Anticipate the unexpected - ASIS 2012

Seminar Overview
Seminar Dates:
Monday–Thursday
September 19–22
Exhibit Dates:
Monday–Wednesday
September 19–21
Anticipate the unexpected
The security tools, techniques, and talent for tomorrow.
AS I S I N T E R N AT I O N A L 2 011
57Th ANNuAL SEmINAR ANd ExhIbITS
September 19–22, 2011 | OrlandO, Fl
www.asis2011.org
colocated
with ASIS 2011

Face the future—and the unknown—
with confidence when you acquire the
comprehensive knowledge and resources
available only at ASIS 2011.
ASIS International welcomes (ISC) 2 ’s first Security Congress,
colocating with ASIS 2011. This important partnership illustrates
the rapidly converging roles of traditional security and information
security. These two events will bring together the best and brightest
minds in the profession. Join more than 20,000 of your colleagues
for an unprecedented look at the total security landscape.
WhAt DoES thIS mEAn to you?
• Gain new perspectives and expert insights into the latest
trends impacting the protection of people, property, and
information.
• Connect with security counterparts from around the globe.
• See thousands of the latest technologies, products, and
services on the market.
• Integrate proven best practices into your enterprise
security plan.
• Learn about ASIS board certification and (ISC) 2 certifications.
ASIS Debuts a Systems Integrator track.
ASIS is expanding its educational program to include a
new track of sessions designed for systems integrators.
Practitioners in key vertical industries will share their
biggest security challenges and insights that will help
integrators provide the best solutions to their customers.
This track is endorsed by PSA Security Network.
Who ShoulD AttEnD
• Security directors and managers
• Homeland security professionals
• CEOs, CSOs, CISOs, CTOs, CIOs
• Managers charged with protecting their infrastructure
• Government/military personnel with security responsibilities
• Security consultants
• Law enforcement professionals
• Facility/plant/operations managers
• Systems integrators and dealers
• Architects/engineers
• Other professionals with an interest in security

Program Highlights . . . . . . . . . . . . .2
Keynotes and General Sessions . . . . . . .4
Schedule of Events . . . . . . . . . . . . .5
Exhibits . . . . . . . . . . . . . . . . . . .6
Certification . . . . . . . . . . . . . . . . .9
CSO Roundtable . . . . . . . . . . . . . . 10
Pre-Seminar Programs and Events . . . . . 11
Focus on Homeland Security . . . . . . . . 16
Education Sessions . . . . . . . . . . . . 18
Networking Events . . . . . . . . . . . . . 70
table of Contents
Register for ASIS 2011 or
(ISC) 2 ’s Security Congress and
gain access to all this and more.
the Power Behind the ASIS Annual Seminar and Exhibits
ASIS International (ASIS) is the preeminent organization for security professionals, with more than 37,000
members worldwide. Founded in 1955, ASIS is dedicated to increasing the effectiveness and productivity of security
professionals by developing educational and networking opportunities that address broad security interests, such as
the ASIS Annual Seminar and Exhibits, as well as specific security topics. ASIS also advocates the role and value of the
security management profession to business, the media, government entities, and the public. By providing members
and the security community with access to a full range of programs and services, and by publishing the industry’s
number one magazine—Security Management—ASIS leads the way for advanced and improved security performance.
We’re pleased to welcome our new partner:
(ISC)² is the largest not-for-profit membership body of certified information security professionals worldwide, with over
77,000 members in more than 135 countries. Globally recognized as the Gold Standard, (ISC)² issues the CISSP®
and related concentrations, as well as the CSSLP®, CAP®, and SSCP® credentials to qualifying candidates. (ISC)²’s
certifications are among the first information technology credentials to meet the stringent requirements of ANSI/ISO/
IEC Standard 17024, a global benchmark for assessing and certifying personnel. (ISC)² also offers education programs
and services based on its CBK®, a compendium of information security topics. More information is available at
www.isc2.org.
Join professionals from around the globe in Orlando for the most
comprehensive educational event of the year. Register today!
Special Interest Networking Events . . . . . 72
Spouse Program. . . . . . . . . . . . . . 74
Welcome to Orlando . . . . . . . . . . . . 75
General Information/Housing . . . . . . . 76
Thank You to our Partners and Sponsors . . 77
September 19–22, 2011 | Orange County Convention Center | Orlando, Florida | www.asis2011.org 1

Prepare to Learn
Unparalleled
General Sessions. Outstanding keynote
presentations by renowned leaders and
dynamic general sessions on key issues
set the stage for this year’s event.
Education Sessions. More than 200
sessions address the full range of up-tothe-minute
security topics, critical issues,
and security management best practices.
Mix ‘n match from 22 tracks and design
the program that’s right for you. Refer to
the daily Schedule-at-a-Glance—at the
beginning of each day’s listing.
homeland Security. A listing of 30
sessions provides a quick overview of
our offerings focused on protecting the
homeland, whether in the U.S. or abroad.
Pre-Seminar Programs and Professional
tours. These in-depth ‘add-on’ programs
are held immediately prior to the Seminar
and focus on a variety of issues relevant
to today’s security practitioners.
CSo Roundtable. Members of the CSO
Roundtable are invited to attend special
programming relative to senior security
leaders.
Accolades Competition. This program
recognizes innovative new products and
services and helps identify some of the
hottest solutions that will be displayed
in the exhibit hall. View entries online in
advance and see entries ‘up close and
personal’ on the show floor.
2 ASIS 2011 Anticipate the unexpected. The security tools, techniques, and talent for tomorrow.

edUcation
Solutions theaters. These in-depth
vendor presentations—delivered right on
the show floor—give you the scoop on
new products, breaking news, and more.
Schedule will be available in August.
ASIS tV. Learn about security initiatives
throughout the world and see on-the-spot
interviews from the Seminar. ASIS TV also
will be viewable online during and after
the Seminar.
Session handouts. All handout materials
will be available for your online access.
Or print them out onsite at print stations
located in the convention center. The
choice is yours.
Exhibit hall. Thousands of cutting-edge
products and services will be on display
on the show floor. From access control to
cloud security to weapons disposal and
everything in between, you’ll find the tools
and partners you need to mitigate risk.
networking. Take advantage of unlimited
opportunities to interact with top
professionals from around the globe. This
is the place to meet peers face-to-face,
share ideas, and discover solutions.
September 19–22, 2011 | Orange County Convention Center | Orlando, Florida | www.asis2011.org 3

“ If you want to stay abreast of new technology and liaison with other
colleagues in the security sector, you need to attend the ASIS show.”
James R. Matthews, CPP
Chief of Police, Rincon Police Department
General Sessions
KEynotE
Jeb Bush
Governor of Florida, 1999–2007
Tuesday, September 20, 8:00 am–9:00 am
As the 43rd Governor of
the state of Florida, Bush’s
achievements include
education reform, closing the
achievement gap for Florida
students; and yearly tax cuts
which helped Florida lead the
nation in job growth. Bush
currently heads his own successful consulting
business and also is chairman of the Foundation
for Excellence in Education.
KEynotE
Vicente Fox
President of Mexico, 2000–2006
Wednesday, September 21, 8:00 am–9:00 am
A visionary leader with a deep
understanding of the economic
and social challenges facing
Latin America, President Fox
is one of the world’s most
important voices on the
contemporary geo-political
landscape and the role of
business in the developing world.
General Session
the Security leader in 2020
and Beyond
Thursday, September 22, 8:00 am–9:30 am
Explore the industry 10+ years into the future
with experts from across the security community
engaging on key topics. Understand the key
technology and security trends driving business
and the industry that are likely to have an effect
on the leaders of the future. Hear from a panel
including chief security officers and representatives
of the information security and technology
communities as they discuss the trends and
impacts of what professionals will face in the
next decade.
General Session
Workplace Violence:
A Clear and Present Danger
Thursday, September 22,
10:00 am–12:00 noon
Violence in the workplace continues to make
news headlines and is a vital concern to Security,
Human Resources, and management across
all industries. Threats, verbal abuse, physical
assault, and homicide in the workplace affect
two million workers annually in the U.S. alone.
The use of the Internet as a means to promote
violence through the delivery of threats, as well as
the implications and impact of social media are
evolving factors that also need to be understood.
Join us as we examine the issues and the latest
information on assessment, prevention, and
mitigation of this growing threat.
Closing luncheon with Burt Rutan
Thursday, September 22,
12:00 noon–2:00 pm
Named “Entrepreneur of the
Year” by Inc. Magazine and
described by Newsweek as
“the man responsible for more
innovations in modern aviation
than any living engineer,” Mr.
Rutan is a bold entrepreneur
and designer with the vision
and passion for the advancement of technology.
Recent projects include the White Knight and
SpaceShipOne, the world’s first privately funded
manned spacecraft.
“If you are going to attend one
security event this year…ASIS
should be the one.”
Bret Rowe
Corporate Security Manager
J.R. Simplot Company
4 ASIS 2011 Anticipate the unexpected. The security tools, techniques, and talent for tomorrow.

Schedule of Events
All programs and events are open to ASIS and (ISC) 2 attendees unless otherwise noted.
Friday, September 16
8:00 am–5:30 pm CPP, PCI, and PSP Certification Reviews, Peabody Hotel
Saturday, September 17
8:00 am–2:00 pm CPP, PCI, and PSP Certification Reviews, Peabody Hotel
8:00 am–5:00 pm CISSP and CSSLP Official Review Seminars
8:00 am–5:00 pm Pre-Seminar Programs
Sunday, September 18
8:00 am–12:00 noon CISSP and SSCP Clinics
8:00 am–1:30 pm ASIS Foundation 15 th Annual Golf Tournament
8:00 am–2:00 pm (ISC) 2 Exams
8:00 am–5:00 pm CISSP and CSSLP Official Review Seminars (continued)
8:00 am–5:00 pm Pre-Seminar Programs
1:00 pm–5:00 pm CAP and CSSLP Clinics
4:00 pm–6:00 pm (ISC) 2 Town Hall Meeting for Members Only
5:00 pm–6:00 pm Young Professionals Reception
6:00 pm–7:00 pm ASIS First-Time Attendee/ASIS New Member Reception
7:00 pm–9:00 pm Welcome Reception
monday, September 19
7:45 am–9:00 am Opening Ceremony
9:00 am–11:00 am Exhibit Hall Grand Opening
9:00 am–4:30 pm Exhibit Hall Open
11:00 am–12:00 noon Education Sessions
12:00 noon–1:30 pm Networking Luncheon
1:45 pm–3:00 pm Education Sessions
4:30 pm–5:30 pm Education Sessions
5:30 pm–7:00 pm (ISC) 2 Member Reception, Peabody Hotel
7:00 pm–10:00 pm President’s Reception at Universal’s Islands of Adventure ®
tuesday, September 20
8:00 am–9:00 am Keynote: Jeb Bush
9:00 am–4:30 pm Exhibit Hall Open
10:00 am–11:00 am (ISC) 2 Safe and Secure Online Volunteer Orientation
11:00 am–12:00 noon Education Sessions
12:00 noon–1:30 pm Networking Luncheon
1:45 pm–3:00 pm Education Sessions
4:30 pm–5:30 pm Education Sessions
Wednesday, September 21
8:00 am–9:00 am Keynote: Vicente Fox
9:00 am–3:30 pm Exhibit Hall Open (Final Day for Exhibits)
11:00 am–12:00 noon Education Sessions
12:00 noon–1:30 pm
Law Enforcement/Military Appreciation
Luncheon
1:45 pm–2:45 pm Education Sessions
3:30 pm–5:00 pm Education Sessions
6:30 pm–10:00 pm Americas ISLA Gala Dinner, Peabody Hotel
7:00 pm–9:00 pm
thursday, September 22
ASIS Foundation Event at BB King’s Blues Club
REGIStRAtIon houRS
Sunday, September 18
12:00 noon–6:30 pm
Monday–Wednesday,
September 19–21
7:00 am–5:30 pm daily
Thursday, September 22
7:30 am–12:00 noon
8:00 am–9:30 am General Session: The Security Leader in 2020 and Beyond
9:30 am–10:00 am Coffee Break
10:00 am–12:00 noon General Session: Workplace Violence: A Clear and Present Danger
12:00 noon–2:00 pm Closing Luncheon with Burt Rutan
All events are held at the Orange County Convention Center unless noted otherwise. Schedule subject to change.
September 19–22, 2011 | Orange County Convention Center | Orlando, Florida | www.asis2011.org 5

Exhibits
Knock out a year’s worth of product and supplier research in just
three days. Get face-to-face with product experts and discover what’s
possible in today’s high-tech security market.
Exhibit hall hours: Monday–Tuesday, September 19–20, 9:00 am–4:30 pm
Wednesday, September 21, 9:00 am–3:30 pm
Exhibitor List
as of aPriL 28, 2011
3M Cogent, Inc.
3M Optical Systems Division
3S Pocketnet Technology, Inc.
3SI Security Systems
3VR Security, Inc.
5.11 Tactical
A&S International
A-T Solutions
Aaxeon Technologies
ABM Data Systems, Inc.
Access Specialties
International, LLC
Accessgate.net, Inc. (AGS)
ACCU-TECH CORPORATION
AccuWeather, Inc.
ACTi Corporation
Action Bullet Resistant
ADS, Inc.
ADT Security Services
AFI and IMAC
AFL Telecommunications
Aigis (Now Part of Linear)
Aimetis Corp.
Aiphone Corporation
Airborne Biometrics Group, Inc.
AlarmSaf
Alert Enterprise
Alertus Technologies
Alion Science and Technology –
CounterMeasures
All Traffic Solutions
Allied Tube & Conduit
AlliedBarton Security Services
Allsafe Technologies, Inc.
Alpha Technologies
ALTRONIX CORP.
ALUTIIQ, LLC
ALVARADO TURNSTILES
AMAG Technology, Inc.
American K9 Detection
Services, Inc.
American Military University
American School & University
American Physical Security
Group
Admission to the
Exhibits is FREE
when you register in
advance ($75 value).
American Science &
Engineering, Inc.
American Security Products Co.
American Video Equipment
Ameristar Fence Products
AMICO
Andrews International
Anixter, Inc.
The Anvil Group, Ltd.
Aon Fire Protection
Engineering (Formerly
Schirmer Engineering)
APOLLO
Arecont Vision, LLC
Ares Corporation
ARH, Inc.
ARMORTEX
AS Solution A/S
ASI Technologies –
Marathon Doors
ASIS International
ASSA ABLOY Americas
ASTIC Signals Defenses, LLC
Astrophysics, Inc.
Austin Mohawk and Company
AUTOCLEAR/Scintex
AutoGate, Inc.
Automatic Systems
AVANTE
Aventura Technologies
AVIGILON
AVUE
AWID, Inc.
AXIS COMMUNICATIONS, INC.
Baran Access Solutions
Barco
Barcode Automation, Inc.
Barrier 1 Systems, Inc.
Basler Vision Technologies
Bellevue University
Blackline GPS, Inc.
Boeing Company
Boon Edam, Inc.
Brady People ID
BRICKCOM CORPORATION
BrickHouse Security
BriefCam, Ltd.
Brijot Imaging Systems, Inc.
Brivo Systems, LLC
Brownyard Group
Brownyard Programs, Ltd.
BRS Labs
Bryce Fastener, Inc.
BSI Group America, Inc.
Building Reports
C.R. Laurence Co., Inc.
California University of PA
CALL24 Wireless Callbox
Systems
Cambridge Security Seals
Campus Safety Magazine
CAP Index, Inc.
Card Scanning Solutions
CCTVSTAR, Inc.
CEIA USA
Celayix, Inc.
CI Centre
CIAS
CIC Technology – CORiT
Cisco Systems, Inc.
Clinton Electronics Corporation
CNB Technology, Inc.
CNL Software, Inc.
Cochrane USA
Code Blue Corporation
Cohu, Inc. – Electronics
Division
ColorID, LLC
COMMEND, Inc.
Commissionaires
COMNET
Concentric Security, LLC
Control Risks
Control Room Group –
a division of AVI-SPL
Contronics Technologies
Cooper INDUSTRIES
Cop Security System Corp.
CORNELL
Counter Terrorist Magazine (The)
CoverX Corporation
Cross Match Technologies, Inc.
CSO Magazine
Cygnus Security Group
D3 Security Management
Systems
6 ASIS 2011 Anticipate the unexpected. The security tools, techniques, and talent for tomorrow.
DAHLE North America
Datacard Group
DataDirect Networks
Dayton T. Brown, Inc.
DEANSTEEL MFG CO.
DEDICATED MICROS, Inc.
Deister Electronics
Designed Security, Inc. (DSI)
DeTect, Inc.
DeTekion Security Systems, Inc.
DETEX
Diebold Incorporated
Digital ID Solutions, LLC
Digital Supply International
Digitize, Inc.
DITEK Corporation
DMP
Dolphin Components Corp.
DoorKing, Inc.
Dortronics Systems, Inc.
DRS Technologies, Inc.
DSI Security Services, Inc.
DSX Access Systems, Inc.
DVTel, Inc.
DynaLock Corp.
Dynasound – Soundmasking &
Eavesdropping Protection
Division
e-DATA Corporation
EasyLobby, Inc.
ECSI International, Inc.
EK Ekcessories
ELC Security Products
ESRI
Essen Trade Shows
EURESYS
Europ Assistance USA
Evax Systems
EverFocus Electronics
Corporation
Exacq Technologies, Inc.
Explosive Countermeasures Int’l.
EYE TRAX
Faro
Fastcom Technology
Feeling Software
Fire and Life Safety America
Firetide

Fisher Labs
Fleet Management Solutions
FLIR Systems, Inc.
Florida Association of Security
Companies (FASCO)
FreightWatch International
(USA), Inc.
FujiFilm North America Corp.
Fujitsu Frontech North
America, Inc.
Future Fibre Technologies
FutureSentry
G4S
GAI-Tronics Corporation
Galaxy Control Systems
Gale Force Software
Corporation
Gallagher Security USA, Inc.
Garrett Metal Detectors
Gatekeeper Security
Gavin de Becker & Associates
General Lock & Clark Security
General Services
Administration
Genetec
Genius Vision Digital, Inc.
GENRIC
George Washington University
GeoVision, Inc.
GEUTEBRUCK Security, Inc.
GlassLock, Inc.
Global Engineering Security
System
Global Rescue, LLC
Global Software
Graybar
GSP Systems, Inc.
Guardian8, Inc.
Guardsmark, LLC
Gunnebo Entrance Control
GVI Security
HanitaTek, LLC
Heigl Technologies
HGH Infrared Systems, Inc.
HID Global
Hikvision Digital Technology
Co., Ltd.
Hill & Smith, Inc.
Hirsch Electronics
Hitachi America, Ltd.
HMA Consulting, Inc.
Homeland Security Newswire
Honeywell International
Huffmaster Protective Services
Group
HySecurity Gate Operators
Hytera Communications
i2, Inc.
i 3 International
IAPP
ICD Security Solutions
ICE PACK Emergency
Sustainment Systems, LLC
ICx Technologies
IDenticard Systems
Identification Systems Group
idOnDemand
“this is the largest gathering of
security professionals and the most
comprehensive display of security
technology in the world.”
Milton Moritz, CPP, President
Moritz Associates
IEE Sensing
IEI (Now Part of Linear)
IFSEC
iJET Intelligent Risk Systems
Ikegami Electronics (USA), Inc.
Iluminar
ImmerVision
IndigoVision, Inc.
INEX/ZAMIR
Infinova
Ingersoll Rand Security
Technologies
InMotion CCTV, Inc.
InstaKey Security System
Installations, Inc.
Insulgard Security Products
Integrated Security Corporation
Intelli-Check-Mobilisa, Inc.
INTELLIKEY Corporation
Intergraph Corporation
International SOS
Intransa, Inc.
Investigations Canada, Inc.
iOmniscient Corporation
Ionit Technologies, Inc.
IPVideo Corporation
IQinVision
IRIS Companies, (The)
(ISC) 2 Pavilion
iThreat Solutions
iView Systems
Izzo Insurance Services, Inc.
JDS Digital Security
Systems, LLC
Johnson Controls, Inc.
Jolly Technologies, Inc.
Jupiter Systems
K2 Solutions, Inc.
Kaba Access Control
KBC Networks
Keltron Corporation
Keri Systems, Inc.
Key Systems, Inc.
Key Tracer Systems, Inc.
Keyscan, Inc.
KeyTrak, Inc.
KKP Security Group
Koukaam
Kowa Optimed, Inc.
Krieger Specialty Products
KT & C USA
L-1 Enterprise Access Division
(Bioscrypt)
Laboratory Corporation of
American Holdings
Laipac Technology
Laminex, Inc.
Lantronix
LawMate America
Leading Holdings, Inc.
LENSEC-IP Video Surveillance
LG Electronics USA –
Iris Technology Division
Liberty Uniform Mfg. Co., Inc.
LifeSafety Power, Inc.
LightLOC Divison of Woven
Electronics
Linear, LLC
Lion Uniform Group –
a G&K Services Company
LockDown, Inc.
Lockmasters, Inc.
LOUROE ELECTRONICS
LSI – Lockmasters Security
Institute/Lockmasters, Inc.
Lumidigm, Inc.
M.C. Dean, Inc.
Madico Window Films
MAGICARD – Ultra Electronics
Magnetic Automation Corp.
March Networks
Marlin Leasing Corp.
Marshall Electronics, Inc.
Martin Yale Industries, Inc.
Matrix Systems, Inc.
Maxxess Systems, Inc.
MBM Corporation
McGard, LLC
THE MECHANIC GROUP, Inc.
MEDEX Global Group, Inc.
ASIS is proud to
honor this year’s
Security’s Best—the
most innovative new
technology, product,
and service solutions.
MER, Inc.
Meridian Technologies, Inc.
Messoa Technologies, Inc.
Metro One
Microsemi/PowerDsine
Microsoft Corporation
Middle Atlantic Products, Inc.
MILESTONE SYSTEMS
MKS Instruments
Mobotix Corp.
Modular Security Systems, Inc.
Monitor Dynamics, Inc.
Monitronics
Moog QuickSet
MorphoTrak
Morse Watchman, Inc.
MSA Security
NAPCO Security
Technologies, Inc.
NASATKA BARRIER, Inc.
National Background Data
NC4
NEDAP
Network Video Technologies
Next Level Security
Systems, Inc.
NIGHTSTICK
Niscayah, Inc.
Nissan North America
NITEK
NUUO, Inc.
Oberthur Technologies
Omnitron Systems Technology
On-Net Surveillance Systems,
Inc. (ONSSI)
One Source Industries
Ontario-Canada Delegation
Open Options, Inc.
OPENEYE
Optellios, Inc.
Optex
Optiview, Inc.
Orion Images Corp.
OSRAM SYLVANIA
OSSI (OLTIS Security Systems
International)
OzVision
Pacific Lock Company
Pacom
Panasonic
Par-Kut International, Inc.
Parabit Systems, Inc.
Patriot3, Inc.
Paxton Access, Inc.
Pelco, Inc. by Schneider Electric
PENTAX Imaging
Perceptics, LLC
Petersen Mfg. Co., Inc.
Philadelphia Insurance Co.
Pivot3
Pixim, Inc.
The winning entries from this competition, open to
all ASIS exhibitors, will be featured in the Accolades
Showcase in the Exhibit Hall. View product information
online pre- and post-show and see the solutions
‘up close and personal’ on-site.
September 19–22, 2011 | Orange County Convention Center | Orlando, Florida | www.asis2011.org 7

Plasco ID
PlaSec, Inc.
Point Grey Research, Inc.
POINTMAN
Polaroid ID Systems
POWDERSAFE Pty, Ltd.
PowerFlare (PF Distribution Ctr)
PPM 2000, Inc.
Premier Mounts
Premier Wireless, Inc.
PRO Barrier Engineering
Protech/Protection
Technologies, Inc.
Protection One, Inc.
ProxiGuard/BlueCard Software
Technology Co., Ltd.
Proxim Wireless
PureTech Systems, Inc.
QNAP, Inc.
Quantum Secure, Inc.
Quartermaster, Inc.
Quest Diagnostics
Quintron Systems, Inc.
Rainbow CCTV
Rapiscan Systems
Raytec
Raytheon
RBH ACCESS
TECHNOLOGIES, Inc.
Realtime DAR
record usa, Inc.
Redline Communications
Research Electronics Int’l., LLC
RF Ideas, Inc.
RGB Spectrum
ROFU International Corp.
Rosslare Security Products
RS2 Technologies, LLC
RSSI Barriers, LLC
RTM Soft
Rytec High Performance Doors
S2 Institute
S2 Security Corporation
Safety Technology
International, Inc.
SAIC
Salient Systems
Salto Systems, Inc.
Samsung Techwin
Sarnoff Corporation
Scallop Imaging
Scanna MSC, Inc.
Schneider Electric
School Planning & Management/
College Planning &
Management
SDC-Security Door Controls
SDM & Security Magazines
SecurAmerica, LLC
Securitas Security Services
USA
Securitech Group, Inc.
Security Buyer
Security Director News and
Security Systems News
Security Information
Systems, Inc.
Security Journal/Palgrave
Macmillan
Security Management
SECURITY PRODUCTS
MAGAZINE
Security Sales & Integration
Magazine
Security Solutions Int’l.
Security Today Magazine – India
Security Tronix
Security-Net
Seguridad en America
Send Word Now
SensaVideo
Senstar, Inc.
Sentry 360 Security
Sentry View Systems
SentryNet
Shanghai Xinfan Container Fit
ShotSpotter, Inc.
SIEDLE
Sielox/Costar Video
SightLogix
SimonsVoss
SITE – SECURE
Smarter Security –
Outdoor Division
Smartvue Corp.
Smiths Detection
SMP Europe Limited
Sony Electronics
Southwest Microwave, Inc.
SPAWAR Atlantic
SPECO Technologies
Stanley Security Solutions
THE STEELE FOUNDATION
STENTOFON/Zenitel Group
Stone Panels, Inc.
STOPware, Inc.
Stretch, Inc.
Sun Myung Electro-Telecom Co.
Surveon Technology
Synology America Corp.
T.S. MicroTech, Inc.
TagMaster North America, Inc.
TAKEX AMERICA, Inc.
TALK-A-PHONE CO.
TAMRON USA, Inc.
Tavcom Training
Team NiSCA/Kanematsu USA
& GLORY
TEAM Software, Inc.
Tech, Inc., Corp.
Tech Systems, Inc.
Telephonics Corporation
“If you are thinking about or
looking for anything in or about
security, you’ll find it here, see it
here, and experience it here.”
Robert Crow
Director, Corporate Security
AmerisourceBergen Corporation
Telular Corporation
Texecom Limited
Theia Technologies
THETW
Thomson Reuters
Tilt-A-Way/Ideal Mfg., Inc.
TLO
Today’s Facility Manager
TOKINA INDUSTRIAL, Inc.
ToteVision
Tower Solutions
Training Camp
Traka USA
Transformational Security, LLC
TransTech Systems, Inc.
Travel Guard
Tridium
Triple Canopy
TSSIA – Taiwan Safety &
Security Industry Assoc.
Tyco Security Products
TydenBrooks Security
Products Group
TYMETAL Corp.
U.S. Postal Inspection Service
U.S. Saudi Arabian Business
Council
U.S. SECURITY ASSOCIATES,
Inc.
UDP Technology
Uncle Mike’s Law Enforcement
Underwriters Laboratories, Inc.
UNIONCOMMUNITY CO., LTD.
UniPro Uniforms
United States Bullet
Proofing, Inc.
Universal Safety Response –
GRAB Barrier
Universal Services of America
University of Denver
University of Maryland
University College
University of Phoenix
UTC Fire & Security (Formerly
GE Security)
Valcom, Inc.
Valor Systems, Inc.
Ventas De Seguridad
Veracity USA
Verint Video Solutions
PErSONALIzE yOur ShOw ExPErIENCE wIth
thE ONLINE PLANNEr ANd ASIS MOBILE!
• Plan your session schedule.
• Search for companies, products, and services.
• Pre-book appointments with exhibitors.
• Learn about breaking ASIS news and show specials.
• Access a live Twitter feed.
8 ASIS 2011 Anticipate the unexpected. The security tools, techniques, and talent for tomorrow.
Vertex Standard
Vicon Industries, Inc.
Video Insight, Inc.
Video Mount Products
Videology Imaging
Solutions, Inc.
videoNEXT Network
Solutions, Inc.
VIDEX, Inc.
VIDO Security System Co., Ltd.
VidSys, Inc.
VIEWZ
VIGITRON, Inc.
Viking Electronics, Inc.
Virtual Imaging, Inc. (Canon)
Viscount Systems, Inc.
Vision Components GmbH
Visitor Pass Solutions by Data
Management, Inc.
VIVOTEK, INC.
Vumii Imaging, Inc.
Watec/Genwac
Wausau Tile, Inc.
Webster University
WEISER SECURITY
SERVICES, INC.
Whelan Security Co.
Whitaker Brothers, Inc.
Wilson Bohannan Padlock
Company
Winland Environmental Security
Winncom Technologies
Winsted Corporation
WIRECRAFTERS, LLC
Worldwide Imaging & Detection
Systems, Inc.
X-Test
Xiamen Leading Optics Co.,
Ltd.
Xtec, Incorporated
Xtralis
Zebra Technologies
Zistos Corporation

Certification Activities
ASIS CERtIFICAtIon
Prepare for ASIS Board Certification—take a Review Before the Seminar
Friday, September 16–Saturday, September 17
Peabody Hotel
The most respected leaders in security management are board-certified by ASIS International.
Prepare a course of study to earn one of three ASIS designations (CPP, PCI, or PSP) by attending a
classroom review prior to the Seminar and Exhibits. Experienced instructors provide a focused review
of the subjects tested on each exam. Reviews may also be audited for a reduced fee (restrictions
apply). Visit www.asis2011.org for details and to register.
Certification lounge
Monday–Wednesday, 9:00 am–4:30 pm
CPPs, PCIs, and PSPs are invited to visit the Certification Lounge throughout the Seminar. The
Lounge is the perfect place to connect with other certificants from around the world and to get the
latest in certification news. Members of the Professional Certification Board (PCB) and ASIS
Certification Department staff will also be in the Lounge to network and answer your questions.
Earn up to 19 Recertification Credits
If you’re a CPP, PCI, or PSP, you can earn up to 19 recertification CPEs by attending the Annual Seminar
and Exhibits:
1. Those who register for the Full Seminar (four days) will automatically receive sixteen (16) CPE
credits plus three (3) CPE credits for attendance at the exhibit hall. (No documentation is required.)
2. Those who register for a Single Day registration will automatically receive four (4) CPE credits plus
three (3) CPE credits for attendance at the exhibit hall.
3. Those who register as Exhibits-only can claim three (3) CPE credits (copy of the name badge is
required as a form of documentation).
4. Those who attend as Exhibitors can claim three (3) CPE credits and one (1) CPE credit per session
that they attend. (Copy of the name badge is required as a form of documentation).
(ISC) 2 ® EDuCAtIon
Free Credential Clinics
Sunday, September 18
Peabody Hotel
If you are an information security professional who would like to become (ISC) 2 certified, we invite you
to take a sneak peak into our award-winning Official Review Seminars. During our half-day Free
Credential Clinics you will be taught by an (ISC) 2 Authorized Instructor in accordance with (ISC) 2 approved
education materials, so you can see for yourself which credential is the best fit for your skills and career
path. You may choose from CISSP,® CSSLP,® CAP,® or SSCP® and decide whether an official education
program is the best choice for you.
official Review Seminar
Saturday–Sunday, September 17–18
Peabody Hotel
(ISC) 2 is offering a two-day Intensive Education program for the CISSP or CSSLP certification, so if
you would like to take advantage of the best discounts on (ISC) 2 official education, plan on registering
for one of the classes. For more information or a complete listing of the offerings, please visit
www.isc2.org/congress2011.
(ISC) 2 Exam
Sunday, September 18
Peabody Hotel
(ISC) 2 will host a certification exam. Register for any (ISC) 2 exam online at
www.isc2.org/certification-register-now.aspx.
September 19–22, 2011 | Orange County Convention Center | Orlando, Florida | www.asis2011.org 9

the CSO roundtable, a private membership group within ASIS International, is proud
to offer an exclusive slate of sessions and activities for senior security executives
at this year’s Annual Seminar and Exhibits. In addition to this special CSO track,
members can take advantage of a business lounge and a private area at the
President’s reception. Access to these benefits is free for paid roundtable members.
If you are not a roundtable member but are interested in attending these sessions,
please contact manuela.costa@asisonline.org.
Speakers subject to change. Session times will
be announced at a later date.
Distinguished Speakers
In the CSO Roundtable’s Distinguished Speaker
Series, notable and sometimes controversial
speakers join private sessions and take questions
from members of the CSO Roundtable. The CSO
Roundtable is proud to announce that Jeb Bush,
former Governor of Florida, and Vicente Fox,
President of Mexico, will participate as this year’s
Distinguished Speakers.
When a Crisis Calls: Business
Collaboration With the Public Sector
Public/private collaborations sound great on
paper, but when a disaster strikes, this important
relationship is put to the test. This session
emphasizes lessons learned from previous crises
and how to ensure better preparedness and
resiliency by having good coordination between
the two sectors.
Lori Hennon-Bell, Chief Security Officer, Prudential
Financial
Social media Risks and Rewards
Should your company allow the use of Facebook
or LinkedIn? How about letting workers use their
iPhones? Are you planning to move any critical
services to the cloud? Organizations move faster
and function more efficiently when their security
teams embrace, rather than reject, new
technologies, but it’s not always easy to do so.
Businesses also face increased intelligence
threats from using social media. This session
considers all sides of the debate and how security
professionals can stop fighting technology
demands and become enablers.
Jeff Berkin, Chief Security Officer, CACI
Changes in Corporate liability Put
Companies and Executives at Risk
An employee used corporate Internet access in
planning a crime, and the victim’s family sued to
hold the company liable—and won. In Europe,
the managing director of a German steel plant
in Italy was charged with second-degree murder
and received a 16-year jail sentence, held
responsible (along with five other managers) for
an accidental fire that killed seven workers. This
session explores how the notion of corporate
liability is changing across the globe, and provides
advice to security leaders on how to keep their
companies and executives safe from this kind of
liability.
Brian Reich, CPP, Bergen County Prosecutor’s Office;
Roger Warwick, CPP, Managing Director, Pyramid
International
Revolution in the middle East: What’s
next Will Affect your Company
From Bahrain to Yemen, discontent followed by
‘soft revolutions’ swept through the Middle East
this year, dislodging some decades-old regimes
and threatening others. What changes have been
wrought in the region, and which regimes may be
next? How are the new governments different
from the regimes they are replacing, or will it be
business as usual? And what will be the short-
and long-term effects on multinationals that do
business in the region? This presentation
addresses these issues and encourages security
executives to discuss other issues pertinent to
doing business in the region.
Hugh McLeod, COO, Stirling Assynt (Europe), Ltd.
Becoming a trusted Advisor to
the CSo
See page 15 for details.
10 ASIS 2011 Anticipate the unexpected. The security tools, techniques, and talent for tomorrow.

