Anticipate the unexpected - ASIS 2012

More documents

Recommendations

Info

Education sessions: 3000 Series TUEsDAY, sEPTEMbEr 20 • 1:45 pm–3:00 pm 3214 soft Targets ● Fundamental Industry and government protection leaders share insight on the numerous challenges of securing soft targets in today’s changing environment. What makes a target soft, what makes it unique and challenging when evaluating risk assessments and/or in deploying security measures? The panel shares first-hand experiences, knowledge, and processes to shed light on the growing risk associated with soft targets. Whether you are a soft target, are responsible for employee travel and events, and/or charged with executive protection, you will gain a clearer understanding of this security phenomenon. James C. Reynolds, CPP, Director of Safety and Security, Hilton Worldwide Sponsored by the ASIS Global Terrorism, Political Instability, and International Crime Council 3215 background Checks Under Fire: A Legal Update ■ Intermediate Background screening practices are facing a firestorm of legal scrutiny, restrictions, and media criticism as evidenced by recent actions filed by the eeOc, laws targeting the use of credit and criminal data, and “ban the box” initiatives limiting the access to critical applicant information. Yet high profile shootings and widely publicized threats to workplace safety have left many wondering why more cannot be done to protect the workplace and the public. Security professionals are caught in the crosshairs. This session will arm you with a critical legal update and recommended best practices. Angela Bosworth, Executive Vice President, General Counsel, OPENonline 3216 integrated Operational risk Management: A Look inside Westinghouse ■ Intermediate understand the importance of an integrated operational risk program highlighting all assets: people, facilities, supply chain, and intellectual property. as global operational threats continue to increase, proactive programs are more important than ever. These threats can range from natural disasters to health to civil unrest to the cyber world. The first part of this session will outline the key program considerations, while the second part will study a specific program employed by Westinghouse. Russell Cline, Corporate Security Director, Westinghouse Electric Company; Bruce McIndoe, President, iJET Intelligent Risk Systems 3217 supply Chain security: The Americas ■ Intermediate This session defines the scope and effect of cargo crime in the americas. understand the need to have an effective cargo and supply chain security program for companies who move cargo in/out/through the amercias. Methods of protecting the supply chain and investigative best practices will be covered. Art Arway, CPP, Vice President/Regional Head of Security, Amercias, DHL Global Forwarding 3218 Protection intelligence: Putting it in the Hands of Potential Targets ● Fundamental Violence in Mexico often surpasses the abilities of authorities to immediately control dangerous situations. Mexicans have turned to each other to provide crucial and immediate information so as to avoid dangerous situations. learn the different methods utilized to disperse this information, how the populace has evolved in using social networks and communication mediums, and the weaknesses of these information mediums. actual case histories of violence and how citizens are utilizing these information mediums will be discussed and analyzed. Methods to determine false or malicious information will be shown. Andrew Potts, Jr., Director, Cuspis S.A. de C. V.; Valdemar Valdez, Security Manager, Operadora Mega 3219 Caution Advised: The Use of social Networking sites, search Engines, and Web 2.0 to screen Applicants ■ Intermediate employers and security professionals have discovered a treasure trove of information on potential job applicants by using social networking sites, such as MySpace or Facebook, and search engines. however, just because something is available online does not mean there is no legal risk involved or ensure the information is factual. This session examines the pros and cons of employers utilizing such tools. Through case studies and reviewing web sites, you will see visually how these sites work, what they contain, and the potential legal landmines and practical risks involved. Lester Rosen, Attorney at Law 46 Asis 2011 Anticipate the unexpected. The security tools, techniques, and talent for tomorrow.
