examples of <strong>the</strong>ir impact on physical security. It<br />
offers evaluation and decision-making processes<br />
to include, ignore, or postpone deployment of new<br />
technologies for your electronic security system.<br />
understand how, given two functionally equivalent<br />
security systems, <strong>the</strong> simplest one to manage<br />
should be chosen.<br />
Fredrik Nilsson, General Manager, Axis Communications;<br />
Charlie Pierce, President, LeapFrog Training & Consulting;<br />
Benjamin Butchko, CPP, President/CEO, Butchko Security<br />
Solutions<br />
48 Asis 2011 <strong>Anticipate</strong> <strong>the</strong> <strong>unexpected</strong>. The security tools, techniques, and talent for tomorrow.
TUEsDAY, sEPTEMbEr 20 • 4:30 pm–5:30 pm<br />
3305 security Architecture and<br />
Engineering, Part 3: Creating and<br />
Communicating <strong>the</strong> security system<br />
▲ Advanced<br />
a well-designed system can be an operational<br />
nightmare unless it is implemented properly.<br />
learn how to successfully manage <strong>the</strong> project so<br />
that you remain on schedule and within budget.<br />
Review contractor deliverables and learn tips<br />
on how to administer a construction contract,<br />
manage construction, and run a project meeting.<br />
explore basic system and component tests that<br />
will tell you if your system is performing as<br />
required. learn how to perform a post-occupancy<br />
evaluation to ensure that <strong>the</strong> system is being<br />
operated as intended and serves <strong>the</strong> purpose<br />
required.<br />
Philip Stearns, PE, PMP, Program Manager, Conti Federal<br />
Services; James R. Black, CPP, PSP, CET, Security<br />
Consulting Manager, Microsoft Corporation<br />
Sponsored by <strong>the</strong> <strong>ASIS</strong> Security Architecture and<br />
Engineering Council<br />
3306 iT security Council series:<br />
Federal information security<br />
● Fundamental<br />
Ga<strong>the</strong>r valuable information concerning current<br />
and future policies and requirements in <strong>the</strong><br />
federal sector. Receive a high-level policy overview<br />
to provide context that includes critical and<br />
relevant points from FISMa, nIST, and FIPS<br />
standards as well as guidance and requirements<br />
specific to dod and <strong>the</strong> Intelligence community<br />
(Ic). discuss information system certification<br />
and accreditation overhaul, cyber threats to <strong>the</strong><br />
government, protection of information, and<br />
workforce education. Important initiatives such<br />
as continuous monitoring, situational awareness<br />
developments, and identity management also<br />
will be covered.<br />
Dr. Thresa Lang, Corporate Security Strategist, Dell;<br />
Sal D’Agostino, CEO, IDmachines, LLC; Mat<strong>the</strong>w<br />
Hollandsworth, CPP, Senior Security Manager, Booz<br />
Allen Hamilton, (ISC) 2 Appointee; Maureen McGovern,<br />
President, KSB Solutions<br />
Sponsored by <strong>the</strong> <strong>ASIS</strong> Information Technology Security<br />
Council<br />
TUESDAY<br />
LEVEL KEY: ● Fundamental ■ Intermediate ▲ Advanced<br />
3307 Your Career is Your Currency.<br />
What is it Worth? steps to building<br />
or Transitioning Careers<br />
■ Intermediate<br />
Review <strong>the</strong> big fish/little pond syndrome and<br />
gain an understanding of <strong>the</strong> problems faced in<br />
<strong>the</strong> hiring process for both <strong>the</strong> cSO and <strong>the</strong><br />
applicant. evaluate careers and experiences to fit<br />
<strong>the</strong> pond. Whe<strong>the</strong>r you are hiring a new manager<br />
or changing careers, learn to leverage analytical<br />
skills, management experience, and team-building<br />
capabilities in a corporate environment. War<br />
stories—know when to hold <strong>the</strong>m and when to<br />
fold <strong>the</strong>m. no badge? discover new means to<br />
persuade people to consider your point of view.<br />
Place your career in better standing by remaining<br />
current and using continuing education and<br />
professional certifications.<br />
Pam Brennan, Partner, LifeAfter <strong>the</strong> Badge<br />
3308 role Model: Creating a Positive<br />
security Culture<br />
■ Intermediate<br />
“I didn’t know” is seldom a truthful excuse for<br />
causing a security incident. Security rules aren’t<br />
complicated, so most incidents result more from<br />
attitude than ignorance. attitudes are based in<br />
culture, so we must create a culture where every<br />
employee believes that security is an integral part<br />
of <strong>the</strong>ir daily activities. culture arises when<br />
leaders set important goals, communicate clearly,<br />
deal with issues, and create an atmosphere of<br />
trust. This session discusses specific steps<br />
security professionals can take to drive<br />
development of a positive security culture.<br />
Steven Rients, CPP, Manager, Security Training, BAE<br />
Systems, Inc.<br />
3309 security reserve Corps<br />
▲ Advanced<br />
a 100-person Security Reserve corps was<br />
developed at one <strong>the</strong> largest academic medical<br />
centers in <strong>the</strong> united States. This presentation<br />
discusses various issues involved in creating and<br />
maintaining a reserve security capability in a 24x7<br />
healthcare environment. Issues include leadership<br />
support, recruitment, training, equipping,<br />
deploying, and exercising <strong>the</strong>ir capabilities.<br />
James McNeil, CPP, Administrator, Safety and Security,<br />
Mayo Clinic<br />
September 19–22, 2011 | Orange County Convention Center | Orlando, Florida | www.asis2011.org 49
Education sessions: 3000 Series<br />
TUEsDAY, sEPTEMbEr 20 • 4:30 pm–5:30 pm<br />
3310 Profiting From Organizational<br />
resilience: The role of <strong>the</strong> Chief<br />
security Officer<br />
■ Intermediate<br />
Organizational resilience synergistically integrates<br />
such components as security management,<br />
business continuity, and crisis management<br />
within a systems dynamics framework. The<br />
implementation of <strong>the</strong> OR Standard from <strong>the</strong><br />
corporate security perspective is tremendously<br />
valuable, but to fully realize its benefits, it is<br />
necessary to have <strong>the</strong> chief Security Officer<br />
involved as a primary stakeholder. corporate<br />
security, business performance, and various<br />
stakeholder concerns will profit by incorporating<br />
high-level participation in <strong>the</strong> project. The<br />
presentation highlights Fortune 500 and cSO<br />
Roundtable experiences as well as o<strong>the</strong>r<br />
applicable information to businesses operating<br />
domestically or globally.<br />
Grant Lecky, National Coordinator, Business Continuity<br />
Planning, Department of Citizenship and Immigration,<br />
Canada; Marc Glasser, CPP, Principal, PRM GLOBAL, LLC<br />
Sponsored by <strong>the</strong> <strong>ASIS</strong> Crisis Management and Business<br />
Continuity Council; and <strong>the</strong> <strong>ASIS</strong> CSO Roundtable<br />
3311 security Officer Training: What<br />
really Works—and What Doesn’t<br />
● Fundamental<br />
learn about security failures directly related<br />
to improper or ineffective training. commonly<br />
used methods of training will be dissected<br />
and thoroughly discussed. Improved methods,<br />
especially those with cost-effective components,<br />
will be outlined. Take home solid recommendations<br />
for re-vamping and improving your training<br />
programs, reducing exposure to litigation,<br />
addressing <strong>the</strong> departmental mission, and<br />
retaining valuable employees.<br />
Steve Layne, CPP, Principal Consultant, Layne Consultants<br />
International; Michael Kirchner, CPP, Director of Security,<br />
Harvard University<br />
Sponsored by <strong>the</strong> <strong>ASIS</strong> Cultural Properties Council<br />
3312 Protecting Your brand Online:<br />
success stories on How to Tame<br />
<strong>the</strong> internet<br />
■ Intermediate<br />
attend this session to understand <strong>the</strong> scope<br />
of <strong>the</strong> challenge of protecting your brand online.<br />
learn how this affects <strong>the</strong> business from a<br />
reputation and financial perspective. understand<br />
<strong>the</strong> actions that can be taken to mitigate issues<br />
and measures to implement to prevent challenges.<br />
We will also discuss success stories.<br />
Mike Monzon, Senior Director, MarkMonitor; Richard<br />
Widup, Jr., CPP, Senior Director, Corporate Security,<br />
Purdue Pharma, LP<br />
3313 Defense security service<br />
report to Asis<br />
▲ Advanced<br />
learn about <strong>the</strong> symbiotic relationship between<br />
<strong>the</strong> defense Security Service (dSS) and aSIS<br />
International. a senior dSS leader will explain<br />
current dSS initiatives and issues with a look into<br />
how dSS policies and practices affect industry.<br />
dSS supports national security, secures <strong>the</strong><br />
nation’s technological base, and oversees <strong>the</strong><br />
protection of u.S. and foreign classified<br />
information in <strong>the</strong> hands of industry. dSS<br />
administers <strong>the</strong> national Industrial Security<br />
Program (nISP) on behalf of <strong>the</strong> military services,<br />
defense agencies, and 23 o<strong>the</strong>r federal agencies.<br />
Stan Sims, Director, Defense Security Service; Drew<br />
Winneberger, Director, Industrial Policy and Programs,<br />
Defense Security Service<br />
Sponsored by <strong>the</strong> <strong>ASIS</strong> Defense and Intelligence Council<br />
3314 Preventing an Active<br />
shooter incident<br />
● Fundamental<br />
From columbine to Fort hood to Tucson. What<br />
did <strong>the</strong>se mass shooters have in common? all<br />
gave warning signs before <strong>the</strong>y made <strong>the</strong> news<br />
and none of <strong>the</strong>m ‘just snapped.’ When you know<br />
what to look for and how to deal with it, <strong>the</strong>se<br />
horrific acts can be prevented. This presentation<br />
cites <strong>the</strong> mass workplace shootings of <strong>the</strong> past<br />
25 years and shows you how to create an<br />
effective workplace violence prevention program<br />
at your organization.<br />
Darrell Clifton, CPP, Director of Security, Circus Circus<br />
Hotel Casino<br />
3315 Technology Upgrades: From<br />
Concept to installation<br />
▲ Advanced<br />
This session guides you through an actual<br />
$4 million dollar security technology upgrade<br />
from conceptualization to final installation.<br />
Issues addressed include how to quantify and<br />
communicate <strong>the</strong> need to senior leaders, <strong>the</strong><br />
RFP process, planning/design, <strong>the</strong> return on<br />
investment justification, special needs such<br />
as <strong>the</strong> handicapped, communication issues,<br />
hR issues, final installation, and <strong>the</strong> staged<br />
implementation of <strong>the</strong> project. Receive templates<br />
for financial justification and presentations for<br />
senior leaders.<br />
Jay C. Beighley, CPP, CFE, Vice President, Corporate<br />
Security and President NPPS, LLC, Nationwide Insurance;<br />
Don Goodman, Security Operations Manager, Nationwide<br />
Insurance<br />
50 Asis 2011 <strong>Anticipate</strong> <strong>the</strong> <strong>unexpected</strong>. The security tools, techniques, and talent for tomorrow.