Pre-Seminar Programs and Events
Make the most of your time and resources in Orlando by adding
one or more of these exciting programs to your agenda. Additional
registration fees apply where indicated.
PRE-SEmInAR PRoGRAmS
the Impact of Cargo theft on the
Global Supply Chain
Saturday–Sunday, September 17–18
This comprehensive program examines supply
chain criminal activity in all modes and areas of
the global logistics and transportation industry
sectors. Beginning with the identification and
assessment of existing threats and related
vulnerabilities which significantly impact the
supply chain, examine all aspects of effective
mitigation processes. The critical role of
actionable intelligence analysis in the strategic
security planning process is emphasized, and
specific supply chain security countermeasures
are presented. Review the importance of existing
transportation statutes and necessary cargo
carriage liability coverage. The creation of a
secure environment for people and cargo is
examined, both from a supply chain standpoint
and a terminal perspective. Trends in supply chain
governance and the uncertainty of global political
resolve are analyzed as key factors requiring
substantial change for the improvement of supply
chain security integrity in the face of the ongoing
threat of criminal activity.
Presented by the Global Maritime and Transportation
School (GMATS) at the U.S. Merchant Marine Academy
Program #1165
$595 member; $695 nonmember
Detecting Deception in Verbal and
Written Statements
Saturday–Sunday, September 17–18
8:00 am–5:00 pm
This is an intensive, hands-on introduction to
Statement Analysis. You will learn how to detect
deception in verbal and written statements,
allowing you to identify suspects and eliminate
truthful persons as suspects. The technique will
allow you to save time and resources as well as
be more successful in your investigations. Learn
from actual cases that were solved using the
technique and gain practical experience.
Sponsored by John Dietz and Associates
Program #1164
$595 member; $695 nonmember
Advanced Guard Force management:
Improving Performance/Reducing
turnover
Sunday, September 18, 8:00 am–5:00 pm
The basic element in private security today is still
the security officer. Improper pre-employment
screening, weak training programs, and worn out
policies and practices resulting in even one bad
performer can derail an entire protection program.
This program, conducted by leading security
managers with over 75 years of cumulative
experience, outlines cases where training came
too late and offers you practical advice on how to
avoid the pitfalls of a less than optimum program.
Topics include defining the security officer role,
performing an objective evaluation, contract
security, managing security in an organized labor
environment, avoiding litigation, use of force, and
building morale.
Sponsored by the International Foundation for Cultural
Property Protection.
Program #1168
$395 member; $495 nonmember
Bank Security Risk mitigation
Sunday, September 18, 8:00 am–5:00 pm
This full-day program covers the major topics
and concerns faced by corporate security
managers in the banking and financial institutions
environment. A panel of security directors and
other bank security specialists will address the
Bank Protection Act, risk assessment process,
CPTED principles for banking, bank robbery
training, effects of global financial crime, Internet
banking account takeovers, preparing for court
testimony, and creating added value in bank
security programs.
Sponsored by the ASIS Banking and Financial Services
Council
Program #1167
$395 member; $495 nonmember
September 19–22, 2011 | Orange County Convention Center | Orlando, Florida | www.asis2011.org 11

Pre-Seminar Programs and Events
not a moment to lose: Facing
the Security Challenges of the
new Decade
Sunday, September 18, 8:00 am–5:00 pm
After a decade of disappointment that included
both 9/11 and the near collapse of the global
financial system, today’s security leaders, more
than any time in history are faced with issues
that require the knowledge and leadership
skills to influence management. This program
examines all-hazards global risk and its economic
consequences as well as evolving compliance
trends. A diverse group of expert practitioners
will share their cross-functional methodologies,
measures, and best practices for enterprise risk
management, cost containment, and revenue
influence within the framework of the company
environment.
Sponsored by the ASIS Leadership and Management
Practices Council
Program #1171
$395 member; $495 nonmember
Preparing for the Worst: Security
Readiness and Response for your
Critical Business Functions
Sunday, September 18, 8:00 am–5:00 pm
Every business has its own critical processes and
functions, making resiliency to incidents vital. In
this program, you will learn readiness, response,
and recovery practices using standards related
to the preservation of your assets. Information
on resiliency, current practices, and training to
ensure your exercises conform to established
best practices will be provided. Topics include
the DHS PS Prep Program, cyber security risks to
critical infrastructure, liability and insurance
issues resulting from a catastrophic event, an
update on terrorism issues, and the Homeland
Security Exercise and Evaluation Program
(HSEEP).
Sponsored by the ASIS Critical Infrastructure Working
Group
Program #1166
$395 member; $495 nonmember
Raising the heat on Soft target
Protection: Is your open Access
Business Environment Safe?
Sunday, September 18, 8:00 am–5:00 pm
The challenging task of protecting soft targets
including hotels, arena events, and other
entertainment and hospitality venues requires
more than a basic security plan. This intensive,
full-day program, presented by industry professionals
and government officials, provides an
array of resources and information on staff
training, current threat trends and mitigation,
evaluating risks, response, the value of publicprivate
partnerships, and liability exposure
associated with major events in soft target
environments. Leave with real world solutions
to apply at your venue.
Sponsored by the ASIS Hospitality Entertainment and
Tourism Council
Program #1169
$395 member; $495 nonmember
Securing houses of Worship now and
in the Future
Sunday, September 18, 8:00 am–5:00 pm
International polls on terrorism list houses of
worship in the top five ‘at risk’ sectors for the
threat of terrorist attacks. This program addresses
the risks, threats, and vulnerabilities to houses
of worship and faith-based organizations from
various cross-denominational religions in the U.S.
and abroad. Learn how to develop risk management
strategies that will help your organization
implement solid safety and security plans as well
as aid in deploying detailed operational protection
procedures.
Sponsored by the ASIS Cultural Properties Council and the
Houses of Worship Security Committee
Program #1170
$395 member; $495 nonmember
12 ASIS 2011 Anticipate the unexpected. The security tools, techniques, and talent for tomorrow.

the Basis of Security Design:
Functionally Integrated Systems
Sunday, September 18, 8:00 am–5:00 pm
Based on the first part of Facility Security Design,
ASIS’ popular three-day program, this one-day
intensive workshop delineates a step-by-step
process to identify assets and assess value,
identify threats and vulnerabilities of those
assets, and then use that information in a risk
assessment process to help develop functional
design requirements for solutions to the
vulnerabilities. New hands-on exercises help you
put the approach into a realistic scenario. The
program wraps up with discussion on how to take
the functional requirements and prepare the
preliminary design package.
Sponsored by ASIS Security Architecture and Engineering
Council
Program #1172
$395 member; $495 nonmember
the Successful Security Consultant
Sunday, September 18, 8:00 am–5:00 pm
Launch a new security consultant practice or
jump-start an existing one – this popular, one-
day program will show you how! Learn from a
faculty of seasoned consultants how to avoid
the expensive mistakes that can sabotage your
success. The program is filled with practical
information that will save you time, money, and
frustration. Take home a comprehensive workbook
of sample proposals and reports that give you a
clear advantage when competing for a security
consulting assignment.
Sponsored by International Association of Professional
Security Consultants (IAPSC)
Program #1173
$395 member; $495 nonmember
“From a security field perspective,
it is the best available conference/
show on security in the united
States.”
Michael Burton
Security Manager
ACE Cash Express
CISSP® 2-Day Intensive
Education Program
Saturday–Sunday, September 17–18
8:00 am–5:00 pm
two-Day Review Seminar—Exclusive
For those information security professionals
considering becoming (ISC)² certified, a two-day
Official Review Seminar for CISSP will be offered
for a one time only price of $750.00. Please
register for this by calling certification consultant
Guy Wiltse at +1.703.637.4416 or online at
www.isc2.org/certification-register-now.aspx.
Sponsored by (ISC) 2
$750 member/nonmember
CSSlP® 2-Day Intensive
Education Program
Saturday–Sunday, September 17–18
8:00 am–5:00 pm
two-Day Review Seminar—Exclusive
For those information and application security
professionals considering becoming (ISC)²
certified, a two-day Official Review Seminar
for CSSLP will be offered for a one time only
price of $750.00. Please register for this by
calling certification consultant Guy Wiltse
at +1.703.637.4416 or online at
www.isc2.org/certification-register-now.aspx.
Sponsored by (ISC) 2
$750 member/nonmember
September 19–22, 2011 | Orange County Convention Center | Orlando, Florida | www.asis2011.org 13

Pre-Seminar Programs and Events
PRoFESSIonAl touRS
Kennedy Space Center
Sunday, September 18, 1:00 pm–6:00 pm
Blast off! Get up close
and personal with a
Saturn Rocket. This
two-hour guided tour
of the Kennedy Space
Center by trained
space experts gives
you a unique view of
the space program,
from launch
preparation to liftoff.
ASIS guests are
treated to close views
of space shuttle
launch pads from the top of the 60-foot-tall LC-39
Observation Gantry with 360 degree views of the
Cape, the Vehicle Assembly Building (VAB), and
the massive crawler-transporter, which transports
the shuttle from the VAB to its launch pad. At the
conclusion of the guided portion of the tour,
guests will disembark at the Apollo/Saturn V
Center to marvel at a massive 363-foot-long
Saturn V moon rocket. The Apollo/Saturn V Center
is a tribute to the Apollo astronauts and the
machines that got them to the Moon—and
brought them home safely.
Then join Kennedy Space Center professionals
who will discuss the basics of security for
America’s Space Program. You will have an
opportunity to tour the Apollo/Saturn V Center at
your own pace prior to returning to the main
campus. Test out the Shuttle Launch Experience
simulated attraction for a virtual space voyage.
Short of becoming an astronaut, there’s no better
way to get a glimpse of the Kennedy Space
Center! Buses depart the Orange County
Convention Center at 1:00 pm and return by
6:00 pm.
Fee: $70
Virtual and Immersive training
Systems Experience
Sunday, September 18, 1:30 pm–5:30 pm
Experience active training the way military and law
enforcement experience it. Cubic Corporation
designs, develops, manufactures, and provides
a full range of virtual training devices for national
military and security forces worldwide. Be ready
to put on the gear and step into the virtual world
where your adrenaline flows.
• Create your own training scenario on the
computerized tabletop display or Mission
Rehearsal Planning System. This software brings
computer gaming to real-world experiences.
• Test your small arms engagement skills in
Cubic’s scenario-based small arms simulators.
Pick the target; take the test.
• Experience driving a Humvee through enemy
territory with guns blazing. The big screen
animation reacts to your actions. Are you ready
for a challenge?
• Get down and dirty in this Multiple Integrated
Laser Engagement Simulation, which accurately
replicates actual firing capabilities, detects hits
from laser ‘bullets,’ and performs damage and/
or casualty assessments. Will you survive?
This is an experiential tour. Be ready for action!
Buses depart the Orange County Convention Center
at 1:30 pm and return by 5:30 pm.
Fee: $75
ASIS WomEn In SECuRIty
SESSIonS AnD EVEntS
Join us for the 2011 Women in Security
program and continue to improve your
leadership skills, build your career network,
and nurture your mentoring relationships.
ASIS Women in Security open
Session
Tuesday, September 20, 3:15 pm–4:30 pm
Join the ASIS Women in Security Group for an
open session set to explore topics unique to
females in the industry. This premiere networking
event opens with a series of four separate
breakout sessions, including: Achieving Your
Potential with Certification; Projecting Confidence
in the Workplace; Mastering Situational Leadership;
and Becoming a CSO. Attendees select two of the
four sessions to attend. Conclude the session
with open discussions and informal networking.
Breakout session options:
Session one: Achieving your Potential with
Certification
In today’s job market, it’s critical to be, and stay,
competitive. ASIS professional certifications
convey competence and credibility—providing
the edge required to advance and achieve
professional goals. Learn the steps to achieving
certification and how you can leverage your
credentials to stand out among your peers and
advance in your security career.
Session two: Projecting Confidence in the
Workplace
You have been told to carry yourself with
confidence. Until now, you have not been told
how to do so. Join us and master the skills you
need to project confidence in the workplace.
Session three: mastering Situational leadership
This session, led by Natalie Runyon, Goldman
Sachs Global Security and CSO Leadership
Training, will provide tools to help you know when
to be strong and decisive and when to be
14 ASIS 2011 Anticipate the unexpected. The security tools, techniques, and talent for tomorrow.

collaborative and inclusive, and how to adapt
your leadership and communication styles
appropriately.
Session Four: Becoming a CSo
Climbing the corporate ladder is fraught with
obstacles and challenges. Listen as experienced
CSO Marene Allison, Worldwide Vice President of
Information Security at Johnson & Johnson,
shares her experiences and advice on attaining
one of the highest professional levels in the
corporate arena.
networking Reception
Tuesday, September 20, 4:45 pm–5:45 pm
Come together and connect with peers for a
special hour of networking and discussions
hosted by the ASIS Women in Security Group.
Enjoy cocktails in a relaxing setting as you
become reacquainted with colleagues and expand
your worldwide network of professional contacts.
Women in Security Keynote Breakfast
Wednesday, September 21, 7:00 am–8:00 am
Accomplished business consultant, coach, and
trainer Susan Mazza, Women’s Business Center,
Florida Institute of Technology, shares her unique
understanding of human systems and passion for
instigating leadership. Discover and inspire the
leader in you as you learn to unlock the potential
of the human spirit.
Reaching Forward, Reaching Back:
mentoring Women in Security
Wednesday, September 21
11:00 am–12:00 noon
This session will provide hands-on tools to assist
in recruitment, retention, and development of
women in the security environment. Learn from
your colleagues how mentoring has been an
invaluable part of their professional experience,
and walk away from the session with specific how
to’s and next steps.
Terri Howard, Director, Crisis Management, FEI Behavioral
Health
younG PRoFESSIonAlS
Make new connections and strengthen your
professional network at ASIS 2011 by
attending events such as these with peers
and established practitioners.
young Professionals Reception
(CSo Roundtable members Invited)
Sunday, September 18, 5:00 pm–6:00 pm
Engage, listen, and learn from peers and
high-level industry leaders during this dynamic
networking reception hosted by the Young
Professionals Group. Three stimulating,
20-second presentations from accomplished
industry leaders on leadership, advancement,
and achievement create the basis for an hour of
thought-provoking conversation and discussion.
President’s Reception—networking
With the CSo Roundtable
September 20, 8:30 pm–10:00 pm
Universal’s Islands of Adventure®
Join your peers and CSO Roundtable members
for a private reception held at the President’s
Reception. Enjoy top-flight beverages and hors
d’oeuvres while you mingle with peers and senior
leaders in a relaxed atmosphere. By invitation.
Becoming a trusted Advisor to
the CSo
Wednesday, September 21, 1:45 pm–3:00 pm
Many chief security officers hire multiple
deputies, each with different backgrounds and
skill sets, to be subject matter experts and
trusted advisors on a host of threats. Those who
advance in their organizations to become deputies
to the CSO are provided with a great learning
opportunity—not to mention a chance to step up
into the CSO position some day. But how do you
get to become a deputy in the first place? This
panel discussion, with deputy CSOs from major
multinational companies, will provide some ideas
as well as answer questions from the audience.
Steve Braden, CPP, Vice President, Corporate Security
Services, Capital One Bank; Bryan Fort, CPP, Corporate
Security Manager, McCormick & Co., Inc.; Scott Lindahl,
Director Corporate Security, Kellogg Company; Bill Ovca,
President, Ovca Associates, Inc.
“ASIS International is the most
comprehensive educational and
networking resource in the
security field.
Daniel H. Kropp, CPP
Director, Physical Security
Towers Watson
September 19–22, 2011 | Orange County Convention Center | Orlando, Florida | www.asis2011.org 15

Focus on homeland Security
this year’s comprehensive education program includes 30 sessions in the homeland
security track. If you’re responsible for protecting the homeland, these topics,
presented by leading experts from government and industry, may be of special
interest to you. But don’t limit yourself to these sessions—you’re sure to find
additional relevant topics throughout the program. (Sessions begin on page 18.)
Monday SEPtEmBER 19
11:00 am–12:00 noon
2106 Israeli Security: unconventional
threats, unconventional methods
Oren Raz, Head of Security, Consulate General of Israel
to New England; Amit Gavish, CPP, General Manager,
North America, BriefCam; Steve Surfaro, Industry Liaison,
Axis Communications
2108 Protection of Corporate/General
Aviation Aircraft, hangers, and Airports
Dr. Daniel Benny, CPP, PCI, Security Discipline Chair,
Embry Riddle Aeronautical University Worldwide
2109 the Evolving Concerns of Food
Defense Related to Economically motivated
Adulteration (EmA) and Compliance With
the Food Safety modernization Act (FSmA)
Shaun Kennedy, Director, National Center for Food
Protection and Defense
2118 national Security Information:
top Five Aspects to Successfully Protecting
our Secrets
Dorene Colwell, Director Special Security Programs, Office
of Intelligence and Analysis, Department of the Treasury
LAw ENFOrCEMENt/
MILItAry APPrECIAtION dAy
Wednesday, September 21
If you are an active law enforcement or
military professional, you are invited to
attend the keynote with Vicente Fox, as
well as Wednesday’s sessions and the
Exhibits—at no charge. To obtain your
complimentary registration for this special
day, please register onsite in Orlando at
ASIS Registration. Government or military
photo ID is required.
1:45 pm –3:00 pm
2203 Video Quality in Public Safety: First
Responder Case Studies
Steve Surfaro, Industry Liaison, Axis Communications;
Anna Paulson, Electronics Engineer, VQIPS Lead, U.S.
Department of Commerce; Donald Zoufal, Director, SDI;
William Badertscher, CPP, Senior Engineer for Facility and
Security Control Systems, Georgetown University; Larry
Flournoy, Associate Director, Texas A&M University; Robert
Rhoads, Telecommunications Specialist, U.S. Department
of Homeland Security; James Prokop, PSP, Deputy
Program Manager, U.S. Department of Homeland Security
2204 America’s Vulnerable Ports and
Waterways: Current Issues in maritime
Security
Laura Hains, CPP, Maritime Security Specialist,
Independent Security Consultant; Laurie Thomas, Maritime
Security Coordinator, University of Findlay
2205 Separating Fact From Fiction: the
Food Safety modernization Act of 2011
Brian Stegmann, Senior Engineering & Food Safety
Manager, Corn Products International; Matthew Ryan,
Director Corporate Security, The Hershey Company; Frank
Pisciotta, President, Business Protection Specialists, Inc.
2208 What’s new on the Floor?
Howard Belfor, CPP, President, Belfor & Associates, LLC;
Ronald Lander, CPP, Chief Specialist, Ultrasafe Security
Solutions
2213 Cyber Jihad: use of the Virtual World
Jeffrey Bardin, Chief Security Strategist, Treadstone 71
2216 Reducing Risk for Elected officials
Robert Oatman, CPP, President, R.L. Oatman &
Associates, Inc.
4:30 pm–5:30 pm
2311 Building on the Foundation: more on
Arabs and Islam
Nawar Shora, CEO, Shams Training & Development
2319 Insider threat: A national Concern
Douglas Thomas, Principal Deputy Director, Office of the
National Counterintelligence Executive
2320 Protecting America’s Electric Grid
Brian M. Harrell, Sr., CPP, Manager of Critical
Infrastructure Protection, North American Electric Reliability
Corporation (NERC); Mark Weatherford, Vice President/
Chief Security Officer, North American Electric Reliability
Corporation (NERC)
16 ASIS 2011 Anticipate the unexpected. The security tools, techniques, and talent for tomorrow.

Tuesday SEPtEmBER 20
11:00 am–12:00 noon
3107 Considerations and Advancements
in Providing a Defended Site Perimeter
Joseph L. Smith, PSP, Director/Senior Vice President,
Applied Research Associates
3109 update: the u.S. Department of
homeland Security and the Chemical
Facility Anti-terrorism Standards
Sue Armstrong, Deputy Assistant Secretary, U.S.
Department of Homeland Security
3115 Rail Security: Protecting the
Customer’s lading
Larry Schuck, CPP, President, LarMar Security
Consulting, LLC
3119 Protecting your Business:
understanding Islam and Islamofacism
Michael Trapp, CPP, Director, Corporate Security, Tesoro
Companies, Inc.
3180 Architecting and Building a Secure
Virtual Infrastructure and Private Cloud
Rob Randell, Staff Security and Compliance Specialist,
VMware, Inc.
1:45 pm–3:00 pm
3208 It Security Council Series: Is the
Power Infrastructure Secure? utility and
Smart Grid Security
Maureen McGovern, President, KSB Solutions; Mark
Schreiber, CPP, Design Engineering Specialist, Fluor
Corporation; Sunil Kumar, Senior Solutions Consultant,
Alert Enterprise, (ISC) 2 Appointee; Cpt. Werner Preining,
CPP, Responsible for European Operations, Interpool
Security, Ltd.
3210 the Rise of Domestic terrorism
Sean Joyce, Executive Assistant Director, Federal Bureau
of Investigation
3214 Soft targets
James C. Reynolds, CPP, Director of Safety and Security,
Hilton Worldwide
4:30 pm–5:30 pm
3303 Integrator Series: transportation
and Port Security Solutions
Jose Gomez, Port Authority New York New Jersey;
Hector Pesquera, Port of Miami
3313 Defense Security Service Report
to ASIS
Stan Sims, Director, Defense Security Service; Drew
Winneberger, Director, Industrial Policy and Programs,
Defense Security Service
Wednesday SEPtEmBER 21
11:00 am–12:00 noon
4102 Public-Private Partnership in
Emergency Planning and Florida’s Regional
Domestic Security task Force Concept
Joyce Dawley, Co-Chair, RDSTF5; Robert Hansel, Co-Chair,
RDSTF5; Karen Weaver, Regional Critical Infrastructure
Coordinator
4120 the DhS office of Infrastructure
Protection and the Ah&lA—Resources
for hotels
Bill Schweigart, U.S. Department of Homeland Security;
Victor Glover, CLSD–Senior Vice President, Safety and
Security, Accor North America
1:45 pm–2:45 pm
4201 Public-Private Partnership in
Intelligence Sharing: the Central Florida
Intelligence eXchange (CFIX)
Robert Lefiles, Director of the State Fusion Center, FDLE;
Cpt. Dave Ogden, CFIX Director, Orange County Sheriff’s
Office; Kristie Toruno, CFIX Intelligence Liaison Officer
Coordinator; Larry Steiffel, CPP, CFIX Board Member, Walt
Disney World Security
4204 Integrator Series: Critical Infrastructure
Security Solutions (Energy, Water, Gas)
Speakers to be announced.
4208 In our neighborhood: Domestic terror
Groups and their tactics
Rusty Capps, President, CT/CI Training Partners, LLC;
Deborah (Deedee) Collins, Executive Director, National
Security Training Institute
4212 Gaining Insight on mexico’s Crisis
Kurt Norrigan, CPP, President, Kamen & Associates, Inc.
4219 lodging Partnerships With
law Enforcement
Paul Frederick, CPP, American Hotel and Lodging
Association and Chairman, Loss Prevention Committee and
Director, Global Safety and Security, Hilton Worldwide, Inc.;
Harvey “Skip” Brandt, CPP, Director of Security, Boston
Park Plaza Hotel and Towers; Local and Federal Law
Enforcement from Orange County Florida Sheriff’s
Tourism Police
September 19–22, 2011 | Orange County Convention Center | Orlando, Florida | www.asis2011.org 17

MONDAY, sEPTEMbEr 19
Schedule-aT-Glance
all sessions will be held at the Orange county convention center.
11:00 am–12:00 noon
2101 ASIS Standards: Auditing for
Improvement—Security Risk and Resilience
Auditing
2102 Future Threats and Mitigation in the
Air Express Industry: Why Cross-Company
Communication is Critical
2103 Integrator Series: Collaborative/
Consultative Selling
2104 Organized Retail Crime Update: We Have
Come a Long Way
2105 War-Driving: Drive, Detect, and Defense of
Wireless Networks
2106 Israeli Security: Unconventional Threats,
Unconventional Methods
2107 School Security Used to Be So Easy! The
Changing Challenges in K–12 Education
2108 Protection of Corporate/General Aviation
Aircraft, Hangers, and Airports
2109 The Evolving Concerns of Food Defense
Related to Economically Motivated Adulteration
(EMA) and Compliance With the Food Safety
Modernization Act (FSMA)
2110 IT Security Council Series: Cloud
Computing for the Physical Security Practitioner
2111 Seek and Ye Shall Be Sued: Using Social
Networking Sites to Manage Risk Without Risking
Litigation
2112 The Quantum Leap in Security Lighting:
LED and Induction Lighting
2113 Therefore Go: Security Considerations for
Short-Term Mission Teams
2114 Creating and Implementing an Internal
Standardized Training Program for Your Security
Organization
2115 Business Case for Security: Creative Ways
to Show Security’s Proposition and Profitability
2116 A Practical and Technological Approach to
Managing Workplace Violence
2117 Corporate Account Takeover: Online and In
the Real World
2118 National Security Information: Top Five
Aspects to Successfully Protecting Our Secrets
2180 Next Generation Cloud Security
Compliance
2181 Critical Infrastructure Protection and
Risk Management
2182 Integrating Security Concepts Into System
and Application Design
2183 Yes You Can: How to Securely Deploy and
Manage Enterprise Mobile Devices
2184 A Practical Guide to Implementing a Risk
Management Strategy
2185 Introduction to the Software Assurance
Track
LEVEL
Arch/Eng/Design
Crime/Loss Prevention
Crisis Management
Critical Infrastructure
Global
Government/Military
Homeland Security
Information/IT Security
Investigations
Legal
Management
Physical Security
Professional Development
Terrorism
Young Professionals
Systems Integrator NEW
Application Security
Cloud Security
Governance, Regulation,
and Compliance
Mobile Security and
Social Networking
Swiss Army Knife
▲ X
▲ X X
● X X X X X
■ X
▲ X X
● X X X X
■ X X X
■ X X X
▲ X X X
● X X
▲ X X
■ X X
● X X X X
■ X X X
■ X
▲ X X X
▲ X X X
● X X X X X
■ X X X X X X
■ X X X X
■ X X X X
■ X X X X
■ X X X X
■ X X X
18 Asis 2011 Anticipate the unexpected. The security tools, techniques, and talent for tomorrow.
(ISC) 2 Security Congress

