2:45pm KEYNOTE: "Watching the Watchers" – Catching Thieves Before They Break In!

Download Presentation

Presented by: Chris Robers, Co-Founder, Cyopsis, LLC

Cyopsis is honored to present "Watching the Watchers"; this updated eye-opening presentation is primarily told from the intruder’s perspective, providing a state-of-the-union style examination of the challenges facing IT Security today. Topics covered include risk reduction, policy implementation, systems configuration and other areas of interest that should appeal to both the technical audience as well as the executive leadership.The presentation has been built to provide an understanding of both technical considerations as well as the business, fiduciary and legal responsibility within organizations. We will review several topics including business awareness to the security climate in today’s world, accountability within an organization for the actions of Information Security practices and understanding the technical and theoretical path that the intruders are taking in the future and other.Risk reduction will be introduced throughout the discussion as the barometer many organizations use to gauge the initiatives that are undertaken as part of an Information Security program. We will look to assess the impact of both technical and policy based solutions giving examples, as well as case studies and real world examples of where ideas have both worked and fallen on the rocks.We will touch upon regulatory with the aim being is to provide an oversight into the main initiatives companies are facing today. We will be discussing both the theory as well as practical applications of both technical and policy based solutions that businesses are challenged with implementing. As with both risk and regulatory sections of the presentation, the goal is to provide insight into the potential business impact of security within the enterprise through examples and case studies.We will examine how foreign governments, organized crime, motivated computer hackers and competitors are just a small fraction of the threats facing companies today and we will review what is being done to try and combat this offensive both domestically as well as within the greater global community.

Speaker Bio
Chris Roberts, co-founder of Cyopsis, heads a team of cyber security professionals specializing in assessment and forensic investigation. He brings a wealth of knowledge, technical expertise, leadership and analytical skills gained from seventeen years experience in information technology. With a focus on information security, his professional experience includes roles as Information Security Officer and Director of Engineering and Architecture for a large retail firm, CTO and Technical Architect for a counterintelligence firm and leader of IT Security Architecture Project Management for a major international retailer. Mr. Roberts’ background in security assessment and vulnerability testing includes penetration testing, compromise investigation, analysis and documentation. He has developed and implemented company-wide information security awareness programs and frequently speaks and gives presentations on topical security issues. He is an active member of the Systems Administration and Network Security (SANS) organization and an active participant in the Open Web Application Security Project (OWASP) community. He currently serves as a member of ISSC and as a FBI business liaison. His credentials include: CISSP, CCIE and MCT. Chris was educated in the United Kingdom.

9:30am Current Threats & Countermeasures

Securing the information assets of an enterprise has never been so important or so complicated. The past several years have
seen a significant increase in the number of security threats and vulnerabilities and significant advancements in attack methodologies with
new tools, techniques, and attack vectors being released on a weekly basis. 

Presented by: Accuvant

10:20am Implementing a Vulnerabily Management Program
Download Presentation
The war on battling vulnerabilities has become a daunting process over the years including the record high exploits released in 2009 in addition to meeting regulatory compliances such as PCI. This presentation illustrates methodologies, best practices and visualizations on implementing a distributed vulnerability management program. The goal of this talk is to educate one on the latest automated techniques for delegating and managing the greatest threat to corporate networks today – known vulnerabilities. This demonstration is using PCI requirements as a model example.

Presented by: SAINT Corporation

11:10am Sleep at Night : Architecting a Reliable BC / DR

Old backup methodologies and technologies fall short of today's requirements.  It is time to shake the BCDR landscape.  Based on real, in-production customer deployments, we will define the considerations, challenges, and optimal architectures for a efficient, cost-effective BCDR solution.  This discussion will explore the discovery and design methodology as well as the considerations for leveraging industry technologies such as disk, tape, deduplication, and continuous data protection.  The impact is a BCDR solution that provides value every day, not "just in case".

Presented by: Starfire Technologies

1:00pm Planning Your Defense Against the Top Security
This e-mail address is being protected from spambots. You need JavaScript enabled to view it
Network security attacks can devastate an organization by crippling systems, stopping productivity and causing the company to pay extreme fines if confidential information is pilfered.  Prepare to discuss social networks, botnets, data loss prevention plus other malicious wild things, and how to keep your valuable employees, systems and data safe.

Presented by: WatchGuard

1:50pm Patch Management : Foundation of Application Security
Application exploit are on the rise. And yet industry experts are reporting that most organizations are still not adequately keeping up with security patches for their operating systems, much less their applications. One of the most effective ways to protect against application exploits is to implement security patches within 48 hours of release across your entire organization. Sound impossible? Join us for this discussion on patch management best practices, industry benchmarks, recent analyst reports, and ROI metrics to help "sell" the project to upper management. We'll also explore some of the pitfalls that may be preventing you from achieving your patch management and application security goals.

Presented by: Big Fix