TUEsDAY, sEPTEMbEr 20 • 4:30 pm–5:30 pm<br />
3316 Making suspicious Activity<br />
reporting Work for You<br />
● Fundamental<br />
have you or your security officers ever seen<br />
something suspicious? Of course! are you<br />
confident that intelligence analysts and officers<br />
are investigating your suspicious activity reports<br />
(SaR), and that <strong>the</strong>y have access to reports from<br />
across <strong>the</strong> country to make an informed<br />
comparison? have you wondered what o<strong>the</strong>r<br />
suspicious activity might be occurring around<br />
your facility? Join <strong>the</strong> discussion to learn about<br />
<strong>the</strong> interagency nationwide SaR Initiative and<br />
how security professionals working in critical<br />
infrastructure sectors can participate.<br />
Steven G. King, CPP, Senior Advisor, U.S. Department of<br />
Justice<br />
3317 How Vulnerable is Your Data?<br />
Cost-Effective best Practices to<br />
safeguard Against Data breaches<br />
▲ Advanced<br />
Protecting intellectual property, customer<br />
information, financial data, and o<strong>the</strong>r sensitive<br />
documents from both employee <strong>the</strong>ft and external<br />
breaches is challenging. Implementing reasonable<br />
and cost-effective data safeguards decreases an<br />
organization’s vulnerability to external attacks,<br />
insider crimes, and/or employees’ mistakes.<br />
explore how to streng<strong>the</strong>n security measures<br />
and plan an efficient response before an incident<br />
transpires, saving valuable time and money.<br />
Alan Brill, Senior Managing Director, Kroll Ontrack<br />
3318 <strong>Anticipate</strong> <strong>the</strong> Unexpected?<br />
Understanding <strong>the</strong> Threat<br />
▲ Advanced<br />
When using <strong>the</strong> Security Vulnerability assessment<br />
in an industrial context, security practitioners<br />
need to measure <strong>the</strong> vulnerability of a facility<br />
against its potential threats. countermeasures<br />
recommended to mitigate <strong>the</strong> possible actions<br />
follow from <strong>the</strong> threat evaluation. however, this<br />
part of <strong>the</strong> SVa often ends up as a summary of<br />
past incidents with little conceptual effort put<br />
into trying to evaluate <strong>the</strong> threat rationally. Since<br />
<strong>the</strong> threat is <strong>the</strong> driver behind <strong>the</strong> security<br />
recommendations, it is crucial that it is assessed<br />
sensibly if one intends to achieve management<br />
buy-in.<br />
Jean Perois, CPP, PSP, Vice President–Risk Enterprise, Risk<br />
Management International Middle East<br />
TUESDAY<br />
LEVEL KEY: ● Fundamental ■ Intermediate ▲ Advanced<br />
3319 NAsA’s Next Mission: Mars<br />
science Lab – Curiosity rover<br />
● Fundamental<br />
naSa’s Mars Science laboratory mission is<br />
preparing to set down a mobile laboratory—<br />
<strong>the</strong> rover curiosity—using precision landing<br />
technology. For <strong>the</strong> first time, many of Mars’<br />
most intriguing regions will be viable destinations.<br />
during <strong>the</strong> 23-month mission, curiosity will<br />
explore, assess, and characterize <strong>the</strong> Mars’<br />
surface as a potential habitat for life, past or<br />
present. The nine-month journey to Mars begins<br />
this Fall from Kennedy Space center (KSc). This<br />
presentation provides an overview of <strong>the</strong> MSl<br />
mission, update on processing at KSc, and an<br />
overview of <strong>the</strong> MSl launch services managed by<br />
<strong>the</strong> KSc launch Services Program.<br />
Charles A. Tatro, Mission Manager, Launch Services<br />
Program, NASA<br />
3320 Growing Your bench: A<br />
Comprehensive success Plan<br />
for <strong>the</strong> Discovery, retention, and<br />
Development of Top security<br />
Employees<br />
● Fundamental<br />
In <strong>the</strong>se challenging times, it is essential that<br />
you develop an organized, fully actionable strategy<br />
for security staff development. leaving this<br />
process to chance can have a devastating impact<br />
on <strong>the</strong> future of your organization. explore <strong>the</strong><br />
three key phases of staff development. Phase<br />
one will focus on finding qualified candidates<br />
through <strong>the</strong> development of partnerships with<br />
educational security programs of colleges and<br />
universities. Phase two will examine employee<br />
retention systems and methodologies. Phase<br />
three will explore junior leadership development<br />
best practices and case studies. leave with <strong>the</strong><br />
tools necessary for growing a productive<br />
employee base.<br />
Jeffrey P. Grossmann, Esq., Assistant Professor/Director<br />
Homeland and Corporate Security Program, St. John’s<br />
University; Paul Benne, PSP, Senior Security Specialist,<br />
Syska Hennessy Group<br />
Sponsored by <strong>the</strong> <strong>ASIS</strong> Academic Programs and Training<br />
Council<br />
September 19–22, 2011 | Orange County Convention Center | Orlando, Florida | www.asis2011.org 51
Education sessions: 3000 Series<br />
TUEsDAY, sEPTEMbEr 20 • 4:30 pm–5:30 pm<br />
3380 Debate—Collecting of Personal<br />
information From <strong>the</strong> Cloud<br />
■ Intermediate<br />
are we over sharing? as more and more of <strong>the</strong><br />
global village connect and share personal<br />
information, <strong>the</strong>se connected pieces of data have<br />
become increasingly valuable. But are we losing<br />
our personal privacy? While Google’s spiders may<br />
find much of <strong>the</strong> data on us and <strong>the</strong> organizations<br />
we represent, we are <strong>the</strong> ones who are truly to<br />
blame for making it available in <strong>the</strong> first place.<br />
This spirited debate will explore privacy trends and<br />
how <strong>the</strong> impact of social media has shaped our<br />
current and future data protection strategies.<br />
Raj Goel, Chief Technology Officer, Brainlink<br />
International, Inc.<br />
3381 Psychological Principles in<br />
social Engineering<br />
■ Intermediate<br />
From lawyers to panhandlers, con artists to serial<br />
killers—knowing <strong>the</strong> fundamental attributes of<br />
psychology can propel your social engineering<br />
efforts to a new level. understanding people’s<br />
tendencies and reaction to your behavior can<br />
help you maintain control or convincingly deceive<br />
your target. This presentation includes core<br />
psychological principles and combines <strong>the</strong>m with<br />
real-world technical security examples to assist<br />
you in creating more successful storyboards for<br />
social engineering efforts.<br />
Joe Sechman, Director, Sunera; Robert Carr, Senior<br />
Manager, Sunera<br />
3383 impact of social Networking on<br />
security Threats<br />
■ Intermediate<br />
The expanding use of social networking technologies<br />
in and outside <strong>the</strong> workplace has created<br />
a new set of threats facing <strong>the</strong> organization.<br />
This presentation provides a comprehensive<br />
overview of <strong>the</strong> new and emerging landscape<br />
of social networking and <strong>the</strong> resulting attack<br />
vectors created by our use of <strong>the</strong>se technologies.<br />
develop an understanding of <strong>the</strong> specific range<br />
of risks organizations face in managing <strong>the</strong>se<br />
new technologies. learn a range of potential<br />
responses to address <strong>the</strong>se risks and <strong>the</strong> likely<br />
vulnerabilities we face in confronting <strong>the</strong>se rapidly<br />
evolving technologies in our organizations.<br />
David Melnick, Principal, Manager, Deloitte, LLP;<br />
Charlie Blanchard, Deloitte, LLP<br />
3384 A Guide to security Metrics<br />
■ Intermediate<br />
a metrics program provides <strong>the</strong> information<br />
security team with information for better decision<br />
making at both strategic and operational levels.<br />
an effective program should influence <strong>the</strong> strategy<br />
so that decisions made based on <strong>the</strong> data from<br />
<strong>the</strong> metrics program are different than <strong>the</strong>y would<br />
be without such data. Operationally, an effective<br />
program guides day-to-day decision making and<br />
optimizes existing technologies and processes.<br />
Security metrics may be used to fix a security<br />
process which is broken, to focus limited<br />
resources on protecting <strong>the</strong> most valuable assets,<br />
or to ensure that basic security processes are in<br />
place and working well.<br />
Caroline Wong, Senior Manager, Security Program,<br />
Zynga, Inc.<br />
3385 software Assurance Panel<br />
Wrap-up<br />
■ Intermediate<br />
This interactive session highlights <strong>the</strong> strengths<br />
and weaknesses of <strong>the</strong> methods and practices<br />
presented today. ask <strong>the</strong> speakers to contrast<br />
<strong>the</strong>ir perspectives in order to understand what<br />
lessons best apply to you. do <strong>the</strong> practitioners<br />
appreciate <strong>the</strong> benefits and products from <strong>the</strong><br />
<strong>the</strong>oreticians and modelers? What will it take to<br />
make all this work and produce tangible results?<br />
how far are we from a software assurance<br />
marketplace with automated tools we can use?<br />
can we move cybersecurity and applications<br />
development from a blame game to a team game?<br />
Joe Jarzombek, Director of Software Assurance, U.S.<br />
Department of Homeland Security; Bob Martin, Principle<br />
Engineer, The MITRE Corporation; Richard Struse, Deputy<br />
Director of Software Assurance Program, U.S. Department<br />
of Homeland Security; Paul Nguyen, Vice President, Cyber<br />
Solutions for Knowledge Consulting Group<br />
“You need to be <strong>the</strong>re to appreciate<br />
<strong>the</strong> level of education and practical<br />
knowledge you will acquire in a<br />
week.”<br />
Ikhuoria evans<br />
Security Intelligence & Surveillance Analyst,<br />
Lagos and Offshore<br />
Shell nigeria exploration & Production<br />
company (SnePco)<br />
52 Asis 2011 <strong>Anticipate</strong> <strong>the</strong> <strong>unexpected</strong>. The security tools, techniques, and talent for tomorrow.
WEDNEsDAY, sEPTEMbEr 21<br />
Schedule-aT-Glance<br />
all sessions will be held at <strong>the</strong> Orange county convention center.<br />
8:00 am–9:00 am: KEYNOTE: Vicente Fox, President of Mexico, 2000–2006<br />
11:00 am–12:00 noon<br />
4101 <strong>ASIS</strong> Standards: The <strong>ASIS</strong>/SHRM<br />
Workplace Violence Prevention and Intervention<br />
ANSI Standard and How It Can Help You<br />
4102 Public-Private Partnership in Emergency<br />
Planning and Florida’s Regional Domestic<br />
Security Task Force Concept<br />
WEDNESDAY<br />
LEVEL KEY: ● Fundamental ■ Intermediate ▲ Advanced<br />
LEVEL<br />
Arch/Eng/Design<br />
Crime/Loss Prevention<br />
Crisis Management<br />
Critical Infrastructure<br />
Global<br />
Government/Military<br />
Homeland Security<br />
Information/IT Security<br />
Investigations<br />
Legal<br />
Management<br />
Physical Security<br />
Professional Development<br />
Terrorism<br />
Young Professionals<br />
Systems Integrator NEW<br />
Application Security<br />
Cloud Security<br />
Governance, Regulation,<br />
and Compliance<br />
Mobile Security and<br />
Social Networking<br />
Swiss Army Knife<br />
■ X X<br />
● X X<br />
4103 Climbing <strong>the</strong> Corporate Security Ladder ● X X<br />
4104 Making <strong>the</strong> Most of Uncertainty: The<br />
Strategic Value of Scenarios<br />
■ X X<br />
4105 Gateway to International Markets ● X<br />
(ISC) 2 Security Congress<br />
4106 Integrator Series: Technology Solutions<br />
for Loss Prevention, Retail Security, and Fighting<br />
Organized Retail Crime<br />
● X X X X X X<br />
4107 Criminal Calendar, Criminal Mind: A Tale of<br />
Two Cities<br />
4108 Pardon <strong>the</strong> Industry Expert: How Security<br />
■ X X<br />
Policies, Procedures, and Products Uniquely<br />
Affect Vertical Markets<br />
■ X X<br />
4109 Piracy and Supply Chain Resilience:<br />
Challenges and Emerging Trends<br />
▲ X X X X X<br />
4110 Controlled Chaos: Security vs.<br />
Sustainability<br />
● X X X<br />
4111/4184 IT Security Council Series: Legal<br />
and Compliance Aspects of IT<br />
● X X X X<br />
4112 Maximize Your Employee Pool: Find Value in<br />
■<br />
Hiring Military Veterans and Reservists<br />
X X X<br />
4113 Behavior Detection and O<strong>the</strong>r Practices for<br />
Protecting Retail Facilities From Terrorism<br />
▲ X X X X<br />
4114 Fire and Life Safety Fundamentals for <strong>the</strong><br />
Security Practitioner<br />
4115 Steps to Success: Education, Training, and<br />
● X X X X<br />
Professional Development in Security and Crisis<br />
Management<br />
● X X X X<br />
4116 Measuring Security Risk: Part of <strong>the</strong><br />
Management Process<br />
■ X X<br />
4117 Guns in <strong>the</strong> Workplace ▲ X X X<br />
4118 Social Networking: New Challenges of<br />
Managing Stalking in <strong>the</strong> Workplace<br />
■ X X X<br />
4119 A Campus Response Team (CRT) Focused<br />
Approach in <strong>the</strong> Multi-Campus Organization<br />
▲ X X<br />
4120 The DHS Office of Infrastructure Protection<br />
and <strong>the</strong> AH&LA—Resources for Hotels<br />
■ X X X X X<br />
4181 The Reality of Cyber-Centric Terrorism ● X X X X X<br />
4182 Integrating Security Into <strong>the</strong> SDLC:<br />
Enterprise Success Stories<br />
▲ X X<br />
4183 Identify, Assess, Mitigate: Security Risks of<br />
New Mobile Devices and Applications<br />
▲ X X X<br />
4184/4111 IT Security Council Series: Legal<br />
and Compliance Aspects of IT<br />
● X X X X<br />
September 19–22, 2011 | Orange County Convention Center | Orlando, Florida | www.asis2011.org 53
WEDNEsDAY, sEPTEMbEr 21<br />
Schedule-aT-Glance<br />
all sessions will be held at <strong>the</strong> Orange county convention center.<br />
1:45 pm –2:45 pm<br />
LEVEL<br />
Arch/Eng/Design<br />
Crime/Loss Prevention<br />
Crisis Management<br />
Critical Infrastructure<br />
Global<br />
Government/Military<br />
Homeland Security<br />
Information/IT Security<br />
Investigations<br />
Legal<br />
Management<br />
Physical Security<br />
Professional Development<br />
Terrorism<br />
Young Professionals<br />
Systems Integrator NEW<br />
Application Security<br />
Cloud Security<br />
Governance, Regulation,<br />
and Compliance<br />
Mobile Security and<br />
Social Networking<br />
Swiss Army Knife<br />
4201 Public-Private Partnership in Intelligence<br />
Sharing: The Central Florida Intelligence<br />
eXchange (CFIX)<br />
● X X<br />
4202 Getting to Yes: Positioning Projects for<br />
Senior Management Approval<br />
■ X X<br />
4204 Integrator Series: Critical Infrastructure<br />
Security Solutions (Energy, Water, Gas)<br />
4205 The Convergence of Crisis Management,<br />
● X X X X X X X X<br />
Business Continuity, and Organizational<br />
Resilience<br />
■ X X X X<br />
4206 The Virtual Security Officer: Are You Getting<br />
<strong>the</strong> Most From Your Cameras and Guards?<br />
■ X X X<br />
4207 Do You Hear What I Hear? An Examination<br />
■<br />
of Forensic Content Analysis of Verbal Statements<br />
X X<br />
4208 In Our Neighborhood: Domestic Terror<br />
Groups and Their Tactics<br />
■ X X X<br />
4209 Private Sector Investigations: When (and If)<br />
to Involve Law Enforcement<br />
■ X X X<br />
4210 Examination of Workplace Violence:<br />
Recognize and Diffuse<br />
● X X X X<br />
4211 Predictive Analytics and O<strong>the</strong>r Effective<br />
Maritime Counter-Piracy Solutions<br />
■ X X<br />
4212 Gaining Insight on Mexico’s Crisis ■ X X X<br />
4213 Communicating Travel Security: What You<br />
Need to Know to Tell O<strong>the</strong>rs<br />
■ X X X<br />
4215 Developing Security Programs in a<br />
Multi-Disciplinary Research Environment<br />
▲ X X X X<br />
4216 Making <strong>the</strong> Decision: Transitioning From<br />
Proprietary Security to Contract Security<br />
■ X X X<br />
4217 Can Hotels Really Protect Tourists and<br />
Guests with Emerging Threats?<br />
■ X X X X X<br />
4218 Public-Private Partnerships (P3s): A<br />
Rapidly Expanding Windfall for Public Safety<br />
● X X<br />
4219 Lodging Partnerships With Law<br />