1:45 pm –3:00 pm
MONDAY
LEVEL KEY: ● Fundamental ■ Intermediate ▲ Advanced
(ISC) 2 Security Congress
LEVEL
Arch/Eng/Design
Crime/Loss Prevention
Crisis Management
Critical Infrastructure
Global
Government/Military
Homeland Security
Information/IT Security
Investigations
Legal
Management
Physical Security
Professional Development
Terrorism
Young Professionals
Systems Integrator NEW
Application Security
Cloud Security
Governance, Regulation,
and Compliance
Mobile Security and
Social Networking
Swiss Army Knife
2201 ASIS Standards: Preparedness Basics—
Learn How to Protect Your Business and Supply
Chain
2202 Integrator Series: Design Your Best Physical
■ X
Security Solution for the Corporate Security
Campus
● X X X X X
2203 Video Quality in Public Safety: First
Responder Case Studies
■ X X X X X
2204 America’s Vulnerable Ports and Waterways:
Current Issues in Maritime Security
■ X X X X X X
2205 Separating Fact From Fiction: The Food
Safety Modernization Act of 2011
2206 IT Security Council Series: Who Are You,
■ X X X
and Why Should I Trust You? Current Trends in
Identity and Access Management
■ X
2207 The Process of Investigation and the
Fundamentals of Fact-Finding
■ X X X X X X
2208 What’s New on the Floor? ● X X X X X X X X X X X X X X
2209 What It Takes to Be a Security Executive
Today
2210 Getting Executive Buy-In for Corporate
▲ X X
Security, Business Continuity, and Crisis
Management
■ X X X
2211 Beyond Statistics: What Crimes are Faith-
Based Organizations Really Facing in the U.S.?
■ X X X
2212 Premises Liability: A Trial Lawyer’s Hints for
the Security Professional
▲ X X X
2213 Cyber Jihad: Use of the Virtual World ■ X X X X X X X
2214 Five Common Mistakes Interviewers Make/
Five Successful Strategies
■ X X X
2215 Should You Have Known: Lessons Learned
From a Multiple Homicide in the Workplace
▲ X X X X X
2216 Reducing Risk for Elected Officials ■ X X X X X
2217 Security’s Role in Managing Successful
Events
■ X X X X X
2218 Crisis Management and Social Media—the
New Opportunity
■ X X X X
2219 Tools for a Successful Job Search:
Resumes, Cover Letters, LinkedIn Profiles
■ X X
2280 Using the Cloud Security Alliance GRC
Stack to Attest Vendor Compliance
■ X X X X
2281 Managing Privacy and Security: The CISO/
CPO Dialogue
■ X X X
2282 Software Security: Is OK Good Enough? ■ X X X
2283 How to Use Mobile Devices Correctly:
Setting up Security Guardrails
■ X X X X X
2284 New and Pending GRC Legislation and
How It Impacts Your Organization
■ X X X X
September 19–22, 2011 | Orange County Convention Center | Orlando, Florida | www.asis2011.org 19

MONDAY, sEPTEMbEr 19
Schedule-aT-Glance
all sessions will be held at the Orange county convention center.
4:30 pm–5:30 pm
LEVEL
Arch/Eng/Design
Crime/Loss Prevention
Crisis Management
Critical Infrastructure
Global
Government/Military
Homeland Security
Information/IT Security
Investigations
Legal
Management
Physical Security
Professional Development
Terrorism
Young Professionals
Systems Integrator NEW
Application Security
Cloud Security
Governance, Regulation,
and Compliance
Mobile Security and
Social Networking
Swiss Army Knife
2301 ASIS Standards: Learn How to Conduct a
Business Impact Analysis
■ X
2302 Security Risk Management in Remote
Site Mining
■ X X X
2303 Integrator Series: Best Practices in
Integrated School Security: K–12
● X X X X X X X
2304 Special Events Security in the City of
Orlando: Best Practices, Operations, Technology
■ X X X X X X
2305 High-Rise Security ■ X X X
2306 IT Security Council Series: Forensics and
E-Discovery
● X X X
2307 Generate Cash by Uninvesting in Security
Equipment Services
■ X X X X
2308 To Arm or Not to Arm? ■ X X X X
2309 Information and Data Security While Away
From the Office
● X X
2310 Understanding the Shifting of Risk: A
Moving Target
■ X X X
2311 Building on the Foundation: More on Arabs
and Islam
● X X X
2312 New Security Standard in China and Your
Business
● X X X
2313 Advanced Internet/Social Network
Investigations and Background Checks
▲ X X X
2314 How to Create Your Security Manual ● X X X X X X X X X
2315 Get Ready for the Aftermath: Post Incident
Management
● X X X X
2316 Is Your Workforce Ready to Travel to High-
Risk Destinations? What You Need to Know Now
■ X X X X
2317 Security Excellence: Tools to Enhance
Security’s Mission
■ X X X X X
2318 Initiating and Conducting Internal
Investigations in Multi-National Corporations
■ X X X X
2319 Insider Threat: A National Concern ■ X X X
2320 Protecting America’s Electric Grid ■ X X X X
2380 Cloud Incident Response ■ X X X
2381 Cyber Security and the Socio-Political
Landscape: Going Beyond the Technology
■ X X X X
2382 The Economics of Failure
2383 Mobile Devices: Employee Monitoring and
■ X X X
Data Loss Prevention in Light of the Expectation
of Privacy
■ X X X X X
2385 Why Do Developers Make These Dangerous
Software Errors?
■ X X
20 Asis 2011 Anticipate the unexpected. The security tools, techniques, and talent for tomorrow.
(ISC) 2 Security Congress

MONDAY, sEPTEMbEr 19 • 11:00 am–12:00 noon
11:00 am–12:00 noon
2101 Asis standards: Auditing for
improvement—security risk and
resilience Auditing
▲ Advanced
Security, risk, and resilience auditing is essential
for identifying business opportunities and process
improvements. auditing verifies conformance
with standards and industry best practices,
identifies cost savings, and is essential for the
self-declaration process in the uS-dhS PS-Prep
Program. learn how to establish and conduct
a credible security, risk, and resilience auditing
program using the International Standard
ISO 19011—the same auditing techniques
used by professional auditors and third party
certification bodies.
Dr. Marc Siegel, Commissioner, ASIS Global Standards
Initiative, ASIS International; Lisa DuBrock, CPA, CBCP,
Managing Partner, The Radian Group, LLC
Sponsored by the ASIS Standards and Guidelines
Commission
2102 Future Threats and Mitigation
in the Air Express industry: Why
Cross-Company Communication
is Critical
▲ Advanced
The air cargo express industry is facing greater
security challenges. Threats from terrorist
organizations and attempts to place explosive
devices in cargo have resulted in additional
regulation. air express relies on speed to
differentiate it from the rest of the cargo industry.
Increased documentation, compliance, and
regulatory requirements impact the critical benefit
that air cargo seeks to deliver. What methodologies
are currently available to protect cargo? can new
technologies provide all the answers? learn how
the industry can be more pro-active in lobbying
governments and promoting its own solutions.
understand existing and future threats and
possible solutions that could be adopted to
mitigate risks and strengthen our industry.
Simon Roberts, Vice President, Security, DHL
MONDAY
LEVEL KEY: ● Fundamental ■ Intermediate ▲ Advanced
2103 integrator series:
Collaborative/Consultative selling
● Fundamental
In this key session framing the integrator track,
you’ll learn collaborative and consultative
techniques to take the important steps to mutual
success with your end user. learn how to identify
needs first, then follow through with products and
services. Sell within your ability to deliver and
where there are market needs and opportunities.
There is a difference between consultation
and collaboration: create value with users by
partnering. Become innovative and proactive
in adding to each partner’s business success.
Finally, you’ll learn the consultative Sales Process
to become the consultant your customers cannot
afford to be without!
Frank DeFina, Samsung; Bill Bozeman, President, PSA
Security Network
2104 Organized retail Crime Update:
We Have Come a Long Way
■ Intermediate
Organized retail crime is responsible for $30
billion in losses to retailers annually. The retail
industry has mounted the fight against ORc
gangs and fences with databases like leRPnet
that function nationally, to efforts by individual
investigators’ networks. This session explores
various techniques, partnerships, and mitigation
strategies that are proving effective. The
presentation ends with an update on hR 5932,
the Organized Retail Theft Investigation and
Prosecution act of 2010.
Alan Greggo, CPP, Founder/CEO, Profit RX, LLC; Mark
McClain, Director of Investigations, Asset Protection
Division, Wal-Mart Stores, Inc.
Sponsored by the ASIS Retail Loss Prevention Council
2105 War-Driving: Drive, Detect, and
Defense of Wireless Networks
▲ Advanced
With the increasing use of wireless access points
for computer networks accessed by numerous
types of devices, the possibility of exploiting the
exposures and vulnerabilities of these systems
is becoming more prevalent. even with the
constant changing of technologies to safeguard
these networks, the opportunities for individuals
to attempt to penetrate the systems are on the
rise. learn the basics of wireless networks, the
controls that exist, the latest techniques used
by perpetrators, and further enhancements to
providing a more secure environment.
Alan Nutes, CPP, Senior Manager, Security and Incident
Management, Newell Rubbermaid
September 19–22, 2011 | Orange County Convention Center | Orlando, Florida | www.asis2011.org 21

Education sessions: 2000 Series
MONDAY, sEPTEMbEr 19 • 11:00 am–12:00 noon
2106 israeli security: Unconventional
Threats, Unconventional Methods
● Fundamental
This session exposes you to global perspectives
on protecting government buildings and embassies,
defense industries, scientific installations,
industrial plants, and a national airline. a fusion
of unconventional physical security methods and
technology will deliver a controversial journey
through an environment of adapting threats.
Oren Raz, Head of Security, Consulate General of Israel
to New England; Amit Gavish, CPP, General Manager,
North America, BriefCam; Steve Surfaro, Industry Liaison,
Axis Communications
Sponsored by the ASIS Physical Security Council
2107 school security Used to be
so Easy! The Changing Challenges
in K–12 Education
■ Intermediate
Tweets, friending, cyber bullying, and sexting
are terms that are difficult to understand, much
less control. What are the latest technology
threats and how can they impact an otherwise
safe learning environment? Gangs and the violent
student are new challenges. abusive parents
have to be considered. how do you develop a
threat assessment policy? What about workplace
violence—can physical access control and
surveillance help? What type of policies should
be developed and enforced? We’ll assess the
shrinking physical security budgets in public and
private schools and provide practical, effective
solutions.
Michael Ganio, Senior Manager, Orange County Public
Schools; Fredrik Nilsson, General Manager, Axis
Communications; Conan Bickford, Security, Safety and
Transportation Manager, Lake Highland Preparatory School;
Paul Timm, PSP, President, RETA Security, Inc.
Sponsored by the ASIS Educational Institutions Security
Council and Physical Security Council
2108 Protection of Corporate/
General Aviation Aircraft, Hangers,
and Airports
■ Intermediate
Gain insight into the threats against private and
corporate aviation aircraft, hangers, and airports.
a preview of operational and physical security
measures that can be implemented in the private
and corporate aviation community will be
conducted as well as an overview of the research
on the effectiveness of the aircraft Owners and
Pilots association airport Watch program.
Dr. Daniel Benny, CPP, PCI, Security Discipline Chair,
Embry Riddle Aeronautical University Worldwide
Sponsored by the ASIS Transportation Council
2109 The Evolving Concerns of Food
Defense related to Economically
Motivated Adulteration (EMA) and
Compliance With the Food safety
Modernization Act (FsMA)
▲ Advanced
Food defense burst onto the scene with the
realization that al Qaeda was considering attacks
on food and agriculture. Potential threats have
expanded rapidly including the growing recognition
of eMa. The President’s Food Safety Interagency
Working Group established the goal of improving
the government’s ability to target foods and
ingredients more likely to be utilized for eMa in
order to focus their inspection and surveillance
efforts. learn how an organization’s capabilities
for identifying product risk for eMa can be
improved.
Shaun Kennedy, Director, National Center for Food
Protection and Defense
Sponsored by the ASIS Agriculture and Food Security
Council
2110 iT security Council series:
Cloud Computing for the Physical
security Practitioner
● Fundamental
What do you need to know to be relevant in the
discussion about cloud computing for physical
security services? This session helps you ask the
right questions to maximize the benefits of cloud
computing to the business, mitigate risk, and
earn you a seat at the table. Topics include cloud
service and deployment models and how they
apply to security services and applications, best
practice concepts, risk management, business
drivers, and applicable security considerations
for moving to a Software-as-a-Service (SaaS)
model. learn about the tools currently endorsed
by the cloud Security alliance and how they will
be applicable within your environment.
Brian McIlravey, CPP, Vice President, Professional
Services and Business Development, PPM 2000, Inc.;
Steven Yanagimachi, CISSP, Security Advisor, The Boeing
Company; Shayne Bates, CPP, CISM, CHS-V, Director,
Security Cloud Strategy, LMC Consulting, Microsoft GSO,
(ISC) 2 Appointee; Benjamin Butchko, CPP, President/
CEO, Butchko Security Solutions
Sponsored by the ASIS Information Technology Security
Council
22 Asis 2011 Anticipate the unexpected. The security tools, techniques, and talent for tomorrow.

MONDAY, sEPTEMbEr 19 • 11:00 am–12:00 noon
2111 seek and Ye shall be sued:
Using social Networking sites
to Manage risk Without risking
Litigation
▲ Advanced
The social networking revolution has changed
the modern workplace and the way our employees
and customers communicate. Sites such as
Facebook, MySpace, Twitter, and linkedIn contain
a wealth of personal information. Is it lawful for
employers to use this information for business
purposes? This fascinating and fast-paced
session demonstrates how these sites function
and reveals some of the amazing data they
contain. learn how to safely and legally use these
resources without exposing yourself or your
organization to unnecessary and costly litigation.
James Burke, Partner, Wilson Elser, Moskowitz, Edelman
and Dicker; Elizabeth Ho Sing, Wilson Elser, LLP; Eugene
Ferraro, CPP, PCI, CEO/Founder, Business Controls, Inc.
2112 The Quantum Leap in security
Lighting: LED and induction Lighting
■ Intermediate
compare traditional lighting systems with the next
generation of security lighting: led and induction
lighting. analysis of energy consumption, return
on investment, quality and quantity of lighting,
light trespass, and pollution considerations are
covered. leed and GReen point considerations
are provided. case studies demonstrate proper
applications of this revolution of lighting
technology and its impact on the security world.
Randy Atlas, Ph.D., CPP, AIA, Vice President, Atlas Safety
& Security Design, Inc.
Sponsored by the ASIS Security Architecture and
Engineering Council
2113 Therefore Go: security
Considerations for short-Term
Mission Teams
● Fundamental
every year thousands of people travel overseas
to participate in short-term, faith-based relief
projects. These initiatives vary widely in scope
and can include everything from building and
educational projects to disaster relief and medical
assistance. This presentation provides a 10-step
process for security planning in support of these
mission trips.
Scott Watson, CPP, Principal Consultant/CEO, S.A. Watson
and Associates, LLC
Sponsored by the ASIS Cultural Properties Council
MONDAY
LEVEL KEY: ● Fundamental ■ Intermediate ▲ Advanced
2114 Creating and implementing
an internal standardized Training
Program for Your security Organization
■ Intermediate
With the complexities of operating a fully
functional security organization, the creation,
implementation, and operation of a dedicated
training program is essential. Without a
standardized training curriculum, organizations
risk inconsistent results, less than optimal
productivity, decreased morale, potential lawsuits,
and more. This session presents a comprehensive
training model. learn how to create, implement,
and track a training plan which supports the goals
and objectives of your business mission. explore
various learning styles, enterprise-wide systems,
and the benefits of a feedback component. If
your organization lacks a fundamental training
curriculum, operates an outdated training system,
or considers training an outsourcing issue, this
session is for you.
Jeffrey P. Grossmann, Esq., Assistant Professor/Director
Homeland and Corporate Security Program, St. John’s
University
Sponsored by the ASIS Academic Programs and Training
Council
2115 business Case for security:
Creative Ways to show security’s
Proposition and Profitability
■ Intermediate
as organizational security budgets continue
to erode, it is essential for security leaders to
have and apply business acumen to program
management. This session provides security
managers with insights and strategies for
developing their business case when building
security program budgets and presenting them
to c-suite leadership. essential financial concepts,
along with the development of metrics, will be
discussed. In addition, examples where Security
was seen as “heroic” for changing delivery
models will be given. Presenters bring extensive
real-world security management and consulting
experience to this timely topic.
Elliot Boxerbaum, CPP, President/CEO, Security Risk
Management Consultants, Inc.; Bonnie Michelman, CPP,
Director of Police, Security and Outside Services,
Massachusetts General Hospital
Sponsored by the ASIS Healthcare Council
September 19–22, 2011 | Orange County Convention Center | Orlando, Florida | www.asis2011.org 23

Education sessions: 2000 Series
MONDAY, sEPTEMbEr 19 • 11:00 am–12:00 noon
2116 A Practical and Technological
Approach to Managing Workplace
Violence
▲ Advanced
effectively managing potential threats of violence
that may impact the workplace entails utilizing
a framework based on industry best practices,
collaborative partnerships, and technology. This
presentation provides an overview of the threat
management framework used by the Microsoft
Global Security Investigations team. hear how
the team assesses potential threats of violence
and specific security strategies used to mitigate
possible threats to its staff and facilities. The
presentation also reviews organization-specific
approaches and challenges to delivering threat
management services on a global scale.
James Louie, Group Investigations Manager, Microsoft
Corporation
2117 Corporate Account Takeover:
Online and in the real World
▲ Advanced
This presentation covers the tools, techniques,
and tactics of the online fraudster targeting large
corporate accounts for financial gain via account
Takeover (aTO). Specific schemes being utilized
will be discussed as well as emerging threats.
understand best practices for preventing this type
of fraud as well as advanced controls that will
help you protect your own company.
Matthew Harper, Group Vice President, Client
Authentication, SunTrust
2118 National security information:
Top Five Aspects to successfully
Protecting Our secrets
● Fundamental
Protecting vital national security assets is
becoming much more complicated and the
challenge to keep up can be overwhelming. The
name of the game in national security is change,
and at a scale and pace that is unprecedented.
This presentation offers a clear outlook on
what is really important and opens the floor for
discussion. Taking a look at the Top Five can
assist you in responding to the many threats
and risks in today’s changing landscape.
Dorene Colwell, Director Special Security Programs, Office
of Intelligence and Analysis, Department of the Treasury
2180 Next Generation Cloud security
Compliance
■ Intermediate
Security in the cloud requires automated
provisioning, continuous monitoring, and reporting
on control effectiveness over time—especially
important for any regulated industry which uses
either public or private cloud resources. elastic
provisioning of cloud resources must also include
adaptive security and privacy controls. Guidance
on creating a next generation security compliance
framework which is inherently tied to industry
standards is given and regulatory frameworks
will be presented.
Robert Weronick, CPP, Director of Global Security, Alexion
Pharmaceuticals, Inc.
2181 Critical infrastructure
Protection and risk Management
■ Intermediate
Whether it’s keeping the lights on, financial
markets running, or fresh water flowing from our
taps, critical Infrastructure permeates every
aspect of our daily life. In this interactive panel
discussion, we’ll explore how risk management
practices shape the protection of our very way
of life. The role of a risk-based approach to
protecting the nation’s critical infrastructure is
crucial to providing the best possible security
program for the limited resources at our disposal.
In this panel discussion, we’ll hear from all sides
of the issue.
Mark Weatherford, Vice President/CSO, NERC;
Diana-Lynn Contesti, Board Chairperson, (ISC) 2 ; Allan
McDougall, Principle, Evolutionary Security Management
“Absolutely the best conference for
learning, obtaining information on
state-of-the-art technology, and for
networking.”
carl Mountain
Senior Investigator, Global Security
Microsoft
24 Asis 2011 Anticipate the unexpected. The security tools, techniques, and talent for tomorrow.

MONDAY, sEPTEMbEr 19 • 11:00 am–12:00 noon
2182 integrating security Concepts
into system and Application Design
■ Intermediate
Integrating security requirements and controls
into business processes, applications, and
systems has proven to be a nearly impossible
challenge for most organizations. Typically,
security is approached as an afterthought long
after the ability to design effective security
solutions has passed. This session provides
solutions to that problem and explains how every
security manager and every organization can
work together to build business solutions that
are resilient, reliable, and secure.
Kevin Henry, Owner, KMHenry and Affiliates
Management, Inc.
2183 Yes You Can: How to securely
Deploy and Manage Enterprise
Mobile Devices
■ Intermediate
adopting smartphones and tablet devices will
give your organization a competitive business
advantage. however, the risks associated with a
haphazard roll-out of mobile devices can decimate
those benefits and result in a very expensive
security incident. With the right information, an
organization can have the best of both worlds:
competitive advantage plus a secure mobile
infrastructure. This presentation provides you with
the information you need including mobile device
security policies, employee training expectations,
device hardening details, centralized management
options, and more.
Jerod Brennen, Senior Security Analyst, Jacadis
MONDAY
LEVEL KEY: ● Fundamental ■ Intermediate ▲ Advanced
2184 A Practical Guide to
implementing a risk Management
strategy
■ Intermediate
Risk management has received a lot of attention
as security practitioners begin to focus their
efforts on raising their profile with executive
leadership. learn from your peers as we discuss
the successes and failures on the path to create
a risk management program from the ground up.
Implementing an effective risk management
strategy can be a daunting task and has eluded
even the most seasoned security professionals.
The panelists share their greatest hits and a few
misses on the path to effective risk management.
Brandon Dunlap, President, Brightfly Consulting; Chris
Trautwein, Information Security Officer, (ISC) 2 ; Michael D.
Kelly, Technical Architecture Consultant, Security, Target
Corp.
2185 introduction to the software
Assurance Track
■ Intermediate
For the nation’s critical infrastructure to be
reliable, resilient, robust, and secure, the
software supporting it must also have the same
qualities. a broad spectrum of critical applications
and infrastructure, from process control systems
to commercial application, depend on secure
software. an estimated 90 percent of reported
security incidents result from exploits against
defects in the design of software. Therefore,
ensuring the integrity and resiliency of software is
vital to protecting the infrastructure from threats
and reducing overall risk from cyber-attacks. To
ensure system reliability, it is critical to include
provisions for built-in security of the enabling
software.
Joe Jarzombek, Director of Software Assurance, U.S.
Department of Homeland Security
September 19–22, 2011 | Orange County Convention Center | Orlando, Florida | www.asis2011.org 25

Education sessions: 2000 Series
MONDAY, sEPTEMbEr 19 • 1:45 pm –3:00 pm
1:45 pm –3:00 pm
2201 Asis standards: Preparedness
basics—Learn How to Protect Your
business and supply Chain
■ Intermediate
Preparedness supports the mission of your
business and supply chain. all businesses
are unique and need to tailor design their
preparedness programs to optimize business
opportunities. This session examines the basic
principles of establishing a preparedness
program for your business and throughout your
supply chain by using the new ISO 31000 Risk
Management Standard.
Robert Weronick, CPP, Director of Global Security,
Alexion Pharmaceuticals, Inc.
Sponsored by the ASIS Standards and Guidelines
Commission
2202 integrator series: Design Your
best Physical security solution for
the Corporate security Campus
● Fundamental
learn directly from corporate security directors
about the challenges they face and the services
you can provide to benefit them. understand the
issues, challenges, and solutions for securing
corporate campuses. examine whether to have
a command center or field security. learn about
remote entry processes. explore how to deal with
surrounding crime. consider intellectual property
theft and more.
Ed Bacco, Amazon; Robert Arntson, Amazon; Terry Jordan,
SeaWorld; Nicole McDargh, CPP, Securitas
If you’re not an ASIS
member—join now
and save up to $340
on your registration.
See www.asis2011.org/registration
for details.
2203 Video Quality in Public safety:
First responder Case studies
■ Intermediate
Video Quality in Public Safety (VQIPS) is a
forward-thinking group combining collective
professional experience and standards
development. learn about their work that will
become your tool for measuring video quality
and selecting the right solutions right for your
use. The VQIPS web-based portal has become
a useful resource and a future standard,
supporting any size municipality. come and
be a part of this effort!
Steve Surfaro, Industry Liaison, Axis Communications;
Anna Paulson, Electronics Engineer, VQIPS Lead, U.S.
Department of Commerce; Donald Zoufal, Director, SDI;
William Badertscher, CPP, Senior Engineer for Facility and
Security Control Systems, Georgetown University; Larry
Flournoy, Associate Director, Texas A&M University; Robert
Rhoads, Telecommunications Specialist, U.S. Department
of Homeland Security; James Prokop, PSP, Deputy
Program Manager, U.S. Department of Homeland Security
Sponsored by the ASIS Physical Security Council
2204 America’s Vulnerable Ports
and Waterways: Current issues in
Maritime security
■ Intermediate
The u.S. Maritime Transportation System (MTS)
contributes more than $750 billion annually to the
u.S. gross domestic product, and sustains more
than 13 million jobs. It is a complex intermodal
system containing over 25,000 miles of navigable
waterways. This session begins with an update on
current laws and regulations governing maritime
security and goes on to discuss a major shortfall—the
threat from unsecure foreign ports which threatens
the very core of our national Maritime defense.
Laura Hains, CPP, Maritime Security Specialist,
Independent Security Consultant; Laurie Thomas, Maritime
Security Coordinator, University of Findlay
Sponsored by the ASIS Transportation Council
26 Asis 2011 Anticipate the unexpected. The security tools, techniques, and talent for tomorrow.

MONDAY, sEPTEMbEr 19 • 1:45 pm –3:00 pm
2205 separating Fact From Fiction:
The Food safety Modernization Act
of 2011
■ Intermediate
This session examines the new regulation’s
impact on regulated facilities and their security
practitioners to clarify misconceptions. It covers
both the scientific and traditional security
requirements associated with the regulatory
concepts of food safety versus food defense, and
the required skills and competencies of outside
security consultants. attendance is a must for
regulated food security managers whose
organizations may not have the same resources
of a larger organization to implement the new
requirements.
Brian Stegmann, Senior Engineering & Food Safety
Manager, Corn Products International; Matthew Ryan,
Director Corporate Security, The Hershey Company; Frank
Pisciotta, President, Business Protection Specialists, Inc.
Sponsored by the ASIS Agriculture and Food Security
Council
2206 iT security Council series: Who
Are You, and Why should i Trust You?
Current Trends in identity and Access
Management
■ Intermediate
logging onto an enterprise network or a cloudbased
application needs to be as secure as
entering a physical facility, yet today’s security
professionals often find themselves hard-pressed
to protect both physical and logical assets and
comply with stringent government mandates.
learn about the current best practices to control
identity and manage access to corporate assets
by trusted parties. Gain a solid understanding
of the technologies, standards, regulations,
business challenges, and the questions to ask
related to identity and access management.
discuss new and emerging trends.
Gary Klinefelter, Principal, Creative Innovation Strategies;
Don Fergus, Vice President/CSO, Intekras, Inc.; Sal
D’Agostino, CEO, IDmachines, LLC; Jose Hernandez,
Director Information Security, Fluor Corporation
Sponsored by the ASIS Information Technology Security
Council
MONDAY
LEVEL KEY: ● Fundamental ■ Intermediate ▲ Advanced
2207 The Process of investigation
and the Fundamentals of Fact-Finding
■ Intermediate
Proper and ethical investigations are complex
undertakings, fraught with potential for legal
liability. When done properly and ethically, they
combine an intricate mixture of skill, experience,
and luck. This session introduces you to the
Process of Investigation® and the fundamentals of
fact-finding. Review how to safely and legally
conduct investigations while obtaining the best
return on investment of time and resources.
Review the eight methods of investigation, the
secrets of modern case management, evidence
analysis, and the practical aspects of effective
report writing.
Eugene Ferraro, CPP, PCI, CEO/Founder, Business
Controls, Inc.
2208 What’s New on the Floor?
● Fundamental
Make the most efficient use of your time by
learning where new and innovative products
can be found on the exhibit floor spanning over
230,000 square feet! The session highlights
both physical and information technology
security products.
Howard Belfor, CPP, President, Belfor & Associates, LLC;
Ronald Lander, CPP, Chief Specialist, Ultrasafe Security
Solutions
Sponsored by the ASIS Physical Security Council and
Information Technology Security Council
2209 What it Takes to be a security
Executive Today
▲ Advanced
developing world-class risk mitigation for your
organization is key to succeeding as a security
executive today. hear from two senior leaders
as they discuss aligning security and crossfunctional
risk mitigation with operational
strategies, effectively communicating the
value proposition to the c-Suite and diverse
stakeholders, and ensuring that programs both
align with the core strategic plan and protect
the brand. learn how mentoring/job shadowing
can help your future leaders engage, grow within
their role, identify best practices, and provide
lasting depth/breadth in your organization.
Michael Howard, General Manager, Chief Security Officer
Microsoft Global Security, Microsoft Corporation; Francis
D’Addario, CPP, CFE, Emeritus Faculty, Strategic Influence
and Innovation, Security Executive Council (SEC)
September 19–22, 2011 | Orange County Convention Center | Orlando, Florida | www.asis2011.org 27

Education sessions: 2000 Series
MONDAY, sEPTEMbEr 19 • 1:45 pm –3:00 pm
2210 Getting Executive buy-in
for Corporate security, business
Continuity, and Crisis Management
■ Intermediate
This session provides practical guidelines for
working with senior executives to obtain support
for corporate security, business continuity, and
crisis preparedness. learn successful strategies
for obtaining full senior-level support, how to
communicate when high-consequence warning
signs are being ignored, and how to provide your
executive sponsor with the tools needed to keep
the leadership team involved in prevention and
preparedness efforts over time.
Bruce T. Blythe, CEO, Crisis Management International, Inc.
Sponsored by the ASIS Crisis Management and Business
Continuity Council
2211 beyond statistics: What
Crimes are Faith-based Organizations
really Facing in the U.s.?
■ Intermediate
Statistics can often be misleading, and even the
Justice department’s crime statistics are not
totally accurate, especially when it comes to
analyzing crimes against religious organizations.
In this panel discussion, security professionals
from different faiths will look deeper into the
problem that houses of worship in the united
States are facing and why the numbers do not
accurately portray the whole picture.
Jeffrey Hawkins, Manager, Security Management
Education Outreach, American Military University; Nawar
Shora, CEO, Shams Training & Development; Chris Delia,
Director of Security, Anti-Defamation League; Jeffrey
Berrett, Director of Protective Operations, Church of Jesus
Christ of Latter-day Saints
Sponsored by the ASIS Cultural Properties Council
2212 Premises Liability: A Trial
Lawyer’s Hints for the security
Professional
▲ Advanced
This session examines what types of premises
are subject to negligent security cases, what
kind of injuries give rise to these cases, the duty
of the commercial property owner, how to assess
the crime situation, common security measures
discussed in these cases, and proper use of
marketing materials.
Michael Haggard, Esq., The Haggard Law Firm
2213 Cyber Jihad: Use of the Virtual
World
■ Intermediate
The Internet is the platform of choice for cyber
jihadis to recruit and communicate sensitive
information. Osama Bin laden indicated long
ago that 90% of the battle is information. This
session takes you through the actual sites
analyzed and their use of the cloud, and their
publishing techniques and tools for information
dissemination that goes viral. Review their
expertise in awareness and training while using
our tools and techniques against us. In addition,
examine how cyber jihadis use the Internet in the
radicalization process, in asymmetrical warfare,
and how huMInT and OSInT can be used to
counter their activities.
Jeffrey Bardin, Chief Security Strategist, Treadstone 71
Sponsored by the ASIS Global Terrorism, Political
Instability, and International Crime Council
2214 Five Common Mistakes
interviewers Make/Five successful
strategies
■ Intermediate
The process of sitting down across from a
suspect employee and asking questions to obtain
evidence or an admission of guilt is not something
that comes naturally to most people. despite
training, there are common mistakes made by
inexperienced interviewers which can create
barriers to communication, and ultimately a lack
of cooperation and information. learn valuable
tips for performing a personal assessment of
interview habits, as well as several best practices
to use when in the room.
Randy Tennison, CPP, Financial Analyst, Internal
Investigations, Walt Disney Parks and Resorts
2215 should You Have Known:
Lessons Learned From a Multiple
Homicide in the Workplace
▲ Advanced
Many cases of workplace homicide perpetrated
by an employee show that there were numerous
‘warning signs’ which first-line supervisors failed
to either recognize or respond to. In such cases
it can be argued that, had such recognition and
response taken place, the ultimate outcome of
violence might have been prevented. This session
draws upon practical lessons learned from a
recent internal investigation of a multiple
workplace homicide. learn how to identify risk
factors and explore their impact on the evolving
case; develop response options; identify internal/
external resources; and identify obstacles that
restrain supervisors from responding proactively.
John Lane, Vice President, Crisis and Resilience Consulting,
Control Risks
28 Asis 2011 Anticipate the unexpected. The security tools, techniques, and talent for tomorrow.

