K11. Future Threats in Internet Crime
The Internet has rapidly evolved from an environment populated by digital pranksters to a medium for hardened criminals intent upon damaging consumers. businesses and governments for massive financial and political gains. In this keynote presentation, Richard Clarke profiles the significant criminal groups operating on the Internet today, the weaknesses within our critical infrastructure and how these trends are likely to play out over the next several years.

K12. The Insider Threat
Beware of the Insider. Whether through innocent mistakes made by trusted insiders or by malicious actions carried out by contractors or disgruntled employees, the insider is considered to be the top threat to intellectual property and confidential data. Organizations create mountains of proprietary information every day, yet it can be stolen in large quantities via tiny devices such as USB drives and PDAs. In this keynote presentation, Taher Elgamal will discuss key points of risk for data loss within enterprises, profiles of likely threats and best practices for protecting against data leakage. Mr Elgamal will also discuss best fit technologies for preventing loss, such as encryption, policy enforcement and outbound analysis tools.

K21. Building a Culture of Security
All of the high profile online security incidents have involved organizations that have made significant investments in information security. However, a culture of security often eludes organizations and in order to prevent more security incidents in the future, it is incumbent upon Chief Information Security Officers that they integrate security into the company, its board of directors and all of its business units. In this keynote presentation, Howard Schmidt discusses lessons learned as both a CISO and a member of boards of directors to explain how to build a culture of security within your organization. From getting executive buy-in to generating organizational awareness to assembling a world-class security program, Mr Schmidt explains the critical success factors for making security a pervasive part of any corporation.

K22. Physical & Information Security Convergence
2006 may well be the “Year of Convergence” between information and physical security. As malicious groups become more sophisticated in developing “blended” attacks, organizations will discover the need to collaborate within these two areas while executives will seek to drive efficiency and reduce costs associated with multiple security functions In this presentation, Roger Cressey will discuss industry trends driving convergence, review case studies of organizations gaining benefits from convergence and will provide some actionable strategies for your organization to use in order to provide better cooperation with information and physical security groups.

PANELS

P11. Business Justification for Security
Security functions today are primarily seen as a cost center, when in fact security can be a key business enabler. The right security solution implemented at the right time can simplify partner communications, reduce operational costs and uncover new business opportunities. In this panel session, security experts explain strategies they have used to successfully justify security in business terms. We will discuss ROI models, global regulatory issues, as well as the politics associated with executive interaction.

P21. A Day in the Life of a CISO
Chief Information Security Officers (CISO) are a relatively new addition to the corporate executive roster. In this panel discussion, several CISOs will discuss what a typical day looks like on the job, what strategies they have learned to communicate with other executives, what their key challenges are, and how others can learn to become CISOs.

TECHNICAL BREAKOUT

T11. Voice over IP
Voice over IP (VoIP) has evolved from being an exotic leading edge technology to being the highest growth option for implementing new voice communications solutions. VoIP’s low cost and flexible features make it a popular choice, often over the objections of security professionals concerned about its vulnerabilities. In this presentation, attendees will learn about emerging security threats to VoIP, its impact on data networks and proactive architectural and implementation issues that must be addresses to ensure secure and reliable Voice over IP solutions.

T12. Technical Aspects of Physical Convergence
From closed circuit television (CCTV) monitoring to door locks, physical security devices are being rapidly migrated to open, IP-based digital networks. This paradigm shift will have a tremendous impact on security practitioners and solution providers alike, as this trend promises new cost reductions as well as new vulnerabilities. In this presentation, the attendee will learn about the progress of this digital migration, learn which technologies are reaching maturity and understand how to safely implement the right converged security technologies.

T13. Encryption
While organizations must cope with an ever changing threat model and uncertain network defenses, one technology remains relatively immune to direct attacks – encryption. Data encryption is increasingly seen as an important strategy to mitigate the threats from lost and stolen data. The presenter will explain regulatory and business enablers for encryption, review both data-at-rest and data-in-transit scenarios and explain logical business cases for encryption. This presentation will also explain how to incorporate business partners and customers into your encryption strategy and best practices for key management architectures.

T14. Wireless Security
Wireless local area network (WLAN) solutions such as Wi-Fi provide flexible enterprise access while decreasing infrastructure costs. However, malicious Wi-Fi attacks, such as rogue access points, “evil twins” and WEP cracking can lead to infections of mobile computers and unauthorized penetration of enterprise networks. In this session, our presenter will discuss developing an enterprise strategy to enable secure wireless communications. Among the topics covered will be a review of 802 standards for Wi-Fi security, tips for rolling out secure access points, detecting rogue wireless devices and configuring mobile endpoint devices appropriately for encrypted and authenticated wireless communications.

T15. Policy-based Network Admission
One of the hottest trends in information security is the strategy of isolating host and endpoint computers from the enterprise network based upon configuration, inherent vulnerabilities and detected compromises. This strategy often involves temporarily placing computers containing some sort of policy violation in a quarantined VLAN, where they must be updated and remediated before reintroduction into the enterprise network. In this presentation, attendees will learn about reference architectures, new products and best practices enabling policy-based network admission.