Enforcement<br />
● X<br />
4281 The Renaissance Security Professional ■ X X X X<br />
4282 The Unintended Consequences of Well-<br />
Intentioned Requirements<br />
4284 Lessons Learned From <strong>the</strong> Federal Trade<br />
Commission (FTC)<br />
■ X X X X<br />
■ X X X X<br />
54 Asis 2011 <strong>Anticipate</strong> <strong>the</strong> <strong>unexpected</strong>. The security tools, techniques, and talent for tomorrow.<br />
(ISC) 2 Security Congress
3:30 pm–5:00 pm<br />
WEDNESDAY<br />
LEVEL KEY: ● Fundamental ■ Intermediate ▲ Advanced<br />
LEVEL<br />
Arch/Eng/Design<br />
Crime/Loss Prevention<br />
Crisis Management<br />
Critical Infrastructure<br />
Global<br />
Government/Military<br />
Homeland Security<br />
Information/IT Security<br />
Investigations<br />
Legal<br />
Management<br />
Physical Security<br />
Professional Development<br />
Terrorism<br />
Young Professionals<br />
Systems Integrator NEW<br />
Application Security<br />
Cloud Security<br />
Governance, Regulation,<br />
and Compliance<br />
Mobile Security and<br />
Social Networking<br />
Swiss Army Knife<br />
4301 Reporting to HR? No Problem.<br />
Demystifying <strong>the</strong> Jargon, Bridging <strong>the</strong> Gaps<br />
■ X X<br />
4303 Integrator Series: Pharmaceutical Campus<br />
and Plant Security Solutions<br />
● X X X X X<br />
4304 Pentagon Active Shooter: Implications for<br />
Law Enforcement/Security Agencies<br />
■ X X X X<br />
4305 City Surveillance: Overcoming Privacy<br />
Concerns to Win Over Your Community<br />
4306 Military Transitioning 101: Making <strong>the</strong><br />
■ X X<br />
Move From Active Duty and <strong>the</strong> Benefits of<br />
<strong>ASIS</strong> Certification<br />
● X X<br />
4307 Building an Effective Information Systems<br />
Security Program<br />
■ X X X X<br />
4308 Crime and Terrorism in Latin America and<br />
<strong>the</strong> Caribbean<br />
■ X X X X<br />
4309 Web 2.0: Risk From Social Media ■ X X X X<br />
4310 Balancing <strong>the</strong> Risk Mitigation Program:<br />
Five Questions You Must Ask Yourself<br />
4311 Utilizing a Public-Private Partnership to<br />
▲ X X X<br />
Combat <strong>the</strong> Emergence of Cyber Crime/Terrorist<br />
Financing<br />
■ X X X X X<br />
4312 Building a Corporate or Municipal Security<br />
Operations Center<br />
▲ X X X X<br />
4313 Security Evolution: Service Matters ■ X X X<br />
4316 Hotel Safety and Security for Your<br />
Corporate Travel Program<br />
● X X<br />
(ISC) 2 Security Congress<br />
September 19–22, 2011 | Orange County Convention Center | Orlando, Florida | www.asis2011.org 55
Education sessions: 4000 Series<br />
WEDNEsDAY, sEPTEMbEr 21 • 8:00 am–9:00 am • 11:00 am–12:00 noon<br />
8:00 am–9:00 am<br />
11:00 am–12:00 noon<br />
KEYNOTE<br />
Vicente Fox<br />
President of Mexico,<br />
2000–2006<br />
See page 4 for keynote<br />
description.<br />
4101 Asis standards: The<br />
Asis/sHrM Workplace Violence<br />
Prevention and intervention ANsi<br />
standard and How it Can Help You<br />
■ Intermediate<br />
Workplace violence presents a challenge for<br />
security, hR, and legal issues that an organization<br />
can face. aSIS and <strong>the</strong> Society for human<br />
Resource Management (ShRM) are developing<br />
an american national Standard for Workplace<br />
Violence Prevention and Intervention. Based on<br />
<strong>the</strong> 2005 aSIS Guideline, more than 100<br />
professionals have engaged in <strong>the</strong> anSI process<br />
to develop a robust Standard that outlines best<br />
practices and recommendations for detecting,<br />
investigating, managing, and addressing<br />
threatening behavior or violent episodes that<br />
occur in a workplace or in association with it or<br />
its employees.<br />
Michael Crane, CPP, Executive Vice President/General<br />
Counsel, IPC International Corporation; Eugene Ferraro,<br />
CPP, PCI, CEO/Founder, Business Controls, Inc.;<br />
Rebecca A. Speer, Esq., Managing Partner/Founder,<br />
Speer Associates/Workplace Counsel<br />
Sponsored by <strong>the</strong> <strong>ASIS</strong> Standards and Guidelines<br />
Commission<br />
4102 Public-Private Partnership in<br />
Emergency Planning and Florida’s<br />
regional Domestic security Task<br />
Force Concept<br />
● Fundamental<br />
learn about <strong>the</strong> Regional domestic Security<br />
Task Force concept used by <strong>the</strong> State of Florida.<br />
understand how <strong>the</strong> central Florida area has<br />
embraced <strong>the</strong> private sector in <strong>the</strong> design and<br />
working of <strong>the</strong> program to prepare, prevent,<br />
respond, and mitigate natural and human-initiated<br />
incidents. explore <strong>the</strong> unique, strong ongoing<br />
relationships among <strong>the</strong> private and public<br />
participants in <strong>the</strong> central Florida area that are<br />
key to making this program work.<br />
Joyce Dawley, Co-Chair, RDSTF5; Robert Hansel, Co-Chair,<br />
RDSTF5; Karen Weaver, Regional Critical Infrastructure<br />
Coordinator<br />
4103 Climbing <strong>the</strong> Corporate<br />
security Ladder<br />
● Fundamental<br />
Security professionals occupy hundreds of<br />
thousands of positions around <strong>the</strong> world, but<br />
precious few reside at, or are on <strong>the</strong> path to,<br />
<strong>the</strong> top of <strong>the</strong> corporate ladder. What qualities<br />
distinguish a Fortune 500 cSO from a mid-level<br />
security manager? how can you position yourself<br />
as a key advisor or strategist who has <strong>the</strong> ear of<br />
<strong>the</strong> cSO and, ultimately, <strong>the</strong> c-suite and board?<br />
In this session, several cSOs at <strong>the</strong> top of <strong>the</strong>ir<br />
field describe <strong>the</strong>ir paths to success and offer<br />
advice to aspirants.<br />
Speakers to be announced.<br />
Sponsored by <strong>the</strong> <strong>ASIS</strong> CSO Roundtable<br />
4104 Making <strong>the</strong> Most of<br />
Uncertainty: The strategic Value<br />
of scenarios<br />
■ Intermediate<br />
Scenarios are a powerful tool that managers can<br />
use to address <strong>the</strong> strategy paradox—that is, <strong>the</strong><br />
belief that committing to success can often lead<br />
to failure because of <strong>the</strong> unavoidable nature of<br />
uncertainty. This workshop will look at <strong>the</strong> power<br />
of scenarios to help build strategic success.<br />
Christopher Walker, DBA, Executive Professor of Strategy,<br />
Nor<strong>the</strong>astern University<br />
4105 Gateway to international<br />
Markets<br />
● Fundamental<br />
The u.S. department of commerce will offer<br />
an export seminar on what will enable u.S.<br />
exporters to leverage precious company<br />
resources to grow <strong>the</strong>ir presence in existing<br />
markets or enter into new markets through u.S.<br />
Government export promotion programs. It will<br />
also introduce participants to a number of export<br />
finance programs and services offered by u.S.<br />
Government agencies. By <strong>the</strong> end of this session,<br />
participants will be familiar with tools offered by<br />
<strong>the</strong> u.S. Government to identify and enter into<br />
promising markets across <strong>the</strong> globe.<br />
Kenneth R. Mouradian, Director, Orlando U.S. Export<br />
Assistance Center, U.S. Department of Commerce<br />
56 Asis 2011 <strong>Anticipate</strong> <strong>the</strong> <strong>unexpected</strong>. The security tools, techniques, and talent for tomorrow.
WEDNEsDAY, sEPTEMbEr 21 • 11:00 am–12:00 noon<br />
4106 integrator series: Technology<br />
solutions for Loss Prevention, retail<br />
security, and Fighting Organized<br />
retail Crime<br />
● Fundamental<br />
hear directly from loss prevention and security<br />
managers from <strong>the</strong> nation’s largest retailers<br />
about <strong>the</strong>ir biggest challenges and how a systems<br />
integrator can participate in <strong>the</strong>ir unified solution.<br />
learn about anti-swee<strong>the</strong>arting solutions. examine<br />
crime prevention services. Study public view<br />
monitors. learn about video analytics and content<br />
analysis. analyze how to fight organized retail<br />
crime and more.<br />
Dale White, Walmart Stores<br />
4107 Criminal Calendar, Criminal<br />
Mind: A Tale of Two Cities<br />
■ Intermediate<br />
how does a city analyze crime statistics and <strong>the</strong>n<br />
execute crime prevention? can crime mapping<br />
reveal locations not considered? how can we<br />
use a psychological component to explain and<br />
sometimes predict a higher possibility of violent<br />
crime? This session offers <strong>the</strong> unique viewpoints<br />
of a noted criminologist, a city crime prevention<br />
team, an attorney, and a physical security<br />
professional at one session. actual crime data<br />
will be presented and <strong>the</strong>ir predictive use will be<br />
debated.<br />
Steve Surfaro, Industry Liaison, Axis Communications;<br />
Michael Corcoran, Ph.D., President, The Workthreat<br />
Group, LLC<br />
Sponsored by <strong>the</strong> <strong>ASIS</strong> Physical Security Council<br />
WEDNESDAY<br />
LEVEL KEY: ● Fundamental ■ Intermediate ▲ Advanced<br />
4108 Pardon <strong>the</strong> industry Expert:<br />
How security Policies, Procedures,<br />
and Products Uniquely Affect<br />
Vertical Markets<br />
■ Intermediate<br />
When specifying, approving, and installing a<br />
security system, <strong>the</strong>re are numerous factors that<br />
influence <strong>the</strong> final project. Who is authorized to<br />
work on <strong>the</strong> system? What standards are best for<br />
this project? What technologies should be used?<br />
To complicate matters, <strong>the</strong>se questions have very<br />
different answers, depending on which industry<br />
you come from. In a Q&a style panel, renowned<br />
experts from various industries explain how<br />
today’s top security trends affect <strong>the</strong>ir respective<br />
markets. Topics include standards, technology,<br />
legislation, installation, and intelligent systems.<br />
Ronald Martin, CPP, Physical Security Specialist,<br />
U.S. Government; Scott Dunn, Director of Business<br />
Development, Industry Segments, Axis Communications;<br />
James Prokop, Deputy Program Manager, U.S. Department<br />
of Homeland Security; Richard Lommock, Principal<br />
Engineer, Network Solutions, Bombardier Transportation<br />
4109 Piracy and supply Chain<br />
resilience: Challenges and Emerging<br />
Trends<br />
▲ Advanced<br />
The Suez canal, Red Sea, Gulf of aden, and<br />
Indian Ocean are key waters when considering<br />
international trade. Western nations rely upon<br />
shipping through <strong>the</strong>se waters to support a<br />
range of critical infrastructures, international<br />
trade, and supply chains. learn about <strong>the</strong> threat<br />
to international shipping, proposed solutions to<br />
this challenge, and emerging risks. Gain insight<br />
from <strong>the</strong> first-hand experience of persons who<br />
have dealt with <strong>the</strong> issue and studied it from<br />
critical infrastructure protection and supply chain<br />
resilience perspectives.<br />
Allan McDougall, CPP, Principal Consultant/Director,<br />
Evolutionary Security Management<br />
Sponsored by <strong>the</strong> <strong>ASIS</strong> Transportation Council<br />
“Asis international’s seminar is <strong>the</strong><br />
most comprehensive educational<br />
and networking resource in <strong>the</strong><br />
security field.”<br />
daniel h. Kropp, cPP<br />
Director, Physical Security<br />
Towers Watson<br />
September 19–22, 2011 | Orange County Convention Center | Orlando, Florida | www.asis2011.org 57
Education sessions: 4000 Series<br />
WEDNEsDAY, sEPTEMbEr 21 • 11:00 am–12:00 noon<br />
4110 Controlled Chaos: security vs.<br />
sustainability<br />
● Fundamental<br />
new projects are struggling with <strong>the</strong> need for<br />
protection of building assets while complying with<br />
sustainability needs. conflicting goals of leed,<br />
GReen, and sustainability can be successfully<br />
resolved with security and safety goals, as well<br />
as sensitivity to style and costs. The process for<br />
conflict resolution is cPTed—crime prevention<br />
through environmental design. cPTed serves as<br />
a model for a holistic approach to create stylish,<br />
secure, and sustainable buildings.<br />
Randy Atlas, Ph.D., CPP, AIA, Vice President, Atlas Safety<br />
& Security Design, Inc.<br />
Sponsored by <strong>the</strong> <strong>ASIS</strong> Security Architecture and<br />
Engineering Council<br />
4111/4184 iT security Council<br />
series: Legal and Compliance<br />
Aspects of iT<br />
● Fundamental<br />
new regulations coupled with global competition<br />
have driven rapid changes to information technology.<br />
compliance has become a top concern for<br />
management. a security perspective is needed<br />
to help navigate and manage <strong>the</strong> compliance<br />
landscape. understand <strong>the</strong> regulatory and<br />
compliance requirements and how <strong>the</strong>y impact<br />
<strong>the</strong> success of <strong>the</strong> business. Receive tools to<br />
add value to your organization’s discussions on<br />
legal and compliance aspects of information<br />
technology. Review domestic and global regulations<br />
and more.<br />
Kevin McGuire; Shayne Bates, CPP, CISM, CHS-V, LMC<br />
Consulting, Director Security Cloud Strategy, Microsoft<br />
GSO; A. Spencer Wilcox, CPP, Supervisor, Compliance<br />
Services, Constellation Energy, (ISC) 2 Appointee; Don<br />
Fergus, Vice President/CSO, Intekras, Inc.; Brandon<br />
Dunlap, President, Brightfly Consulting<br />
Sponsored by <strong>the</strong> <strong>ASIS</strong> Information Technology Security<br />
Council and (ISC) 2<br />
“best all around value for equipment<br />
and training.”<br />
Ralph Burdett<br />
Administrative Director, Department of Public<br />
Safety<br />
harris county hospital district<br />
4112 Maximize Your Employee Pool:<br />
Find Value in Hiring Military Veterans<br />
and reservists<br />
■ Intermediate<br />
If your company’s recruiting strategy doesn’t<br />
include military veterans and reservists, you are<br />
missing an opportunity to work with our country’s<br />
most outstanding men and women. learn how you<br />
can partner with selected veterans’ organizations<br />
and proactively maximize your recruitment from<br />
this extremely qualified talent pool. discuss <strong>the</strong><br />
benefits of hiring military service members,<br />
develop recruiting strategies that include military<br />
personnel, create partnerships with military<br />
support organizations, and hire veterans,<br />
reservists, <strong>the</strong>ir families, and caregivers.<br />
Jerold Ramos, Manager, Talent Acquisition, AlliedBarton<br />
Security Services; Dave Ward, Director, Warriors to Work,<br />
Wounded Warrior Project; Johnny Dwiggins, MPSC,<br />
Contract Program Manager, Employer Partnership of <strong>the</strong><br />
Armed Forces<br />
4113 behavior Detection and O<strong>the</strong>r<br />
Practices for Protecting retail<br />
Facilities From Terrorism<br />
▲ Advanced<br />
as terrorist threats loom large in <strong>the</strong> u.S.,<br />
retailers are increasingly aware of <strong>the</strong>ir<br />
involvement as a target as well as a potential<br />
enabler. Yet many retailers feel ill-prepared to<br />
identify and react to potential threats. This<br />
session introduces a behavioral detection<br />
technique that allows trained professionals<br />
to detect potential terrorists. learn <strong>the</strong> method,<br />
benefits, and applications of behavioral<br />
detection as used by Mall of america. address<br />
<strong>the</strong> benefits of implementing counter-terrorism<br />
strategies, ways to leverage existing resources,<br />
and <strong>the</strong> development of protocols for addressing<br />
threats once identified.<br />
Michael Rozin, Special Operations Captain, Mall of<br />
America Security Department; Doug Reynolds, Director<br />
of Security, Mall of America Security Department<br />
Sponsored by <strong>the</strong> <strong>ASIS</strong> Retail Loss Prevention Council<br />
58 Asis 2011 <strong>Anticipate</strong> <strong>the</strong> <strong>unexpected</strong>. The security tools, techniques, and talent for tomorrow.