MONDAY, sEPTEMbEr 19 • 1:45 pm –3:00 pm
2216 reducing risk for Elected
Officials
■ Intermediate
executive protection specialists cannot
necessarily stop an attack like the attempted
assassination of congresswoman Giffords, but
they may be able to frustrate a would-be attacker
to the point where that person is effectively
deterred. learn a practical, six-part approach
to protecting a public figure or other persons
(such as a corporate executive) at public events.
Robert Oatman, CPP, President, R.L. Oatman &
Associates, Inc.
2217 security’s role in Managing
successful Events
■ Intermediate
Sony hosted over 5,000 guests at the FIFa World
cup in South africa. Their key objective was to
provide an enjoyable and safe experience for all.
Operating in an unfamiliar territory added to the
complexity in protecting each and every guest.
The scope of responsibility included: translation
services, a 24-hour hotline, incident management,
emergency response, armed protection staff, and
other major endeavors. Sony will undertake this
on a bigger scale at the World cup in Brazil. In
addition, Sony’s music, movie, and television
business has unique challenges relative to the
protection of personnel. Security’s role is an
integral one.
Stevan Bernard, Senior Vice President, Sony Pictures
Entertainment; John Rendeiro, Vice President, Global
Security and Intelligence, International SOS Assistance, Inc.
Sponsored by the ASIS Utilities Security Council
2218 Crisis Management and social
Media—the New Opportunity
■ Intermediate
Social media is the most active and volatile
method of dispersing information in the world
today. This sudden, widespread emergence has
led to several challenges for crisis management
professionals at all levels. however, with the right
attitude and management approach, social media
offers new, unique opportunities. experts in the
field have noted how social media has become a
power tool for maximizing real-time situational
awareness, and how it has significantly aided the
management of numerous crisis events. This
workshop will broaden your understanding of how
social media is effectively used before, during,
and after a crisis event.
Terri Howard, Director, Crisis Management, FEI Behavioral
Health; Vivian Marinelli, Senior Director, Crisis Management,
FEI Behavioral Health; Shawn Flaugher, Security Consulting
and Design, Duke University & Health System
Sponsored by the ASIS Crisis Management and Business
Continuity Council
MONDAY
LEVEL KEY: ● Fundamental ■ Intermediate ▲ Advanced
2219 Tools for a successful Job
search: resumes, Cover Letters,
Linkedin Profiles
■ Intermediate
has it been ‘forever’ since you’ve been in a job
search? For most people, writing a resume
is a chore that results in a two- or three-page
‘career obituary’ that does nothing to capture the
attention of potential employers. learn to navigate
the complex, sometimes frustrating world of job
searching. This session will help you create an
eye-popping, content-rich resume and cover letter
that positions you as an expert in your industry.
Kimberly Schneiderman, City Career Services
2280 Using the Cloud security
Alliance GrC stack to Attest
Vendor Compliance
■ Intermediate
Outsourcing critical business functions into the
cloud can result in challenges of maintaining
assurance and control over legal and regulatory
obligations for data management and protection.
The cloud Security alliance offers a solution
in the cSa GRc (Governance, Risk Management,
and compliance) Stack, a toolkit designed for
peeling back and revealing those layers of
accountability and responsibility between cloud
service providers and their tenants. learn about
the cSa GRc and how the IeTF/nIST ScaP
standard can be used for continuous monitoring
of cloud vendors compliance status, as well as
how trusted computing technologies enable/
maintain a security posture.
Dr. Marlin Pohlman, EMC, Chief Governance Officer,
Office of the CTO; Becky Swain, Program Manager, Security
Assurance Services, CSPO, Cisco
2281 Managing Privacy and security:
The CisO/CPO Dialogue
■ Intermediate
Managing and protecting data in the global
information economy demands coordination
between an organization’s privacy and information
security teams. With the precipitous rise in
reported security incidents, it is paramount that
these groups work together effectively. This
presentation presents an overview of managing
privacy and communicating with the ‘other’ side
to deliver compressive and compliant programs
for your organization.
Leslie Lambert; Michelle Dennedy; Hord Tipton, Executive
Director, (ISC) 2
September 19–22, 2011 | Orange County Convention Center | Orlando, Florida | www.asis2011.org 29

Education sessions: 2000 Series
MONDAY, sEPTEMbEr 19 • 1:45 pm –3:00 pm • 4:30 pm–5:30 pm
2282 software security: is OK
Good Enough?
■ Intermediate
how does an organization—short of a breach—
justify expending critical resources to build
more secure software? Given the current status
of software security efforts and the struggles
for business justification, industry would be
well-served to look outside the security and
information technology fields to other models
for justification efforts. For example, the history
of food safety, building codes, and the financial
system provide lessons from which the software
security industry can draw examples. This
presentation discusses these models and what
can be learned to help security officers and
software project owners build cases for software
security initiatives.
John Dickson, Principal, The Denim Group
2283 How to Use Mobile Devices
Correctly: setting up security
Guardrails
■ Intermediate
With a workforce growing more dependent on
mobile devices every day—and often commingling
personal and business use across many devices
—the need to properly manage access, data,
and appropriate use is of an equally growing
concern for today’s security professional. Join
Winn Schwartau and Spencer Wilcox, as Pam
Fusco moderates what promises to be a lively
discussion around the legal, technical, and
organizational issues that come with enabling
and managing security in a mobile workforce.
Brandon Dunlap, President, Brightfly Consulting; Winn
Schwartau, Chairman of the Board, Mobile Active Defense;
A. Spencer Wilcox, CPP, Supervisor, Compliance Services
Constellation Energy
“The seminar sessions are
very good and valuable for
recertification.”
c.J. Rodden, cPP
Director of Security
hyatt hotels & Resorts
2284 New and Pending GrC
Legislation and How it impacts
Your Organization
■ Intermediate
With several new pieces of legislation and
regulations being considered at the federal level,
what kind of impact will these new rules have on
organizations and their compliance efforts? Join
this panel as they discuss those regulations that
are closest to being enacted and what you can do
to prepare for the changes that they will bring.
4:30 pm–5:30 pm
2301 Asis standards: Learn How to
Conduct a business impact Analysis
■ Intermediate
The business impact analysis serves as the
foundation for decision making when designing a
business continuity program and establishing a
cost-effective business continuity plan. how do
you conduct a thorough business impact analysis
to prioritize the activities needed to establish an
effective business continuity program? The new
aSIS Business continuity Management Systems
anSI Standard will be examined in the context of
managing a continuity program.
Brian Zawada, Director, Business Continuity Solution,
General Electric Company; Donald Bryne, Consultant,
Resiliency Plus
Sponsored by the ASIS Standards and Guidelines
Commission
2302 security risk Management in
remote site Mining
■ Intermediate
PT. IncO is part of the Vale nickel business group,
the second largest mining company in the world.
PT. IncO has been operating mining and smelting
activities in a remote area of Indonesia since
1968. dealing with conflict, local customs, and
culture diversity, the site is designed with an
inclusive approach to the local community
environment. during its 42 years of operation in
Indonesia, PT. IncO has successfully managed
security threats and challenges with great
efficiency. harmony between security programs
and a successful community development
program have been instrumental in this success.
Surya Suhendra, Director of Security, PT. International
Nickel Indonesia, Tbk; Andrew Northover, Managing
Director, OPTARE Systems
30 Asis 2011 Anticipate the unexpected. The security tools, techniques, and talent for tomorrow.

MONDAY, sEPTEMbEr 19 • 4:30 pm–5:30 pm
2303 integrator series: best
Practices in integrated school
security: K–12
● Fundamental
learn directly from school security practitioners
and agency professionals about the challenges
they face and the services integrators can
provide to best meet the needs of these clients.
Topics include analyzing surveillance needs,
understanding student safety and how to deal
with the violent student, and executing threat
assessment plans. learn how to deal with
pornography on campus as well as bullying and
fights. Mobile monitoring and event response
considerations are also covered.
Mike Ganio, Orange County Public Schools; Conan
Bickford, West Highland School
2304 special Events security in
the City of Orlando: best Practices,
Operations, Technology
■ Intermediate
are you charged with security at special events?
do you need to cover a large area: campus,
downtown, or entertainment complex? Will you
have to deploy a video surveillance system in a
matter of days or hours? are you looking into
wireless as a possible solution, but concerned
about security, reliability, and speed? If you are
a security director, integrator, or consultant,
don’t miss this session packed with how-to’s
and real-world deployment examples. Get the
information you need to ensure successful video
surveillance for special events.
Jeffery Blye, Detective, City of Orlando Police Department;
Ksenia Coffman, Marketing Manager, Firetide; Steve
Surfaro, Industry Liaison, Axis Communications
Sponsored by the ASIS Global Terrorism, Political
Instability, and International Crime Council
2305 High-rise security
■ Intermediate
This fast-paced discussion focuses on best
practices established in the post 9/11 world for
mid- and high-rise office building environments.
Topics include methodologies used for full or
partial building evacuations and shelter-in-place.
hear how to balance customer service with
a dynamic security program to gain tenant
confidence. Incorporate state-of-the-art
technology to protect your assets. discuss
implementing an all hazards response plan that
clearly outlines duties and responsibilities for
security directors and the property management
team to address life-threatening emergencies.
Carlos Villarreal, Senior Vice President, Commercial Real
Estate Division, Whelan Security
Sponsored by the ASIS Commercial Real Estate Council
MONDAY
LEVEL KEY: ● Fundamental ■ Intermediate ▲ Advanced
2306 iT security Council series:
Forensics and E-Discovery
● Fundamental
non-practitioners will receive a comprehensive
overview of the fields of digital forensics and
e-discovery. Gain a basic working knowledge
including vocabulary, concepts, application in
the corporate environment, and emerging trends.
Review information forensics (data recovery),
formal forensics, and e-discovery. analyze the
differences and the uses, capabilities, and
limitations of each, and consider the legal
ramifications. discuss best practices in the
areas of specific skill requirements, strategies,
and controls for each category of forensic
examination.
Andrew Neal, President, Southwest Digital Laboratory;
Kevin Ripa, Director of Computer Forensic, Advanced
Surveillance Group; Eric Sifford, Human/Signals
Intelligence, U.S. Army, (ISC) 2 Appointee; Kelly “KJ”
Kuchta, CPP, CFE, President, Forensics Consulting
Solutions, LLC; Robin Harris-Walker, CPP, Harris Nibor
International
Sponsored by the ASIS Information Technology Security
Council
2307 Generate Cash by Uninvesting
in security Equipment services
■ Intermediate
are you paying more than necessary to
maintain your physical security equipment, or
paying for a level of service that can be reduced
without affecting performance? an experienced
panel representing equipment owners and
service providers identifies the most common
and significant cost-drivers associated with
maintenance and service. They will then
demonstrate, through real life examples,
alternatives and containment strategies to
minimize their impact on the security budget.
also, understand the strategic importance of
competitive bidding.
John Kerster, President, Security Design Associates, Inc.;
Jeffrey Ryder, CPP, PSP, Senior Physical Security
Specialist, Protective Services Police Department, Strategic
Services Bureau Department of Real Estate Services, City
of Washington, DC; John Bodolay, Founder, Acme Technical
Group, LLC
“This is the largest security
products show in the world,
it is a must-attend event.”
Rudy Wolter
Senior Vice President/Director of
Security
cITI
September 19–22, 2011 | Orange County Convention Center | Orlando, Florida | www.asis2011.org 31

Education sessions: 2000 Series
MONDAY, sEPTEMbEr 19 • 4:30 pm–5:30 pm
2308 To Arm or Not to Arm?
■ Intermediate
decades of decline in the number of armed
security officers were reversed following 9/11.
While the decision to arm or recommend the
arming of officers is both controversial and
emotional, it must be based both on solid data,
quantifiable objectives, and a commitment to
the safety of all concerned. This presentation,
a case study of the actual decision-making
process that resulted in the arming of a hospital
security department, covers all aspects, from
data-gathering to program implementation.
Anthony N. Potter, CPP, CHPA-F, Senior Director of Public
Safety, Novant Health
2309 information and Data security
While Away From the Office
● Fundamental
domestically and internationally, travelers need
to be aware of the dangers that surround them
while on personal or business trips. Technology
used by criminals like WiFi snooping, “evil twins,”
bluetooth surveillance, cloud hacking, GPS
tracking, and others have been the downfall of
many businesses and their competitive intelligence.
This popular session cites case studies,
shows examples of tools used by thieves, and
give tips and pointers to lower the risk to travelers
and their data.
J. Keith Flannigan, Ph.D., CMAS, Director, International
Dynamics Research Corp.; Ronald Lander, CPP, CMAS,
Chief Specialist, Ultrasafe Security Solutions; Roy
Wilkinson, Ph.D., CMAS, CISSP, President, SPI Services
2310 Understanding the shifting of
risk: A Moving Target
■ Intermediate
Protecting a fixed facility is just one step. What
about the product in transport from a facility
perspective? This session looks at handling
steps including multi-distribution warehousing,
diversion, long route concerns, contaminated
trailers, drivers, overnight unsecured yards,
contractor or temporary services operating the
warehouse, delivery confirmation, and customer
verification measures. It explores the steps
being taken along the food supply chain to
protect our food. It also highlights potential
changes stemming from the current regulatory
environment.
Dan Walters, CPP, Manager of Security & Environmental
Risk, CF Industries; Judy Fadden
Sponsored by the ASIS Agriculture and Food Security
Council
2311 building on the Foundation:
More on Arabs and islam
● Fundamental
This session starts with a pop quiz (this same
quiz and session have been used in FBI, dOJ, and
dhS trainings.) Then join in an interactive dialogue
to address the misconceptions and perceptions
about the Muslim and arab communities. Social
and behavioral norms and mores, basic history
and geography, Jihad, and other subjects that
interest the audience will be addressed.
Nawar Shora, CEO, Shams Training & Development
Sponsored by the ASIS Cultural Properties Council
2312 New security standard in China
and Your business
● Fundamental
as china becomes a new economic powerhouse,
more investors are becoming interested in it.
Yet because of cultural differences between
the east and West, a simple investment could
become a complicated disaster. It is vital for
investors to understand the importance of
protecting their investments. Private security
is one solution. Gain insight as the speakers
share over 30 years of practical experiences
on why, when, what, where, and how.
Jack Chu, President, RA Consultants Limited; Hawn Chu,
Consultant, RA Consultants Limited
Sponsored by the ASIS Investigations Council
2313 Advanced internet/social
Network investigations and
background Checks
▲ Advanced
Open sources go far beyond what is available in
Google and Facebook, as well as other popular
sites. This session looks beyond the obvious
services into social networks and similar media
to locate assets, discover company leaks, protect
reputations, track down anonymous users, and
expand the arsenal of resources available but
unknown to the security professional. In addition,
we’ll discuss the obvious pitfalls that most
practitioners fall into when investigating these
new media.
Cynthia Hetherington, President, Hetherington Group
32 Asis 2011 Anticipate the unexpected. The security tools, techniques, and talent for tomorrow.

MONDAY, sEPTEMbEr 19 • 4:30 pm–5:30 pm
2314 How to Create Your security
Manual
● Fundamental
First, you will review the need for a manual and
the absolute do’s and don’ts of writing it. Then
the session takes you right into the nuts and bolts
of writing one. Starting with a format, an outline,
and how to delegate the written material, you will
leave this class with written material that can be
used in your own organization’s manual. a must
for every security professional!
Darrell Clifton, CPP, Director of Security, Circus Circus
Hotel Casino; Alan Zajic, CPP, Security Consultant, AWZ
Consulting
2315 Get ready for the Aftermath:
Post incident Management
● Fundamental
emergency and crisis plans normally prepare us
for known dangers and/or hazards, acting as a
guide to navigate the operations with limited, to
no, damage. When all is said and done and the
hazard is gone, what then? Many issues, from
media to employee concerns, could still arise.
Media communications, claims management,
employee counseling, and other issues are
realities that will surface. You should be prepared
for everything that comes after the dust settles.
James C. Reynolds, CPP, Hilton Worldwide
2316 is Your Workforce ready to
Travel to High-risk Destinations?
What You Need to Know Now
■ Intermediate
The need for organizations to send employees to
high-risk destinations for critical work remains
ever present, even in our digitally connected
world. Security managers work hard to prepare
their travelers for the sometimes unprecedented
security challenges inherent to remote or
politically unstable locales. This advance work not
only protects employees but helps avoid the costs
of a failed assignment. discover best practices
around identifying, preparing, and assisting
travelers who venture to high-risk destinations.
John Rendeiro, Vice President, Global Security and
Intelligence, International SOS Assistance, Inc.; Bob
Falconi, CPP, Director, Corporate Security and Safety,
Symantec; Michael Clements, Director of Global Protective
Services, Hitachi Data Systems
MONDAY
LEVEL KEY: ● Fundamental ■ Intermediate ▲ Advanced
2317 security Excellence: Tools
to Enhance security’s Mission
■ Intermediate
Today’s response to threats and risk demands
proactive strategies which address a range
of security and business program elements.
These elements must be correctly selected,
implemented, and maintained, as well as
scalable, mutually supporting, measurable, and
capable of integration with one another. To assist,
the availability of existing and emerging security
standards facilitates the path to excellence. The
presentation discusses what this process might
look like and offers tools that will assist.
Phillip Banks, CPP, PE, Director, The Banks Group, Inc.;
Dennis Shepp, CPP, PCI, President, Dennis Shepp Security
Management Consultant, Inc.
2318 initiating and Conducting
internal investigations in
Multi-National Corporations
■ Intermediate
Research from various sources indicates that
economic crime (including fraud, corruption,
and economic espionage) impacts on the vast
majority of international corporations. Initiating,
conducting, and managing investigations into
suspected cases provides a wide range of
challenges for corporate security professionals.
at the same time, increasing regulation across
the globe and many sectors means that the
importance of providing results to support the
business is becoming more important. Review the
investigative process, focusing on the challenges
associated with cross-border operations and
multi-jurisdictional environments.
Dr. Christoph Rojahn, Senior Manager, Forensic & Dispute
Services, Deloitte AG
2319 insider Threat: A National
Concern
■ Intermediate
In today’s increasingly wired and global world,
foreign intelligence services, criminals, and private
sector spies are increasingly focused on american
companies. Their efforts compromise intellectual
property, trade secrets, and technological
developments that are the key to both our national
security and long-term economic prosperity.
To thrive, firms must focus on corporate threat
vectors using both a security and a counterintelligence
(cI) lens. hear how companies can leverage
their current defensive security capabilities and
develop new ones to create a strong cI posture
designed to protect a company’s most vital
secrets, while strengthening u.S. economic security.
Douglas Thomas, Principal Deputy Director, Office of the
National Counterintelligence Executive
Sponsored by the ASIS Defense and Intelligence Council
September 19–22, 2011 | Orange County Convention Center | Orlando, Florida | www.asis2011.org 33

Education sessions: 2000 Series
MONDAY, sEPTEMbEr 19 • 4:30 pm–5:30 pm
2320 Protecting America’s
Electric Grid
■ Intermediate
The north american electric Reliability
corporation’s (neRc) mission is to ensure the
reliability of the north american bulk power
system, and much is being done to protect the
largest, most reliable grid on the earth. learn
what neRc is doing to secure the grid from cyber
and physical attacks. In addition, neRc will
discuss security initiatives, the ongoing threat
to industrial control systems, and the critical
Infrastructure Protection (cIP) Reliability Standards.
Brian M. Harrell, Sr., CPP, Manager of Critical
Infrastructure Protection, North American Electric Reliability
Corporation (NERC); Mark Weatherford, Vice President/
Chief Security Officer, North American Electric Reliability
Corporation (NERC)
Sponsored by the ASIS Utilities Security Council
2380 Cloud incident response
■ Intermediate
The cloud. Where small and large organizations
are going and have gone. You want to be in the
cloud, but how do you protect it? If an incident
were to occur, would you know? how will you
detect, notify, isolate, and contain cloud-based
incidents? explore a strategic approach to
improving IR awareness and detection to meet the
cloud’s elevated demands. learn to analyze your
IR requirements across the IaaS, SaaS, and PaaS
platforms; how to talk with your vendor; risks to
management; and IR containment, recovery, and
evaluation test procedures.
Erika Voss, Consultant, CGI Federal; James Hewitt,
Director of Security Governance, CGI
2381 Cyber security and the
socio-Political Landscape:
Going beyond the Technology
■ Intermediate
Today, emerging issues around online security
go beyond the threats to technology and its
vulnerabilities. Threats are compounded by nation
states engaging in cyber war as well as on-line
criminals committing fraud for financial gain. With
more people globally coming online and becoming
Internet savvy, there is an associated political
and social impact, as well as the rise of using new
media for politically motivated objectives leading
to new forms of manipulation and exploitation.
cyber security is no longer just about protecting
servers and networks from malware, denial-of-
Service, and online compromise of information.
Freddy Tan, Chief Security Advisor, Microsoft Asia
2382 The Economics of Failure
■ Intermediate
In this session, we will discuss how much
secure code costs in the software lifecycle. We
will also look at how much patch management
can impact the budgets of an organization as
well as other good security practices. We also
will compare all of the secure measures we take
and then consider if it is worth it. In which areas
can we just assume the risk?
Eric Irvin, Solutions Architect, Alert Logic
2383 Mobile Devices: Employee
Monitoring and Data Loss Prevention
in Light of the Expectation of Privacy
■ Intermediate
IT and business has long believed that they
own the data that traverses their networks. as
long as a banner and a policy existed informing
users that no reasonable expectation of privacy
existed, then it was perfectly legitimate to
read, review, and record that data—until now.
Based on three recent court cases, a company
may be infringing upon an employee’s right to
privacy if the company reads, reviews, or records
that employee’s data traffic under certain
circumstances. In this session we will discuss
best practices and possible ramifications of the
use of standard security and compliance
monitoring tools, in light of recent case law.
A. Spencer Wilcox, CPP, Supervisor, Compliance Services,
Constellation Energy
2385 Why Do Developers Make
These Dangerous software Errors?
■ Intermediate
aimed at the entire development and acquisition
lifecycle, the Masters of Software assurance
(MSwa) adapts software engineering to software
assurance (Swa). The MSwa Reference curriculum
achieved Ieee and acM recognition. at the
community college level, Software assurance
Mobile Instruction (SaMI) is an iPad-based
curriculum application set up for distance learning
with a myriad of pre-loaded resources. The
cybersecurity community supports the current
developer workforce through free resources such
as pocket guides. The Swa Forum Processes and
Practices Working Group developed Swa
benchmarking resources that synthesize existing
software assurance best practices for use by
development organizations addressing application
security.
34 Asis 2011 Anticipate the unexpected. The security tools, techniques, and talent for tomorrow.

TUEsDAY, sEPTEMbEr 20
Schedule-aT-Glance
all sessions will be held at the Orange county convention center.
8:00 am–9:00 am: KEYNOTE: Jeb Bush, Governor of Florida, 1999–2007
11:00 am–12:00 noon
TUESDAY
LEVEL KEY: ● Fundamental ■ Intermediate ▲ Advanced
(ISC) 2 Security Congress
LEVEL
Arch/Eng/Design
Crime/Loss Prevention
Crisis Management
Critical Infrastructure
Global
Government/Military
Homeland Security
Information/IT Security
Investigations
Legal
Management
Physical Security
Professional Development
Terrorism
Young Professionals
Systems Integrator NEW
Application Security
Cloud Security
Governance, Regulation,
and Compliance
Mobile Security and
Social Networking
Swiss Army Knife
3101 ASIS Standards: Conducting a Risk
Assessment—the Foundation for Successful
Risk Management
■ X
3102 Security Engineering in High Threat
Environments
3103 Crime, Terror, or Natural Disasters:
■ X X
Medical/Preparedness Expertise/Critical
Considerations for the Security Professional
▲ X X
3104 Integrator Series: Securing the University—
Meeting Threats Inside and Out
3105 Setting the Standard: A Roundup of the
● X X X X X X
Physical and Logical Technology Standards
Affecting the Security Industry
▲ X X X X X
3106 Security Officer Training, Post Orders, and
Negligence
■ X X X
3107 Considerations and Advancements in
Providing a Defended Site Perimeter
● X X X X X X
3108 Excellence in High-Impact Security
Education Training
3109 Update: The U.S. Department of
▲ X X X X
Homeland Security and the Chemical Facility
Anti-Terrorism Standards
■ X X X X
3110 Security Architecture and Engineering,
Part 1: Basis of Security Design
■ X X X X X
3111 Lessons Learned: Trends in Extreme
Violence in the Workplace
■ X X X X
3112 IT Security Council Series: Cyber Security
3113 What, Me Worry? The Global Privacy
● X
Movement and Its Implications for the Modern
Security Practitioner
■ X X X
3114 Managing the Corporate Security Culture
Change
▲ X X
3115 Rail Security: Protecting the Customer’s
Lading
● X X X X X
3116 Protests, Demonstrations, and Civil Unrest:
Crisis Action Planning in Southeast Asia
■ X X X X
3117 Countering Business/Industrial Espionage
in a Global Marketplace
▲ X X X X X
3118 Bolster Your Leadership Bucket List: 25
‘Must Have’ Experiences for Security Leaders
■ X X X X
3119 Protecting Your Business: Understanding
Islam and Islamofacism
● X X X
3180 Architecting and Building a Secure Virtual
Infrastructure and Private Cloud
■ X X X
3181 Data Integrity Debate ■ X X X X
3182 Security ‘App-Titude’ ■ X X X
3183 The ABCs of Global Mobile Enterprise
Compliance
■ X X X X X
3184 Control and Harmonization of Compliance
Efforts Across Multiple Regulations
■ X X X X X
3185 Improve Your SDLC With CAPEC and CWE ■ X X X
September 19–22, 2011 | Orange County Convention Center | Orlando, Florida | www.asis2011.org 35

TUEsDAY, sEPTEMbEr 20
Schedule-aT-Glance
all sessions will be held at the Orange county convention center.
1:45 pm –3:00 pm
LEVEL
Arch/Eng/Design
Crime/Loss Prevention
Crisis Management
Critical Infrastructure
Global
Government/Military
Homeland Security
Information/IT Security
Investigations
Legal
Management
Physical Security
Professional Development
Terrorism
Young Professionals
Systems Integrator NEW
Application Security
Cloud Security
Governance, Regulation,
and Compliance
Mobile Security and
Social Networking
Swiss Army Knife
3201 ASIS Standards: Explore Resilience and
Risk Management Around the World
■ X
3202 Integrator Series: Securing Healthcare
Security—Compliance, Protection, and Diversity
● X X X X X
3203 Retail Loss Prevention: Crisis Management,
Technology, and Management Effectiveness
▲ X X X
3204 Surveillance and Threat Detection:
Prevention vs. Mitigation
■ X X X
3205 Explosion-Induced Injuries and Protective
Gear
▲ X X
3206 Security Architecture and Engineering,
Part 2: Systems Design and Engineering
● X X X
3207 Supply Chain Security: The New Normal
3208 IT Security Council Series: Is the Power
▲ X X X X X X
Infrastructure Secure? Utility and Smart Grid
Security
● X X X X X
3209 Black Leaders in the Security Industry ● X X
3210 The Rise of Domestic Terrorism ▲ X X X X X X
3211 The Security Metrics Challenge ▲ X
3212 Disaster in the Data Center! Are You
Prepared?
■ X X X X
3214 Soft Targets ● X X X X X X
3215 Background Checks Under Fire: A Legal
Update
■ X X X
3216 Integrated Operational Risk Management:
A Look Inside Westinghouse
■ X X X X
3217 Supply Chain Security: The Americas ■ X X X X
3218 Protection Intelligence: Putting It in the
Hands of Potential Targets
3219 Caution Advised: The Use of Social
● X X X X X
Networking Sites, Search Engines, and Web 2.0
to Screen Applicants
■ X X
3220 Getting From Here to There: Advancing In
the Security Field
● X
3280 Forensics and the Cloud
3282 Picking the Right Tool for the Job:
■ X X X X
Using Vendor Tools to Aid in the Development
of Secure Code
■ X X
3283 Mobile Applications: Managing Enterprise
Risk and Exploitation
3284 Putting Your House in Order—Business
■ X X X X
Intelligence Gathered From 100+ Sustainable
IT-GRC Implementations
■ X X X
3285 Risk Analysis and Measurement With
CWRAF
■ X X
36 Asis 2011 Anticipate the unexpected. The security tools, techniques, and talent for tomorrow.
(ISC) 2 Security Congress