TUEsDAY, sEPTEMbEr 20 • 1:45 pm–3:00 pm 3220 Getting From Here to There: Advancing in the security Field ● Fundamental With the ever changing world of the private security sector, learning what it takes to ‘move up the ladder’ can be challenging and confusing. a panel of security veterans tell it like it is for those ready to move up. Jeffrey Hawkins, Manager, Security Management Education Outreach, American Military University; Jeffrey Slotnick, CPP, PSP, President, Setracon Incorporated; Ray Van Hook, CPP, Executive Director of Campus Security, The School of The Art Institute 3280 Forensics and the Cloud ■ Intermediate due to the explosion of applications for cloud computing, a new practice has emerged in “cloud forensics.” In fact, the u.S. department of Justice has begun to focus efforts in this area. Who controls the evidence, including collection, preservation, and validation of information contained within the cloud? What happens if that cloud is outside the united States? This session attempts to explain what the cloud and forensics mean in relation to one another. 3282 Picking the right Tool for the Job: Using Vendor Tools to Aid in the Development of secure Code ■ Intermediate Building secure code is a top priority for organizations today. as criminals move from attacks against the operating system to third party applications, organizations find themselves on the receiving end of attacks. developing secure code is not only technically challenging, but is inherently difficult due to a variety of factors including interaction with other code, and new attacks. Many vendors have released tools to aid developers in this endeavor. This session looks at the application security products market and discusses some of the options that organizations have in choosing a tool. Robert Ayoub, Global Program Director, Network Security, Information & Communication Technologies, Frost and Sullivan TUESDAY LEVEL KEY: ● Fundamental ■ Intermediate ▲ Advanced 3283 Mobile Applications: Managing Enterprise risk and Exploitation ■ Intermediate an emerging trend is for large organizations to shift mobile device ownership and maintenance to their employees to reduce business costs. at the crossroads of this shift in IT governance are smartphone applications and their ability to access corporate resources and intellectual property. not all smartphone applications are created equal. Most organizations lack formal processes to support centralized device management, secure application distribution, software security, and privacy control. Vetting risk becomes increasingly embedded into the converged mobile and Intranet architectures. This session presents a mobile application risk management framework which addresses assessment and mitigation techniques. Richard Tychansky, Information Assurance Engineer, Lockheed Martin Corporation 3284 Putting Your House in Order— business intelligence Gathered From 100+ sustainable iT-GrC implementations ■ Intermediate Review best practices and concepts from real-world IT GRc implementations proven to work for 100+ organizations. decipher when to apply various risk assessment methodologies (top-down vs. bottom-up; threat-based vs. business criticality). Gain an understanding of existing controls framework and selecting appropriate frameworks based on the target areas and relevant regulations. Review techniques for avoiding pitfalls of controls catalogue overload. case studies highlight challenges of the IT GRc program roll-out and exploring technology to match the organization’s needs and methodologies. Vivek Shivananda, Founder/CEO, Rsam “The seminar and Exhibits is the best source for staying current in the industry and reviewing products.” Mike Bruggeman Director, Global Security General Motors September 19–22, 2011 | Orange County Convention Center | Orlando, Florida | www.asis2011.org 47
Page 1 and 2: Seminar Overview Seminar Dates: Mon
Page 3 and 4: Program Highlights . . . . . . . .
Page 5 and 6: edUcation Solutions theaters. These
Page 7 and 8: Schedule of Events All programs and
Page 9 and 10: Fisher Labs Fleet Management Soluti
Page 11 and 12: Certification Activities ASIS CERtI
Page 13 and 14: Pre-Seminar Programs and Events Mak
Page 15 and 16: the Basis of Security Design: Funct
Page 17 and 18: collaborative and inclusive, and ho
Page 19 and 20: Tuesday SEPtEmBER 20 11:00 am-12:00
Page 21 and 22: 1:45 pm -3:00 pm MONDAY LEVEL KEY:
Page 23 and 24: MONDAY, sEPTEMbEr 19 • 11:00 am-1
Page 29 and 30: MONDAY, sEPTEMbEr 19 • 1:45 pm -3
Page 31 and 32: MONDAY, sEPTEMbEr 19 • 1:45 pm -3
Page 33 and 34: MONDAY, sEPTEMbEr 19 • 4:30 pm-5:
Page 35 and 36: MONDAY, sEPTEMbEr 19 • 4:30 pm-5:
Page 37 and 38: TUEsDAY, sEPTEMbEr 20 Schedule-aT-G
Page 39 and 40: 4:30 pm-5:30 pm TUESDAY LEVEL KEY:
Page 41 and 42: TUEsDAY, sEPTEMbEr 20 • 11:00 am-
Page 43 and 44: TUEsDAY, sEPTEMbEr 20 • 11:00 am-
Page 45 and 46: 3185 improve Your sDLC With CAPEC a
Page 47: TUEsDAY, sEPTEMbEr 20 • 1:45 pm-3
Page 51 and 52: TUEsDAY, sEPTEMbEr 20 • 4:30 pm-5
Page 53 and 54: TUEsDAY, sEPTEMbEr 20 • 4:30 pm-5
Page 55 and 56: WEDNEsDAY, sEPTEMbEr 21 Schedule-aT
Page 57 and 58: 3:30 pm-5:00 pm WEDNESDAY LEVEL KEY
Page 59 and 60: WEDNEsDAY, sEPTEMbEr 21 • 11:00 a
Page 61 and 62: WEDNEsDAY, sEPTEMbEr 21 • 11:00 a
Page 63 and 64: 4183 identify, Assess, Mitigate: se
Page 65 and 66: WEDNEsDAY, sEPTEMbEr 21 • 1:45 pm
Page 71 and 72: THUrsDAY, sEPTEMbEr 21 • 8:00 am-
Page 73 and 74: President’s reception at Universa
Page 75 and 76: Loyalty has its rewards The VIP Alu
Page 77 and 78: FLORIDA Orlando as a premier destin
Page 79 and 80: Thank you to our Partners and spons

Anticipate the unexpected - ASIS 2012

You also want an ePaper? Increase the reach of your titles

Delete template?

Save as template?