WEDNEsDAY, sEPTEMbEr 21 • 11:00 am–12:00 noon<br />
4114 Fire and Life safety<br />
Fundamentals for <strong>the</strong> security<br />
Practitioner<br />
● Fundamental<br />
Security practitioners are often asked to oversee<br />
fire and life safety concerns along with <strong>the</strong>ir<br />
security responsibilities. Yet, <strong>the</strong> importance of<br />
this function to <strong>the</strong>ir organization or how to bring<br />
<strong>the</strong> two toge<strong>the</strong>r into <strong>the</strong> overall security program<br />
may not be fully understood. hear about local,<br />
state, and federal laws, rules, and regulations<br />
that mandate many fire and life safety responsibilities.<br />
learn how to increase your value to<br />
your organization, and how to integrate <strong>the</strong> two<br />
concerns into one emergency, all hazards action<br />
plan.<br />
Jerry Heying, CPP, President and CEO, International<br />
Protection Group, LLC; William Minear II, CPP, Deputy<br />
Director Critical Infrastructure Protection Programs, WV<br />
National Guard, Military Authority<br />
Sponsored by <strong>the</strong> <strong>ASIS</strong> Fire and Life Safety Council<br />
4115 steps to success: Education,<br />
Training, and Professional<br />
Development in security and<br />
Crisis Management<br />
● Fundamental<br />
as contemporary security and crisis management<br />
problems proliferate, so too do <strong>the</strong> positions and<br />
skill sets required to address <strong>the</strong>m. homeland<br />
security, protective services, and emergency or<br />
crisis management courses and programs<br />
continue to evolve in both <strong>the</strong> training and<br />
academic arenas. a new paradigm is emerging<br />
which affects protection professionals at all<br />
levels. an in-depth understanding of <strong>the</strong> history,<br />
evolution, and current status of <strong>the</strong>se programs<br />
enables <strong>the</strong> practitioner and <strong>the</strong> security industry<br />
to plan contemporary development strategies<br />
more effectively.<br />
Chris Hertig, CPP, Assistant Professor, York College of<br />
Pennsylvania; Ernest Vendrell, Ph.D., CPP, CEM,<br />
Associate Professor, Saint Leo University; Kevin Peterson,<br />
CPP, Principal, Innovative Protection Solutions, LLC<br />
Sponsored by <strong>the</strong> <strong>ASIS</strong> Crisis Management and Business<br />
Continuity Council<br />
WEDNESDAY<br />
LEVEL KEY: ● Fundamental ■ Intermediate ▲ Advanced<br />
4116 Measuring security risk:<br />
Part of <strong>the</strong> Management Process<br />
■ Intermediate<br />
Today’s environment requires that we practice<br />
risk management on an ongoing basis. Risk<br />
management is a strategic security activity<br />
and is a cornerstone of security governance.<br />
The management of risk requires that we<br />
effectively measure it and its response to<br />
vulnerability reduction initiatives and o<strong>the</strong>r<br />
mitigation strategies. does your organization<br />
have a mature risk identification, measurement,<br />
and management process? The discussion<br />
identifies risk measurement/management<br />
activities which will serve to enhance <strong>the</strong><br />
resilience of your organization and its assets.<br />
Phillip Banks, CPP, PE, Director, The Banks Group, Inc.<br />
4117 Guns in <strong>the</strong> Workplace<br />
▲ Advanced<br />
More than 30 states have concealed carry laws<br />
on <strong>the</strong>ir books. While security personnel worry<br />
about <strong>the</strong> impact of workplace violence, some<br />
state laws have made it illegal to even ask<br />
employees—or customers—whe<strong>the</strong>r <strong>the</strong>y have<br />
firearms in <strong>the</strong>ir vehicles. This dynamic program<br />
offers a practical survey of new gun laws coupled<br />
with insight to tailor security policies to comply<br />
with potentially contradictory legislation. Guidance<br />
on crafting policies to conform to legal mandates,<br />
while simultaneously keeping your facility safe,<br />
will be emphasized.<br />
Dr. James Pastor, President, SecureLaw, Ltd. and<br />
Associate Professor, Calumet College of St. Joseph<br />
4118 social Networking: New<br />
Challenges of Managing stalking<br />
in <strong>the</strong> Workplace<br />
■ Intermediate<br />
Facebook, blogging, tweeting…none of <strong>the</strong>se<br />
terms existed when <strong>the</strong> stalking laws were first<br />
created. With <strong>the</strong> development of social media<br />
and <strong>the</strong> advancement of technology, stalkers<br />
have been given ‘free reign’ to terrorize <strong>the</strong>ir<br />
victims. having a strong IT department to protect<br />
your infrastructure with encryption software,<br />
firewalls, etc. is important in keeping out cyber<br />
threats, but <strong>the</strong> ultimate tool lies within. learn<br />
how to give your employees <strong>the</strong> tools to become<br />
a safe and empowered workforce.<br />
Kathleen Baty, Vice President, Business Development/<br />
Strategic Partnerships, Kingdom Worldwide–a Global Risk<br />
Management Firm<br />
September 19–22, 2011 | Orange County Convention Center | Orlando, Florida | www.asis2011.org 59
Education sessions: 4000 Series<br />
WEDNEsDAY, sEPTEMbEr 21 • 11:00 am–12:00 noon<br />
4119 A Campus response Team<br />
(CrT) Focused Approach in <strong>the</strong><br />
Multi-Campus Organization<br />
▲ Advanced<br />
crisis management in a national multi-campus<br />
organization differs significantly from <strong>the</strong><br />
traditional concepts of university crisis<br />
management. The special considerations of<br />
<strong>the</strong> multi-campus organization include: a<br />
decentralized organization—geographical,<br />
organizational hierarchy; owned, leased, and<br />
shared campus buildings; different counties/<br />
states—multiple jurisdictions that lend to<br />
regulation discrepancies; varied skill level—<br />
no campus-level police or dedicated crisis<br />
management entity. This presentation will<br />
focus on a proactive, pragmatic, and realistic<br />
crisis management program that addresses<br />
<strong>the</strong>se challenges.<br />
Oren Alter, Associate Vice Chancellor of Crisis<br />
Management, Keiser University<br />
4120 The DHs Office of infrastructure<br />
Protection and <strong>the</strong> AH&LA—<br />
resources for Hotels<br />
■ Intermediate<br />
Presenters will showcase <strong>the</strong> free resources and<br />
training programs available to members of <strong>the</strong><br />
hospitality industry, including <strong>the</strong> Risk Self<br />
Assessment Tool for Lodging (RSAT) and <strong>the</strong><br />
“Eye on Awareness” Terrorism Awareness Training<br />
Program. Many of <strong>the</strong> tools were designed to<br />
provide valuable insights you can use to better<br />
protect your facilities, guests, and employees.<br />
Bill Schweigart, U.S. Department of Homeland Security;<br />
Victor Glover, CLSD–Senior Vice President, Safety and<br />
Security, Accor North America<br />
Sponsored by <strong>the</strong> American Hotel and Lodging Association<br />
4181 The reality of Cyber-Centric<br />
Terrorism<br />
● Fundamental<br />
The debate continues as to what security<br />
practitioners and citizens can expect in terms of<br />
an attack against <strong>the</strong> cyber element of <strong>the</strong> critical<br />
infrastructure. Right now, terrorist groups such as<br />
al Qaeda and o<strong>the</strong>rs are embracing <strong>the</strong> Internet<br />
as a tool in <strong>the</strong>ir overall goals. learn what<br />
capabilities terrorist groups have, how <strong>the</strong>y are<br />
using <strong>the</strong> Internet, and what organizations can<br />
do to prepare for cyber terrorism.<br />
Gerard Johansen, Manager, Information Assurance,<br />
SSC, Inc.<br />
4182 integrating security into <strong>the</strong><br />
sDLC: Enterprise success stories<br />
▲ Advanced<br />
This session presents a series of case studies<br />
where large organizations have successfully<br />
integrated security engineering best practices into<br />
<strong>the</strong>ir Software development life cycle (Sdlc) to<br />
reduce defects and increase software resiliency<br />
and reliability. For each of <strong>the</strong> different Sdlc<br />
methodologies—agile, Iterative and Incremental,<br />
Waterfall, and Spiral—a framework detailing how<br />
to integrate security into <strong>the</strong> lifecycle will be<br />
presented. Become skilled in <strong>the</strong> foundations<br />
required for successfully designing, developing,<br />
testing, and deploying secure software.<br />
Richard Tychansky, Information Assurance Engineer,<br />
Lockheed Martin Corporation; Hart Rossman, Chief<br />
Technology Officer, SAIC; Edward Bonver, Principal<br />
Software Engineer, Symantec<br />
“The information available at this<br />
conference is unbelievable. You<br />
want it, <strong>the</strong>y have it, and more.”<br />
William Sheats<br />
Security Systems Administrator<br />
christiana care health System<br />
60 Asis 2011 <strong>Anticipate</strong> <strong>the</strong> <strong>unexpected</strong>. The security tools, techniques, and talent for tomorrow.