4:30 pm–5:30 pm
TUESDAY
LEVEL KEY: ● Fundamental ■ Intermediate ▲ Advanced
LEVEL
Arch/Eng/Design
Crime/Loss Prevention
Crisis Management
Critical Infrastructure
Global
Government/Military
Homeland Security
Information/IT Security
Investigations
Legal
Management
Physical Security
Professional Development
Terrorism
Young Professionals
Systems Integrator NEW
Application Security
Cloud Security
Governance, Regulation,
and Compliance
Mobile Security and
Social Networking
Swiss Army Knife
3301 The International Code of Conduct for
Private Security Service Providers: A New
Benchmark for Quality
▲ X X X X X
3302 Customer Satisfaction Catalyzing an
Enhanced Security Environment in Organizations
▲ X X X
3303 Integrator Series: Transportation and Port
Security Solutions
3304 Innovation or Confusion? How Will High-
● X X X X X X X
Tech Industries Impact Electronic Security
Systems?
3305 Security Architecture and Engineering,
● X X X X
Part 3: Creating and Communicating the
Security System
▲ X X X
3306 IT Security Council Series: Federal
Information Security
● X X
3307 Your Career Is Your Currency. What Is It
■
Worth? Steps to Building or Transitioning Careers
X X X
3308 Role Model: Creating a Positive Security
Culture
■ X X X
3309 Security Reserve Corps ▲ X X X
3310 Profiting From Organizational Resilience:
The Role of the Chief Security Officer
■ X X X
3311 Security Officer Training: What Really
Works—and What Doesn’t
● X X
3312 Protecting Your Brand Online: Success
Stories on How to Tame the Internet
■ X X X
3313 Defense Security Service Report to ASIS ▲ X X X X
3314 Preventing an Active Shooter Incident ● X X X X X
3315 Technology Upgrades: From Concept to
Installation
▲ X X X
3316 Making Suspicious Activity Reporting Work
for You
3317 How Vulnerable Is Your Data? Cost-
● X X X
Effective Best Practices to Safeguard Against
Data Breaches
▲ X X X
3318 Anticipate the Unexpected? Understanding
the Threat
▲ X X
3319 NASA’s Next Mission: Mars Science Lab –
Curiosity Rover
3320 Growing Your Bench: A Comprehensive
● X
Success Plan for the Discovery, Retention, and
Development of Top Security Employees
● X X
3380 Debate—Collecting of Personal Information
From the Cloud
■ X X X X X
3381 Psychological Principles in Social
Engineering
■ X X X X X
3383 Impact of Social Networking on Security
Threats
■ X X X X X
3384 A Guide to Security Metrics ■ X X X X
3385 Software Assurance Panel Wrap-up ■ X
(ISC) 2 Security Congress
September 19–22, 2011 | Orange County Convention Center | Orlando, Florida | www.asis2011.org 37

Education sessions: 3000 Series
TUEsDAY, sEPTEMbEr 20 • 8:00 am–9:00 am • 11:00 am–12:00 noon
8:00 am–9:00 am
11:00 am–12:00 noon
KEYNOTE
Jeb bush
Governor of Florida,
1999–2007
See page 4 for keynote
description.
3101 Asis standards: Conducting
a risk Assessment—the Foundation
for successful risk Management
■ Intermediate
The risk assessment process provides the
foundation for a successful program of security
and risk management. learn to create a reliable
and repeatable risk assessment process. The
ISO 31000 Risk Management Standard provides
a process for risk management widely accepted
around the globe. This session takes you stepby-step
through the risk assessment process
described in the standard.
Dr. Marc Siegel, Commissioner, ASIS Global Standards
Initiative, ASIS International; Peter Brian Boyce, Senior
Business Manager, Security Management Systems–Asia,
Lloyds Register Quality Assurance
Sponsored by the ASIS Standards and Guidelines
Commission
3102 security Engineering in
High Threat Environments
■ Intermediate
Security engineering provides vulnerability
assessments and new and retrofit designs for
protecting people, structures, and business
operations from terrorist attacks. In high threat
environments, there are often no predetermined
design criteria, and the threats are fluid and can
worsen rapidly. The security engineering team
must consider: multiple threats, often in
combination as complex attacks become more
prevalent; long to non-existent response times
from local law enforcement; safe haven and
evacuation requirements in hostile territories;
and limited access to sophisticated building
techniques and materials.
Hollice Stone, President, Stone Security Engineering, PC
3103 Crime, Terror, or Natural
Disasters: Medical/Preparedness
Expertise/Critical Considerations
for the security Professional
▲ Advanced
emerging diseases and environmental hazards
of all types can compromise the pillars of
corporate security. When operating in unstable
environments, obtaining medical preparedness
expertise is essential to security planning. Too
often such expertise is ignored or sought only
as the emergency occurs instead of beforehand.
Preparedness experts can enhance the likelihood
of successfully functioning in dangerous environments.
There’s an urgent need for security and
med-prep experts to collaborate. Best practices
based upon assisting clients world-wide will be
discussed.
Dr. Robin McFee, Medical Director, Threat Science
Sponsored by the ASIS Global Terrorism, Political
Instability, and International Crime Council
3104 integrator series: securing
the University—Meeting Threats
inside and Out
● Fundamental
hear from campus safety, security practitioners,
and agency professionals as they address what
their biggest needs are and how you can satisfy
them as integration professionals. learn about
violent trends on campus. understand student
safety concerns. examine emergency
communications. consider substance abuse,
illegal items, and more.
Raymond Thrower, Gustavus University; William
Badertscher, Georgetown University
“The seminar is an opportunity to
attend topical security sessions,
network with similarly focused
professionals, and learn about new
products and innovations.”
Scott conner
Senior Government/Military Sales
Representative
Onity
38 Asis 2011 Anticipate the unexpected. The security tools, techniques, and talent for tomorrow.

TUEsDAY, sEPTEMbEr 20 • 11:00 am–12:00 noon
3105 setting the standard:
A roundup of the Physical and
Logical Technology standards
Affecting the security industry
▲ Advanced
Industry standards creep into security solutions
on three main fronts: operational standards, IT
standards, and government standards. each
affects different components of a system and
protects physical security or logical security.
But, if not properly understood and integrated,
standards can complicate a project much more
than help it. This session discusses the main
standards affecting the industry today—from
OnVIF to hdTV to IcaM to 802.11x and everything
in between—as well as working with the respective
industry associations to maximize your
performance.
Ray Bernard, PSP, President and Principal Consultant,
Ray Bernard Consulting Services; Steve Surfaro, Industry
Liaison, Axis Communications; Ronald Martin, CPP,
Physical Security Specialist, U.S. Government
3106 security Officer Training, Post
Orders, and Negligence
■ Intermediate
This panel discussion reviews the intricacies
of how training and post orders have to be
interrelated from an operational and liability
aspect. It discusses who or which company may
be held liable, past incidents of where guard
companies had to pay out large sums due to
a lack of quality training and post orders, and
how to properly write and create the correct
post orders procedure for your guard force.
Gary Kuty, President/CEO, Kuty and Associates, LLC;
Jeffrey Slotnick, PSP, President, Setracon Incorporated;
Steven Bucklin, President/CEO, Glenbrook Security
Services, Inc.; Bruce Brownyard, Principal, Brownyard
Programs, Ltd.
Sponsored by the ASIS Private Security Services Council
TUESDAY
LEVEL KEY: ● Fundamental ■ Intermediate ▲ Advanced
3107 Considerations and
Advancements in Providing a
Defended site Perimeter
● Fundamental
The four main functions of any comprehensive
physical security program are to deter, detect,
delay, and respond to a threat. a well-planned
perimeter can deter an aggressor by increasing
the perceived difficulty of attack, support the
implementation and function of detection
sensors, and delay an aggressor, providing the
security force time to respond to an attack. This
presentation discusses the basics as well as
recent advancements in meeting the challenge
of providing cost effective and architecturally
acceptable barriers.
Joseph L. Smith, PSP, Director/Senior Vice President,
Applied Research Associates
3108 Excellence in High-impact
security Education Training
▲ Advanced
Garner valuable insight into designing high-impact/
high-return security education and awareness
training programs that are responsive, serve the
business, and foster an environment that protects
our nation’s secrets. learn best practices that have
been proven to help you effectively communicate
and involve your management and employees in
efforts that will deliver positive results. This
presentation offers a variety of tools essential to
any security professional’s toolkit and will assist in
delivering lasting security messages guaranteed
to deliver positive results with your employees.
Robert Rogalski, Director, Corporate Security & Safety,
RAND Corporation; Deborah (Deedee) Collins, Executive
Director, National Security Training Institute; Michael
Frazier, CPP, Senior Security Manager, Booz Allen Hamilton
Sponsored by the ASIS Defense and Intelligence Council
3109 Update: The U.s. Department of
Homeland security and the Chemical
Facility Anti-Terrorism standards
■ Intermediate
The united States faces a persistent and evolving
threat from both foreign and domestic terrorist
organizations. an attack on a high-risk chemical
facility has the potential to cause serious adverse
effects. learn what the dhS is doing to secure
the nation’s high-risk chemical facilities and how
to maximize the security at your facility through
the cFaTS program. Work with dhS to find out
if your facility is high risk, and the security
measures you can implement to protect your
facility from a variety of terrorist attacks.
Sue Armstrong, Deputy Assistant Secretary, U.S.
Department of Homeland Security
Sponsored by the ASIS Utility Security Council
September 19–22, 2011 | Orange County Convention Center | Orlando, Florida | www.asis2011.org 39

Education sessions: 3000 Series
TUEsDAY, sEPTEMbEr 20 • 11:00 am–12:00 noon
3110 security Architecture and
Engineering, Part 1: basis of
security Design
■ Intermediate
understanding the security system design
process is absolutely critical for all stakeholders
involved. Before anyone begins talking about
security solutions, project initiators have to
understand the process and key players involved.
learn about the process espoused by the aSIS
Security architecture and engineering council
from establishing the need for security, through
asset and risk assessment, and development of
functional requirements, to identifying preliminary
mitigation measures. The session wraps up by
helping you avoid the adage “Be careful what you
asked for…you may get it!” (See Part 2, session
3206, on page 44.)
J. Kelly Stewart, Director of Corporate Security, Intelsat;
Mark Schreiber, CPP, Design Engineering Specialist, Fluor
Corporation
Sponsored by the ASIS Security Architecture and
Engineering Council
3111 Lessons Learned: Trends in
Extreme Violence in the Workplace
■ Intermediate
unfortunately, the possibility of an active shooter
situation happening in our communities is a reality
everyone has to deal with. although no one is
exempt from the threat, you can be part of the
solution. Through knowledge and awareness,
you can fill the ‘extreme danger gap’ of time until
first responders arrive. Topics include recognizing
pre-incident indicators, the survival mindset,
courses of action during an active shooter event,
and response when law enforcement arrives.
Randy Spivey, CEO/Founder, The Center for Personal
Protection and Safety; Roger Aldrich, Director of Training,
Center for Personal Protection and Safety
Sponsored by the ASIS Crisis Management and Business
Continuity Council
“This is the place for the
most up-to-date and best
directed information in the
security industry.”
allan cravalho, cPP
Vice President, Engineering
Warren associates
3112 iT security Council series:
Cyber security
● Fundamental
cyber security has become a catch-all phrase.
learn what cyber security really means and the
critical security threats and attack vectors that
corporations must understand to protect their
assets and market share. discover your role and
responsibilities in the new environment where
physical, personnel, and IT security are converging
into an interleaved discipline. Receive a current
state report that identifies four major types of
security threats. Identify the steps individuals,
companies, and agencies can take to protect
themselves, their assets, their customers, and
ultimately their bottom line from the threats.
Mark Schreiber, CPP, Design Engineering Specialist, Fluor
Corporation; Don Fergus, Vice President/CS, Intekras, Inc.;
David Morgan, Associate, (ISC) 2 Appointee, Booz Allen
Hamilton; Coleman L. Wolf, CPP, CISSP, ESD
Sponsored by the ASIS Information Technology Security
Council
3113 What, Me Worry? The
Global Privacy Movement and
its implications for the Modern
security Practitioner
■ Intermediate
The global privacy movement has changed the
expectations of our employees and customers,
while the Internet and the technologies it supports
allow access to information never before available.
This fascinating and fast-paced session will
explain how these technologies function and
why privacy advocates are so concerned. You will
also be shown how to safely and legally use this
information without exposing yourself and your
organization to unnecessary and costly litigation
while respecting the privacy of those whom the
organization touches.
Eugene Ferraro, CPP, PCI, CEO/Founder, Business
Controls, Inc.
3114 Managing the Corporate
security Culture Change
▲ Advanced
every security professional sooner or later runs
into difficulties with embedding a company-wide
buy-in for meeting security regulations deployed
to protect core organization assets and values.
developing a comprehensive awareness program
is an essential task to be done, but before doing
so, a broader understanding of organizational
behavior must be obtained. This lecture uncovers
the aspects of the organization culture to point
at its particular elements, and to discuss related
implications for security practitioners.
Radek Havliš, CPP, Vice President Business Security, BCM
and Facility Management, T-Mobile Czech Republic
40 Asis 2011 Anticipate the unexpected. The security tools, techniques, and talent for tomorrow.

TUEsDAY, sEPTEMbEr 20 • 11:00 am–12:00 noon
3115 rail security: Protecting the
Customer’s Lading
● Fundamental
This session will report on the existence of
railroad police departments and how they function
in their efforts to protect a customer’s freight.
Information on the various security and police
functions that the four or five major railroads
currently have in place will be provided. Physical
security of facilities, specialized investigative and
response units, as well as proactive efforts will be
discussed. Teamwork with other agencies will also
be covered.
Larry Schuck, CPP, President, LarMar Security
Consulting, LLC
3116 Protests, Demonstrations,
and Civil Unrest: Crisis Action
Planning in southeast Asia
■ Intermediate
World events continue to highlight the importance
of establishing a crisis action plan as part of an
overall risk management program. Plans must
take into account the customs, culture, and
operating environment of each location. Protests,
demonstrations, and civil unrest occasionally
turn violent, threatening the safety and security
of personnel and disrupting business interests.
learn to develop a crisis action plan for Southeast
asia through actual case studies focusing on the
2010 politically-fueled riots in Bangkok, Thailand
and the Tanjung Priok Port district expansion riot
in Jakarta, Indonesia.
Scott Bernat, Chief of U.S. Military Security, Resident
Agent in Charge, U.S. Naval Criminal Investigative Service
(NCIS)/Force Protection Detachment Indonesia
3117 Countering business/industrial
Espionage in a Global Marketplace
▲ Advanced
The business impact of industrial espionage
is often not fully understood by security
professionals or senior management. after
explaining the business consequences, this
presentation examines the global business
spying threats using real-world, mini-case studies.
It examines typical business organizational
vulnerabilities, how to close those vulnerabilities,
and developing a comprehensive risk-based
proprietary information protection program that
is tailored to the threat and protects the most
critical business information.
Bruce Wimmer, CPP, Director of Global Consulting,
Pinkerton Consulting & Investigations
TUESDAY
LEVEL KEY: ● Fundamental ■ Intermediate ▲ Advanced
3118 bolster Your Leadership bucket
List: 25 ‘Must Have’ Experiences for
security Leaders
■ Intermediate
explore 25 “must have” experiences that will
propel you to become a leader who makes an
impact in today’s challenging global work
environment. hear firsthand from a c-Suite
executive at one of the largest security service
providers in the united States as he shares his
unique perspectives on the leadership discipline.
hear how targeted activities and opportunities
create strengths and visibility that opens doors
for professional growth. Business fundamentals,
building leadership character, and career
management goals to pursue while building your
own leadership Bucket list will be covered.
Ty Richmond, CPP, Chief Operating Officer, Andrews
International
3119 Protecting Your business:
Understanding islam and
islamofacism
● Fundamental
From a “lone actor” at a major army base to
coordinated attacks on american-owned
businesses abroad, Islamic-based terror attacks
continue to cost countless lives and billions
of dollars to companies at home and abroad.
Focused on the security professional, this
presentation will look at the founding, evolution,
and current state of Islam, including the violent
events shaping today’s headlines. understand
the re-emergence of Jihad fueled by over
10 trillion dollars in OPec since 1973, and
millions of Muslim migrants settling in the West.
The exploitation of western technology is critical
to every member of the security and law
enforcement communities.
Michael Trapp, CPP, Director, Corporate Security, Tesoro
Companies, Inc.
Sponsored by the ASIS Global Terrorism, Political
Instability, and International Crime Council
September 19–22, 2011 | Orange County Convention Center | Orlando, Florida | www.asis2011.org 41

Education sessions: 3000 Series
TUEsDAY, sEPTEMbEr 20 • 11:00 am–12:00 noon
3180 Architecting and building a
secure Virtual infrastructure and
Private Cloud
■ Intermediate
Many fail to realize that virtualization is the key
technology enabling cloud computing, so it is
imperative to understand the security aspects of
virtualization, the concept of multi-tenancy in the
cloud, how this changes data center operations,
and best practices to account for those changes.
In this session, key considerations in architecting
and building a secure private cloud will be
discussed. You will be able to define the private
cloud and multi-tenancy, and learn how to
architect a private cloud to achieve secure
multi-tenancy, the key tools needed to ensure
isolation between tenants, and best practices in
securing the underlying virtual infrastructure.
Rob Randell, Staff Security and Compliance Specialist,
VMware, Inc.
3181 Data integrity Debate
■ Intermediate
data integrity, one of the four core concepts of
information security, is critical to all organizations.
The integrity of data needs be ensured whether
data is in transit or at rest, and changes made
only when authorized. how can organizations
achieve something so important? listen as a
cISO and a cSO debate the topic and interact with
the audience to take questions and provide tips in
what is sure to be an informative and entertaining
session.
John Petrie, CISO, Heartland Clark; Preston Wood, CSO,
Zion Bank
3182 security ‘App-Titude’
■ Intermediate
can ignorance be bliss in a world that is rife with
vulnerabilities and threat agents that wish to
exploit them? What is the attitude that many have
toward application security? Who can you call an
expert in application security in this day and age?
come for a fun-filled and informative session on
what it takes to develop secure applications and
increase your security ‘app-titude’! Technologists
and management professionals are welcome. You
would not want to miss this!
Mano Paul, CEO, SecuRisk Solutions
3183 The AbCs of Global Mobile
Enterprise Compliance
■ Intermediate
Organizations have spent millions of dollars on
developing and maintaining data, security, and
privacy compliance mechanisms to adhere to
hIPaa, GlBa, PcI, and others around the world.
Globally, almost a hundred laws exist, and most
of the 50 united States have privacy and security
laws and guidelines. This discussion addresses
why smart phone compliance has been such a
challenge and offers a moderately technical
discussion on what security professionals can
do in the short term to make their mobile devices
compliant with their wired enterprises. handouts
will help you assess your own compliance
postures.
Winn Schwartau, Chairman of the Board, Mobile Active
Defense
3184 Control and Harmonization
of Compliance Efforts Across
Multiple regulations
■ Intermediate
The presentation discusses strategies for
synthesizing the information security related
legal obligations faced by many organizations,
with their internal risk management needs and
priorities, in a comprehensive and effective
security program. areas of focus include: what
government regulators expect in an information
security program; how to balance inconsistent and
conflicting legal requirements; prioritizing legal
requirements based on the expected improvement
in legal compliance and reduction of potential
security incidents that tend to initiate government
investigations; and integrating requirements of
contracts into the information security program.
Mark Paulding, Attorney, HoganLovells US, LLP
42 Asis 2011 Anticipate the unexpected. The security tools, techniques, and talent for tomorrow.

3185 improve Your sDLC With
CAPEC and CWE
■ Intermediate
unfortunately, many organizations are still
focused exclusively on operational security,
specifically the detection and remediation of
exploitable applications. In contrast, developers
are concerned with functional requirements and
shipping dates for their applications. how can
organizations reduce code vulnerabilities and
improve their Sdlc approaches with caPec and
cWe? This presentation shows how to avoid
making the “Top 25 Most dangerous Software
errors” by providing lessons learned from various
application development teams through the Sdlc,
and real-world examples of how organizations can
use these measurement tools to set priorities and
make practical risk-based decisions. See real
exploitation scenarios that were made possible by
the smallest of errors.
Speakers to be determined
1:45 pm–3:00 pm
3201 Asis standards: Explore
resilience and risk Management
Around the World
■ Intermediate
an international panel will explore how resilience
and risk management are changing the way
businesses manage their risks in countries
around the world. What do you need to know to
conduct a global business? What changes and
standards are on the horizon? how will this affect
your supply chain? Find out in this informative
session.
Peter Brian Boyce, Senior Business Manager, Security
Management Systems–Asia, Lloyds Register Quality
Assurance; Dr. Marc Siegel, Commissioner, ASIS Global
Standards Initiative, ASIS International; Jose-Miguel
Sobron, Crisis Management Support, United Nations Unit;
Grant Lecky, National Coordinator BCP, Citizenship and
Immigration, Canada
Sponsored by the ASIS Standards and Guidelines
Commission
TUESDAY
LEVEL KEY: ● Fundamental ■ Intermediate ▲ Advanced
TUEsDAY, sEPTEMbEr 20 • 11:00 am–12:00 noon • 1:45 pm–3:00 pm
“The scale and scope of this
seminar makes it the most
cost-effective event of the year.”
Scott derby
Vice President
State Street corporation
3202 integrator series: securing
Healthcare security—Compliance,
Protection, and Diversity
● Fundamental
leading healthcare practitioners will reveal their
biggest challenges and what they expect from
today’s systems integrator. understand hIPaa
compliance requirements. learn about infant/
patient RFId systems. evaluate leveraging
infrastructure and OR surveillance for education.
examine violent patients and violence in facilities.
learn about remote diagnosis, triage, and more.
Bonnie Michelman, CPP, Director Police Security Outside
Services, Massachusetts General Hospital; Mike
Cummings, Aurora Healthcare
3203 retail Loss Prevention: Crisis
Management, Technology, and
Management Effectiveness
▲ Advanced
Retail loss prevention executives will discuss
three critical functional areas of lP programs:
crisis Management—from natural disasters
to shootings, effective management of crisis
situations can secure against loss of life and
protect the company’s brand and identity;
Technology utilization—the pace of changing
technology is staggering and retail lP executives
must identify innovations that bring immediate
value to the organization; Management
effectiveness—without effective lP management
and leadership, organizations often do not
embrace the proactive measures needed to
protect the organization.
William Alford, President, International Lighthouse Group,
Inc.; Mark Gaudette, Director of Loss Prevention, Big Y
Foods; Kathleen Smith, Vice President–Loss Prevention,
Safeway; Jumbi Edubehram, Vice President–Business
Development, Next Level Security; Greg Brumley, CPP,
Senior Director, Loss Prevention, T-Mobile, U.S.
Sponsored by the ASIS Retail Loss Prevention Council
September 19–22, 2011 | Orange County Convention Center | Orlando, Florida | www.asis2011.org 43

Education sessions: 3000 Series
TUEsDAY, sEPTEMbEr 20 • 1:45 pm–3:00 pm
3204 surveillance and Threat
Detection: Prevention vs. Mitigation
■ Intermediate
damage mitigation through increased physical
security must evolve to include a new and
proactive approach of attack prevention through
the identification and disruption of pre-attack
and pre-operational planning, and surveillance
activities. Gain a unique look at how to
encapsulate criminal and terrorist surveillance,
analyze suspicious activity reports, and utilize a
threat-based surveillance detection protection
program to increase probability of prevention
while streamlining protection assets and cost
effectiveness.
Richard Kirchner, Jr., Special Agent Senior Law
Enforcement Supervisor, Pentagon Force Protection Agency
3205 Explosion-induced injuries and
Protective Gear
▲ Advanced
Potential injuries caused by blast exposures
are of interest to military and law enforcement
personnel exposed to blast in the course of
doing breaching maneuvers, operating weapons
that produce back-blast, performing explosive
ordnance disposal, or at risk of exposure to
terrorist bombs. understanding these effects is
essential to adopting safe operating procedures
and minimizing risk. This session addresses the
state of knowledge pertaining to the bio-effects
of blast, in general, and neurological effects, in
particular, and provides proven recommendations.
Nancy Renfroe, PSP, Vice President and Division Manager,
Applied Research Associates (ARA); Lee Ann Young,
Science and Technology Advisor, Applied Research
Associates (ARA)
Sponsored by the ASIS Fire and Life Safety Council
3206 security Architecture and
Engineering, Part 2: systems Design
and Engineering
● Fundamental
You’ve established your security system
requirements. now they must be met in the
design of your system. learn how a security
system design is developed and how bid and
construction documents are prepared. explore
how to achieve a good design and establish
requirements for hardware and software,
operation and technical procedures, facility
support, and construction. hear about design
documentation such as engineering drawings,
equipment bid specifications, bill of materials,
installation specifications, and cost estimates.
(See Part 3, session 3305, page 49.)
Frank M. Carpency, CPP, PSP, Principal and Chief
Engineer, Carpency and Associates, LLC; Robert Pearson,
PE, President, The Peotectorate Corporation
Sponsored by the ASIS Security Architecture and
Engineering Council
3207 supply Chain security: The
New Normal
▲ Advanced
discuss recent events, mitigation strategies,
best practices, and international supply chain
security programs with other security professionals.
The panel discussion is intended to draw out
critical insights into the collateral benefits of
supply chain security. Speakers will present ‘real
life’ business cases to demonstrate the successes
for companies which join these programs and
certifications, and the expected ROI.
Carlos Velez, COL (Retired), Global Supply Chain Security
Director, Johnson & Johnson; Laura Hains, CPP, Security
Specialist, Independent Security Consultant; JJ Coughlin,
Director, Law Enforcement Services, LoJack Supply Chain
Integrity; John Sharp, CPP, Vice President, Sharp Global
Partner, Ltd.; Russ Phillips, Principal, MMTS Group
Sponsored by the ASIS Transportation Council
“An unrivalled fountain of knowledge and
technology specifically pertaining to
the security world.”
Jeff Gwinnett
Facilities Coordinator
loyaltyOne
44 Asis 2011 Anticipate the unexpected. The security tools, techniques, and talent for tomorrow.

TUEsDAY, sEPTEMbEr 20 • 1:45 pm–3:00 pm
3208 iT security Council series: is
the Power infrastructure secure?
Utility and smart Grid security
● Fundamental
learn about the impact of the north american
electric Reliability corporation (neRc), critical
Infrastructure Protection (cIP), and national
Institute of Standards and Technology (nIST)
7628 relative to the security practitioner,
particularly those with interest in the utility
domain. Receive a general overview of smart grid
and the cost of attacks. examine the physical
and systems security implications and concerns,
and disaster recovery and response activities.
Maureen McGovern, President, KSB Solutions; Mark
Schreiber, CPP, Design Engineering Specialist, Fluor
Corporation; Sunil Kumar, Senior Solutions Consultant,
Alert Enterprise, (ISC) 2 Appointee; Cpt. Werner Preining,
CPP, Responsible for European Operations, Interpool
Security, Ltd.
Sponsored by the ASIS Information Technology Security
Council
3209 black Leaders in the security
industry
● Fundamental
The goal of this panel discussion is to mentor
and encourage other black security professionals
to continue to develop and excel within the
industry. The panel examines mentoring,
leadership and career development, continuing
education, certification, and the glass ceiling.
candid discussions of challenges and their
solutions will be shared and explored for postpresentation,
real-world application. This will be
a highly interactive session with audience
participation.
Donald Knox, CPP, Security and Crisis Management
Analyst, Caterpillar; Basil Steele, CPP, Senior Manager
Nuclear Security Program, Sandia National Laboratories;
Loretta Veney, CPP, Owner, Superior Training Solutions;
Leslie Cole, Sr., CPP, Principal Consultant, Leslie Cole
Associates, Inc.; Ray Van Hook, CPP, Executive Director of
Campus Security, The School of The Art Institute of Chicago
Sponsored by the International Organization of Black
Security Executives
TUESDAY
LEVEL KEY: ● Fundamental ■ Intermediate ▲ Advanced
3210 The rise of Domestic Terrorism
▲ Advanced
This presentation will discuss how the FBI
categorizes domestic terrorism—which the FBI
defines as the unlawful use of force or violence
against persons or property to intimidate or
coerce a government, civilian population, or any
segment thereof, in furtherance of political or
social objectives—by the ideological motivations
of the threats. This process helps the FBI to
effectively manage and investigate acts of
domestic terrorism and associated individuals.
The FBI assesses the top five domestic terrorism
threats are militia extremism, white supremacy
extremism, abortion extremism, sovereign citizen
extremism, and animal rights and environmental
extremism.
Sean Joyce, Executive Assistant Director, Federal Bureau
of Investigation
Sponsored by the ASIS Global Terrorism, Political
Instability, and International Crime Council
3211 The security Metrics Challenge
▲ Advanced
how do you present senior business and
government leaders with the security risk
management and performance measures they
need to reasonably assure protection—while also
maintaining an effective ROI? compare the best
practices of top security professionals as they
demonstrate their proven methods for devising
risk-managed proposals to help their executives
make key security budgeting decisions affecting
their businesses and missions.
James Shamess, CPP, Senior Advisor, Security Policy and
Oversight, U.S. Air Force; Jeffrey C. Dodson, Vice
President, Security Integration, BAE Systems; Timothy
McQuiggan, Director, Security and Fire Protection, Boeing
Defense, Space and Security
Sponsored by the ASIS Defense and Intelligence Council
3212 Disaster in the Data Center!
Are You Prepared?
■ Intermediate
You are in charge of the security and information
integrity for your multimillion dollar company.
are you prepared? do you know what to do next?
have you practiced a plan? This session will
discuss several case studies and give tips on how
to effectively prepare your facility for almost any
disaster. Walk away with resources and tips on
how to keep your company running effectively
as soon as possible.
Ronald Lander, CPP, Chief Specialist, Ultrasafe Security
Solutions; Cpt. Werner Preining, CPP, Responsible for
European Operations, Interpool Security, Ltd.
Sponsored by the ASIS Crisis Management and Business
Continuity Council
September 19–22, 2011 | Orange County Convention Center | Orlando, Florida | www.asis2011.org 45

Education sessions: 3000 Series
TUEsDAY, sEPTEMbEr 20 • 1:45 pm–3:00 pm
3214 soft Targets
● Fundamental
Industry and government protection leaders share
insight on the numerous challenges of securing
soft targets in today’s changing environment.
What makes a target soft, what makes it unique
and challenging when evaluating risk assessments
and/or in deploying security measures? The panel
shares first-hand experiences, knowledge, and
processes to shed light on the growing risk
associated with soft targets. Whether you are a
soft target, are responsible for employee travel
and events, and/or charged with executive
protection, you will gain a clearer understanding
of this security phenomenon.
James C. Reynolds, CPP, Director of Safety and Security,
Hilton Worldwide
Sponsored by the ASIS Global Terrorism, Political
Instability, and International Crime Council
3215 background Checks Under Fire:
A Legal Update
■ Intermediate
Background screening practices are facing a
firestorm of legal scrutiny, restrictions, and
media criticism as evidenced by recent actions
filed by the eeOc, laws targeting the use of credit
and criminal data, and “ban the box” initiatives
limiting the access to critical applicant information.
Yet high profile shootings and widely
publicized threats to workplace safety have left
many wondering why more cannot be done to
protect the workplace and the public. Security
professionals are caught in the crosshairs. This
session will arm you with a critical legal update
and recommended best practices.
Angela Bosworth, Executive Vice President, General
Counsel, OPENonline
3216 integrated Operational
risk Management: A Look inside
Westinghouse
■ Intermediate
understand the importance of an integrated
operational risk program highlighting all assets:
people, facilities, supply chain, and intellectual
property. as global operational threats continue to
increase, proactive programs are more important
than ever. These threats can range from natural
disasters to health to civil unrest to the cyber
world. The first part of this session will outline the
key program considerations, while the second
part will study a specific program employed by
Westinghouse.
Russell Cline, Corporate Security Director, Westinghouse
Electric Company; Bruce McIndoe, President, iJET
Intelligent Risk Systems
3217 supply Chain security:
The Americas
■ Intermediate
This session defines the scope and effect of
cargo crime in the americas. understand the
need to have an effective cargo and supply chain
security program for companies who move
cargo in/out/through the amercias. Methods
of protecting the supply chain and investigative
best practices will be covered.
Art Arway, CPP, Vice President/Regional Head of Security,
Amercias, DHL Global Forwarding
3218 Protection intelligence: Putting
it in the Hands of Potential Targets
● Fundamental
Violence in Mexico often surpasses the abilities
of authorities to immediately control dangerous
situations. Mexicans have turned to each other to
provide crucial and immediate information so as
to avoid dangerous situations. learn the different
methods utilized to disperse this information,
how the populace has evolved in using social
networks and communication mediums, and the
weaknesses of these information mediums.
actual case histories of violence and how citizens
are utilizing these information mediums will be
discussed and analyzed. Methods to determine
false or malicious information will be shown.
Andrew Potts, Jr., Director, Cuspis S.A. de C. V.; Valdemar
Valdez, Security Manager, Operadora Mega
3219 Caution Advised: The Use
of social Networking sites, search
Engines, and Web 2.0 to screen
Applicants
■ Intermediate
employers and security professionals have
discovered a treasure trove of information on
potential job applicants by using social networking
sites, such as MySpace or Facebook, and search
engines. however, just because something is
available online does not mean there is no legal
risk involved or ensure the information is factual.
This session examines the pros and cons of
employers utilizing such tools. Through case
studies and reviewing web sites, you will see
visually how these sites work, what they contain,
and the potential legal landmines and practical
risks involved.
Lester Rosen, Attorney at Law
46 Asis 2011 Anticipate the unexpected. The security tools, techniques, and talent for tomorrow.

