The one IT security event you need is here
October 13-14, 2009 at the Sheraton New York Hotel & Towers in New York City Register before Sept. 18 to save $500. Go to scworldcongress.com. Incomparable security education across four dedicated tracks Independent expert speakers with global perspectives A packed expo floor showcasing the best information security tools Opportunities to network with your peers and earn 15 continuing education credits from (ISC)2 Free admission to exhibits, four riveting keynotes, and special sessions
Learn from leading experts and innovators, including:
Robert Carr CEO, Heartland Payment Systems
Platinum sponsors
Gold sponsors
William Kovacic commissioner, Federal Trade Commission
Silver sponsors
Howard Cox assistant deputy chief, U.S. Dept. of Justice
Nancy Wilson senior director, enterprise information security, Time Warner Cable Strategic partners
Sustaining media partners
letter from the editor
Register now and save: go to www.scworldcongress.com
SC World Congress
Oct. 13-14, 2009 at the Sheraton New York Hotel & Towers in New York
You won’t want to miss our event in October… Cybercriminals seem immune to the weak economic times that most organizations are grappling with today, lobbing their increasingly sophisticated and intense attacks at both private and public entities 24/7. Even as the economy limps on, it’s just not feasible to skimp on information security plans. You need cost-effective solutions and services to meet today’s cybersecurity challenges. You’ll get them at our second annual SC World Congress. When you join us this October, leading industry authorities will provide the guidance you need to hone your security processes, gain a better understanding of how the threat landscape is evolving and ensure you implement the most sound risk management plan possible. Over two days, not only will you cull the latest thinking from independent experts across four educational tracks, you’ll also participate in interactive keynote sessions, such as our first-ever mock jury trial, and learn about the newest solutions available in the market from young, up-and-coming vendors during our Security Innovators Throwdown competition. SC World Congress will equip you with the information you’ve been looking for to make a real difference to your business – even during the
editor-in-chief, SC Magazine
Final Version Pantone Colors
Supporting associations
ISSA
Questions? Email congressinfo@haymarketmedia.com or phone 877-418-4861. Outside the U.S., dial 410-418-4861.
Anish Bhimani
Dan Blum
managing director of risk and security management, JP Morgan Chase
senior vice president, principal analyst, The Burton Group
Dave Cullinane
Jerry Dixon
CISO, eBay
director of analysis, Team Cymru
d’Information & des Réseaux
VP and CSO, The McGraw-Hill Companies
Stephen Fridakis
Bryan Cline director of information services, risk management, Children’s Hospital of Philadelphia
Stacey Halota
chief, IT programs and quality assurance, UNICEF
vice president, information security and privacy, The Washington Post Co.
Kris Herrin
Will Jansen
Joe Jarzombek
assistant director, FBI Cyber Division
CSO, Heartland Payment Systems
chief, systems and network analysis center, NSA
director software assurance, DHS
Wolfgang Kandek
Paul Kurtz
Latif Ladid
James Nelms
CTO, Qualys
executive director, SAFECode
founder and president, IPv6 Forum
CISO, The World Bank
Dr. Elizabeth Nichols
Steven Peltzman
Kimberly Peretti
Mark Pollitt
CTO, PlexLogic
CIO, The Museum of Modern Art
senior counsel, computer crime and intellectual property section, U.S. Department of Justice
visiting professor, National Center for Forensic Science, Univ. of Central Florida
Kris Rowely
Marcus Sachs executive director for government affairs, national security policy, Verizon Communications
Randolph Smith
Tim Stanley
CISO, state of Vermont
Richard Steinnon
Hord Tipton
Amit Yoran
executive director, (ISC)2
CEO, NetWitness
WITI PRIMARY LOGO-CMYK
Observatoire de la Sécurité des Systèmes d’Information & des Réseaux
Dennis Brixius
Shawn Henry
chief research analyst, IT-Harvest
des Systèmes
speakers
Publications
manager, information security, UPS
CISO, Continental Airlines
Also speaking: Jerry Archer, Intuit; Ron Baklarz, Amtrak; Alan Boehme, ING; Jim Cupps, Liberty Mutual Investments; Robert Maley, Pennsylvania Office of Administration; Richard Marshall, NSA; and other experts.
agenda
Register now and save: go to www.scworldcongress.com
DAY1
Track 1 Policy/management Within organizations, security fits a business function. This track helps security pros prioritize, better understand and provide guidance around important topics, such as PCI, DRM, security awareness and privacy.