4183 identify, Assess, Mitigate:<br />
security risks of New Mobile Devices<br />
and Applications<br />
▲ Advanced<br />
What do we really know about <strong>the</strong> plethora of<br />
new handheld mobile devices (and associated<br />
applications and <strong>the</strong>ir developers) being<br />
introduced to corporations, with little risk<br />
assessment and mitigation? The development<br />
and implementation of industry-specific devices<br />
(medical, financial) differs from IT devices and<br />
applications, and more importantly brings new<br />
risks associated with <strong>the</strong>ir introduction into those<br />
networks. This presentation addresses <strong>the</strong>se<br />
points, as well as explores <strong>the</strong> efforts that<br />
industry specific regulatory organizations are<br />
making to improve <strong>the</strong> security of <strong>the</strong>se devices<br />
and applications.<br />
Dennis Seymour, Senior Security Architect, Ellumen<br />
4184/4111 iT security Council<br />
series: Legal and Compliance<br />
Aspects of iT<br />
● Fundamental<br />
new regulations coupled with global competition<br />
have driven rapid changes to information technology.<br />
compliance has become a top concern for<br />
management. a security perspective is needed<br />
to help navigate and manage <strong>the</strong> compliance<br />
landscape. understand <strong>the</strong> regulatory and<br />
compliance requirements and how <strong>the</strong>y impact<br />
<strong>the</strong> success of <strong>the</strong> business. Receive tools to<br />
add value to your organization’s discussions on<br />
legal and compliance aspects of information<br />
technology. Review domestic and global regulations<br />
and more.<br />
Kevin McGuire; Shayne Bates, CPP, CISM, CHS-V, LMC<br />
Consulting, Director Security Cloud Strategy, Microsoft<br />
GSO; A. Spencer Wilcox, CPP, Supervisor, Compliance<br />
Services, Constellation Energy, (ISC) 2 Appointee; Don<br />
Fergus, Vice President/CSO, Intekras, Inc.; Brandon<br />
Dunlap, President, Brightfly Consulting<br />
Sponsored by <strong>the</strong> <strong>ASIS</strong> Information Technology Security<br />
Council and (ISC) 2<br />
WEDNESDAY<br />
LEVEL KEY: ● Fundamental ■ Intermediate ▲ Advanced<br />
WEDNEsDAY, sEPTEMbEr 21 • 11:00 am–12:00 noon • 1:45 pm–2:45 pm<br />
1:45 pm–2:45 pm<br />
4201 Public-Private Partnership in<br />
intelligence sharing: The Central<br />
Florida intelligence eXchange (CFiX)<br />
● Fundamental<br />
learn <strong>the</strong> ways in which <strong>the</strong> central Florida area<br />
has embraced <strong>the</strong> concept of intelligence sharing<br />
between <strong>the</strong> public and private sectors, including<br />
<strong>the</strong> unique executive Steering committee<br />
relationships, <strong>the</strong> Intelligence liaison Officer<br />
program, and o<strong>the</strong>r efforts used to share<br />
intelligence for effectively protecting <strong>the</strong> citizens,<br />
businesses, and visitors to <strong>the</strong> unique central<br />
Florida area. understanding this unique relationship<br />
between public and private sectors in <strong>the</strong><br />
intelligence field has lessons for all private<br />
security professionals.<br />
Robert Lefiles, Director of <strong>the</strong> State Fusion Center, FDLE;<br />
Cpt. Dave Ogden, CFIX Director, Orange County Sheriff’s<br />
Office; Kristie Toruno, CFIX Intelligence Liaison Officer<br />
Coordinator; Larry Steiffel, CPP, CFIX Board Member, Walt<br />
Disney World Security<br />
4202 Getting to Yes: Positioning<br />
Projects for senior Management<br />
Approval<br />
■ Intermediate<br />
all departments compete for approval of <strong>the</strong>ir<br />
special initiatives that fall outside <strong>the</strong> annual<br />
budget process. But competition is fierce, and<br />
becoming fiercer. This session will focus on<br />
providing insight into how senior management<br />
makes <strong>the</strong> all important decision to green light<br />
an initiative, and <strong>the</strong> steps needed to increase<br />
your chances for approval.<br />
Elaine Evans Walker, Professor, Nor<strong>the</strong>astern University<br />
4204 integrator series: Critical<br />
infrastructure security solutions<br />
(Energy, Water, Gas)<br />
● Fundamental<br />
Security, safety, and design practitioners working<br />
in nuclear, electric, water, and gas disciplines will<br />
reveal best practices and discuss how integration<br />
professionals can successfully provide solutions.<br />
learn about perimeter security and maintaining<br />
sterile areas. understand how to design for low<br />
maintenance and long upgrade cycle systems.<br />
discover surveillance best practices for multiple<br />
users and agencies. Find out about remote<br />
surveillance and entry screening.<br />
Speakers to be announced.<br />
September 19–22, 2011 | Orange County Convention Center | Orlando, Florida | www.asis2011.org 61
Education sessions: 4000 Series<br />
WEDNEsDAY, sEPTEMbEr 21 • 1:45 pm–2:45 pm<br />
4205 The Convergence of Crisis<br />
Management, business Continuity,<br />
and Organizational resilience<br />
■ Intermediate<br />
There has been much discussion regarding<br />
security convergence of enterprise risk<br />
management. Most of it revolves around<br />
physical security and IT security. One area<br />
that is often overlooked is <strong>the</strong> convergence of<br />
crisis management, business continuity, and<br />
organizational resilience. This presentation<br />
maps <strong>the</strong> convergence efforts of <strong>the</strong>se separate<br />
but related disciplines. It outlines <strong>the</strong> strategic<br />
nature of crisis management and business<br />
continuity and also shows how to integrate <strong>the</strong>m<br />
into <strong>the</strong> overall organizational resilience umbrella.<br />
Donald Knox, CPP, Security and Crisis Management<br />
Analyst, Caterpillar; Bruce T. Bly<strong>the</strong>, CEO, Crisis<br />
Management International, Inc.; James Leflar, Jr., CPP,<br />
Security Administrator, Johns Hopkins Bloomberg School of<br />
Public Health; Sam Stahl, Practice Manager, EMC<br />
Corporation; Robert Weronik, CPP, Director of Global<br />
Security, Alexion Pharmaceuticals, Inc.<br />
Sponsored by <strong>the</strong> <strong>ASIS</strong> Crisis Management and Business<br />
Continuity Council<br />
4206 The Virtual security Officer:<br />
Are You Getting <strong>the</strong> Most From Your<br />
Cameras and Guards?<br />
■ Intermediate<br />
Remote monitoring has teased <strong>the</strong> security<br />
industry for decades. The concepts aren’t new<br />
but advancements in technology, <strong>the</strong> low cost of<br />
Internet connectivity, and our challenged economy<br />
creates <strong>the</strong> “perfect storm” for Virtual Security.<br />
From traditional applications such as alarm<br />
validation to complex protocols used to comply<br />
with chemical facility regulations, <strong>the</strong> Virtual<br />
Security Officer is here to stay. This session<br />
provides an overview of <strong>the</strong> technologies and<br />
services available. The panel represents<br />
operational, legal, and technology perspectives<br />
in using Virtual Security Officers.<br />
Wade Pinnell, CPP, Vice President, Huffmaster Companies;<br />
Evan Wolff, Esq., Director, Homeland Security Practice<br />
Resources Regulatory & Environmental Law, Hunton &<br />
Williams; Eric Fullerton, Chief Sales and Marketing Officer,<br />
Milestone Systems, Inc.<br />
4207 Do You Hear What i Hear?<br />
An Examination of Forensic Content<br />
Analysis of Verbal statements<br />
■ Intermediate<br />
using actual interview excerpts, explore when<br />
<strong>the</strong> interview actually starts and how to interview<br />
to elicit indicators of truth and deception.<br />
Interviewing ‘rules’ will be introduced as well<br />
as indicators of deception and <strong>the</strong> inadvertent<br />
truth revelation. ‘O<strong>the</strong>llo’s error,’ a sometimes<br />
overlooked but important interviewing concept,<br />
also will be explained. Finally, you’ll learn what<br />
to listen for. Ideal for those whose duties require<br />
some interviewing, are responsible for preliminary<br />
interviews, are relatively new to <strong>the</strong> investigative<br />
and interviewing process, or who have had little<br />
exposure to verbal content analysis.<br />
Tim Reddick, CPP, PCI, Office of <strong>the</strong> Controller, City<br />
of Philadelphia, Former Director, Fraud & Special<br />
Investigations (Retired)<br />
Sponsored by <strong>the</strong> <strong>ASIS</strong> Investigations Council<br />
4208 in Our Neighborhood: Domestic<br />
Terror Groups and Their Tactics<br />
■ Intermediate<br />
In contrast to global threats, many are unaware<br />
of <strong>the</strong> threat of america’s home-grown terrorists<br />
which began with <strong>the</strong> KKK in <strong>the</strong> 19th century.<br />
This session explores two of <strong>the</strong> groups identified<br />
by <strong>the</strong> FBI as “<strong>the</strong> most serious domestic<br />
terrorism threats in <strong>the</strong> u.S. today”—<strong>the</strong> animal<br />
liberation Front and <strong>the</strong> earth liberation Front.<br />
The Sovereign citizen’s Movement (ScM), perhaps<br />
<strong>the</strong> most deadly group to law enforcement and<br />
security professionals, also will be examined.<br />
Rusty Capps, President, CT/CI Training Partners, LLC;<br />
Deborah (Deedee) Collins, Executive Director, National<br />
Security Training Institute<br />
Sponsored by <strong>the</strong> <strong>ASIS</strong> Defense and Intelligence Council<br />
62 Asis 2011 <strong>Anticipate</strong> <strong>the</strong> <strong>unexpected</strong>. The security tools, techniques, and talent for tomorrow.
WEDNEsDAY, sEPTEMbEr 21 • 1:45 pm–2:45 pm<br />
4209 Private sector investigations:<br />
When (and if) to involve Law<br />
Enforcement<br />
■ Intermediate<br />
companies are often faced with <strong>the</strong> prospect<br />
of conducting internal investigations without<br />
<strong>the</strong> needed expertise in house and immediately<br />
default to law enforcement for assistance.<br />
learn when it is appropriate to conduct internal<br />
investigations in house, when law enforcement<br />
should be notified, <strong>the</strong> specific reasons why,<br />
and <strong>the</strong> possible pitfalls. discuss why failing<br />
to properly investigate as an organization can<br />
compromise data and proprietary information,<br />
place <strong>the</strong> company at fur<strong>the</strong>r substantial risk,<br />
and o<strong>the</strong>r issues.<br />
James Whitaker, CPP, PCI, President, The Whitaker Group,<br />
LLC; Ed Casey, CPP, Senior Director, Protective Services,<br />
Cincinnati Children’s Hospital<br />
Sponsored by <strong>the</strong> <strong>ASIS</strong> Investigations Council<br />
4210 Examination of Workplace<br />
Violence: recognize and Diffuse<br />
● Fundamental<br />
Workplace violence takes its toll—physically,<br />
emotionally, and monetarily. how many people<br />
are currently contemplating committing an act<br />
of violence in <strong>the</strong> workplace? We must train<br />
employees to recognize pre-incident indicators<br />
and report <strong>the</strong>m BeFORe something occurs. This<br />
session examines current cases of workplace<br />
violence, including video testimony of those who<br />
have survived such incidents. leave with a clear<br />
understanding of <strong>the</strong> existing problem, ways to<br />
recognize warning signs, and best methods of<br />
diffusion and prevention.<br />
Carol Dodgen, Owner, Dodgen & Associates, LLC<br />
WEDNESDAY<br />
LEVEL KEY: ● Fundamental ■ Intermediate ▲ Advanced<br />
4211 Predictive Analytics and O<strong>the</strong>r<br />
Effective Maritime Counter-Piracy<br />
solutions<br />
■ Intermediate<br />
Maritime piracy is one of <strong>the</strong> most insidious<br />
and costly problems facing <strong>the</strong> security industry<br />
today. Solutions seem elusive given <strong>the</strong> dynamic<br />
models employed by <strong>the</strong> pirates and <strong>the</strong> lack<br />
of coordinated effort from businesses and<br />
governments. however, <strong>the</strong>re are innovative and<br />
low-cost strategies that can almost fully mitigate<br />
this risk. This session will map out an enterprise<br />
approach to counter-piracy involving: (1) innovative<br />
and targeted predictive analytics and intelligence;<br />
(2) new non-lethal product solutions which<br />
effectively stop boardings; (3) limited on-board<br />
security teams; and (4) security partnerships with<br />
similarly-affected businesses, governments, and<br />
nGOs.<br />
Rudolfo Diaz, Chief Operating Officer, PICA Corporation;<br />
Luke Ritter, Principal, Global Trade Security, Ridge Global,<br />
LLC; Lawrence O’ Connell, Executive Vice President,<br />
International Maritime Security Corporation; Michael<br />
Brewer, CEO, International Maritime Security Corporation<br />
4212 Gaining insight on Mexico’s<br />
Crisis<br />
■ Intermediate<br />
To understand and properly evaluate <strong>the</strong> threat<br />
environment that Mexico represents, one must<br />
first understand <strong>the</strong> multiple dynamics and<br />
cross-currents that, over decades, have led<br />
Mexico to where it is now. Is Mexico going<br />
down <strong>the</strong> dark path of a failed state? Or is<br />
this <strong>the</strong> inevitable growing pains experienced<br />
by developing countries as <strong>the</strong>y transition<br />
from corrupt authoritarian regimes to true<br />
democracies? See how political, social, and<br />
criminal dynamics have intertwined and evolved<br />
to produce <strong>the</strong> violence that we now see. learn<br />
how to understand <strong>the</strong>se threats and develop<br />
comprehensive security plans to mitigate <strong>the</strong><br />
risks encountered in Mexico.<br />
Kurt Norrigan, CPP, President, Kamen & Associates, Inc.<br />
“A wealth of pertinent information.”<br />
Officer Ron cook<br />
Crime Prevention Specialist<br />
uT arlington<br />
September 19–22, 2011 | Orange County Convention Center | Orlando, Florida | www.asis2011.org 63
Education sessions: 4000 Series<br />
WEDNEsDAY, sEPTEMbEr 21 • 1:45 pm–2:45 pm<br />
4213 Communicating Travel security:<br />
What You Need to Know to Tell<br />
O<strong>the</strong>rs<br />
■ Intermediate<br />
Be afraid—very afraid! Is this your message<br />
when communicating security to staff? Security<br />
professionals tend to emphasize fear, yet often<br />
this isn’t <strong>the</strong> most effective way to get people to<br />
behave more securely. how can you re-package<br />
your message so staff can ‘hear’ you? Join this<br />
interactive session to: get ideas on how to<br />
improve your security briefings, orientations, and<br />
trainings; learn and apply adult learning principles,<br />
using a travel security workshop as an example.<br />
To get your message across, you need to engage<br />
people—here’s how.<br />
Tanya Spencer, Global Travel Security & Crisis Management<br />
Specialist, TrainingSolutions<br />
4215 Developing security Programs<br />
in a Multi-Disciplinary research<br />
Environment<br />
▲ Advanced<br />
The emergence of biosecurity as a specialized<br />
discipline within security management requires<br />
a somewhat different approach than traditional<br />
methodology and thinking. Within <strong>the</strong> general field<br />
of research security, biosecurity specifically is<br />
science-based, multi-dimensional, and demands<br />
unique skill sets to manage <strong>the</strong> challenges of<br />
laboratory operations, partnerships with varied<br />
subject matter experts, government, and private<br />
industry. engage in a holistic discussion on<br />
research center security, using agriculture as a<br />
model, <strong>the</strong>n focus in on <strong>the</strong> specific challenges<br />
involved in laboratory security.<br />
Jean-François Savard, CPP, Director of Security,<br />
Agriculture Canada, Government of Canada; Kirk Wilhelm,<br />
CPP, Senior Biosecurity Program Manager, Midwest<br />
Research Institute<br />
Sponsored by <strong>the</strong> <strong>ASIS</strong> Agriculture and Food Security<br />
Council<br />
4216 Making <strong>the</strong> Decision:<br />
Transitioning From Proprietary<br />
security to Contract security<br />
■ Intermediate<br />
explore one company’s migration from proprietary<br />
security to contract security. The presentation<br />
details <strong>the</strong> decision-making process that centered<br />
on three decision criteria—financial effectiveness,<br />
organizational effectiveness, and operational<br />
effectiveness. The implementation plan<br />
used to ensure a smooth transition will be<br />
discussed. an overview of <strong>the</strong> company’s positive<br />
reaction to <strong>the</strong> change, including senior executives’<br />
responses and how it has benefited <strong>the</strong><br />
department, will be provided.<br />
Harold Grimsley, CPP, Director, Corporate Safety and<br />
Security, Blue Cross Blue Shield of Florida<br />
4217 Can Hotels really Protect<br />
Tourists and Guests with Emerging<br />
Threats?<br />
■ Intermediate<br />
Recent attacks on hotels around <strong>the</strong> world have<br />
changed <strong>the</strong> face of tourism and <strong>the</strong> role of hotels<br />
as protective domains. This session discusses<br />
new trends in hotel design and operation to<br />
protect critical assets with transparent security,<br />
cPTed, and counter-terrorism strategies. learn<br />
new hotel strategies being used to reduce <strong>the</strong><br />
opportunities for crime and terrorism, and<br />
screening people, vehicles, and packages into<br />
<strong>the</strong> property and building.<br />
Randy Atlas, Ph.D., CPP, AIA, Vice President, Atlas Safety<br />
& Security Design, Inc.; Patrick Murphy, CPP, PSP,<br />
Director of Loss Prevention, Marriott International, Inc.<br />
Sponsored by <strong>the</strong> <strong>ASIS</strong> Security Architecture and<br />
Engineering Council<br />
“Asis Annual exhibit show is a<br />
great opportunity to network<br />
with our industry leaders in<br />
<strong>the</strong> security field.”<br />
Gary lok<br />
Operations Manager<br />
university of British columbia<br />
64 Asis 2011 <strong>Anticipate</strong> <strong>the</strong> <strong>unexpected</strong>. The security tools, techniques, and talent for tomorrow.