TUEsDAY, sEPTEMbEr 20 • 1:45 pm–3:00 pm
3220 Getting From Here to There:
Advancing in the security Field
● Fundamental
With the ever changing world of the private
security sector, learning what it takes to ‘move up
the ladder’ can be challenging and confusing. a
panel of security veterans tell it like it is for those
ready to move up.
Jeffrey Hawkins, Manager, Security Management
Education Outreach, American Military University; Jeffrey
Slotnick, CPP, PSP, President, Setracon Incorporated; Ray
Van Hook, CPP, Executive Director of Campus Security, The
School of The Art Institute
3280 Forensics and the Cloud
■ Intermediate
due to the explosion of applications for cloud
computing, a new practice has emerged in
“cloud forensics.” In fact, the u.S. department
of Justice has begun to focus efforts in this area.
Who controls the evidence, including collection,
preservation, and validation of information
contained within the cloud? What happens if that
cloud is outside the united States? This session
attempts to explain what the cloud and forensics
mean in relation to one another.
3282 Picking the right Tool for
the Job: Using Vendor Tools to Aid in
the Development of secure Code
■ Intermediate
Building secure code is a top priority for
organizations today. as criminals move from
attacks against the operating system to third
party applications, organizations find themselves
on the receiving end of attacks. developing
secure code is not only technically challenging,
but is inherently difficult due to a variety of factors
including interaction with other code, and new
attacks. Many vendors have released tools to aid
developers in this endeavor. This session looks
at the application security products market and
discusses some of the options that organizations
have in choosing a tool.
Robert Ayoub, Global Program Director, Network Security,
Information & Communication Technologies, Frost and
Sullivan
TUESDAY
LEVEL KEY: ● Fundamental ■ Intermediate ▲ Advanced
3283 Mobile Applications: Managing
Enterprise risk and Exploitation
■ Intermediate
an emerging trend is for large organizations to
shift mobile device ownership and maintenance
to their employees to reduce business costs.
at the crossroads of this shift in IT governance
are smartphone applications and their ability
to access corporate resources and intellectual
property. not all smartphone applications are
created equal. Most organizations lack formal
processes to support centralized device
management, secure application distribution,
software security, and privacy control. Vetting
risk becomes increasingly embedded into the
converged mobile and Intranet architectures.
This session presents a mobile application risk
management framework which addresses
assessment and mitigation techniques.
Richard Tychansky, Information Assurance Engineer,
Lockheed Martin Corporation
3284 Putting Your House in Order—
business intelligence Gathered
From 100+ sustainable iT-GrC
implementations
■ Intermediate
Review best practices and concepts from
real-world IT GRc implementations proven to
work for 100+ organizations. decipher when to
apply various risk assessment methodologies
(top-down vs. bottom-up; threat-based vs.
business criticality). Gain an understanding
of existing controls framework and selecting
appropriate frameworks based on the target areas
and relevant regulations. Review techniques for
avoiding pitfalls of controls catalogue overload.
case studies highlight challenges of the IT GRc
program roll-out and exploring technology to
match the organization’s needs and
methodologies.
Vivek Shivananda, Founder/CEO, Rsam
“The seminar and Exhibits is
the best source for staying
current in the industry and
reviewing products.”
Mike Bruggeman
Director, Global Security
General Motors
September 19–22, 2011 | Orange County Convention Center | Orlando, Florida | www.asis2011.org 47

Education sessions: 3000 Series
TUEsDAY, sEPTEMbEr 20 • 1:45 pm–3:00 pm • 4:30 pm–5:30 pm
3285 risk Analysis and
Measurement With CWrAF
■ Intermediate
The common Weakness Risk analysis Framework
(cWRaF) uses the common Weakness Scoring
System (cWSS) scoring criteria with cWe to
provide measures for prioritizing risk mitigation
efforts and focusing secure coding practices.
cWRaF enables targeted specification of “Top-n”
cWe lists that are relevant to specified technologies
used within specific business domains.
In this session, construct multiple cWRaF
vignettes for specific business domains, see
how the decisions made during vignette definition
affect the assessment of risk for individual
weaknesses, and be able to provide input to
refine the concepts in cWRaF and identify
business domains that would benefit from cWRaF.
Bob Martin, Principle Engineer, The MITRE Corporation;
Richard Struse, Deputy Director of Software Assurance
Program, U.S. Department of Homeland Security
4:30 pm–5:30 pm
3301 The international Code of
Conduct for Private security service
Providers: A New benchmark for
Quality
▲ Advanced
corporations worldwide increasingly operate in
regions where security remains an essential
part of conducting daily operations. Often the
most effective way to meet this need is by
hiring a private security service provider. The
resulting security, however, may seriously impact
shareholder value, reputation, or community
initiatives. how should security directors ensure
they select the right security partner? This
session provides an overview of the International
code of conduct, the anSI/aSIS standards under
development to make the code actionable, and
plans to draft an international governance
mechanism for private security service providers.
Mark DeWitt, Deputy General Counsel/Vice President,
Government and Regulatory Affairs, Triple Canopy
3302 Customer satisfaction
Catalyzing an Enhanced security
Environment in Organizations
▲ Advanced
Successful organizations where security has
been centric to success have discovered that
staff support and participation is crucial to
ensure high levels of security environment/
culture. The easiest but erroneous methodology
widely adopted to address security concerns
is to pump money, which is granted after any
media-tracked security incident, for acquisition
of security equipment. Staff attending customers
are trained to look out for physiological details
in a very non-intrusive manner. Investing wisely
to educate and train our staff (non-security
personnel), and stressing upon the importance
of their contribution on the detection/prevention
of security-related incidents, would pay dividends
to enhancing security.
Paul Devassy, CPP, Corporate Security Manager–India,
Henkel India
3303 integrator series: Transportation
and Port security solutions
● Fundamental
Security professionals from two of the largest
north american ports will reveal how they make
decisions concerning their security and antiterrorism
programs. learn about perimeter
security and maintaining sterile areas. examine
surveillance best practices for multiple agencies
including traffic monitoring. Receive information
on protecting critical borders and crossings.
Study entry screening and more.
Jose Gomez, Port Authority New York New Jersey;
Hector Pesquera, Port of Miami
3304 innovation or Confusion? How
Will High-Tech industries impact
Electronic security systems?
● Fundamental
The rapid advances in technology can positively
or negatively influence you every day as a physical
security professional. This session examines the
most promising technologies for our industry—
hd, hosted services, networking and computing
technologies, and video analytics—and outlines
examples of their impact on physical security. It
offers evaluation and decision-making processes
to include, ignore, or postpone deployment of new
technologies for your electronic security system.
understand how, given two functionally equivalent
security systems, the simplest one to manage
should be chosen.
Fredrik Nilsson, General Manager, Axis Communications;
Charlie Pierce, President, LeapFrog Training & Consulting;
Benjamin Butchko, CPP, President/CEO, Butchko Security
Solutions
48 Asis 2011 Anticipate the unexpected. The security tools, techniques, and talent for tomorrow.

TUEsDAY, sEPTEMbEr 20 • 4:30 pm–5:30 pm
3305 security Architecture and
Engineering, Part 3: Creating and
Communicating the security system
▲ Advanced
a well-designed system can be an operational
nightmare unless it is implemented properly.
learn how to successfully manage the project so
that you remain on schedule and within budget.
Review contractor deliverables and learn tips
on how to administer a construction contract,
manage construction, and run a project meeting.
explore basic system and component tests that
will tell you if your system is performing as
required. learn how to perform a post-occupancy
evaluation to ensure that the system is being
operated as intended and serves the purpose
required.
Philip Stearns, PE, PMP, Program Manager, Conti Federal
Services; James R. Black, CPP, PSP, CET, Security
Consulting Manager, Microsoft Corporation
Sponsored by the ASIS Security Architecture and
Engineering Council
3306 iT security Council series:
Federal information security
● Fundamental
Gather valuable information concerning current
and future policies and requirements in the
federal sector. Receive a high-level policy overview
to provide context that includes critical and
relevant points from FISMa, nIST, and FIPS
standards as well as guidance and requirements
specific to dod and the Intelligence community
(Ic). discuss information system certification
and accreditation overhaul, cyber threats to the
government, protection of information, and
workforce education. Important initiatives such
as continuous monitoring, situational awareness
developments, and identity management also
will be covered.
Dr. Thresa Lang, Corporate Security Strategist, Dell;
Sal D’Agostino, CEO, IDmachines, LLC; Matthew
Hollandsworth, CPP, Senior Security Manager, Booz
Allen Hamilton, (ISC) 2 Appointee; Maureen McGovern,
President, KSB Solutions
Sponsored by the ASIS Information Technology Security
Council
TUESDAY
LEVEL KEY: ● Fundamental ■ Intermediate ▲ Advanced
3307 Your Career is Your Currency.
What is it Worth? steps to building
or Transitioning Careers
■ Intermediate
Review the big fish/little pond syndrome and
gain an understanding of the problems faced in
the hiring process for both the cSO and the
applicant. evaluate careers and experiences to fit
the pond. Whether you are hiring a new manager
or changing careers, learn to leverage analytical
skills, management experience, and team-building
capabilities in a corporate environment. War
stories—know when to hold them and when to
fold them. no badge? discover new means to
persuade people to consider your point of view.
Place your career in better standing by remaining
current and using continuing education and
professional certifications.
Pam Brennan, Partner, LifeAfter the Badge
3308 role Model: Creating a Positive
security Culture
■ Intermediate
“I didn’t know” is seldom a truthful excuse for
causing a security incident. Security rules aren’t
complicated, so most incidents result more from
attitude than ignorance. attitudes are based in
culture, so we must create a culture where every
employee believes that security is an integral part
of their daily activities. culture arises when
leaders set important goals, communicate clearly,
deal with issues, and create an atmosphere of
trust. This session discusses specific steps
security professionals can take to drive
development of a positive security culture.
Steven Rients, CPP, Manager, Security Training, BAE
Systems, Inc.
3309 security reserve Corps
▲ Advanced
a 100-person Security Reserve corps was
developed at one the largest academic medical
centers in the united States. This presentation
discusses various issues involved in creating and
maintaining a reserve security capability in a 24x7
healthcare environment. Issues include leadership
support, recruitment, training, equipping,
deploying, and exercising their capabilities.
James McNeil, CPP, Administrator, Safety and Security,
Mayo Clinic
September 19–22, 2011 | Orange County Convention Center | Orlando, Florida | www.asis2011.org 49

Education sessions: 3000 Series
TUEsDAY, sEPTEMbEr 20 • 4:30 pm–5:30 pm
3310 Profiting From Organizational
resilience: The role of the Chief
security Officer
■ Intermediate
Organizational resilience synergistically integrates
such components as security management,
business continuity, and crisis management
within a systems dynamics framework. The
implementation of the OR Standard from the
corporate security perspective is tremendously
valuable, but to fully realize its benefits, it is
necessary to have the chief Security Officer
involved as a primary stakeholder. corporate
security, business performance, and various
stakeholder concerns will profit by incorporating
high-level participation in the project. The
presentation highlights Fortune 500 and cSO
Roundtable experiences as well as other
applicable information to businesses operating
domestically or globally.
Grant Lecky, National Coordinator, Business Continuity
Planning, Department of Citizenship and Immigration,
Canada; Marc Glasser, CPP, Principal, PRM GLOBAL, LLC
Sponsored by the ASIS Crisis Management and Business
Continuity Council; and the ASIS CSO Roundtable
3311 security Officer Training: What
really Works—and What Doesn’t
● Fundamental
learn about security failures directly related
to improper or ineffective training. commonly
used methods of training will be dissected
and thoroughly discussed. Improved methods,
especially those with cost-effective components,
will be outlined. Take home solid recommendations
for re-vamping and improving your training
programs, reducing exposure to litigation,
addressing the departmental mission, and
retaining valuable employees.
Steve Layne, CPP, Principal Consultant, Layne Consultants
International; Michael Kirchner, CPP, Director of Security,
Harvard University
Sponsored by the ASIS Cultural Properties Council
3312 Protecting Your brand Online:
success stories on How to Tame
the internet
■ Intermediate
attend this session to understand the scope
of the challenge of protecting your brand online.
learn how this affects the business from a
reputation and financial perspective. understand
the actions that can be taken to mitigate issues
and measures to implement to prevent challenges.
We will also discuss success stories.
Mike Monzon, Senior Director, MarkMonitor; Richard
Widup, Jr., CPP, Senior Director, Corporate Security,
Purdue Pharma, LP
3313 Defense security service
report to Asis
▲ Advanced
learn about the symbiotic relationship between
the defense Security Service (dSS) and aSIS
International. a senior dSS leader will explain
current dSS initiatives and issues with a look into
how dSS policies and practices affect industry.
dSS supports national security, secures the
nation’s technological base, and oversees the
protection of u.S. and foreign classified
information in the hands of industry. dSS
administers the national Industrial Security
Program (nISP) on behalf of the military services,
defense agencies, and 23 other federal agencies.
Stan Sims, Director, Defense Security Service; Drew
Winneberger, Director, Industrial Policy and Programs,
Defense Security Service
Sponsored by the ASIS Defense and Intelligence Council
3314 Preventing an Active
shooter incident
● Fundamental
From columbine to Fort hood to Tucson. What
did these mass shooters have in common? all
gave warning signs before they made the news
and none of them ‘just snapped.’ When you know
what to look for and how to deal with it, these
horrific acts can be prevented. This presentation
cites the mass workplace shootings of the past
25 years and shows you how to create an
effective workplace violence prevention program
at your organization.
Darrell Clifton, CPP, Director of Security, Circus Circus
Hotel Casino
3315 Technology Upgrades: From
Concept to installation
▲ Advanced
This session guides you through an actual
$4 million dollar security technology upgrade
from conceptualization to final installation.
Issues addressed include how to quantify and
communicate the need to senior leaders, the
RFP process, planning/design, the return on
investment justification, special needs such
as the handicapped, communication issues,
hR issues, final installation, and the staged
implementation of the project. Receive templates
for financial justification and presentations for
senior leaders.
Jay C. Beighley, CPP, CFE, Vice President, Corporate
Security and President NPPS, LLC, Nationwide Insurance;
Don Goodman, Security Operations Manager, Nationwide
Insurance
50 Asis 2011 Anticipate the unexpected. The security tools, techniques, and talent for tomorrow.

TUEsDAY, sEPTEMbEr 20 • 4:30 pm–5:30 pm
3316 Making suspicious Activity
reporting Work for You
● Fundamental
have you or your security officers ever seen
something suspicious? Of course! are you
confident that intelligence analysts and officers
are investigating your suspicious activity reports
(SaR), and that they have access to reports from
across the country to make an informed
comparison? have you wondered what other
suspicious activity might be occurring around
your facility? Join the discussion to learn about
the interagency nationwide SaR Initiative and
how security professionals working in critical
infrastructure sectors can participate.
Steven G. King, CPP, Senior Advisor, U.S. Department of
Justice
3317 How Vulnerable is Your Data?
Cost-Effective best Practices to
safeguard Against Data breaches
▲ Advanced
Protecting intellectual property, customer
information, financial data, and other sensitive
documents from both employee theft and external
breaches is challenging. Implementing reasonable
and cost-effective data safeguards decreases an
organization’s vulnerability to external attacks,
insider crimes, and/or employees’ mistakes.
explore how to strengthen security measures
and plan an efficient response before an incident
transpires, saving valuable time and money.
Alan Brill, Senior Managing Director, Kroll Ontrack
3318 Anticipate the Unexpected?
Understanding the Threat
▲ Advanced
When using the Security Vulnerability assessment
in an industrial context, security practitioners
need to measure the vulnerability of a facility
against its potential threats. countermeasures
recommended to mitigate the possible actions
follow from the threat evaluation. however, this
part of the SVa often ends up as a summary of
past incidents with little conceptual effort put
into trying to evaluate the threat rationally. Since
the threat is the driver behind the security
recommendations, it is crucial that it is assessed
sensibly if one intends to achieve management
buy-in.
Jean Perois, CPP, PSP, Vice President–Risk Enterprise, Risk
Management International Middle East
TUESDAY
LEVEL KEY: ● Fundamental ■ Intermediate ▲ Advanced
3319 NAsA’s Next Mission: Mars
science Lab – Curiosity rover
● Fundamental
naSa’s Mars Science laboratory mission is
preparing to set down a mobile laboratory—
the rover curiosity—using precision landing
technology. For the first time, many of Mars’
most intriguing regions will be viable destinations.
during the 23-month mission, curiosity will
explore, assess, and characterize the Mars’
surface as a potential habitat for life, past or
present. The nine-month journey to Mars begins
this Fall from Kennedy Space center (KSc). This
presentation provides an overview of the MSl
mission, update on processing at KSc, and an
overview of the MSl launch services managed by
the KSc launch Services Program.
Charles A. Tatro, Mission Manager, Launch Services
Program, NASA
3320 Growing Your bench: A
Comprehensive success Plan
for the Discovery, retention, and
Development of Top security
Employees
● Fundamental
In these challenging times, it is essential that
you develop an organized, fully actionable strategy
for security staff development. leaving this
process to chance can have a devastating impact
on the future of your organization. explore the
three key phases of staff development. Phase
one will focus on finding qualified candidates
through the development of partnerships with
educational security programs of colleges and
universities. Phase two will examine employee
retention systems and methodologies. Phase
three will explore junior leadership development
best practices and case studies. leave with the
tools necessary for growing a productive
employee base.
Jeffrey P. Grossmann, Esq., Assistant Professor/Director
Homeland and Corporate Security Program, St. John’s
University; Paul Benne, PSP, Senior Security Specialist,
Syska Hennessy Group
Sponsored by the ASIS Academic Programs and Training
Council
September 19–22, 2011 | Orange County Convention Center | Orlando, Florida | www.asis2011.org 51

Education sessions: 3000 Series
TUEsDAY, sEPTEMbEr 20 • 4:30 pm–5:30 pm
3380 Debate—Collecting of Personal
information From the Cloud
■ Intermediate
are we over sharing? as more and more of the
global village connect and share personal
information, these connected pieces of data have
become increasingly valuable. But are we losing
our personal privacy? While Google’s spiders may
find much of the data on us and the organizations
we represent, we are the ones who are truly to
blame for making it available in the first place.
This spirited debate will explore privacy trends and
how the impact of social media has shaped our
current and future data protection strategies.
Raj Goel, Chief Technology Officer, Brainlink
International, Inc.
3381 Psychological Principles in
social Engineering
■ Intermediate
From lawyers to panhandlers, con artists to serial
killers—knowing the fundamental attributes of
psychology can propel your social engineering
efforts to a new level. understanding people’s
tendencies and reaction to your behavior can
help you maintain control or convincingly deceive
your target. This presentation includes core
psychological principles and combines them with
real-world technical security examples to assist
you in creating more successful storyboards for
social engineering efforts.
Joe Sechman, Director, Sunera; Robert Carr, Senior
Manager, Sunera
3383 impact of social Networking on
security Threats
■ Intermediate
The expanding use of social networking technologies
in and outside the workplace has created
a new set of threats facing the organization.
This presentation provides a comprehensive
overview of the new and emerging landscape
of social networking and the resulting attack
vectors created by our use of these technologies.
develop an understanding of the specific range
of risks organizations face in managing these
new technologies. learn a range of potential
responses to address these risks and the likely
vulnerabilities we face in confronting these rapidly
evolving technologies in our organizations.
David Melnick, Principal, Manager, Deloitte, LLP;
Charlie Blanchard, Deloitte, LLP
3384 A Guide to security Metrics
■ Intermediate
a metrics program provides the information
security team with information for better decision
making at both strategic and operational levels.
an effective program should influence the strategy
so that decisions made based on the data from
the metrics program are different than they would
be without such data. Operationally, an effective
program guides day-to-day decision making and
optimizes existing technologies and processes.
Security metrics may be used to fix a security
process which is broken, to focus limited
resources on protecting the most valuable assets,
or to ensure that basic security processes are in
place and working well.
Caroline Wong, Senior Manager, Security Program,
Zynga, Inc.
3385 software Assurance Panel
Wrap-up
■ Intermediate
This interactive session highlights the strengths
and weaknesses of the methods and practices
presented today. ask the speakers to contrast
their perspectives in order to understand what
lessons best apply to you. do the practitioners
appreciate the benefits and products from the
theoreticians and modelers? What will it take to
make all this work and produce tangible results?
how far are we from a software assurance
marketplace with automated tools we can use?
can we move cybersecurity and applications
development from a blame game to a team game?
Joe Jarzombek, Director of Software Assurance, U.S.
Department of Homeland Security; Bob Martin, Principle
Engineer, The MITRE Corporation; Richard Struse, Deputy
Director of Software Assurance Program, U.S. Department
of Homeland Security; Paul Nguyen, Vice President, Cyber
Solutions for Knowledge Consulting Group
“You need to be there to appreciate
the level of education and practical
knowledge you will acquire in a
week.”
Ikhuoria evans
Security Intelligence & Surveillance Analyst,
Lagos and Offshore
Shell nigeria exploration & Production
company (SnePco)
52 Asis 2011 Anticipate the unexpected. The security tools, techniques, and talent for tomorrow.

WEDNEsDAY, sEPTEMbEr 21
Schedule-aT-Glance
all sessions will be held at the Orange county convention center.
8:00 am–9:00 am: KEYNOTE: Vicente Fox, President of Mexico, 2000–2006
11:00 am–12:00 noon
4101 ASIS Standards: The ASIS/SHRM
Workplace Violence Prevention and Intervention
ANSI Standard and How It Can Help You
4102 Public-Private Partnership in Emergency
Planning and Florida’s Regional Domestic
Security Task Force Concept
WEDNESDAY
LEVEL KEY: ● Fundamental ■ Intermediate ▲ Advanced
LEVEL
Arch/Eng/Design
Crime/Loss Prevention
Crisis Management
Critical Infrastructure
Global
Government/Military
Homeland Security
Information/IT Security
Investigations
Legal
Management
Physical Security
Professional Development
Terrorism
Young Professionals
Systems Integrator NEW
Application Security
Cloud Security
Governance, Regulation,
and Compliance
Mobile Security and
Social Networking
Swiss Army Knife
■ X X
● X X
4103 Climbing the Corporate Security Ladder ● X X
4104 Making the Most of Uncertainty: The
Strategic Value of Scenarios
■ X X
4105 Gateway to International Markets ● X
(ISC) 2 Security Congress
4106 Integrator Series: Technology Solutions
for Loss Prevention, Retail Security, and Fighting
Organized Retail Crime
● X X X X X X
4107 Criminal Calendar, Criminal Mind: A Tale of
Two Cities
4108 Pardon the Industry Expert: How Security
■ X X
Policies, Procedures, and Products Uniquely
Affect Vertical Markets
■ X X
4109 Piracy and Supply Chain Resilience:
Challenges and Emerging Trends
▲ X X X X X
4110 Controlled Chaos: Security vs.
Sustainability
● X X X
4111/4184 IT Security Council Series: Legal
and Compliance Aspects of IT
● X X X X
4112 Maximize Your Employee Pool: Find Value in
■
Hiring Military Veterans and Reservists
X X X
4113 Behavior Detection and Other Practices for
Protecting Retail Facilities From Terrorism
▲ X X X X
4114 Fire and Life Safety Fundamentals for the
Security Practitioner
4115 Steps to Success: Education, Training, and
● X X X X
Professional Development in Security and Crisis
Management
● X X X X
4116 Measuring Security Risk: Part of the
Management Process
■ X X
4117 Guns in the Workplace ▲ X X X
4118 Social Networking: New Challenges of
Managing Stalking in the Workplace
■ X X X
4119 A Campus Response Team (CRT) Focused
Approach in the Multi-Campus Organization
▲ X X
4120 The DHS Office of Infrastructure Protection
and the AH&LA—Resources for Hotels
■ X X X X X
4181 The Reality of Cyber-Centric Terrorism ● X X X X X
4182 Integrating Security Into the SDLC:
Enterprise Success Stories
▲ X X
4183 Identify, Assess, Mitigate: Security Risks of
New Mobile Devices and Applications
▲ X X X
4184/4111 IT Security Council Series: Legal
and Compliance Aspects of IT
● X X X X
September 19–22, 2011 | Orange County Convention Center | Orlando, Florida | www.asis2011.org 53

WEDNEsDAY, sEPTEMbEr 21
Schedule-aT-Glance
all sessions will be held at the Orange county convention center.
1:45 pm –2:45 pm
LEVEL
Arch/Eng/Design
Crime/Loss Prevention
Crisis Management
Critical Infrastructure
Global
Government/Military
Homeland Security
Information/IT Security
Investigations
Legal
Management
Physical Security
Professional Development
Terrorism
Young Professionals
Systems Integrator NEW
Application Security
Cloud Security
Governance, Regulation,
and Compliance
Mobile Security and
Social Networking
Swiss Army Knife
4201 Public-Private Partnership in Intelligence
Sharing: The Central Florida Intelligence
eXchange (CFIX)
● X X
4202 Getting to Yes: Positioning Projects for
Senior Management Approval
■ X X
4204 Integrator Series: Critical Infrastructure
Security Solutions (Energy, Water, Gas)
4205 The Convergence of Crisis Management,
● X X X X X X X X
Business Continuity, and Organizational
Resilience
■ X X X X
4206 The Virtual Security Officer: Are You Getting
the Most From Your Cameras and Guards?
■ X X X
4207 Do You Hear What I Hear? An Examination
■
of Forensic Content Analysis of Verbal Statements
X X
4208 In Our Neighborhood: Domestic Terror
Groups and Their Tactics
■ X X X
4209 Private Sector Investigations: When (and If)
to Involve Law Enforcement
■ X X X
4210 Examination of Workplace Violence:
Recognize and Diffuse
● X X X X
4211 Predictive Analytics and Other Effective
Maritime Counter-Piracy Solutions
■ X X
4212 Gaining Insight on Mexico’s Crisis ■ X X X
4213 Communicating Travel Security: What You
Need to Know to Tell Others
■ X X X
4215 Developing Security Programs in a
Multi-Disciplinary Research Environment
▲ X X X X
4216 Making the Decision: Transitioning From
Proprietary Security to Contract Security
■ X X X
4217 Can Hotels Really Protect Tourists and
Guests with Emerging Threats?
■ X X X X X
4218 Public-Private Partnerships (P3s): A
Rapidly Expanding Windfall for Public Safety
● X X
4219 Lodging Partnerships With Law
Enforcement
● X
4281 The Renaissance Security Professional ■ X X X X
4282 The Unintended Consequences of Well-
Intentioned Requirements
4284 Lessons Learned From the Federal Trade
Commission (FTC)
■ X X X X
■ X X X X
54 Asis 2011 Anticipate the unexpected. The security tools, techniques, and talent for tomorrow.
(ISC) 2 Security Congress