T21. Web Application Security
A common point of entry for the hacker is via the web application. In this presentation, we will provide a live demonstrate of common web hacking methods, such as cross-site scripting, parameter manipulation, SQL injection, session hijacking, cookie manipulation and much more. We will show how these web application attacks can expose entire databases of sensitive information. We will then discuss the common tools and techniques employed to defend against these attacks.

T22. The Google Threat
Search engines are a permanent part of the Internet landscape and provide essential information to their users. However, these search engines can crawl and store more information that you may think and have searching functions that made the malicious person’s job that much easier. Search engines can be parsed to find websites with vulnerable configurations, datafiles containing valuable information and sensitive data about individuals and companies. In this presentation, a survey will be provided of key risks posed by manipulation of search engines. The attendee will also learn about practices that minimize the information you must provide a search engine and basic practices to enhance web security.

T23. Biometrics
Biometrics has long promised to enhance digital security through the use of unique physical and behavioral characteristics of an individual. In this presentation, the attendee will be provided with a current “state of the union” of biometrics, learning which technologies are most appropriate for specific applications, how it impacts physical and information security convergence and how to select the best fit solutions for your enterprise.

T24. Intrusion Prevention, Networking & Endpoint Security
Is intrusion detection really dead? When does it make sense to deploy endpoint security solutions? What is the tradeoff between agent-based and agent-less security? In this presentation, we will discuss several security technologies such as IDS and IPS, comparing network-based solutions versus client-centric approaches. We will discuss threat detection accuracy, prevention capabilities and cost of ownership issues.

MANAGERIAL BREAKOUT

M11. Security Information Management
Enterprises today have complex multi-vendor computer networks generating millions of data packets daily. Firewalls, hosts, intrusion detection systems and other devices generate huge numbers of events which must be analyzed to identify threats and ensure that corporate policy is adequately enforced. In this session, we will explore the various solutions available to aggregate and correlate security events and look at solutions to provide enhanced analysis of network traffic. Special attention will also be paid to reporting needs for compliance and remediation.

M12. Developing Secure Applications
Software is a key engine for global commerce and critical point of failure due to security vulnerabilities. Developing software more securely is an area of intense research as experts seek to devise solutions to improve software quality by addressing the people, process and technology components of the equation. In this presentation the attendee will learn how to create greater organizational awareness of key software quality issues and how to both develop and acquire more secure software.

M13. Online Digital Fraud
Highly publicized Internet-based attacks such as Phishing gain significant notoriety as a new threat when in fact they are simply fraudulent activities that have been adapted to digital mediums. This session will provide an in depth analysis of popular Internet scams and explain how individuals can protect their assets online. We will also discuss the more difficult issues of how companies can protect their assets, reputation and customer relationships in the face of these attacks.

M14. Risk Management & Metrics
Information security is evolving away from chasing every published threat towards a rational decision making system based upon risk management. A key obstacle to this approach has been the lack of empirical data and a common language for expressing information security risk. In this presentation, the attendee will learn how to develop and use metrics for security risk calculations to enable sound business decision making. We will also discuss how to implement baseline security programs, measure progress and provide executive reporting.

M15. Incident Response & Forensics
Despite our best efforts to provide proactive security, it is inevitable that every organization will need to respond to security incidents. Having a well-rehearsed and comprehensive incident response plan will minimize damage and increase the likelihood that the next threat will be successfully countered. In this session, we will discuss best practices in incident response and learn about the broad set of technical, legal, managerial and investigative skills needed. Attendees will learn what functions need to be implemented internally, when to bring in outside forensics experts and how to qualify them.

M21. Identity Theft
Identity theft is a nightmare scenario for Chief Information Security Officers. In this session, we will explore the common methods used by criminals to obtain foundational information needed to conduct identity theft, how to implement corporate policies that prevent employees from divulging damaging information and how to create solutions that provide a win-win for you and your customers. We will also provide insight into emerging regulations from the payment card industry and other governing entities and how you can stay on the right side of the law.

M22. RFID
RFID is an increasing popular technology for tracking the movement and quantities of products, as well as tracking other, more detailed information about the products and the humans interacting with them. In this presentation, we will be discussing case studies for RFID implementation in several different industries, and will explore future expectations of RFID functionality and cost.

M23. Mobile Security
Mobile technology has turned several types of handheld devices into full fledged computers with larges amounts of information storage. Mobility has proven to be a boon to productivity by letting workers communicate at any time from anywhere, blurring the edge of your network. Unfortunately, handheld devices have little inherent security controls to protect your organization from their misuse. Widespread viruses, worms and trojans are a growing threat as well. In this presentation, the attendee will learn about the current threat posed by mobile technology and some reasonable steps that can be taken to control these devices and promote security awareness among your users.

M24. Vulnerability & Patch Management
It is always better to proactively detect and repair system vulnerabilities than it is to respond to an incident in progress. However, it is a great challenge to cost effectively detect, categorize and prioritize vulnerabilities for remediation. In this presentation, the attendee will learn about best practices for managing vulnerabilities in large enterprise and aligning solutions with resources and regulator requirements.