WEDNEsDAY, sEPTEMbEr 21 • 1:45 pm–2:45 pm<br />
4218 Public-Private Partnerships<br />
(P3s): A rapidly Expanding Windfall<br />
for Public safety<br />
● Fundamental<br />
For years limited efforts existed to harness joint<br />
resources of law enforcement and private security<br />
to better protect america. unfortunately, it took<br />
<strong>the</strong> horrific events of 9/11 to realize that <strong>the</strong>se<br />
two sectors must absolutely work toge<strong>the</strong>r to<br />
ensure security of our national infrastructure and<br />
o<strong>the</strong>r vital interests. We have since witnessed<br />
a virtual explosion of P3s leading to a written<br />
Memorandum of understanding (MOu) between<br />
aSIS International and <strong>the</strong> International association<br />
of chiefs of Police (IacP). This session tracks<br />
evolution of P3s and features presentations of<br />
some of <strong>the</strong> most significant P3s in <strong>the</strong> u.S. today<br />
to encourage even more.<br />
Bob Pence, President, The Pence Group; Brian Reich, CPP,<br />
Major Crimes Unit, Bergen County Prosecutor’s Office<br />
Sponsored by <strong>the</strong> <strong>ASIS</strong> Law Enforcement Liaison Council<br />
4219 Lodging Partnerships With<br />
Law Enforcement<br />
● Fundamental<br />
In 2005 <strong>the</strong> u.S. department of Justice, Office<br />
of Justice Programs completed a model on<br />
“Engaging <strong>the</strong> Private Sector to Promote Homeland<br />
Security: Law Enforcement—Private Security<br />
Partnerships.” This presentation will share how<br />
<strong>the</strong> lodging industry has embraced partnerships<br />
with all levels of law enforcement. hear examples<br />
of successes and obstacles to forging effective<br />
partnerships.<br />
Paul Frederick, CPP, American Hotel and Lodging<br />
Association and Chairman, Loss Prevention Committee and<br />
Director, Global Safety and Security, Hilton Worldwide, Inc.;<br />
Harvey “Skip” Brandt, CPP, Director of Security, Boston<br />
Park Plaza Hotel and Towers; Local and Federal Law<br />
Enforcement from Orange County Florida Sheriff’s<br />
Tourism Police<br />
Sponsored by <strong>the</strong> American Hotel and Lodging Association<br />
WEDNESDAY<br />
LEVEL KEY: ● Fundamental ■ Intermediate ▲ Advanced<br />
4281 The renaissance security<br />
Professional<br />
■ Intermediate<br />
Modern technologies, cultural norms, and new<br />
business practices create an exponentially<br />
different set of challenges for our industry than<br />
ever before. This session packs a semester’s<br />
worth of information and insights into a single<br />
presentation, packaging interdisciplinary<br />
(psychology, finance, security, and social media)<br />
skills to help attendees become ‘renaissance’<br />
security professionals. how many ‘c’ISOs do you<br />
know who report to <strong>the</strong> ceO? Why is that? how’d<br />
we get here? Review some of <strong>the</strong> tools and<br />
knowledge utilized by <strong>the</strong> visionaries in our<br />
industry to help us overcome major challenges in<br />
securing our data that address <strong>the</strong> biggest<br />
challenge of all—<strong>the</strong> human factor.<br />
J.J. Thompson, Managing Partner, Rook Consulting<br />
4282 The Unintended Consequences<br />
of Well-intentioned requirements<br />
■ Intermediate<br />
We asked for a Mustang GTO but we got a<br />
horse-drawn carriage that wouldn’t go. how<br />
could <strong>the</strong>y possibly get it so wrong? We made it<br />
all so clear! let’s take a look at some ‘crystal<br />
clear’ requirements, analyze what went wrong,<br />
and figure out how we can improve. We’ll share<br />
some stories, discuss <strong>the</strong> attributes of a good<br />
security requirement, explore methods to refine<br />
requirements, and learn to improve our own<br />
requirement-writing skills. When we’re done, we’ll<br />
be better prepared to clearly express our security<br />
needs, improve our chances for project success,<br />
and deliver secure systems.<br />
Kevin Spease, Manager of Web Application Development,<br />
Health Net, Inc.<br />
September 19–22, 2011 | Orange County Convention Center | Orlando, Florida | www.asis2011.org 65
Education sessions: 4000 Series<br />
WEDNEsDAY, sEPTEMbEr 21 • 1:45 pm–2:45 pm • 3:30 pm–5:00 pm<br />
4284 Lessons Learned From <strong>the</strong><br />
Federal Trade Commission (FTC)<br />
■ Intermediate<br />
The Federal Trade commission (FTc) has set<br />
<strong>the</strong> standard for what it considers acceptable<br />
and unacceptable behavior for companies and<br />
organizations conducting business within <strong>the</strong><br />
united States. The FTc doesn’t involve itself<br />
in <strong>the</strong> minutia of security standards, nor does<br />
it dictate what protocols or technologies<br />
companies need to use. Ra<strong>the</strong>r, <strong>the</strong> FTc uses<br />
its constitutional and congressional mandate<br />
for regulating interstate commerce to hold<br />
companies accountable for <strong>the</strong>ir breaches. This<br />
presentation examines <strong>the</strong> FTc’s track record,<br />
puts <strong>the</strong> sanctions in a larger context of privacy<br />
and security breaches, and looks at where <strong>the</strong><br />
FTc is trending with <strong>the</strong> FTc health Breach and<br />
Red FlaG regulations.<br />
Raj Goel, Chief Technology Officer, Brainlink<br />
International, Inc.<br />
3:30 pm–5:00 pm<br />
4301 reporting to Hr? No Problem.<br />
Demystifying <strong>the</strong> Jargon, bridging<br />
<strong>the</strong> Gaps<br />
■ Intermediate<br />
The security function interacts closely with a<br />
number of staff groups, including <strong>the</strong> hR<br />
department. In some organizations, security<br />
management reports to <strong>the</strong> hR department. This<br />
session will provide insight into <strong>the</strong> typical hR<br />
agenda, how and where <strong>the</strong> security management<br />
function intersects with that of hR, and how <strong>the</strong><br />
two groups can work toge<strong>the</strong>r most effectively.<br />
Elaine Evans Walker, Professor, Nor<strong>the</strong>astern University<br />
4303 integrator Track:<br />
Pharmaceutical Campus and<br />
Plant security solutions<br />
Asis 2011 offers a<br />
registration package<br />
for every budget.<br />
See page 76 for registration details and<br />
ways to save.<br />
● Fundamental<br />
Pharmaceutical and health care suppliers<br />
represent unique challenges to designers and<br />
systems integrators. Practitioners from <strong>the</strong>se<br />
areas will reveal what technologies and services<br />
<strong>the</strong>y need <strong>the</strong> most. understand how to protect<br />
intellectual property. learn about compliance.<br />
examine <strong>the</strong> prevention of substance <strong>the</strong>ft and<br />
abuse. explore leveraging surveillance for<br />
operations and manpower management.<br />
Dan Arenovski, Purdue Pharma; Anthony Patillo,<br />
Sanofi-Aventis<br />
4304 Pentagon Active shooter:<br />
implications for Law Enforcement/<br />
security Agencies<br />
■ Intermediate<br />
The Pentagon is a constant target of terrorists<br />
and anti-government activists. While being fluid<br />
enough to adjust to <strong>unexpected</strong> incidents, <strong>the</strong><br />
Pentagon Force Protection agency has developed<br />
a security strategy that addresses <strong>the</strong> challenges<br />
of being <strong>the</strong> largest, low-rise office building in<br />
<strong>the</strong> world co-located with <strong>the</strong> largest commuting<br />
hub in <strong>the</strong> Metro area. This session reviews <strong>the</strong><br />
March 4 and October 19, 2010 shooter incidents<br />
at <strong>the</strong> Pentagon, our response to <strong>the</strong> attacks, and<br />
<strong>the</strong> implementation of security technologies and<br />
processes that will help better protect <strong>the</strong><br />
Pentagon from a wide range of threats.<br />
Jonathan Cofer, Principal Deputy Director, Pentagon Force<br />
Protection Agency<br />
66 Asis 2011 <strong>Anticipate</strong> <strong>the</strong> <strong>unexpected</strong>. The security tools, techniques, and talent for tomorrow.
WEDNEsDAY, sEPTEMbEr 21 • 3:30 pm–5:00 pm<br />
4305 City surveillance: Overcoming<br />
Privacy Concerns to Win Over Your<br />
Community<br />
■ Intermediate<br />
While <strong>the</strong> general public has become much more<br />
accepting of video surveillance, don’t assume<br />
that your project won’t run into privacy issues<br />
when installing cameras in someone’s hometown.<br />
There’s a right way to bring video surveillance to<br />
a community, and it starts with being transparent<br />
throughout <strong>the</strong> entire process. define <strong>the</strong> steps<br />
to get your project approved, funded, installed,<br />
and accepted by <strong>the</strong> community-at-large before<br />
<strong>the</strong> local news turns <strong>the</strong> would-be surveillance<br />
system into a story about Big Bro<strong>the</strong>r.<br />
John Bartolac, Government Business Development<br />
Manager, Axis Communications; Project Manager, Chicago<br />
Housing Authority; William Sousa, Associate Professor,<br />
UNLV Department of Criminal Justice<br />
4306 Military Transitioning 101:<br />
Making <strong>the</strong> Move From Active Duty<br />
and <strong>the</strong> benefits of Asis Certification<br />
● Fundamental<br />
leaving active duty is a very exciting time for<br />
military personnel as <strong>the</strong>y look forward to new<br />
challenges, but it can also be very intimidating.<br />
learn <strong>the</strong> keys to a successful transition. This<br />
session focuses on writing resumes, conducting<br />
interviews, obtaining federal jobs, and developing<br />
your network for a successful job hunt. See how<br />
aSIS board certification uniquely prepares you to<br />
be compatible and competitive when you earn <strong>the</strong><br />
cPP, PSP, or PcI.<br />
Joseph Rector, CPP, PCI, PSP, Deputy Director, 11th<br />
Security Forces Group; Kenneth Ribler, CPP, Director of<br />
Operations, Integrated Security Solutions & Services, Global<br />
Security & Engineering Solutions, L-3 Communications<br />
Sponsored by <strong>the</strong> <strong>ASIS</strong> Military Liaison Council<br />
WEDNESDAY<br />
LEVEL KEY: ● Fundamental ■ Intermediate ▲ Advanced<br />
4307 building an Effective<br />
information systems security<br />
Program<br />
■ Intermediate<br />
In an attempt to address increasing cyber security<br />
threats, many organizations are wasting money<br />
and increasing operating costs by duplicating<br />
security functions. Security directors are left<br />
on <strong>the</strong> sideline while IT leaders independently<br />
develop investigative procedures, cyber security<br />
policy, sanctions, and executive management<br />
briefings on threats. hear from a cSO for one of<br />
<strong>the</strong> nation’s largest federally funded research and<br />
development centers, how one organization<br />
accomplished <strong>the</strong>ir ultimate goal of effective IT<br />
security through collaboration and streamlining<br />
of functions.<br />
Shawn S. Daley, Chief Security Officer, MIT Lincoln<br />
Laboratory<br />
Sponsored by <strong>the</strong> <strong>ASIS</strong> Defense and Intelligence Council<br />
4308 Crime and Terrorism in Latin<br />
America and <strong>the</strong> Caribbean<br />
■ Intermediate<br />
The evolution in recent years of criminal groups<br />
into conglomerates that commit a range of<br />
crimes, and <strong>the</strong>ir willingness to learn from and<br />
work with known terrorist groups, has created a<br />
new paradigm for law enforcement and security<br />
practitioners. latin america and <strong>the</strong> caribbean<br />
are fertile fields for criminal and terrorist groups<br />
alike. learn about recent developments and<br />
examine <strong>the</strong> evidence that portends <strong>the</strong> advent<br />
of major security issues throughout <strong>the</strong> region,<br />
with concomitant implications for <strong>the</strong> united<br />
States and o<strong>the</strong>r democratic countries.<br />
Richard Wright, CPP, Project Manager, IDB, VDI, Inc.<br />
Sponsored by <strong>the</strong> <strong>ASIS</strong> Crisis Management and Business<br />
Continuity Council<br />
4309 Web 2.0: risk From social<br />
Media<br />
■ Intermediate<br />
according to nielsen, a global marketing and<br />
advertising research company, 75 percent of<br />
Internet users regularly visit social networking<br />
sites. Yet only an estimated 20 percent of<br />
companies worldwide have a social media policy.<br />
Security professionals must design risk mitigation<br />
strategies to combat <strong>the</strong> risks originating from<br />
<strong>the</strong> growing use of social media by employees,<br />
customers, vendors, cyber criminals, and<br />
competitors. Moving forward, many companies<br />
will also be required to address compliance<br />
issues such as maintaining <strong>the</strong> records of<br />
employee’s social media communications.<br />
Pramod Bhatt, Head of Protective Intelligence, South Asia,<br />
Deutsche Bank<br />
September 19–22, 2011 | Orange County Convention Center | Orlando, Florida | www.asis2011.org 67
Education sessions: 4000 Series<br />
WEDNEsDAY, sEPTEMbEr 21 • 3:30 pm–5:00 pm<br />
4310 balancing <strong>the</strong> risk Mitigation<br />
Program: Five Questions You Must<br />
Ask Yourself<br />
▲ Advanced<br />
Security professionals manage risk by weighing<br />
what is acceptable to <strong>the</strong> organization with <strong>the</strong><br />
ever changing threats that occur around <strong>the</strong> world.<br />
They must continually review <strong>the</strong>ir program to<br />
properly balance <strong>the</strong> three areas of security:<br />
architectural, operational, and technology. In<br />
doing so, managers MuST answer <strong>the</strong>se questions.<br />
WhY does my program concentrate on current<br />
areas? WhaT do I need to do to mitigate current<br />
threats? hOW can I adjust my program while<br />
continuing to have a fiscally responsible program?<br />
When do I need to review and adjust services/<br />
standards? WhO is responsible and are <strong>the</strong>y<br />
qualified for <strong>the</strong> role today?<br />
Laurence Russell, CPP, Vice President, Global Corporate<br />
Security, Salesforce.com; Chris Ames, CPP, Director,<br />
Global Enterprise Strategy and Technology, The Walt Disney<br />
Company<br />
4311 Utilizing a Public-Private<br />
Partnership to Combat <strong>the</strong><br />
Emergence of Cyber Crime/Terrorist<br />
Financing<br />
■ Intermediate<br />
The uSSS electronic crimes Task Force (ecTF)<br />
continues to take a leading role in combating<br />
computer-based threats and reducing efforts of<br />
domestic and foreign cyber criminals. These<br />
include potential terrorist attacks against critical<br />
infrastructure and <strong>the</strong> financial payment system.<br />
learn <strong>the</strong> latest techniques and gain insight<br />
to related cases from <strong>the</strong> uSSS. hear from a<br />
security manager with a major financial institution<br />
about programs in place and <strong>the</strong> teamwork that<br />
has made it increasingly difficult for terrorist<br />
groups to acquire illicit funds.<br />
Leland Dean, CPP, Vice President, Global Corporate<br />
Security Regional Manager, Bank of New York Mellon<br />
“The knowledge pool<br />
is incredible.”<br />
Timothy S. allen<br />
Physical Security Supervisor<br />
San antonio credit union<br />
4312 building a Corporate or<br />
Municipal security Operations Center<br />
▲ Advanced<br />
Over <strong>the</strong> past 10 years, collier county Government<br />
has constructed one of <strong>the</strong> country’s top<br />
operations centers. It integrates most aspects of<br />
security technology and building automation, from<br />
facial and license plate recognition to fiber-optic<br />
perimeter protection, to executive protection<br />
tracking to ccTV and smart board integration,<br />
and more. This session reviews <strong>the</strong> important<br />
elements that comprise a security operations<br />
center.<br />
Byron (Skip) Camp, Director, Collier County Government<br />
4313 security Evolution:<br />
service Matters<br />
■ Intermediate<br />
Moving from an enforcement-based security<br />
model to a customer service-based model can<br />
have significant impact on how a security<br />
department is perceived by management,<br />
employees, and visitors. explore <strong>the</strong> problems<br />
and resistance that may be faced when<br />
implementing a service-based model and how<br />
<strong>the</strong>se challenges can be overcome. Because<br />
enforcement of rules will always be part of <strong>the</strong><br />
security discipline, integration of enforcement<br />
activities into a service-based model, without<br />
compromising ei<strong>the</strong>r activity, will be discussed.<br />
Kenneth Sousa, CPP, Senior Manager, Physical Security/<br />
EHS, L-3 Communications–CSW<br />
4316 Hotel safety and security for<br />
Your Corporate Travel Program<br />
● Fundamental<br />
corporate security is tasked to source hotels<br />
for <strong>the</strong>ir traveling employees that fulfill <strong>the</strong>ir<br />
“duty of care” criteria. learn what programs and<br />
procedures hotels worldwide have in place to<br />
keep your travelers safe.<br />
Panelists to include corporate security professionals from<br />
Intercontinental Hotel Group, Hilton Worldwide, Marriott<br />
Corporation, Hyatt Hotels, Carlson Hotels, and Starwood<br />
Hotels<br />
68 Asis 2011 <strong>Anticipate</strong> <strong>the</strong> <strong>unexpected</strong>. The security tools, techniques, and talent for tomorrow.