3:30 pm–5:00 pm
WEDNESDAY
LEVEL KEY: ● Fundamental ■ Intermediate ▲ Advanced
LEVEL
Arch/Eng/Design
Crime/Loss Prevention
Crisis Management
Critical Infrastructure
Global
Government/Military
Homeland Security
Information/IT Security
Investigations
Legal
Management
Physical Security
Professional Development
Terrorism
Young Professionals
Systems Integrator NEW
Application Security
Cloud Security
Governance, Regulation,
and Compliance
Mobile Security and
Social Networking
Swiss Army Knife
4301 Reporting to HR? No Problem.
Demystifying the Jargon, Bridging the Gaps
■ X X
4303 Integrator Series: Pharmaceutical Campus
and Plant Security Solutions
● X X X X X
4304 Pentagon Active Shooter: Implications for
Law Enforcement/Security Agencies
■ X X X X
4305 City Surveillance: Overcoming Privacy
Concerns to Win Over Your Community
4306 Military Transitioning 101: Making the
■ X X
Move From Active Duty and the Benefits of
ASIS Certification
● X X
4307 Building an Effective Information Systems
Security Program
■ X X X X
4308 Crime and Terrorism in Latin America and
the Caribbean
■ X X X X
4309 Web 2.0: Risk From Social Media ■ X X X X
4310 Balancing the Risk Mitigation Program:
Five Questions You Must Ask Yourself
4311 Utilizing a Public-Private Partnership to
▲ X X X
Combat the Emergence of Cyber Crime/Terrorist
Financing
■ X X X X X
4312 Building a Corporate or Municipal Security
Operations Center
▲ X X X X
4313 Security Evolution: Service Matters ■ X X X
4316 Hotel Safety and Security for Your
Corporate Travel Program
● X X
(ISC) 2 Security Congress
September 19–22, 2011 | Orange County Convention Center | Orlando, Florida | www.asis2011.org 55

Education sessions: 4000 Series
WEDNEsDAY, sEPTEMbEr 21 • 8:00 am–9:00 am • 11:00 am–12:00 noon
8:00 am–9:00 am
11:00 am–12:00 noon
KEYNOTE
Vicente Fox
President of Mexico,
2000–2006
See page 4 for keynote
description.
4101 Asis standards: The
Asis/sHrM Workplace Violence
Prevention and intervention ANsi
standard and How it Can Help You
■ Intermediate
Workplace violence presents a challenge for
security, hR, and legal issues that an organization
can face. aSIS and the Society for human
Resource Management (ShRM) are developing
an american national Standard for Workplace
Violence Prevention and Intervention. Based on
the 2005 aSIS Guideline, more than 100
professionals have engaged in the anSI process
to develop a robust Standard that outlines best
practices and recommendations for detecting,
investigating, managing, and addressing
threatening behavior or violent episodes that
occur in a workplace or in association with it or
its employees.
Michael Crane, CPP, Executive Vice President/General
Counsel, IPC International Corporation; Eugene Ferraro,
CPP, PCI, CEO/Founder, Business Controls, Inc.;
Rebecca A. Speer, Esq., Managing Partner/Founder,
Speer Associates/Workplace Counsel
Sponsored by the ASIS Standards and Guidelines
Commission
4102 Public-Private Partnership in
Emergency Planning and Florida’s
regional Domestic security Task
Force Concept
● Fundamental
learn about the Regional domestic Security
Task Force concept used by the State of Florida.
understand how the central Florida area has
embraced the private sector in the design and
working of the program to prepare, prevent,
respond, and mitigate natural and human-initiated
incidents. explore the unique, strong ongoing
relationships among the private and public
participants in the central Florida area that are
key to making this program work.
Joyce Dawley, Co-Chair, RDSTF5; Robert Hansel, Co-Chair,
RDSTF5; Karen Weaver, Regional Critical Infrastructure
Coordinator
4103 Climbing the Corporate
security Ladder
● Fundamental
Security professionals occupy hundreds of
thousands of positions around the world, but
precious few reside at, or are on the path to,
the top of the corporate ladder. What qualities
distinguish a Fortune 500 cSO from a mid-level
security manager? how can you position yourself
as a key advisor or strategist who has the ear of
the cSO and, ultimately, the c-suite and board?
In this session, several cSOs at the top of their
field describe their paths to success and offer
advice to aspirants.
Speakers to be announced.
Sponsored by the ASIS CSO Roundtable
4104 Making the Most of
Uncertainty: The strategic Value
of scenarios
■ Intermediate
Scenarios are a powerful tool that managers can
use to address the strategy paradox—that is, the
belief that committing to success can often lead
to failure because of the unavoidable nature of
uncertainty. This workshop will look at the power
of scenarios to help build strategic success.
Christopher Walker, DBA, Executive Professor of Strategy,
Northeastern University
4105 Gateway to international
Markets
● Fundamental
The u.S. department of commerce will offer
an export seminar on what will enable u.S.
exporters to leverage precious company
resources to grow their presence in existing
markets or enter into new markets through u.S.
Government export promotion programs. It will
also introduce participants to a number of export
finance programs and services offered by u.S.
Government agencies. By the end of this session,
participants will be familiar with tools offered by
the u.S. Government to identify and enter into
promising markets across the globe.
Kenneth R. Mouradian, Director, Orlando U.S. Export
Assistance Center, U.S. Department of Commerce
56 Asis 2011 Anticipate the unexpected. The security tools, techniques, and talent for tomorrow.

WEDNEsDAY, sEPTEMbEr 21 • 11:00 am–12:00 noon
4106 integrator series: Technology
solutions for Loss Prevention, retail
security, and Fighting Organized
retail Crime
● Fundamental
hear directly from loss prevention and security
managers from the nation’s largest retailers
about their biggest challenges and how a systems
integrator can participate in their unified solution.
learn about anti-sweethearting solutions. examine
crime prevention services. Study public view
monitors. learn about video analytics and content
analysis. analyze how to fight organized retail
crime and more.
Dale White, Walmart Stores
4107 Criminal Calendar, Criminal
Mind: A Tale of Two Cities
■ Intermediate
how does a city analyze crime statistics and then
execute crime prevention? can crime mapping
reveal locations not considered? how can we
use a psychological component to explain and
sometimes predict a higher possibility of violent
crime? This session offers the unique viewpoints
of a noted criminologist, a city crime prevention
team, an attorney, and a physical security
professional at one session. actual crime data
will be presented and their predictive use will be
debated.
Steve Surfaro, Industry Liaison, Axis Communications;
Michael Corcoran, Ph.D., President, The Workthreat
Group, LLC
Sponsored by the ASIS Physical Security Council
WEDNESDAY
LEVEL KEY: ● Fundamental ■ Intermediate ▲ Advanced
4108 Pardon the industry Expert:
How security Policies, Procedures,
and Products Uniquely Affect
Vertical Markets
■ Intermediate
When specifying, approving, and installing a
security system, there are numerous factors that
influence the final project. Who is authorized to
work on the system? What standards are best for
this project? What technologies should be used?
To complicate matters, these questions have very
different answers, depending on which industry
you come from. In a Q&a style panel, renowned
experts from various industries explain how
today’s top security trends affect their respective
markets. Topics include standards, technology,
legislation, installation, and intelligent systems.
Ronald Martin, CPP, Physical Security Specialist,
U.S. Government; Scott Dunn, Director of Business
Development, Industry Segments, Axis Communications;
James Prokop, Deputy Program Manager, U.S. Department
of Homeland Security; Richard Lommock, Principal
Engineer, Network Solutions, Bombardier Transportation
4109 Piracy and supply Chain
resilience: Challenges and Emerging
Trends
▲ Advanced
The Suez canal, Red Sea, Gulf of aden, and
Indian Ocean are key waters when considering
international trade. Western nations rely upon
shipping through these waters to support a
range of critical infrastructures, international
trade, and supply chains. learn about the threat
to international shipping, proposed solutions to
this challenge, and emerging risks. Gain insight
from the first-hand experience of persons who
have dealt with the issue and studied it from
critical infrastructure protection and supply chain
resilience perspectives.
Allan McDougall, CPP, Principal Consultant/Director,
Evolutionary Security Management
Sponsored by the ASIS Transportation Council
“Asis international’s seminar is the
most comprehensive educational
and networking resource in the
security field.”
daniel h. Kropp, cPP
Director, Physical Security
Towers Watson
September 19–22, 2011 | Orange County Convention Center | Orlando, Florida | www.asis2011.org 57

Education sessions: 4000 Series
WEDNEsDAY, sEPTEMbEr 21 • 11:00 am–12:00 noon
4110 Controlled Chaos: security vs.
sustainability
● Fundamental
new projects are struggling with the need for
protection of building assets while complying with
sustainability needs. conflicting goals of leed,
GReen, and sustainability can be successfully
resolved with security and safety goals, as well
as sensitivity to style and costs. The process for
conflict resolution is cPTed—crime prevention
through environmental design. cPTed serves as
a model for a holistic approach to create stylish,
secure, and sustainable buildings.
Randy Atlas, Ph.D., CPP, AIA, Vice President, Atlas Safety
& Security Design, Inc.
Sponsored by the ASIS Security Architecture and
Engineering Council
4111/4184 iT security Council
series: Legal and Compliance
Aspects of iT
● Fundamental
new regulations coupled with global competition
have driven rapid changes to information technology.
compliance has become a top concern for
management. a security perspective is needed
to help navigate and manage the compliance
landscape. understand the regulatory and
compliance requirements and how they impact
the success of the business. Receive tools to
add value to your organization’s discussions on
legal and compliance aspects of information
technology. Review domestic and global regulations
and more.
Kevin McGuire; Shayne Bates, CPP, CISM, CHS-V, LMC
Consulting, Director Security Cloud Strategy, Microsoft
GSO; A. Spencer Wilcox, CPP, Supervisor, Compliance
Services, Constellation Energy, (ISC) 2 Appointee; Don
Fergus, Vice President/CSO, Intekras, Inc.; Brandon
Dunlap, President, Brightfly Consulting
Sponsored by the ASIS Information Technology Security
Council and (ISC) 2
“best all around value for equipment
and training.”
Ralph Burdett
Administrative Director, Department of Public
Safety
harris county hospital district
4112 Maximize Your Employee Pool:
Find Value in Hiring Military Veterans
and reservists
■ Intermediate
If your company’s recruiting strategy doesn’t
include military veterans and reservists, you are
missing an opportunity to work with our country’s
most outstanding men and women. learn how you
can partner with selected veterans’ organizations
and proactively maximize your recruitment from
this extremely qualified talent pool. discuss the
benefits of hiring military service members,
develop recruiting strategies that include military
personnel, create partnerships with military
support organizations, and hire veterans,
reservists, their families, and caregivers.
Jerold Ramos, Manager, Talent Acquisition, AlliedBarton
Security Services; Dave Ward, Director, Warriors to Work,
Wounded Warrior Project; Johnny Dwiggins, MPSC,
Contract Program Manager, Employer Partnership of the
Armed Forces
4113 behavior Detection and Other
Practices for Protecting retail
Facilities From Terrorism
▲ Advanced
as terrorist threats loom large in the u.S.,
retailers are increasingly aware of their
involvement as a target as well as a potential
enabler. Yet many retailers feel ill-prepared to
identify and react to potential threats. This
session introduces a behavioral detection
technique that allows trained professionals
to detect potential terrorists. learn the method,
benefits, and applications of behavioral
detection as used by Mall of america. address
the benefits of implementing counter-terrorism
strategies, ways to leverage existing resources,
and the development of protocols for addressing
threats once identified.
Michael Rozin, Special Operations Captain, Mall of
America Security Department; Doug Reynolds, Director
of Security, Mall of America Security Department
Sponsored by the ASIS Retail Loss Prevention Council
58 Asis 2011 Anticipate the unexpected. The security tools, techniques, and talent for tomorrow.

WEDNEsDAY, sEPTEMbEr 21 • 11:00 am–12:00 noon
4114 Fire and Life safety
Fundamentals for the security
Practitioner
● Fundamental
Security practitioners are often asked to oversee
fire and life safety concerns along with their
security responsibilities. Yet, the importance of
this function to their organization or how to bring
the two together into the overall security program
may not be fully understood. hear about local,
state, and federal laws, rules, and regulations
that mandate many fire and life safety responsibilities.
learn how to increase your value to
your organization, and how to integrate the two
concerns into one emergency, all hazards action
plan.
Jerry Heying, CPP, President and CEO, International
Protection Group, LLC; William Minear II, CPP, Deputy
Director Critical Infrastructure Protection Programs, WV
National Guard, Military Authority
Sponsored by the ASIS Fire and Life Safety Council
4115 steps to success: Education,
Training, and Professional
Development in security and
Crisis Management
● Fundamental
as contemporary security and crisis management
problems proliferate, so too do the positions and
skill sets required to address them. homeland
security, protective services, and emergency or
crisis management courses and programs
continue to evolve in both the training and
academic arenas. a new paradigm is emerging
which affects protection professionals at all
levels. an in-depth understanding of the history,
evolution, and current status of these programs
enables the practitioner and the security industry
to plan contemporary development strategies
more effectively.
Chris Hertig, CPP, Assistant Professor, York College of
Pennsylvania; Ernest Vendrell, Ph.D., CPP, CEM,
Associate Professor, Saint Leo University; Kevin Peterson,
CPP, Principal, Innovative Protection Solutions, LLC
Sponsored by the ASIS Crisis Management and Business
Continuity Council
WEDNESDAY
LEVEL KEY: ● Fundamental ■ Intermediate ▲ Advanced
4116 Measuring security risk:
Part of the Management Process
■ Intermediate
Today’s environment requires that we practice
risk management on an ongoing basis. Risk
management is a strategic security activity
and is a cornerstone of security governance.
The management of risk requires that we
effectively measure it and its response to
vulnerability reduction initiatives and other
mitigation strategies. does your organization
have a mature risk identification, measurement,
and management process? The discussion
identifies risk measurement/management
activities which will serve to enhance the
resilience of your organization and its assets.
Phillip Banks, CPP, PE, Director, The Banks Group, Inc.
4117 Guns in the Workplace
▲ Advanced
More than 30 states have concealed carry laws
on their books. While security personnel worry
about the impact of workplace violence, some
state laws have made it illegal to even ask
employees—or customers—whether they have
firearms in their vehicles. This dynamic program
offers a practical survey of new gun laws coupled
with insight to tailor security policies to comply
with potentially contradictory legislation. Guidance
on crafting policies to conform to legal mandates,
while simultaneously keeping your facility safe,
will be emphasized.
Dr. James Pastor, President, SecureLaw, Ltd. and
Associate Professor, Calumet College of St. Joseph
4118 social Networking: New
Challenges of Managing stalking
in the Workplace
■ Intermediate
Facebook, blogging, tweeting…none of these
terms existed when the stalking laws were first
created. With the development of social media
and the advancement of technology, stalkers
have been given ‘free reign’ to terrorize their
victims. having a strong IT department to protect
your infrastructure with encryption software,
firewalls, etc. is important in keeping out cyber
threats, but the ultimate tool lies within. learn
how to give your employees the tools to become
a safe and empowered workforce.
Kathleen Baty, Vice President, Business Development/
Strategic Partnerships, Kingdom Worldwide–a Global Risk
Management Firm
September 19–22, 2011 | Orange County Convention Center | Orlando, Florida | www.asis2011.org 59

Education sessions: 4000 Series
WEDNEsDAY, sEPTEMbEr 21 • 11:00 am–12:00 noon
4119 A Campus response Team
(CrT) Focused Approach in the
Multi-Campus Organization
▲ Advanced
crisis management in a national multi-campus
organization differs significantly from the
traditional concepts of university crisis
management. The special considerations of
the multi-campus organization include: a
decentralized organization—geographical,
organizational hierarchy; owned, leased, and
shared campus buildings; different counties/
states—multiple jurisdictions that lend to
regulation discrepancies; varied skill level—
no campus-level police or dedicated crisis
management entity. This presentation will
focus on a proactive, pragmatic, and realistic
crisis management program that addresses
these challenges.
Oren Alter, Associate Vice Chancellor of Crisis
Management, Keiser University
4120 The DHs Office of infrastructure
Protection and the AH&LA—
resources for Hotels
■ Intermediate
Presenters will showcase the free resources and
training programs available to members of the
hospitality industry, including the Risk Self
Assessment Tool for Lodging (RSAT) and the
“Eye on Awareness” Terrorism Awareness Training
Program. Many of the tools were designed to
provide valuable insights you can use to better
protect your facilities, guests, and employees.
Bill Schweigart, U.S. Department of Homeland Security;
Victor Glover, CLSD–Senior Vice President, Safety and
Security, Accor North America
Sponsored by the American Hotel and Lodging Association
4181 The reality of Cyber-Centric
Terrorism
● Fundamental
The debate continues as to what security
practitioners and citizens can expect in terms of
an attack against the cyber element of the critical
infrastructure. Right now, terrorist groups such as
al Qaeda and others are embracing the Internet
as a tool in their overall goals. learn what
capabilities terrorist groups have, how they are
using the Internet, and what organizations can
do to prepare for cyber terrorism.
Gerard Johansen, Manager, Information Assurance,
SSC, Inc.
4182 integrating security into the
sDLC: Enterprise success stories
▲ Advanced
This session presents a series of case studies
where large organizations have successfully
integrated security engineering best practices into
their Software development life cycle (Sdlc) to
reduce defects and increase software resiliency
and reliability. For each of the different Sdlc
methodologies—agile, Iterative and Incremental,
Waterfall, and Spiral—a framework detailing how
to integrate security into the lifecycle will be
presented. Become skilled in the foundations
required for successfully designing, developing,
testing, and deploying secure software.
Richard Tychansky, Information Assurance Engineer,
Lockheed Martin Corporation; Hart Rossman, Chief
Technology Officer, SAIC; Edward Bonver, Principal
Software Engineer, Symantec
“The information available at this
conference is unbelievable. You
want it, they have it, and more.”
William Sheats
Security Systems Administrator
christiana care health System
60 Asis 2011 Anticipate the unexpected. The security tools, techniques, and talent for tomorrow.

4183 identify, Assess, Mitigate:
security risks of New Mobile Devices
and Applications
▲ Advanced
What do we really know about the plethora of
new handheld mobile devices (and associated
applications and their developers) being
introduced to corporations, with little risk
assessment and mitigation? The development
and implementation of industry-specific devices
(medical, financial) differs from IT devices and
applications, and more importantly brings new
risks associated with their introduction into those
networks. This presentation addresses these
points, as well as explores the efforts that
industry specific regulatory organizations are
making to improve the security of these devices
and applications.
Dennis Seymour, Senior Security Architect, Ellumen
4184/4111 iT security Council
series: Legal and Compliance
Aspects of iT
● Fundamental
new regulations coupled with global competition
have driven rapid changes to information technology.
compliance has become a top concern for
management. a security perspective is needed
to help navigate and manage the compliance
landscape. understand the regulatory and
compliance requirements and how they impact
the success of the business. Receive tools to
add value to your organization’s discussions on
legal and compliance aspects of information
technology. Review domestic and global regulations
and more.
Kevin McGuire; Shayne Bates, CPP, CISM, CHS-V, LMC
Consulting, Director Security Cloud Strategy, Microsoft
GSO; A. Spencer Wilcox, CPP, Supervisor, Compliance
Services, Constellation Energy, (ISC) 2 Appointee; Don
Fergus, Vice President/CSO, Intekras, Inc.; Brandon
Dunlap, President, Brightfly Consulting
Sponsored by the ASIS Information Technology Security
Council and (ISC) 2
WEDNESDAY
LEVEL KEY: ● Fundamental ■ Intermediate ▲ Advanced
WEDNEsDAY, sEPTEMbEr 21 • 11:00 am–12:00 noon • 1:45 pm–2:45 pm
1:45 pm–2:45 pm
4201 Public-Private Partnership in
intelligence sharing: The Central
Florida intelligence eXchange (CFiX)
● Fundamental
learn the ways in which the central Florida area
has embraced the concept of intelligence sharing
between the public and private sectors, including
the unique executive Steering committee
relationships, the Intelligence liaison Officer
program, and other efforts used to share
intelligence for effectively protecting the citizens,
businesses, and visitors to the unique central
Florida area. understanding this unique relationship
between public and private sectors in the
intelligence field has lessons for all private
security professionals.
Robert Lefiles, Director of the State Fusion Center, FDLE;
Cpt. Dave Ogden, CFIX Director, Orange County Sheriff’s
Office; Kristie Toruno, CFIX Intelligence Liaison Officer
Coordinator; Larry Steiffel, CPP, CFIX Board Member, Walt
Disney World Security
4202 Getting to Yes: Positioning
Projects for senior Management
Approval
■ Intermediate
all departments compete for approval of their
special initiatives that fall outside the annual
budget process. But competition is fierce, and
becoming fiercer. This session will focus on
providing insight into how senior management
makes the all important decision to green light
an initiative, and the steps needed to increase
your chances for approval.
Elaine Evans Walker, Professor, Northeastern University
4204 integrator series: Critical
infrastructure security solutions
(Energy, Water, Gas)
● Fundamental
Security, safety, and design practitioners working
in nuclear, electric, water, and gas disciplines will
reveal best practices and discuss how integration
professionals can successfully provide solutions.
learn about perimeter security and maintaining
sterile areas. understand how to design for low
maintenance and long upgrade cycle systems.
discover surveillance best practices for multiple
users and agencies. Find out about remote
surveillance and entry screening.
Speakers to be announced.
September 19–22, 2011 | Orange County Convention Center | Orlando, Florida | www.asis2011.org 61

Education sessions: 4000 Series
WEDNEsDAY, sEPTEMbEr 21 • 1:45 pm–2:45 pm
4205 The Convergence of Crisis
Management, business Continuity,
and Organizational resilience
■ Intermediate
There has been much discussion regarding
security convergence of enterprise risk
management. Most of it revolves around
physical security and IT security. One area
that is often overlooked is the convergence of
crisis management, business continuity, and
organizational resilience. This presentation
maps the convergence efforts of these separate
but related disciplines. It outlines the strategic
nature of crisis management and business
continuity and also shows how to integrate them
into the overall organizational resilience umbrella.
Donald Knox, CPP, Security and Crisis Management
Analyst, Caterpillar; Bruce T. Blythe, CEO, Crisis
Management International, Inc.; James Leflar, Jr., CPP,
Security Administrator, Johns Hopkins Bloomberg School of
Public Health; Sam Stahl, Practice Manager, EMC
Corporation; Robert Weronik, CPP, Director of Global
Security, Alexion Pharmaceuticals, Inc.
Sponsored by the ASIS Crisis Management and Business
Continuity Council
4206 The Virtual security Officer:
Are You Getting the Most From Your
Cameras and Guards?
■ Intermediate
Remote monitoring has teased the security
industry for decades. The concepts aren’t new
but advancements in technology, the low cost of
Internet connectivity, and our challenged economy
creates the “perfect storm” for Virtual Security.
From traditional applications such as alarm
validation to complex protocols used to comply
with chemical facility regulations, the Virtual
Security Officer is here to stay. This session
provides an overview of the technologies and
services available. The panel represents
operational, legal, and technology perspectives
in using Virtual Security Officers.
Wade Pinnell, CPP, Vice President, Huffmaster Companies;
Evan Wolff, Esq., Director, Homeland Security Practice
Resources Regulatory & Environmental Law, Hunton &
Williams; Eric Fullerton, Chief Sales and Marketing Officer,
Milestone Systems, Inc.
4207 Do You Hear What i Hear?
An Examination of Forensic Content
Analysis of Verbal statements
■ Intermediate
using actual interview excerpts, explore when
the interview actually starts and how to interview
to elicit indicators of truth and deception.
Interviewing ‘rules’ will be introduced as well
as indicators of deception and the inadvertent
truth revelation. ‘Othello’s error,’ a sometimes
overlooked but important interviewing concept,
also will be explained. Finally, you’ll learn what
to listen for. Ideal for those whose duties require
some interviewing, are responsible for preliminary
interviews, are relatively new to the investigative
and interviewing process, or who have had little
exposure to verbal content analysis.
Tim Reddick, CPP, PCI, Office of the Controller, City
of Philadelphia, Former Director, Fraud & Special
Investigations (Retired)
Sponsored by the ASIS Investigations Council
4208 in Our Neighborhood: Domestic
Terror Groups and Their Tactics
■ Intermediate
In contrast to global threats, many are unaware
of the threat of america’s home-grown terrorists
which began with the KKK in the 19th century.
This session explores two of the groups identified
by the FBI as “the most serious domestic
terrorism threats in the u.S. today”—the animal
liberation Front and the earth liberation Front.
The Sovereign citizen’s Movement (ScM), perhaps
the most deadly group to law enforcement and
security professionals, also will be examined.
Rusty Capps, President, CT/CI Training Partners, LLC;
Deborah (Deedee) Collins, Executive Director, National
Security Training Institute
Sponsored by the ASIS Defense and Intelligence Council
62 Asis 2011 Anticipate the unexpected. The security tools, techniques, and talent for tomorrow.

WEDNEsDAY, sEPTEMbEr 21 • 1:45 pm–2:45 pm
4209 Private sector investigations:
When (and if) to involve Law
Enforcement
■ Intermediate
companies are often faced with the prospect
of conducting internal investigations without
the needed expertise in house and immediately
default to law enforcement for assistance.
learn when it is appropriate to conduct internal
investigations in house, when law enforcement
should be notified, the specific reasons why,
and the possible pitfalls. discuss why failing
to properly investigate as an organization can
compromise data and proprietary information,
place the company at further substantial risk,
and other issues.
James Whitaker, CPP, PCI, President, The Whitaker Group,
LLC; Ed Casey, CPP, Senior Director, Protective Services,
Cincinnati Children’s Hospital
Sponsored by the ASIS Investigations Council
4210 Examination of Workplace
Violence: recognize and Diffuse
● Fundamental
Workplace violence takes its toll—physically,
emotionally, and monetarily. how many people
are currently contemplating committing an act
of violence in the workplace? We must train
employees to recognize pre-incident indicators
and report them BeFORe something occurs. This
session examines current cases of workplace
violence, including video testimony of those who
have survived such incidents. leave with a clear
understanding of the existing problem, ways to
recognize warning signs, and best methods of
diffusion and prevention.
Carol Dodgen, Owner, Dodgen & Associates, LLC
WEDNESDAY
LEVEL KEY: ● Fundamental ■ Intermediate ▲ Advanced
4211 Predictive Analytics and Other
Effective Maritime Counter-Piracy
solutions
■ Intermediate
Maritime piracy is one of the most insidious
and costly problems facing the security industry
today. Solutions seem elusive given the dynamic
models employed by the pirates and the lack
of coordinated effort from businesses and
governments. however, there are innovative and
low-cost strategies that can almost fully mitigate
this risk. This session will map out an enterprise
approach to counter-piracy involving: (1) innovative
and targeted predictive analytics and intelligence;
(2) new non-lethal product solutions which
effectively stop boardings; (3) limited on-board
security teams; and (4) security partnerships with
similarly-affected businesses, governments, and
nGOs.
Rudolfo Diaz, Chief Operating Officer, PICA Corporation;
Luke Ritter, Principal, Global Trade Security, Ridge Global,
LLC; Lawrence O’ Connell, Executive Vice President,
International Maritime Security Corporation; Michael
Brewer, CEO, International Maritime Security Corporation
4212 Gaining insight on Mexico’s
Crisis
■ Intermediate
To understand and properly evaluate the threat
environment that Mexico represents, one must
first understand the multiple dynamics and
cross-currents that, over decades, have led
Mexico to where it is now. Is Mexico going
down the dark path of a failed state? Or is
this the inevitable growing pains experienced
by developing countries as they transition
from corrupt authoritarian regimes to true
democracies? See how political, social, and
criminal dynamics have intertwined and evolved
to produce the violence that we now see. learn
how to understand these threats and develop
comprehensive security plans to mitigate the
risks encountered in Mexico.
Kurt Norrigan, CPP, President, Kamen & Associates, Inc.
“A wealth of pertinent information.”
Officer Ron cook
Crime Prevention Specialist
uT arlington
September 19–22, 2011 | Orange County Convention Center | Orlando, Florida | www.asis2011.org 63

Education sessions: 4000 Series
WEDNEsDAY, sEPTEMbEr 21 • 1:45 pm–2:45 pm
4213 Communicating Travel security:
What You Need to Know to Tell
Others
■ Intermediate
Be afraid—very afraid! Is this your message
when communicating security to staff? Security
professionals tend to emphasize fear, yet often
this isn’t the most effective way to get people to
behave more securely. how can you re-package
your message so staff can ‘hear’ you? Join this
interactive session to: get ideas on how to
improve your security briefings, orientations, and
trainings; learn and apply adult learning principles,
using a travel security workshop as an example.
To get your message across, you need to engage
people—here’s how.
Tanya Spencer, Global Travel Security & Crisis Management
Specialist, TrainingSolutions
4215 Developing security Programs
in a Multi-Disciplinary research
Environment
▲ Advanced
The emergence of biosecurity as a specialized
discipline within security management requires
a somewhat different approach than traditional
methodology and thinking. Within the general field
of research security, biosecurity specifically is
science-based, multi-dimensional, and demands
unique skill sets to manage the challenges of
laboratory operations, partnerships with varied
subject matter experts, government, and private
industry. engage in a holistic discussion on
research center security, using agriculture as a
model, then focus in on the specific challenges
involved in laboratory security.
Jean-François Savard, CPP, Director of Security,
Agriculture Canada, Government of Canada; Kirk Wilhelm,
CPP, Senior Biosecurity Program Manager, Midwest
Research Institute
Sponsored by the ASIS Agriculture and Food Security
Council
4216 Making the Decision:
Transitioning From Proprietary
security to Contract security
■ Intermediate
explore one company’s migration from proprietary
security to contract security. The presentation
details the decision-making process that centered
on three decision criteria—financial effectiveness,
organizational effectiveness, and operational
effectiveness. The implementation plan
used to ensure a smooth transition will be
discussed. an overview of the company’s positive
reaction to the change, including senior executives’
responses and how it has benefited the
department, will be provided.
Harold Grimsley, CPP, Director, Corporate Safety and
Security, Blue Cross Blue Shield of Florida
4217 Can Hotels really Protect
Tourists and Guests with Emerging
Threats?
■ Intermediate
Recent attacks on hotels around the world have
changed the face of tourism and the role of hotels
as protective domains. This session discusses
new trends in hotel design and operation to
protect critical assets with transparent security,
cPTed, and counter-terrorism strategies. learn
new hotel strategies being used to reduce the
opportunities for crime and terrorism, and
screening people, vehicles, and packages into
the property and building.
Randy Atlas, Ph.D., CPP, AIA, Vice President, Atlas Safety
& Security Design, Inc.; Patrick Murphy, CPP, PSP,
Director of Loss Prevention, Marriott International, Inc.
Sponsored by the ASIS Security Architecture and
Engineering Council
“Asis Annual exhibit show is a
great opportunity to network
with our industry leaders in
the security field.”
Gary lok
Operations Manager
university of British columbia
64 Asis 2011 Anticipate the unexpected. The security tools, techniques, and talent for tomorrow.