(For a full description for each session, visit www.scworldcongress.com. Schedule subject to change or revision.) Learning the language of your C-suite
Communication is ever so important in business. Open lines of communication with your organization’s senior executive team is critical.
8:30 a.m. – 9:20 a.m.
Security awareness debate
9:30 a.m. – 10:20 a.m.
Security awareness is a smart, inexpensive and effective way to educate general employees on safe computing.
10:20 a.m. – 10:35 a.m.
Coffee break
Securing the consumer endpoints
10:35 a.m. – 11:25 a.m.
How have banks and ISPs in the Nordic countries changed their mentality in regards to securing the endpoints of their customers.
11:25 a.m. – 12:25 p.m.
Lunch
Keynote #1: The Heartland breach
12:35 p.m. – 1:35 p.m.
Chairman and CEO Bob Carr will discuss what Heartland is doing to create a more secure method of processing electronic payments.
1:35 p.m. – 2:50 p.m.
Innovation theater session commences and exhibition floor break Controlling mobile device usage on the network
2:50 p.m. – 3:40 p.m. 1:45 p.m. – 7:00 p.m. Exhibition floor open
There is no organization that does not face this challenge. The solution is a mixture of policy and technology.
Keynote #2: Your day in court
3:50 p.m. – 5:15 p.m.
What you need to find success in front of a judge. The audience will participate in a mock trial with real DoJ prosecutors and lawyers.
5:15 p.m. – 7:00 p.m.
Exhibit floor: Opening day cocktail party
Publications (continued)
Portals
Questions? Email congressinfo@haymarketmedia.com or phone 877-418-4861. Outside the U.S., dial +01.410.418.4861.
Track 2 Emerging threats/ risk planning
agenda
Track 3 Editor’s choice
Track 4 Technical
Emerging threats and risk planning go hand in hand, as you can’t map out your business risk without a firm understanding of the wide variety of threats faced by your organization.
Every security line of business needs to be flexible. The Editor’s Choice track addresses change with sessions focusing on extremely timely issues as seen through the eyes of SC Magazine’s Editor-in-Chief Illena Armstrong.
This track offers a deeper dive for the more technical of security and IT professionals at the conference. More emphasis will be given on technical aspects of threats and vulnerabilities, as well as relevant solutions.
Supply chain security
Data lifecycle management
PCI success: technology or culture challenge?
Global threat correlation and metrics
Public-private sector security partnership revisited New administration, new depart-
Technologies and strategies used to secure the U.S. Air Force A leading Air Force cyber-
Security strategies in down market economy
Forensics for court
IPv6: The next big bail-out
Monetization of a security risk plan
Securing the cloud today and tomorrow
SCADA attack vectors revealed
Supply chain security continues to be a major issue increasing risk for the enterprise. What are some best practices to mitigate this risk?
Reputational-based security and pre-zero-day threat awareness is a necessary tactic for all organizations.
What can CISOs do to effectively manage their security programs? How can security teams better leverage their resources?
Sometimes you need more then just a regular risk plan to convince your higher-ups of certain security mitigation needs.
T h e F i n a l Wo r d i n E n t e r p r i s e Computing and Networking
Organizations amass content related to their businesses. From categorizing your content to destroying it, you need a security plan.
ments, new leaders. How do we maximize the visibility cybersecurity is finally getting?
The jury and judge are not forensics experts. So how do you put important findings in their terms to assure the outcome you desire.
Cloud computing and the practice of using IT infrastructure as an on-demand service is transforming the internet and business itself.
What’s more difficult for many IT departments: Passing a test or raising awareness of PCI and getting the proper funding?
security pro discusses what technologies and techniques are used to protect USAF networks.
This talk addresses the critical technology issues, benchmarking Europe versus Asia and the United States in terms of policy.