THUrsDAY, sEPTEMbEr 21 • 8:00 am–2:00 pm<br />
8:00 am–9:30 am<br />
General Session<br />
The security Leader in 2020<br />
and beyond<br />
explore <strong>the</strong> industry 10+ years into <strong>the</strong> future<br />
with experts from across <strong>the</strong> security community<br />
engaging on key topics. understand <strong>the</strong> key<br />
technology and security trends driving business<br />
and <strong>the</strong> industry that are likely to have an effect<br />
on <strong>the</strong> leaders of <strong>the</strong> future. hear from a panel<br />
including chief security officers and representatives<br />
of <strong>the</strong> information security and technology<br />
communities as <strong>the</strong>y discuss <strong>the</strong> trends and<br />
impacts of what professionals will face in <strong>the</strong><br />
next decade.<br />
10:00 am–12:00 noon<br />
General Session<br />
Workplace Violence:<br />
A Clear and Present Danger<br />
Violence in <strong>the</strong> workplace continues to make news<br />
headlines and is a vital concern to Security,<br />
human Resources, and management across all<br />
industries. Threats, verbal abuse, physical<br />
assault, and homicide in <strong>the</strong> workplace affect two<br />
million workers annually in <strong>the</strong> u.S. alone. The use<br />
of <strong>the</strong> Internet as a means to promote violence<br />
through <strong>the</strong> delivery of threats, as well as <strong>the</strong><br />
implications and impact of social media, are<br />
evolving factors that also need to be understood.<br />
Join us as we examine <strong>the</strong> issues and <strong>the</strong> latest<br />
information on assessment, prevention, and<br />
mitigation of this growing threat.<br />
12:00 noon–2:00 pm<br />
Closing Luncheon with burt rutan<br />
Join your colleagues for a provocative closing<br />
session by Burt Rutan, “<strong>the</strong> man responsible for<br />
more innovations in modern aviation than any<br />
living engineer.”<br />
THURSDAY<br />
“Great place to go to get all<br />
of your questions answered<br />
by ‘<strong>the</strong> experts.’”<br />
chad hines<br />
Control Center Supervisor<br />
Travelers Insurance co.<br />
Stop by <strong>the</strong> <strong>ASIS</strong> Bookstore<br />
in Orlando for <strong>the</strong> latest<br />
security resources.<br />
September 19–22, 2011 | Orange County Convention Center | Orlando, Florida | www.asis2011.org 69
Networking and special Events<br />
Prepare to engage! There’s no better place for face-to-face interaction with<br />
friends and colleagues from around <strong>the</strong> globe than <strong>ASIS</strong> 2011. A wealth of exciting<br />
special events are planned to help you connect with peers, expand your network,<br />
and just have fun! Events are open to <strong>ASIS</strong> Seminar and (ISC) 2 attendees unless<br />
noted o<strong>the</strong>rwise.<br />
Asis Foundation 15 th Annual<br />
Golf Tournament<br />
Sunday, September 18, 8:00 am–1:30 pm<br />
Shingle creek Golf club<br />
enjoy a true Florida-style<br />
experience with friends and<br />
colleagues as you compete in<br />
a four-player, modified<br />
scramble format. Breakfast,<br />
player gifts, and a buffet lunch<br />
are included. Proceeds benefit<br />
<strong>the</strong> aSIS Foundation. This popular event sold out<br />
early last year—sign up today! Ticketed event.<br />
(isC) 2 Town Hall Meeting<br />
Sunday, September 18, 4:00 pm–6:00 pm<br />
Join your fellow members and pose your<br />
questions to (ISc) 2 Staff, Board, and advisory<br />
Board members.<br />
Young Professionals reception<br />
Sunday, September 18, 5:00 pm–6:00 pm<br />
connect with this group of up and coming security<br />
leaders to network, exchange ideas, and share<br />
<strong>the</strong> unique challenges you face with like-minded<br />
professionals in a relaxed atmosphere.<br />
First-Time seminar Attendee/Asis<br />
New Member reception<br />
Sunday, September 18, 6:00 pm–7:00 pm<br />
new to aSIS? don’t miss this opportunity to meet<br />
key members, network, enjoy refreshments, and<br />
learn <strong>the</strong> ropes on how to maximize your Seminar<br />
experience. By invitation.<br />
Welcome reception<br />
Sunday, September 18, 7:00 pm–9:00 pm<br />
Kick off your week at this casual hosted reception.<br />
It’s a fabulous opportunity to connect with<br />
peers and renew acquaintances while enjoying<br />
drinks and snacks in an informal atmosphere.<br />
Open to all Seminar attendees.<br />
Opening Ceremony<br />
Monday, September 19, 7:45 am–9:00 am<br />
Join us as we commemorate <strong>the</strong> 10th anniversary<br />
of <strong>the</strong> September 11, 2001 attacks, examine how<br />
<strong>the</strong> industry has changed, and anticipate what <strong>the</strong><br />
future may hold. Open to all Seminar attendees.<br />
Networking Luncheons<br />
Monday, September 19–<br />
Wednesday, September 21<br />
12:00 noon–1:30 pm<br />
These hosted luncheons provide great opportunities<br />
for connecting face-to-face with peers from<br />
diverse backgrounds and interests, sharing<br />
experiences, and exchanging ideas. Included in<br />
Full Registration and Single Day registration.<br />
Additional tickets available for purchase.<br />
(isC) 2 Member reception<br />
Monday, September 19, 5:30 pm–7:00 pm<br />
Peabody hotel<br />
(ISc) 2 is pleased to invite our members from <strong>the</strong><br />
local area in Orlando, across <strong>the</strong> country, and<br />
around <strong>the</strong> world to enjoy a reception and network<br />
with fellow information security professionals.<br />
70 Asis 2011 <strong>Anticipate</strong> <strong>the</strong> <strong>unexpected</strong>. The security tools, techniques, and talent for tomorrow.
President’s reception<br />
at Universal’s islands<br />
of Adventure ®<br />
Monday, September 19<br />
7:00 pm–10:00 pm<br />
Get ready for one of <strong>the</strong> biggest parties aSIS has<br />
ever thrown because we’ve reserved <strong>the</strong> entire<br />
universal’s Islands of adventure ® <strong>the</strong>me park just<br />
for you! You’ll have unlimited access to incredible<br />
rides and attractions like The amazing adventures<br />
of Spider-Man ® , Jurassic Park River<br />
adventure ® , and <strong>the</strong> all-new magic and excitement<br />
of The Wizarding World of harry Potter . It’s an<br />
entire universe of action and thrills—and it’s all<br />
yours!<br />
during <strong>the</strong> event you’ll also enjoy an array of<br />
food and beverages, non-stop entertainment,<br />
and networking with colleagues. Included in Full<br />
Registration and Single Day registration (Monday).<br />
Additional tickets available for purchase.<br />
haRRY POTTeR, characters, names and related indicia are<br />
trademarks of and © Warner Bros. entertainment Inc.<br />
harry Potter Publishing Rights © JKR.<br />
(s11)<br />
universal elements and all related indicia TM & © 2011<br />
universal Studios. © 2011 universal Orlando. all rights<br />
reserved.<br />
Americas isLA Gala Dinner<br />
Wednesday, September 21, 6:30 pm–10:00 pm<br />
Peabody hotel<br />
The (ISc) 2 americas Board of advisers is pleased<br />
to announce <strong>the</strong> inaugural americas Information<br />
Security leadership awards. nominations are<br />
solicited from both (ISc) 2 members and nonmembers<br />
from South and central america, canada,<br />
and <strong>the</strong> united States. Join your peers as we<br />
honor winners and finalists at <strong>the</strong> Gala dinner.<br />
By invitation.<br />
Asis Foundation Event at bb King’s<br />
blues Club<br />
Wednesday, September 21, 7:00 pm–9:00 pm<br />
We invite you to spend an incredible evening with<br />
friends—old and new—at <strong>the</strong> aSIS Foundation’s<br />
night at B.B. Kings. Indulge yourself in great<br />
Sou<strong>the</strong>rn comfort food fused with flavors from<br />
around <strong>the</strong> globe, beverages, and energetic<br />
music. Make your last night at aSIS 2011 a<br />
memorable one and lend your support to <strong>the</strong> work<br />
of <strong>the</strong> aSIS Foundation...it’s all good for <strong>the</strong> soul!<br />
Ticketed event.<br />
Closing Luncheon with burt rutan<br />
Thursday, September 22, 12:00 noon–2:00 pm<br />
a gifted engineer, entrepreneur,<br />
and adventurer, Rutan’s witty<br />
and lively presentation inspires<br />
audiences with his enthusiasm<br />
for what individuals with vision<br />
can achieve. don’t miss it!<br />
“The networking and sharing of information was of tremendous value to me.<br />
Complete strangers in my industry as well as vendors frankly answered my<br />
questions and referred me to o<strong>the</strong>rs who might be of assistance to me.”<br />
Patrick Kevin Quinn, cPP, Security Administrator, Independence Power & Light<br />
September 19–22, 2011 | Orange County Convention Center | Orlando, Florida | www.asis2011.org 71
special interest Networking Events<br />
Young Professionals reception<br />
(CsO roundtable Members invited)<br />
Sunday, September 18, 5:00 pm–6:00 pm<br />
engage, listen, and learn from peers and<br />
high-level industry leaders during this dynamic<br />
networking reception hosted by <strong>the</strong> Young<br />
Professionals Group. Three, stimulating<br />
20-second presentations from accomplished<br />
industry leaders on leadership, advancement,<br />
and achievement create <strong>the</strong> basis for an hour of<br />
thought-provoking conversation and discussion.<br />
President’s reception—Networking<br />
With <strong>the</strong> CsO roundtable<br />
Tuesday, September 20, 8:30 pm–10:00 pm<br />
universal’s Islands of adventure®<br />
Join your peers and cSO Roundtable members<br />
for a private reception held at <strong>the</strong> President’s<br />
Reception. enjoy top-flight beverages and<br />
hors d’oeuvres while you mingle with peers<br />
and senior leaders in a relaxed atmosphere.<br />
By invitation.<br />
Christians in security Prayer<br />
breakfast<br />
Tuesday, September 20, 7:00 am–9:00 am<br />
Peabody hotel Orlando, Plaza International J<br />
You are invited to <strong>the</strong> 18th annual christians<br />
in Security Prayer Breakfast for a time of<br />
fellowship and prayer. Please contact Scott<br />
Jensen, cPP at +1.860.243.0833 ext. 217 or<br />
email sjensen@visonic.com by September 9.<br />
Advance reservations are recommended.<br />
Admission fee is required.<br />
Former Fbi Agents breakfast<br />
Tuesday, September 20, 7:00 am–8:00 am<br />
Peabody hotel Orlando, Plaza International K<br />
You are invited to join your peers for <strong>the</strong><br />
24th annual Breakfast. Please RSVP to<br />
Weldon Kennedy at kennedyw@usit.net or<br />
+1.901.522.6060. Advance reservations are<br />
recommended.<br />
Former secret service breakfast<br />
Tuesday, September 20, 8:00 am–9:00 am<br />
Peabody hotel Orlando, Plaza International d<br />
Join current and former agents of <strong>the</strong> u.S.<br />
Secret Service. Please confirm your attendance<br />
by September 9 to James antonelli by email at<br />
AntonelliJamesF@Guardsmark.com or by phone at<br />
+1.630.571.1055.<br />
international Organization of black<br />
security Executives (iObsE) Mixer<br />
Tuesday, September 20, 6:00pm–8:00 pm<br />
Peabody hotel Orlando, Plaza international I–J<br />
The International Organization of Black Security<br />
executives (IOBSe) invites you to join <strong>the</strong>m for an<br />
evening of networking. For details, please contact<br />
chiquita leak at +1.702.845.3172 or email<br />
cleak4sses@aol.com. No admission fee required.<br />
National Association of security<br />
Companies (NAsCO) breakfast<br />
Tuesday, September 20, 7:00 am–8:00 am<br />
Peabody hotel Orlando, Orlando Ballroom n<br />
The national association of Security companies<br />
(naScO), <strong>the</strong> largest contract security trade<br />
association, is pleased to sponsor naScO’s 19th<br />
annual Breakfast and awards Program for senior<br />
executives involved in contract security services.<br />
For details and reservations, contact naScO<br />
at +1.202.347.3257 or email tory@nasco.org.<br />
Space is limited, please register by September 9.<br />
Former U.s. Military breakfast<br />
Wednesday, September 21, 7:00 am–8:00 am<br />
Peabody hotel Orlando, Plaza International I<br />
all retired/former officers from <strong>the</strong> u.S. military<br />
services (army, navy, air Force, Marines, coast<br />
Guard) who are members of aSIS and serving<br />
in security positions throughout <strong>the</strong> world are<br />
invited to attend. a senior military officer will<br />
present a short update on today’s military and<br />
identify <strong>the</strong> challenges of <strong>the</strong> future. For details<br />
and reservations, please contact Ronald Olsen<br />
at +1.760.776.1295 or email<br />
olsensronaldl@guardsmark.com no later than<br />
September 9. No admission fee required.<br />
72 Asis 2011 <strong>Anticipate</strong> <strong>the</strong> <strong>unexpected</strong>. The security tools, techniques, and talent for tomorrow.
