Anticipate the unexpected - ASIS 2012

More documents

Recommendations

Info

Education sessions: 2000 Series MONDAY, sEPTEMbEr 19 • 11:00 am–12:00 noon 2116 A Practical and Technological Approach to Managing Workplace Violence ▲ Advanced effectively managing potential threats of violence that may impact the workplace entails utilizing a framework based on industry best practices, collaborative partnerships, and technology. This presentation provides an overview of the threat management framework used by the Microsoft Global Security Investigations team. hear how the team assesses potential threats of violence and specific security strategies used to mitigate possible threats to its staff and facilities. The presentation also reviews organization-specific approaches and challenges to delivering threat management services on a global scale. James Louie, Group Investigations Manager, Microsoft Corporation 2117 Corporate Account Takeover: Online and in the real World ▲ Advanced This presentation covers the tools, techniques, and tactics of the online fraudster targeting large corporate accounts for financial gain via account Takeover (aTO). Specific schemes being utilized will be discussed as well as emerging threats. understand best practices for preventing this type of fraud as well as advanced controls that will help you protect your own company. Matthew Harper, Group Vice President, Client Authentication, SunTrust 2118 National security information: Top Five Aspects to successfully Protecting Our secrets ● Fundamental Protecting vital national security assets is becoming much more complicated and the challenge to keep up can be overwhelming. The name of the game in national security is change, and at a scale and pace that is unprecedented. This presentation offers a clear outlook on what is really important and opens the floor for discussion. Taking a look at the Top Five can assist you in responding to the many threats and risks in today’s changing landscape. Dorene Colwell, Director Special Security Programs, Office of Intelligence and Analysis, Department of the Treasury 2180 Next Generation Cloud security Compliance ■ Intermediate Security in the cloud requires automated provisioning, continuous monitoring, and reporting on control effectiveness over time—especially important for any regulated industry which uses either public or private cloud resources. elastic provisioning of cloud resources must also include adaptive security and privacy controls. Guidance on creating a next generation security compliance framework which is inherently tied to industry standards is given and regulatory frameworks will be presented. Robert Weronick, CPP, Director of Global Security, Alexion Pharmaceuticals, Inc. 2181 Critical infrastructure Protection and risk Management ■ Intermediate Whether it’s keeping the lights on, financial markets running, or fresh water flowing from our taps, critical Infrastructure permeates every aspect of our daily life. In this interactive panel discussion, we’ll explore how risk management practices shape the protection of our very way of life. The role of a risk-based approach to protecting the nation’s critical infrastructure is crucial to providing the best possible security program for the limited resources at our disposal. In this panel discussion, we’ll hear from all sides of the issue. Mark Weatherford, Vice President/CSO, NERC; Diana-Lynn Contesti, Board Chairperson, (ISC) 2 ; Allan McDougall, Principle, Evolutionary Security Management “Absolutely the best conference for learning, obtaining information on state-of-the-art technology, and for networking.” carl Mountain Senior Investigator, Global Security Microsoft 24 Asis 2011 Anticipate the unexpected. The security tools, techniques, and talent for tomorrow.
