Feedback from
Attendees

Upcoming
Events:

Sep 21, 2010

Enterprise DR/BC -

HA/Resilient Infrastructure

Info

 

Sep 30, 2010

Project and Portfolio

Mgmt

Info

 

Oct 7, 2010

VDI / Desktop Virtualization

Strategies - Implementation

and Management

Info

 

Oct 21, 2010

e-Mail Archiving

Info

 

Nov 4, 2010

The CIO Agenda -

2011 and Beyond

Info

 

Nov 18, 2010

DR/BC
Data Protection

Strategies

Info

 

Dec 9, 2010

Business Intelligence/

Performance Mgmt

Strategies

Info

 

2011 Events

 

Feb 3, 2011

Ent Risk/Security Mgmt

Info

 

Feb 17, 2011

Project and Portfolio Mgmt

Info

 

March 3, 2011

Cloud Computing

Info

 

March 17, 2011

IT Architecture

Info

 

April 7, 2011

Ent DR/BC / Resiliency

Info

 

April 28, 2011

Desktop Virtualization

Strategies

Info

 

May 5, 2011

Business Intelligence and

Analytics

Info

 

May 19, 2011

e-Mail Archiving

Info

 

June 9, 2011

Ent Risk/Security Mgmt-LLM

Info

 

July 14, 2011

IT Leadership Strategies

Info

 

Sep 9, 2011

Enterprise DR/BC / HA

Info

 

Oct 6, 2011

Cloud Computing

Info

 

Oct 20, 2011

Desktop Virtualization

Info

 

Nov 3, 2011

CIO: IT Leadership

Strategies

Info

 

Nov 17, 2011

Ent DR/BC / Data

Protection

Info

 

Dec 8, 2011

Business Intelligence/MDM

Info

 

 

Home  |  Attending   |  Speaking  |  Sponsoring  |  About   |  Contact 

Conferences that solve current IT challenges

Threat and Vulnerability Management

Strategies to help determine the levels of security/patching, vulnerability management and compliance needed for your extended enterprise

March 26, 2009
9:00 a.m. to 5:00 p.m.

CISSP Credits Awarded

Donald E. Stephens Convention Center
Rosemont (O'Hare) Illinois

 Speaker BiographiesRegister
Overview
The number of threats and vulnerabilities is growing. The timeframe between when a vulnerability is found and when it is exploited has shortened.  The urgency to mitigate network vulnerabilities has become more crucial than ever.

 

Conference Program

 

8:00am - 9:00am - Registration and Continental Breakfast

 

9:00am-10:00am
2009 Cyber Security Landscape: Trends - Predictions - Long Range Security Disruptors
Ralph Thomas, iDefense Deputy Director and Manager of the Malicious Code (Malcode) Intelligence Team, VeriSign

The malicious actors targeting the modern enterprise are no longer just “script kiddies.” Today’s cyber criminals have formed groups, which iDefense refers to as “cyber security cartels” for their similarity in structure and operational plan to the American drug cartels of the 1980s. These “cyber cartels” have focused their combined efforts on building their own infrastructure and on attacking Internet infrastructure for profit. From using Fast-flux networks to defeat phishing takedown services, to hiding behind bulletproof hosting services, to establishing entire underground markets to sell iFrame attacks, the bad guys have even fooled home users into purchasing malicious Trojan programs that claim to provide security protection. This presentation will describe some of the evolutionary progression made by these cyber security cartels in 2008 and make some predictions about what we might expect to see in 2009. Finally, we will discuss some cyber security disruptors; technologies coming down the pipe that will fundamentally change how you defend your enterprise.
 

10:00am - 10:30am - Refreshment Break

 

10:30am - 11:30am
 Strategies for Mitigating Increased Threats and Vulnerabilities in a Challenging Economy

Rich Linke, CSO, Global Security Management; Former Global Patch Management, Kraft Foods

 

The current economic environment is causing many organizations to spend more on security.  The primary driver, according to industry analysts, is protecting the information assets of the enterprise.  In the wake of current financial scandals controls and policies may play see increased role.  But where should you start?  How should you refine your ‘Threat and Vulnerability Management’ plan?

 

In this informative session, attendees will learn the following from a seasoned IT security professional:

  • What the new emerging threats are and the risks the pose

  • What new techniques and technologies you should be considering to mitigate threats and vulnerabilities

  • What other organizations are doing to reduce the impact of potential threats

  • What you can do today to better protect your enterprise

  • Where should you prioritize your spending?