Loyalty has its rewards<br />
The VIP Alumni Program<br />
If you have attended <strong>the</strong> Annual Seminar as a paid attendee for<br />
<strong>the</strong> past three years, you are eligible to participate in <strong>the</strong> 2011 VIP<br />
Alumni Program.<br />
This special program is our way of saying ‘thank you’ for your<br />
loyalty to <strong>the</strong> industry’s leading security event, and <strong>the</strong> one event<br />
you won’t want to miss!<br />
VIP Alumni are entitled to <strong>the</strong>se value-added benefi ts:<br />
■ FREE Pre-Seminar Program of your choice*<br />
■ Opportunity to win a ticket to a VIP book signing<br />
■ Special recognition on your badge<br />
*Applies to <strong>ASIS</strong> Council-sponsored programs only. You must register as a<br />
full or single-day registrant to obtain <strong>the</strong> free program. Does NOT apply to<br />
exhibits-only attendees.<br />
REGISTER TODAY!
spouse Tours<br />
Alligators and Airboats<br />
Monday, September 19, 9:00 am–1:00 pm<br />
See <strong>the</strong> world in a whole new light on this fascinating excursion into <strong>the</strong><br />
seldom-visited heart of natural Florida. certified eco-guides, biologists,<br />
botanists, and audubon experts are trained to assure that each guest<br />
comes away with a new understanding of <strong>the</strong> vastly different land and plant<br />
communities, and <strong>the</strong> importance of <strong>the</strong>ir interrelationship and preservation.<br />
The day’s experiences start at <strong>the</strong> Tosohatchee “Florida Trail” where you’ll<br />
take a short 30–45 minute hike into <strong>the</strong> heart of this pristine wilderness<br />
before arriving at <strong>the</strong> 100-year-old outpost —a turn of <strong>the</strong> century fish camp.<br />
after an alligator tail snack, you will board an airboat to experience <strong>the</strong><br />
american heritage River and its abundant wildlife. Tour an area affectionately described as <strong>the</strong> central<br />
Florida everglades and learn about <strong>the</strong> eco-system of <strong>the</strong> St. John’s River, alligators, and <strong>the</strong> huge<br />
assortment of wonderful creatures that call <strong>the</strong> habitat home. This is an adventure you will never forget!<br />
Kennedy space Tour<br />
Tuesday, September 20, 9:00 am–4:00 pm<br />
come live <strong>the</strong> human side of space at <strong>the</strong> u.S. astronaut hall of Fame,<br />
complete with <strong>the</strong> sights, sounds, and experiences of <strong>the</strong> famous<br />
astronauts who first ventured into <strong>the</strong> frontiers of space. experience exhibits<br />
dedicated to our nation’s astronauts including <strong>the</strong> world’s largest collection<br />
of personal memorabilia, a rare collection of astronaut artifacts, and<br />
realistic astronaut training simulators.<br />
after exploring <strong>the</strong> hall of Fame, it’s your turn to take <strong>the</strong> controls with<br />
hands-on activities and simulators, where you can suit up, strap in, and<br />
blast off into an interactive experience that gives you a true taste of space.<br />
From <strong>the</strong> G-Force Trainer that lets you feel <strong>the</strong> pressure of four times <strong>the</strong><br />
force of gravity, to <strong>the</strong> space shuttle landing simulator and riding a rover<br />
across <strong>the</strong> rocky Martian terrain, you can test your skills—and your nerve.<br />
Dine With an Astronaut! experience <strong>the</strong> once-in-a-lifetime thrill of dining<br />
with a real-life astronaut and hearing inspiring space exploration stories while enjoying a delicious buffet<br />
lunch. Guests may ask questions and have photos taken with <strong>the</strong> astronaut, and each guest receives<br />
an autographed souvenir.<br />
Winter Park<br />
Wednesday, September 21, 9:00 am–3:00 pm<br />
The day will begin with a relaxing, 45-minute pontoon boat ride through <strong>the</strong><br />
canals and tree-lined lakes of Winter Park, originally developed for wealthy<br />
nor<strong>the</strong>rners as a summer retreat. View beautiful homes nestled along<br />
scenic lakes and observe nature.<br />
You will <strong>the</strong>n be whisked away to browse <strong>the</strong> Park avenue shopping district<br />
where <strong>the</strong> Sou<strong>the</strong>rn charm that lured <strong>the</strong> elite society can still be seen.<br />
Picturesque shops, exclusive boutiques, cafés, art galleries, brick-lined<br />
streets, and <strong>the</strong> towering trees of central Park make Park avenue <strong>the</strong> place<br />
to be and be seen. You will also have <strong>the</strong> option to visit The charles hosmer<br />
Morse Museum of american art, which houses <strong>the</strong> world’s most<br />
comprehensive collection of <strong>the</strong> works of louis comfort Tiffany (1848–<br />
1933) including Tiffany jewelry, pottery, paintings, art glass, leaded-glass<br />
windows, lamps, and <strong>the</strong> chapel interior he designed for <strong>the</strong> 1893 World’s<br />
columbian exposition in chicago.<br />
Visit www.asis2011.org/registration for spouse program fees.<br />
74 Asis 2011 <strong>Anticipate</strong> <strong>the</strong> <strong>unexpected</strong>. The security tools, techniques, and talent for tomorrow.
FLORIDA<br />
Orlando<br />
as a premier destination for meetings and conventions, business, and tourism,<br />
Orlando has just <strong>the</strong> right mix of sunny skies, warm temperatures, and assortment<br />
of attractions, dining, sports, entertainment, and shopping that you won’t find<br />
anywhere else. From <strong>the</strong> hundreds of restaurants to suit every palate to a thriving<br />
nightlife scene to amazing <strong>the</strong>me parks and more, delegates to Orlando will take<br />
home far more than <strong>the</strong>y expected. come early and stay late to enjoy all that<br />
Orlando has to offer!<br />
Visit <strong>the</strong> hotel and Travel section of <strong>the</strong> Seminar website for destination<br />
information, <strong>the</strong>me park discounts, and more.<br />
SEE yOu In OrLAndO!<br />
“Asis combines everything good<br />
into one fully-packed week:<br />
speakers, exhibits, classes,<br />
networking, local attractions,<br />
membership, and professional<br />
certifications. Attending <strong>the</strong><br />
full seminar is well worth<br />
<strong>the</strong> cost.”<br />
Karen Waller<br />
Security Specialist<br />
Faa<br />
September 19–22, 2011 | Orange County Convention Center | Orlando, Florida | www.asis2011.org 75
General information<br />
Event Location<br />
Orange County Convention Center<br />
(West Building)<br />
9800 International Drive • Orlando, FL 32819<br />
all sessions, exhibits, registration, and most<br />
networking events will be held at <strong>the</strong> convention<br />
center, unless o<strong>the</strong>rwise noted.<br />
Headquarters Hotel *<br />
Peabody Orlando<br />
9801 International Drive • Orlando, FL 32819<br />
Pre-Seminar programs, certification reviews, and<br />
some volunteer meetings will be held at <strong>the</strong> Peabody.<br />
* In addition to <strong>the</strong> headquarters hotel, <strong>the</strong> aSIS room block<br />
comprises a variety of hotels to fit every budget and<br />
accommodation preference.<br />
Hotel reservations<br />
Book your hotel arrangements through <strong>the</strong><br />
Asis Housing bureau with one easy call:<br />
+1.888.887.8072 (U.S./Canada)<br />
+1.972.349.7452 (outside U.S./Canada)<br />
Or reserve your housing online at<br />
www.asis2011.org/hoteltravel. The hotel reservations<br />
deadline is september 9, but book early to<br />
get <strong>the</strong> best rates and preferred accommodations.<br />
When you book your housing through <strong>the</strong> official<br />
aSIS housing Bureau, you also receive a free pass<br />
for shuttle bus services between <strong>the</strong> Seminar<br />
hotels and <strong>the</strong> convention center (a $50 value).<br />
Only those booking through <strong>the</strong> Asis Housing<br />
bureau will receive free shuttle bus passes.<br />
FIVE WAyS<br />
TO SAVE<br />
1<br />
2<br />
3<br />
4<br />
5<br />
rental Cars<br />
as official suppliers for <strong>the</strong> annual Seminar and<br />
exhibits, <strong>the</strong>se companies are offering special,<br />
discounted rates to Seminar attendees.<br />
AVis: call +1.800.331.1600 or log onto www.avis.<br />
com and provide this number: AWD-D005038 to<br />
take advantage of discounts.<br />
DOLLAr rENT A CAr: all reservations can be<br />
made online at www.dollar.com or by calling<br />
+1.866.542.2303, ext.2. Please provide <strong>the</strong> aSIS<br />
International corporate discount number:<br />
CD#CM0135.<br />
FOUr WAYs<br />
TO rEGisTEr<br />
Internet: www.asis2011.org/registration<br />
Phone: aSIS Registration<br />
+1.800.941.2128 (u.S./canada)<br />
or +1.980.233.3813<br />
8:30 am–5:00 pm edT<br />
(Monday–Friday)<br />
Fax: +1.980.233.3800<br />
Mail: 10900 Granite Street,<br />
charlotte, nc 28273 uSa<br />
After 3:00 pm EDT, Friday, September 16, you must<br />
register onsite at <strong>the</strong> Orange County Convention Center.<br />
Onsite registration is open Sunday, September 18, from<br />
12:00 noon–6:30 pm. (ISC) 2 members must register<br />
through www.isc2.org/congress2011.<br />
Take advantage of early bird discounts when you register by<br />
August 12. If you purchase <strong>the</strong> Full registration package, you’ll get<br />
<strong>the</strong> greatest variety of sessions, events, and networking activities in<br />
addition to exhibits admission.<br />
Make your hotel reservation early! The housing deadline is<br />
September 9, but book early to ensure your preferred hotel and rate.<br />
And by booking through <strong>the</strong> official <strong>ASIS</strong> Housing Bureau,<br />
you’ll receive a complimentary shuttle bus pass (a $50 value)—<br />
available only to those using <strong>the</strong> housing bureau.<br />
If you’re not an <strong>ASIS</strong> member—join now and take advantage of<br />
member discounts. Plus, you’ll get a $100 education credit that you can<br />
use now or later. See www.asisonline.org/membership for details.<br />
Limited time or resources? Exhibits-only registration is FREE in<br />
advance. Or attend <strong>the</strong> program for a single day at a reduced fee.<br />
Bring your team and save! See Team discount policy at<br />
www.asis2011.org/registration.<br />
76 Asis 2011 <strong>Anticipate</strong> <strong>the</strong> <strong>unexpected</strong>. The security tools, techniques, and talent for tomorrow.
Thank you to our Partners and sponsors<br />
September 19–22, 2011 | Orange County Convention Center | Orlando, Florida | www.asis2011.org 77
supplement to Security Management<br />
“ The very best comprehensive<br />
security conference of its kind.”<br />
Peter Bourey, Security Manager<br />
Telehealth Services<br />
Visit us at www.asis2011.org<br />
sECUrE THE sOLUTiONs AND EXPErTisE<br />
YOU NEED TO MEET YOUr OrGANizATiONAL<br />
AND PrOFEssiONAL GOALs.<br />
• inspiring keynotes and general sessions<br />
• 200+ education sessions<br />
• Networking opportunities with peers and visionaries from<br />
around <strong>the</strong> globe<br />
• Thousands of <strong>the</strong> latest technologies, product, and services<br />
• Asis and (isC) 2 certification reviews<br />
• recertification CPEs<br />
• Pre-seminar programs and events<br />
• New product introductions<br />
• Accolades competition showcase<br />
• solutions Theater presentations<br />
Asis 2011 HEADLiNErs<br />
Jeb bush<br />
Governor of Florida<br />
1999–2007<br />
Vicente Fox<br />
President of Mexico<br />
2000–2006<br />
Announcing <strong>the</strong> first annual<br />
(isC) 2 security Congress.<br />
burt rutan<br />
entrepreneur<br />
Colocated with <strong>the</strong> <strong>ASIS</strong> International Annual Seminar<br />
and Exhibits, <strong>the</strong> combined events present <strong>the</strong> largest<br />
show of its kind worldwide. This is where traditional and<br />
logical security meet. See inside for more information.