MONDAY, sEPTEMbEr 19 • 11:00 am–12:00 noon 2182 integrating security Concepts into system and Application Design ■ Intermediate Integrating security requirements and controls into business processes, applications, and systems has proven to be a nearly impossible challenge for most organizations. Typically, security is approached as an afterthought long after the ability to design effective security solutions has passed. This session provides solutions to that problem and explains how every security manager and every organization can work together to build business solutions that are resilient, reliable, and secure. Kevin Henry, Owner, KMHenry and Affiliates Management, Inc. 2183 Yes You Can: How to securely Deploy and Manage Enterprise Mobile Devices ■ Intermediate adopting smartphones and tablet devices will give your organization a competitive business advantage. however, the risks associated with a haphazard roll-out of mobile devices can decimate those benefits and result in a very expensive security incident. With the right information, an organization can have the best of both worlds: competitive advantage plus a secure mobile infrastructure. This presentation provides you with the information you need including mobile device security policies, employee training expectations, device hardening details, centralized management options, and more. Jerod Brennen, Senior Security Analyst, Jacadis MONDAY LEVEL KEY: ● Fundamental ■ Intermediate ▲ Advanced 2184 A Practical Guide to implementing a risk Management strategy ■ Intermediate Risk management has received a lot of attention as security practitioners begin to focus their efforts on raising their profile with executive leadership. learn from your peers as we discuss the successes and failures on the path to create a risk management program from the ground up. Implementing an effective risk management strategy can be a daunting task and has eluded even the most seasoned security professionals. The panelists share their greatest hits and a few misses on the path to effective risk management. Brandon Dunlap, President, Brightfly Consulting; Chris Trautwein, Information Security Officer, (ISC) 2 ; Michael D. Kelly, Technical Architecture Consultant, Security, Target Corp. 2185 introduction to the software Assurance Track ■ Intermediate For the nation’s critical infrastructure to be reliable, resilient, robust, and secure, the software supporting it must also have the same qualities. a broad spectrum of critical applications and infrastructure, from process control systems to commercial application, depend on secure software. an estimated 90 percent of reported security incidents result from exploits against defects in the design of software. Therefore, ensuring the integrity and resiliency of software is vital to protecting the infrastructure from threats and reducing overall risk from cyber-attacks. To ensure system reliability, it is critical to include provisions for built-in security of the enabling software. Joe Jarzombek, Director of Software Assurance, U.S. Department of Homeland Security September 19–22, 2011 | Orange County Convention Center | Orlando, Florida | www.asis2011.org 25
Page 1 and 2: Seminar Overview Seminar Dates: Mon
Page 3 and 4: Program Highlights . . . . . . . .
Page 5 and 6: edUcation Solutions theaters. These
Page 7 and 8: Schedule of Events All programs and
Page 9 and 10: Fisher Labs Fleet Management Soluti
Page 11 and 12: Certification Activities ASIS CERtI
Page 13 and 14: Pre-Seminar Programs and Events Mak
Page 15 and 16: the Basis of Security Design: Funct
Page 17 and 18: collaborative and inclusive, and ho
Page 19 and 20: Tuesday SEPtEmBER 20 11:00 am-12:00
Page 21 and 22: 1:45 pm -3:00 pm MONDAY LEVEL KEY:
Page 23 and 24: MONDAY, sEPTEMbEr 19 • 11:00 am-1
Page 25: MONDAY, sEPTEMbEr 19 • 11:00 am-1
Page 29 and 30: MONDAY, sEPTEMbEr 19 • 1:45 pm -3
Page 31 and 32: MONDAY, sEPTEMbEr 19 • 1:45 pm -3
Page 33 and 34: MONDAY, sEPTEMbEr 19 • 4:30 pm-5:
Page 35 and 36: MONDAY, sEPTEMbEr 19 • 4:30 pm-5:
Page 37 and 38: TUEsDAY, sEPTEMbEr 20 Schedule-aT-G
Page 39 and 40: 4:30 pm-5:30 pm TUESDAY LEVEL KEY:
Page 41 and 42: TUEsDAY, sEPTEMbEr 20 • 11:00 am-
Page 43 and 44: TUEsDAY, sEPTEMbEr 20 • 11:00 am-
Page 45 and 46: 3185 improve Your sDLC With CAPEC a
Page 47 and 48: TUEsDAY, sEPTEMbEr 20 • 1:45 pm-3
Page 55 and 56: WEDNEsDAY, sEPTEMbEr 21 Schedule-aT
Page 57 and 58: 3:30 pm-5:00 pm WEDNESDAY LEVEL KEY
Page 59 and 60: WEDNEsDAY, sEPTEMbEr 21 • 11:00 a
Page 61 and 62: WEDNEsDAY, sEPTEMbEr 21 • 11:00 a
Page 63 and 64: 4183 identify, Assess, Mitigate: se
Page 65 and 66: WEDNEsDAY, sEPTEMbEr 21 • 1:45 pm
Page 71 and 72: THUrsDAY, sEPTEMbEr 21 • 8:00 am-
Page 73 and 74: President’s reception at Universa
Page 75 and 76: Loyalty has its rewards The VIP Alu
Page 77 and 78:
FLORIDA Orlando as a premier destin
Page 79 and 80:
Thank you to our Partners and spons
show all

Anticipate the unexpected - ASIS 2012

Create successful ePaper yourself

Delete template?

Save as template?