Enterprise Security Management
Developing a Security Management System
for Your Extended Enterprise

October 20, 2005
9:00 a.m. to 5:00 p.m.

Stephens Convention Center
Rosemont (O'Hare) Illinois

This one day conference will help you learn how to maximize security, increase efficiency and adhere to enterprise compliance with a better grasp of security policies and regulatory mandates.

9:00am-10:00am
Justifying Security Expenditures in Your Organization to the Business Decision Maker
Marilyn Dement, Senior Security Product Manager, Verio

Enterprises today experience new security threats and identify vulnerabilities on an almost daily basis. Many security initiatives aimed at mitigating security threats are misunderstood by company management and remain un-deployed, leaving critical business infrastructures inadequately protected. Budget authority within many IT organizations is often limited, requiring final decisions to be determined by non-technical decision makers, who don’t understand the technical requirements or implications. This session will cover ROI methodologies and approaches that can be used to help technical executives speak in the business decision maker’s language to successfully secure funds. 

10:00am-10:30am Refreshment Break

10:30am-11:30am
The Role of Security in an Effective Compliance Program
Brian Polick, Security Solution Director, Computer Associates

Polick

An automated and sustainable compliance effort requires a centralized way of managing user identities, controlling access to protected resources, whether they be enterprise applications, platforms, system devices, databases or web services. It also requires an efficient way to allocate and de-allocate resources as individual user identities are created, removed or modified. Lastly, any sustainable compliance methodology requires a centralized and effective way of auditing, monitoring and potentially responding to security events within the enterprise.  Our speaker will cover:

• The Landscape of Regulatory Compliance
• The Role of Security Management In Compliance
• A Compliance Security Management Platform
• Key Capabilities of a Security Compliance Platform
• Moving from Compliance to Improved Business Performance

This presentation will provide you with an in depth understanding of the importance of security management, especially identity and access management, to a full compliance program.

11:30am-12:30pm
Bridging the Gap Between Network and Security Management – A Panel Discussion
Moderator: Brendan Hannigan, Executive VP, Q1Labs
Panelists: Jason Witty, Manager, Information Security, Options Clearing Corporation
Paulette Hradnansky, Director, Information Security Operations, Motorola
Arlene Yetnikoff, Director, Information Security, DePaul University
Tyrone Parker Jr., Global IS Security Manager, Hewitt Associates
David Shue, Member of Technical Staff – Security Operations, Lucent Technologies

Hannigan Shue

Network devices and security products proliferated in response to emerging network applications and evolving security threats respectively.  Now these previously diverse technologies are converging within the same hardware and footprint in your enterprise, and yet the management of network and security remain in their distinct silos.  Can there be common ground established between networks and security, and what does this mean for the enterprise as a whole?  A panel of enterprise IT departments will share their experiences in bridging the gap between network and security management. 

12:30pm-1:30pm Luncheon

1:30pm-2:30pm
Managing a Secured Network Infrastructure
Tim Davidson, Consulting System Engineer, Cisco Systems 

Davidson

Taking at face value all the security solutions that are implemented, the training security practitioners receive and the corporate/security policies that are adhered to, one would think an enterprise would be safe from external & internal threats.  Think otherwise!

• Firewalls often fail because they're configured and maintained improperly.
• IDSs are often useless because of slow response time to alerts—and/or failure to separate the real attacks from the false alarms.
• SIMs encounter the same problem: unless there's a human security expert monitoring them, they're not defending anything.

This presentation will cover the keys to designing and implementing an effective security management framework for your organization which includes the following:

• Defining effective security policies
• Strategies for centralizing security policy enforcement       
• Successfully managing identities and access
• Techniques for consolidating security events
• Strategies for effectively containing security threats
• Tactics for preventing human error due to improperly configuring, maintaining and managing the various security devices in your network.

2:30pm-3:30pm
Simplifying the Complexity of Security Management
Tony Sabaj, Named Account Engineer, Check Point Software

Sabaj

Enterprises face a daily onslaught of security data generated by disparate security systems, platforms and applications. The incessant flood of data can bring any security organization to a halt.  Not only is it difficult to manage and interpret millions of messages, but demonstrating the value of a security system still remains a tricky proposition for most security and IT organizations – especially when the system costs less when it's working.  Attendees will learn how to successfully implement Security Management Tools for their infrastructure, including how to:

• Effectively manage multi-vendor systems while maintaining an in-depth defense system
• Rapidly deploy a management system that will be easy-to-use on an ongoing basis
• Pinpoint and take action on important security events in real-time
• Architect a system that provides the rationale and ROI for your overall security infrastructure
• Uncover the hidden costs of security management tools before investing into a system
• Choose a management system right for your organization with selection criteria tips

3:30pm-4:00pm - Refreshment Break

4:00pm-5:00pm
Implementing an Enterprise SIM: Trials & Tribulations from the Field
Derek Milroy, Security Architect, The Corp Sec Project

Milroy

Derek is a popular speaker at CAMP known for his "hands-on approach" . This presentation will cover the following topics Security Information Management topics:

• Identifying your monitoring needs
• How to run an effective pilot that will enable you to determine the scope of your SIM implementation (sample numbers for hardware will be presented)
• Strategies for dealing with Microsoft security logs
• Tactics for correlation and alerting
• Implementing a Virtual SOC vs. a SOC
• Integrating your SIM with your IR Process
• Report generation for compliance efforts

The frameworks and checklists that Derek will present have all been proven in production environments. 

Each attendee will receive a certificate awarding 7 CPE credits for CISSP continuing education,
 in addition to 0.7 CEUs.
CISSP is a registered certification mark of (ISC)², Inc.

In this one day conference you, will learn the following:

• We will explore Security Identity Management (SIM)– How to take the abundance of raw data and transform it into actionable intelligence.

• Strategies for identifying the most crucial security events in your enterprise.  You must decide what to watch for before implementing monitoring of your entire environment.

• How to effectively determine valid security incidents and integrate the output from your SIM solution into your Incident Response program. 

• Using SIM solutions to document compliance with monitoring requirements as per various laws.

• Strategies for reducing false positives

• Using security event monitoring to facilitate identifying ways to prevent future attacks.

• How to provide the right information at the right time so threats are accurately detected

• Keeping the impact of an attack to an absolute minimum

• Strategies to ensure a successful full scale enterprise deployment over a variety of platforms