WEDNEsDAY, sEPTEMbEr 21 • 1:45 pm–2:45 pm
4218 Public-Private Partnerships
(P3s): A rapidly Expanding Windfall
for Public safety
● Fundamental
For years limited efforts existed to harness joint
resources of law enforcement and private security
to better protect america. unfortunately, it took
the horrific events of 9/11 to realize that these
two sectors must absolutely work together to
ensure security of our national infrastructure and
other vital interests. We have since witnessed
a virtual explosion of P3s leading to a written
Memorandum of understanding (MOu) between
aSIS International and the International association
of chiefs of Police (IacP). This session tracks
evolution of P3s and features presentations of
some of the most significant P3s in the u.S. today
to encourage even more.
Bob Pence, President, The Pence Group; Brian Reich, CPP,
Major Crimes Unit, Bergen County Prosecutor’s Office
Sponsored by the ASIS Law Enforcement Liaison Council
4219 Lodging Partnerships With
Law Enforcement
● Fundamental
In 2005 the u.S. department of Justice, Office
of Justice Programs completed a model on
“Engaging the Private Sector to Promote Homeland
Security: Law Enforcement—Private Security
Partnerships.” This presentation will share how
the lodging industry has embraced partnerships
with all levels of law enforcement. hear examples
of successes and obstacles to forging effective
partnerships.
Paul Frederick, CPP, American Hotel and Lodging
Association and Chairman, Loss Prevention Committee and
Director, Global Safety and Security, Hilton Worldwide, Inc.;
Harvey “Skip” Brandt, CPP, Director of Security, Boston
Park Plaza Hotel and Towers; Local and Federal Law
Enforcement from Orange County Florida Sheriff’s
Tourism Police
Sponsored by the American Hotel and Lodging Association
WEDNESDAY
LEVEL KEY: ● Fundamental ■ Intermediate ▲ Advanced
4281 The renaissance security
Professional
■ Intermediate
Modern technologies, cultural norms, and new
business practices create an exponentially
different set of challenges for our industry than
ever before. This session packs a semester’s
worth of information and insights into a single
presentation, packaging interdisciplinary
(psychology, finance, security, and social media)
skills to help attendees become ‘renaissance’
security professionals. how many ‘c’ISOs do you
know who report to the ceO? Why is that? how’d
we get here? Review some of the tools and
knowledge utilized by the visionaries in our
industry to help us overcome major challenges in
securing our data that address the biggest
challenge of all—the human factor.
J.J. Thompson, Managing Partner, Rook Consulting
4282 The Unintended Consequences
of Well-intentioned requirements
■ Intermediate
We asked for a Mustang GTO but we got a
horse-drawn carriage that wouldn’t go. how
could they possibly get it so wrong? We made it
all so clear! let’s take a look at some ‘crystal
clear’ requirements, analyze what went wrong,
and figure out how we can improve. We’ll share
some stories, discuss the attributes of a good
security requirement, explore methods to refine
requirements, and learn to improve our own
requirement-writing skills. When we’re done, we’ll
be better prepared to clearly express our security
needs, improve our chances for project success,
and deliver secure systems.
Kevin Spease, Manager of Web Application Development,
Health Net, Inc.
September 19–22, 2011 | Orange County Convention Center | Orlando, Florida | www.asis2011.org 65

Education sessions: 4000 Series
WEDNEsDAY, sEPTEMbEr 21 • 1:45 pm–2:45 pm • 3:30 pm–5:00 pm
4284 Lessons Learned From the
Federal Trade Commission (FTC)
■ Intermediate
The Federal Trade commission (FTc) has set
the standard for what it considers acceptable
and unacceptable behavior for companies and
organizations conducting business within the
united States. The FTc doesn’t involve itself
in the minutia of security standards, nor does
it dictate what protocols or technologies
companies need to use. Rather, the FTc uses
its constitutional and congressional mandate
for regulating interstate commerce to hold
companies accountable for their breaches. This
presentation examines the FTc’s track record,
puts the sanctions in a larger context of privacy
and security breaches, and looks at where the
FTc is trending with the FTc health Breach and
Red FlaG regulations.
Raj Goel, Chief Technology Officer, Brainlink
International, Inc.
3:30 pm–5:00 pm
4301 reporting to Hr? No Problem.
Demystifying the Jargon, bridging
the Gaps
■ Intermediate
The security function interacts closely with a
number of staff groups, including the hR
department. In some organizations, security
management reports to the hR department. This
session will provide insight into the typical hR
agenda, how and where the security management
function intersects with that of hR, and how the
two groups can work together most effectively.
Elaine Evans Walker, Professor, Northeastern University
4303 integrator Track:
Pharmaceutical Campus and
Plant security solutions
Asis 2011 offers a
registration package
for every budget.
See page 76 for registration details and
ways to save.
● Fundamental
Pharmaceutical and health care suppliers
represent unique challenges to designers and
systems integrators. Practitioners from these
areas will reveal what technologies and services
they need the most. understand how to protect
intellectual property. learn about compliance.
examine the prevention of substance theft and
abuse. explore leveraging surveillance for
operations and manpower management.
Dan Arenovski, Purdue Pharma; Anthony Patillo,
Sanofi-Aventis
4304 Pentagon Active shooter:
implications for Law Enforcement/
security Agencies
■ Intermediate
The Pentagon is a constant target of terrorists
and anti-government activists. While being fluid
enough to adjust to unexpected incidents, the
Pentagon Force Protection agency has developed
a security strategy that addresses the challenges
of being the largest, low-rise office building in
the world co-located with the largest commuting
hub in the Metro area. This session reviews the
March 4 and October 19, 2010 shooter incidents
at the Pentagon, our response to the attacks, and
the implementation of security technologies and
processes that will help better protect the
Pentagon from a wide range of threats.
Jonathan Cofer, Principal Deputy Director, Pentagon Force
Protection Agency
66 Asis 2011 Anticipate the unexpected. The security tools, techniques, and talent for tomorrow.

WEDNEsDAY, sEPTEMbEr 21 • 3:30 pm–5:00 pm
4305 City surveillance: Overcoming
Privacy Concerns to Win Over Your
Community
■ Intermediate
While the general public has become much more
accepting of video surveillance, don’t assume
that your project won’t run into privacy issues
when installing cameras in someone’s hometown.
There’s a right way to bring video surveillance to
a community, and it starts with being transparent
throughout the entire process. define the steps
to get your project approved, funded, installed,
and accepted by the community-at-large before
the local news turns the would-be surveillance
system into a story about Big Brother.
John Bartolac, Government Business Development
Manager, Axis Communications; Project Manager, Chicago
Housing Authority; William Sousa, Associate Professor,
UNLV Department of Criminal Justice
4306 Military Transitioning 101:
Making the Move From Active Duty
and the benefits of Asis Certification
● Fundamental
leaving active duty is a very exciting time for
military personnel as they look forward to new
challenges, but it can also be very intimidating.
learn the keys to a successful transition. This
session focuses on writing resumes, conducting
interviews, obtaining federal jobs, and developing
your network for a successful job hunt. See how
aSIS board certification uniquely prepares you to
be compatible and competitive when you earn the
cPP, PSP, or PcI.
Joseph Rector, CPP, PCI, PSP, Deputy Director, 11th
Security Forces Group; Kenneth Ribler, CPP, Director of
Operations, Integrated Security Solutions & Services, Global
Security & Engineering Solutions, L-3 Communications
Sponsored by the ASIS Military Liaison Council
WEDNESDAY
LEVEL KEY: ● Fundamental ■ Intermediate ▲ Advanced
4307 building an Effective
information systems security
Program
■ Intermediate
In an attempt to address increasing cyber security
threats, many organizations are wasting money
and increasing operating costs by duplicating
security functions. Security directors are left
on the sideline while IT leaders independently
develop investigative procedures, cyber security
policy, sanctions, and executive management
briefings on threats. hear from a cSO for one of
the nation’s largest federally funded research and
development centers, how one organization
accomplished their ultimate goal of effective IT
security through collaboration and streamlining
of functions.
Shawn S. Daley, Chief Security Officer, MIT Lincoln
Laboratory
Sponsored by the ASIS Defense and Intelligence Council
4308 Crime and Terrorism in Latin
America and the Caribbean
■ Intermediate
The evolution in recent years of criminal groups
into conglomerates that commit a range of
crimes, and their willingness to learn from and
work with known terrorist groups, has created a
new paradigm for law enforcement and security
practitioners. latin america and the caribbean
are fertile fields for criminal and terrorist groups
alike. learn about recent developments and
examine the evidence that portends the advent
of major security issues throughout the region,
with concomitant implications for the united
States and other democratic countries.
Richard Wright, CPP, Project Manager, IDB, VDI, Inc.
Sponsored by the ASIS Crisis Management and Business
Continuity Council
4309 Web 2.0: risk From social
Media
■ Intermediate
according to nielsen, a global marketing and
advertising research company, 75 percent of
Internet users regularly visit social networking
sites. Yet only an estimated 20 percent of
companies worldwide have a social media policy.
Security professionals must design risk mitigation
strategies to combat the risks originating from
the growing use of social media by employees,
customers, vendors, cyber criminals, and
competitors. Moving forward, many companies
will also be required to address compliance
issues such as maintaining the records of
employee’s social media communications.
Pramod Bhatt, Head of Protective Intelligence, South Asia,
Deutsche Bank
September 19–22, 2011 | Orange County Convention Center | Orlando, Florida | www.asis2011.org 67

Education sessions: 4000 Series
WEDNEsDAY, sEPTEMbEr 21 • 3:30 pm–5:00 pm
4310 balancing the risk Mitigation
Program: Five Questions You Must
Ask Yourself
▲ Advanced
Security professionals manage risk by weighing
what is acceptable to the organization with the
ever changing threats that occur around the world.
They must continually review their program to
properly balance the three areas of security:
architectural, operational, and technology. In
doing so, managers MuST answer these questions.
WhY does my program concentrate on current
areas? WhaT do I need to do to mitigate current
threats? hOW can I adjust my program while
continuing to have a fiscally responsible program?
When do I need to review and adjust services/
standards? WhO is responsible and are they
qualified for the role today?
Laurence Russell, CPP, Vice President, Global Corporate
Security, Salesforce.com; Chris Ames, CPP, Director,
Global Enterprise Strategy and Technology, The Walt Disney
Company
4311 Utilizing a Public-Private
Partnership to Combat the
Emergence of Cyber Crime/Terrorist
Financing
■ Intermediate
The uSSS electronic crimes Task Force (ecTF)
continues to take a leading role in combating
computer-based threats and reducing efforts of
domestic and foreign cyber criminals. These
include potential terrorist attacks against critical
infrastructure and the financial payment system.
learn the latest techniques and gain insight
to related cases from the uSSS. hear from a
security manager with a major financial institution
about programs in place and the teamwork that
has made it increasingly difficult for terrorist
groups to acquire illicit funds.
Leland Dean, CPP, Vice President, Global Corporate
Security Regional Manager, Bank of New York Mellon
“The knowledge pool
is incredible.”
Timothy S. allen
Physical Security Supervisor
San antonio credit union
4312 building a Corporate or
Municipal security Operations Center
▲ Advanced
Over the past 10 years, collier county Government
has constructed one of the country’s top
operations centers. It integrates most aspects of
security technology and building automation, from
facial and license plate recognition to fiber-optic
perimeter protection, to executive protection
tracking to ccTV and smart board integration,
and more. This session reviews the important
elements that comprise a security operations
center.
Byron (Skip) Camp, Director, Collier County Government
4313 security Evolution:
service Matters
■ Intermediate
Moving from an enforcement-based security
model to a customer service-based model can
have significant impact on how a security
department is perceived by management,
employees, and visitors. explore the problems
and resistance that may be faced when
implementing a service-based model and how
these challenges can be overcome. Because
enforcement of rules will always be part of the
security discipline, integration of enforcement
activities into a service-based model, without
compromising either activity, will be discussed.
Kenneth Sousa, CPP, Senior Manager, Physical Security/
EHS, L-3 Communications–CSW
4316 Hotel safety and security for
Your Corporate Travel Program
● Fundamental
corporate security is tasked to source hotels
for their traveling employees that fulfill their
“duty of care” criteria. learn what programs and
procedures hotels worldwide have in place to
keep your travelers safe.
Panelists to include corporate security professionals from
Intercontinental Hotel Group, Hilton Worldwide, Marriott
Corporation, Hyatt Hotels, Carlson Hotels, and Starwood
Hotels
68 Asis 2011 Anticipate the unexpected. The security tools, techniques, and talent for tomorrow.

THUrsDAY, sEPTEMbEr 21 • 8:00 am–2:00 pm
8:00 am–9:30 am
General Session
The security Leader in 2020
and beyond
explore the industry 10+ years into the future
with experts from across the security community
engaging on key topics. understand the key
technology and security trends driving business
and the industry that are likely to have an effect
on the leaders of the future. hear from a panel
including chief security officers and representatives
of the information security and technology
communities as they discuss the trends and
impacts of what professionals will face in the
next decade.
10:00 am–12:00 noon
General Session
Workplace Violence:
A Clear and Present Danger
Violence in the workplace continues to make news
headlines and is a vital concern to Security,
human Resources, and management across all
industries. Threats, verbal abuse, physical
assault, and homicide in the workplace affect two
million workers annually in the u.S. alone. The use
of the Internet as a means to promote violence
through the delivery of threats, as well as the
implications and impact of social media, are
evolving factors that also need to be understood.
Join us as we examine the issues and the latest
information on assessment, prevention, and
mitigation of this growing threat.
12:00 noon–2:00 pm
Closing Luncheon with burt rutan
Join your colleagues for a provocative closing
session by Burt Rutan, “the man responsible for
more innovations in modern aviation than any
living engineer.”
THURSDAY
“Great place to go to get all
of your questions answered
by ‘the experts.’”
chad hines
Control Center Supervisor
Travelers Insurance co.
Stop by the ASIS Bookstore
in Orlando for the latest
security resources.
September 19–22, 2011 | Orange County Convention Center | Orlando, Florida | www.asis2011.org 69

Networking and special Events
Prepare to engage! There’s no better place for face-to-face interaction with
friends and colleagues from around the globe than ASIS 2011. A wealth of exciting
special events are planned to help you connect with peers, expand your network,
and just have fun! Events are open to ASIS Seminar and (ISC) 2 attendees unless
noted otherwise.
Asis Foundation 15 th Annual
Golf Tournament
Sunday, September 18, 8:00 am–1:30 pm
Shingle creek Golf club
enjoy a true Florida-style
experience with friends and
colleagues as you compete in
a four-player, modified
scramble format. Breakfast,
player gifts, and a buffet lunch
are included. Proceeds benefit
the aSIS Foundation. This popular event sold out
early last year—sign up today! Ticketed event.
(isC) 2 Town Hall Meeting
Sunday, September 18, 4:00 pm–6:00 pm
Join your fellow members and pose your
questions to (ISc) 2 Staff, Board, and advisory
Board members.
Young Professionals reception
Sunday, September 18, 5:00 pm–6:00 pm
connect with this group of up and coming security
leaders to network, exchange ideas, and share
the unique challenges you face with like-minded
professionals in a relaxed atmosphere.
First-Time seminar Attendee/Asis
New Member reception
Sunday, September 18, 6:00 pm–7:00 pm
new to aSIS? don’t miss this opportunity to meet
key members, network, enjoy refreshments, and
learn the ropes on how to maximize your Seminar
experience. By invitation.
Welcome reception
Sunday, September 18, 7:00 pm–9:00 pm
Kick off your week at this casual hosted reception.
It’s a fabulous opportunity to connect with
peers and renew acquaintances while enjoying
drinks and snacks in an informal atmosphere.
Open to all Seminar attendees.
Opening Ceremony
Monday, September 19, 7:45 am–9:00 am
Join us as we commemorate the 10th anniversary
of the September 11, 2001 attacks, examine how
the industry has changed, and anticipate what the
future may hold. Open to all Seminar attendees.
Networking Luncheons
Monday, September 19–
Wednesday, September 21
12:00 noon–1:30 pm
These hosted luncheons provide great opportunities
for connecting face-to-face with peers from
diverse backgrounds and interests, sharing
experiences, and exchanging ideas. Included in
Full Registration and Single Day registration.
Additional tickets available for purchase.
(isC) 2 Member reception
Monday, September 19, 5:30 pm–7:00 pm
Peabody hotel
(ISc) 2 is pleased to invite our members from the
local area in Orlando, across the country, and
around the world to enjoy a reception and network
with fellow information security professionals.
70 Asis 2011 Anticipate the unexpected. The security tools, techniques, and talent for tomorrow.

President’s reception
at Universal’s islands
of Adventure ®
Monday, September 19
7:00 pm–10:00 pm
Get ready for one of the biggest parties aSIS has
ever thrown because we’ve reserved the entire
universal’s Islands of adventure ® theme park just
for you! You’ll have unlimited access to incredible
rides and attractions like The amazing adventures
of Spider-Man ® , Jurassic Park River
adventure ® , and the all-new magic and excitement
of The Wizarding World of harry Potter . It’s an
entire universe of action and thrills—and it’s all
yours!
during the event you’ll also enjoy an array of
food and beverages, non-stop entertainment,
and networking with colleagues. Included in Full
Registration and Single Day registration (Monday).
Additional tickets available for purchase.
haRRY POTTeR, characters, names and related indicia are
trademarks of and © Warner Bros. entertainment Inc.
harry Potter Publishing Rights © JKR.
(s11)
universal elements and all related indicia TM & © 2011
universal Studios. © 2011 universal Orlando. all rights
reserved.
Americas isLA Gala Dinner
Wednesday, September 21, 6:30 pm–10:00 pm
Peabody hotel
The (ISc) 2 americas Board of advisers is pleased
to announce the inaugural americas Information
Security leadership awards. nominations are
solicited from both (ISc) 2 members and nonmembers
from South and central america, canada,
and the united States. Join your peers as we
honor winners and finalists at the Gala dinner.
By invitation.
Asis Foundation Event at bb King’s
blues Club
Wednesday, September 21, 7:00 pm–9:00 pm
We invite you to spend an incredible evening with
friends—old and new—at the aSIS Foundation’s
night at B.B. Kings. Indulge yourself in great
Southern comfort food fused with flavors from
around the globe, beverages, and energetic
music. Make your last night at aSIS 2011 a
memorable one and lend your support to the work
of the aSIS Foundation...it’s all good for the soul!
Ticketed event.
Closing Luncheon with burt rutan
Thursday, September 22, 12:00 noon–2:00 pm
a gifted engineer, entrepreneur,
and adventurer, Rutan’s witty
and lively presentation inspires
audiences with his enthusiasm
for what individuals with vision
can achieve. don’t miss it!
“The networking and sharing of information was of tremendous value to me.
Complete strangers in my industry as well as vendors frankly answered my
questions and referred me to others who might be of assistance to me.”
Patrick Kevin Quinn, cPP, Security Administrator, Independence Power & Light
September 19–22, 2011 | Orange County Convention Center | Orlando, Florida | www.asis2011.org 71

special interest Networking Events
Young Professionals reception
(CsO roundtable Members invited)
Sunday, September 18, 5:00 pm–6:00 pm
engage, listen, and learn from peers and
high-level industry leaders during this dynamic
networking reception hosted by the Young
Professionals Group. Three, stimulating
20-second presentations from accomplished
industry leaders on leadership, advancement,
and achievement create the basis for an hour of
thought-provoking conversation and discussion.
President’s reception—Networking
With the CsO roundtable
Tuesday, September 20, 8:30 pm–10:00 pm
universal’s Islands of adventure®
Join your peers and cSO Roundtable members
for a private reception held at the President’s
Reception. enjoy top-flight beverages and
hors d’oeuvres while you mingle with peers
and senior leaders in a relaxed atmosphere.
By invitation.
Christians in security Prayer
breakfast
Tuesday, September 20, 7:00 am–9:00 am
Peabody hotel Orlando, Plaza International J
You are invited to the 18th annual christians
in Security Prayer Breakfast for a time of
fellowship and prayer. Please contact Scott
Jensen, cPP at +1.860.243.0833 ext. 217 or
email sjensen@visonic.com by September 9.
Advance reservations are recommended.
Admission fee is required.
Former Fbi Agents breakfast
Tuesday, September 20, 7:00 am–8:00 am
Peabody hotel Orlando, Plaza International K
You are invited to join your peers for the
24th annual Breakfast. Please RSVP to
Weldon Kennedy at kennedyw@usit.net or
+1.901.522.6060. Advance reservations are
recommended.
Former secret service breakfast
Tuesday, September 20, 8:00 am–9:00 am
Peabody hotel Orlando, Plaza International d
Join current and former agents of the u.S.
Secret Service. Please confirm your attendance
by September 9 to James antonelli by email at
AntonelliJamesF@Guardsmark.com or by phone at
+1.630.571.1055.
international Organization of black
security Executives (iObsE) Mixer
Tuesday, September 20, 6:00pm–8:00 pm
Peabody hotel Orlando, Plaza international I–J
The International Organization of Black Security
executives (IOBSe) invites you to join them for an
evening of networking. For details, please contact
chiquita leak at +1.702.845.3172 or email
cleak4sses@aol.com. No admission fee required.
National Association of security
Companies (NAsCO) breakfast
Tuesday, September 20, 7:00 am–8:00 am
Peabody hotel Orlando, Orlando Ballroom n
The national association of Security companies
(naScO), the largest contract security trade
association, is pleased to sponsor naScO’s 19th
annual Breakfast and awards Program for senior
executives involved in contract security services.
For details and reservations, contact naScO
at +1.202.347.3257 or email tory@nasco.org.
Space is limited, please register by September 9.
Former U.s. Military breakfast
Wednesday, September 21, 7:00 am–8:00 am
Peabody hotel Orlando, Plaza International I
all retired/former officers from the u.S. military
services (army, navy, air Force, Marines, coast
Guard) who are members of aSIS and serving
in security positions throughout the world are
invited to attend. a senior military officer will
present a short update on today’s military and
identify the challenges of the future. For details
and reservations, please contact Ronald Olsen
at +1.760.776.1295 or email
olsensronaldl@guardsmark.com no later than
September 9. No admission fee required.
72 Asis 2011 Anticipate the unexpected. The security tools, techniques, and talent for tomorrow.

Loyalty has its rewards
The VIP Alumni Program
If you have attended the Annual Seminar as a paid attendee for
the past three years, you are eligible to participate in the 2011 VIP
Alumni Program.
This special program is our way of saying ‘thank you’ for your
loyalty to the industry’s leading security event, and the one event
you won’t want to miss!
VIP Alumni are entitled to these value-added benefi ts:
■ FREE Pre-Seminar Program of your choice*
■ Opportunity to win a ticket to a VIP book signing
■ Special recognition on your badge
*Applies to ASIS Council-sponsored programs only. You must register as a
full or single-day registrant to obtain the free program. Does NOT apply to
exhibits-only attendees.
REGISTER TODAY!

spouse Tours
Alligators and Airboats
Monday, September 19, 9:00 am–1:00 pm
See the world in a whole new light on this fascinating excursion into the
seldom-visited heart of natural Florida. certified eco-guides, biologists,
botanists, and audubon experts are trained to assure that each guest
comes away with a new understanding of the vastly different land and plant
communities, and the importance of their interrelationship and preservation.
The day’s experiences start at the Tosohatchee “Florida Trail” where you’ll
take a short 30–45 minute hike into the heart of this pristine wilderness
before arriving at the 100-year-old outpost —a turn of the century fish camp.
after an alligator tail snack, you will board an airboat to experience the
american heritage River and its abundant wildlife. Tour an area affectionately described as the central
Florida everglades and learn about the eco-system of the St. John’s River, alligators, and the huge
assortment of wonderful creatures that call the habitat home. This is an adventure you will never forget!
Kennedy space Tour
Tuesday, September 20, 9:00 am–4:00 pm
come live the human side of space at the u.S. astronaut hall of Fame,
complete with the sights, sounds, and experiences of the famous
astronauts who first ventured into the frontiers of space. experience exhibits
dedicated to our nation’s astronauts including the world’s largest collection
of personal memorabilia, a rare collection of astronaut artifacts, and
realistic astronaut training simulators.
after exploring the hall of Fame, it’s your turn to take the controls with
hands-on activities and simulators, where you can suit up, strap in, and
blast off into an interactive experience that gives you a true taste of space.
From the G-Force Trainer that lets you feel the pressure of four times the
force of gravity, to the space shuttle landing simulator and riding a rover
across the rocky Martian terrain, you can test your skills—and your nerve.
Dine With an Astronaut! experience the once-in-a-lifetime thrill of dining
with a real-life astronaut and hearing inspiring space exploration stories while enjoying a delicious buffet
lunch. Guests may ask questions and have photos taken with the astronaut, and each guest receives
an autographed souvenir.
Winter Park
Wednesday, September 21, 9:00 am–3:00 pm
The day will begin with a relaxing, 45-minute pontoon boat ride through the
canals and tree-lined lakes of Winter Park, originally developed for wealthy
northerners as a summer retreat. View beautiful homes nestled along
scenic lakes and observe nature.
You will then be whisked away to browse the Park avenue shopping district
where the Southern charm that lured the elite society can still be seen.
Picturesque shops, exclusive boutiques, cafés, art galleries, brick-lined
streets, and the towering trees of central Park make Park avenue the place
to be and be seen. You will also have the option to visit The charles hosmer
Morse Museum of american art, which houses the world’s most
comprehensive collection of the works of louis comfort Tiffany (1848–
1933) including Tiffany jewelry, pottery, paintings, art glass, leaded-glass
windows, lamps, and the chapel interior he designed for the 1893 World’s
columbian exposition in chicago.
Visit www.asis2011.org/registration for spouse program fees.
74 Asis 2011 Anticipate the unexpected. The security tools, techniques, and talent for tomorrow.

FLORIDA
Orlando
as a premier destination for meetings and conventions, business, and tourism,
Orlando has just the right mix of sunny skies, warm temperatures, and assortment
of attractions, dining, sports, entertainment, and shopping that you won’t find
anywhere else. From the hundreds of restaurants to suit every palate to a thriving
nightlife scene to amazing theme parks and more, delegates to Orlando will take
home far more than they expected. come early and stay late to enjoy all that
Orlando has to offer!
Visit the hotel and Travel section of the Seminar website for destination
information, theme park discounts, and more.
SEE yOu In OrLAndO!
“Asis combines everything good
into one fully-packed week:
speakers, exhibits, classes,
networking, local attractions,
membership, and professional
certifications. Attending the
full seminar is well worth
the cost.”
Karen Waller
Security Specialist
Faa
September 19–22, 2011 | Orange County Convention Center | Orlando, Florida | www.asis2011.org 75

General information
Event Location
Orange County Convention Center
(West Building)
9800 International Drive • Orlando, FL 32819
all sessions, exhibits, registration, and most
networking events will be held at the convention
center, unless otherwise noted.
Headquarters Hotel *
Peabody Orlando
9801 International Drive • Orlando, FL 32819
Pre-Seminar programs, certification reviews, and
some volunteer meetings will be held at the Peabody.
* In addition to the headquarters hotel, the aSIS room block
comprises a variety of hotels to fit every budget and
accommodation preference.
Hotel reservations
Book your hotel arrangements through the
Asis Housing bureau with one easy call:
+1.888.887.8072 (U.S./Canada)
+1.972.349.7452 (outside U.S./Canada)
Or reserve your housing online at
www.asis2011.org/hoteltravel. The hotel reservations
deadline is september 9, but book early to
get the best rates and preferred accommodations.
When you book your housing through the official
aSIS housing Bureau, you also receive a free pass
for shuttle bus services between the Seminar
hotels and the convention center (a $50 value).
Only those booking through the Asis Housing
bureau will receive free shuttle bus passes.
FIVE WAyS
TO SAVE
1
2
3
4
5
rental Cars
as official suppliers for the annual Seminar and
exhibits, these companies are offering special,
discounted rates to Seminar attendees.
AVis: call +1.800.331.1600 or log onto www.avis.
com and provide this number: AWD-D005038 to
take advantage of discounts.
DOLLAr rENT A CAr: all reservations can be
made online at www.dollar.com or by calling
+1.866.542.2303, ext.2. Please provide the aSIS
International corporate discount number:
CD#CM0135.
FOUr WAYs
TO rEGisTEr
Internet: www.asis2011.org/registration
Phone: aSIS Registration
+1.800.941.2128 (u.S./canada)
or +1.980.233.3813
8:30 am–5:00 pm edT
(Monday–Friday)
Fax: +1.980.233.3800
Mail: 10900 Granite Street,
charlotte, nc 28273 uSa
After 3:00 pm EDT, Friday, September 16, you must
register onsite at the Orange County Convention Center.
Onsite registration is open Sunday, September 18, from
12:00 noon–6:30 pm. (ISC) 2 members must register
through www.isc2.org/congress2011.
Take advantage of early bird discounts when you register by
August 12. If you purchase the Full registration package, you’ll get
the greatest variety of sessions, events, and networking activities in
addition to exhibits admission.
Make your hotel reservation early! The housing deadline is
September 9, but book early to ensure your preferred hotel and rate.
And by booking through the official ASIS Housing Bureau,
you’ll receive a complimentary shuttle bus pass (a $50 value)—
available only to those using the housing bureau.
If you’re not an ASIS member—join now and take advantage of
member discounts. Plus, you’ll get a $100 education credit that you can
use now or later. See www.asisonline.org/membership for details.
Limited time or resources? Exhibits-only registration is FREE in
advance. Or attend the program for a single day at a reduced fee.
Bring your team and save! See Team discount policy at
www.asis2011.org/registration.
76 Asis 2011 Anticipate the unexpected. The security tools, techniques, and talent for tomorrow.

Thank you to our Partners and sponsors
September 19–22, 2011 | Orange County Convention Center | Orlando, Florida | www.asis2011.org 77

supplement to Security Management
“ The very best comprehensive
security conference of its kind.”
Peter Bourey, Security Manager
Telehealth Services
Visit us at www.asis2011.org
sECUrE THE sOLUTiONs AND EXPErTisE
YOU NEED TO MEET YOUr OrGANizATiONAL
AND PrOFEssiONAL GOALs.
• inspiring keynotes and general sessions
• 200+ education sessions
• Networking opportunities with peers and visionaries from
around the globe
• Thousands of the latest technologies, product, and services
• Asis and (isC) 2 certification reviews
• recertification CPEs
• Pre-seminar programs and events
• New product introductions
• Accolades competition showcase
• solutions Theater presentations
Asis 2011 HEADLiNErs
Jeb bush
Governor of Florida
1999–2007
Vicente Fox
President of Mexico
2000–2006
Announcing the first annual
(isC) 2 security Congress.
burt rutan
entrepreneur
Colocated with the ASIS International Annual Seminar
and Exhibits, the combined events present the largest
show of its kind worldwide. This is where traditional and
logical security meet. See inside for more information.