11:30am - 12:30pm

Harris

Business Rationale for Patching Computer Systems
 Danny Harris, Manager of Information Security Policy and Awareness, The Aon Corporation

 

This session will focus on the rationale for patching computer systems, with an emphasis on improving security and reliability. We will discuss how the security threatscape has dramatically changed by examining a number of real-world attacks and the implications for business. In addition, other factors such as regulatory requirements, due care, and good business practices need to be considered among the criteria for patching systems.

 

12:30pm - 1:30pm Luncheon

 

1:30pm - 2:30pm

Shepard

Preventing Leakage: How to Protect and Manage the Movement of Data
Scott Shepard, CISSP, CISM, Principal Consultant, Glasshouse Technologies, Inc.

 

Given the current economic climate and financial scandals, data leakage may become even more important in the coming year.  Companies know how to implement systems to protect outside threats, but what about those that originate inside the company walls? 

 

In this session attendees will learn how to effectively design and implement policies, frameworks and tools to protect the organization from the following:

  • Insiders sending confirmation information via e-mail

  • Accidentally spilling confidential information on the Internet from using Web 2.0 technology (blog, mashup)

  • Physical/IT security – a laptop being stolen out of a hotel room or from a trade show

2:30pm - 3:00pm - Refreshment Break

 

3:00pm - 4:00pm 
 Taking the Cost, Complexity, and Hassle Out of Endpoint Security
James Hansen, Sr. Product Manager, BigFix, Inc.

Compliance Preparing for an audit is time consuming and costly. The consequences for failing an audit are even worse and cyber threats abound. But, worst of all is the on-going cost in time and money ensuring your systems stay in compliance AND you're still meeting existing IT security, availability, productivity, and cost reduction goals.

Unfortunately, shrinking IT budgets won¹t give organizations a free pass when it comes to compliance with information security regulations. Organizations must find ways to cut costs and still maintain  compliance with configuration requirements ­ for a variety of regulatory requirements and corporate governance programs while maintaining ongoing vulnerability assessments.    

Attend this session to learn about strategies for better guarding endpoint assets and status and how to achieve continuous compliance while keeping threats at bay.

  

4:00pm - 5:00pm

Milroy

Implementing an Effective Threat and Vulnerability Management Program

Derek Milroy, MCSE, GSEC, CISSP, CISA, Security Architect, Large Midwestern Financial Services Company

 

This presentation will outline a framework for implementing a vulnerability management program. Topics covered will include items/issues to be aware of as you architect a vulnerability management framework specifically for your organization. This presentation will also cover reporting for all levels of your organization, including how to gather and report on meaningful metrics that can be used to track progress for remediation of vulnerabilities throughout your environment.

 

Register

 

Conference Price: $219.00 per person

 

 

 

What You Will Learn

 

In this one day conference attendees will learn:

 

  • How to make the decision as to whether you should insource or outsource your IT security efforts and by what percentage
     

  • What areas should you be doing interally versus hiring expensive security consultants

 

  • How to leverage white listing technology

 

  • Strategies for handling regulations and data privacy Is it encrypted; is it decentralized?

 

  • How to handle work life balance - working from home/hotel poses increased security threats; how do you protect what’s going on in the laptop; ID badge-activating laptop – asset management

 

  • Strategies for security/vulnerability management – how do you keep all your products up to date

 

  • Application control – how many should have access and to which applications? i.e. Not everyone needs access to HRIS apps if they are not in HR

 

  • Strategies for configuration management – device control; thumbdrives; CDs,

  • Data leakage/data protection – How to manage the movement of data

 

Register

 

Conference Price: $219.00 per person

 

Each attendee will receive a certificate awarding 7 CPE credits for CISSP continuing education, in addition to 0.7 CEUs and 7 PDUs.  CISSP is a registered certification mark of (ISC)², Inc.

 

Exhibits

 

As is always the case at CAMP IT Conferences events, the talks will not include product presentations.  During the continental breakfast, coffee breaks, and the luncheon break you will have the opportunity to informally meet representatives from the following sponsoring companies, who have solutions in the area of the conference.

 

 

 

 

 

    

 
 

CAMP Conferences, Inc., 540 W. Frontage Rd., Ste. 2205, Northfield, IL  60093
Tel: (312) 527-2800  Fax: (847) 881-0747

Copyright © 2010 CAMP Conferences, Inc. All Rights Reserved.
CAMP IT is a registered trademark of
CAMP Conferences, Inc.