Hear from a group of pros in the trenches helping protect our nation’s control systems in a variety of critical infrastructure categories.
agenda
Register now and save: go to www.scworldcongress.com
DAY2
Track 1 Policy/management Within organizations, security fits a business function. This track helps security pros prioritize, better understand and provide guidance around important topics, such as PCI, DRM, security awareness and privacy.
(For a full description for each session, visit www.scworldcongress.com. Schedule subject to change or revision.)
8:30 a.m. – 9:20 a.m.
Breakfast
9:20 a.m. – 10:00 a.m.
Exhibition floor open and Innovation theater sessions commence Web application security
While everyone focuses on the technology and budget items, many forget about the internal organizational buy-in issues.
10:00 a.m. – 10:50 a.m.
Keynote #3: Internet crime and the FTC
How internet-related crime is being addressed by governing bodies, such as the Federal Trade Commission – with recent examples.
10:55 a.m. – 11:55 a.m.
Keeping secure in a down economy
12:00 p.m. – 12:50 p.m. 9:20 a.m. – 4:00 p.m. Exhibition floor open
12:50 p.m. – 2:05 p.m.
Profit and budgets are down, and much staff have been let go. Hear some best practices in making it through with what you have.
Innovation theater sessions continue and exhibition floor break Building a trusted information supply chain
2:05 p.m. – 2:55 p.m.
The administration views cybersecurity as a priority, and the nation has a critical need to invest in technology and solutions.
Compliance versus security
3:00 p.m. – 3:50 p.m.
A good security plan and vigilant security team means a compliant computing environment. However the opposite is less then true.
3:50 p.m. – 4:00 p.m.
Coffee break
4:00 p.m. – 5:00 p.m.
Keynote #4: Securing the pipes
What our ISPs are doing to protect us.
Portals (continued) Professional Security Testers
Questions? Email congressinfo@haymarketmedia.com or phone 877-418-4861. Outside the U.S., dial +01.410.418.4861.
Track 2 Emerging threats/ risk planning
agenda
Track 3 Editor’s choice
Track 4 Technical
Emerging threats and risk planning go hand in hand, as you can’t map out your business risk without a firm understanding of the wide variety of threats faced by your organization.
Every security line of business needs to be flexible. The Editor’s Choice track addresses change with sessions focusing on extremely timely issues as seen through the eyes of SC Magazine’s Editor-in-Chief Illena Armstrong.
This track offers a deeper dive for the more technical of security and IT professionals at the conference. More emphasis will be given on technical aspects of threats and vulnerabilities, as well as relevant solutions.
Infrastructure control
Software assurance
Endpoint virtualization
Tales from the front
Critical infrastructure protection
Top 10 hacks
Dissecting PCI DSS
Future of health care information security
Latest threat trends and defenses
Inside the insider threat
Social media and your network
Beyond standardization
It’s vital to secure your heterogeneous networks with comprehensive NAC and enforce compliance on all your devices in real time.
Richard Stiennon offers his observations on U.S. cyber preparedness and contrasts it with the cyber defense agencies in Eastern Europe.
PCI DSS occupies a special place among the standards that security officers have to comply with nowadays.
The insider gone bad, or even the insider unknowingly doing wrong, is still a major concern amplified by the recession.
Members of the Software Assurance Forum discuss the relevance of software security assurance in reducing risk exposure.
The key issues threatening our nation’s critical infrastructure, the tactics used to thwart those threats, and how you can help the cause.
New administration, new focus on health care, and hopefully, new, more useful regulation – given the lack of success of HIPAA.
What are your employees doing with social networking on your networks and how can you deal with that.
This session will analyze the benefits, limitations and residual risks of the various presentation virtualization approaches.
The top 10 vulnerabilities, as well as some of the prevalent security issues emerging. Attendees will learn real-world solutions.
The most problematic, current cyber threats to enterprises, as well as advice and best practice strategies to defend against them.
By standardizing our IT response posture, we can decrease the time it takes to react, share information and provide mitigation.
Newsletters
Join us
Register today for early bird rates.
Click on scworldcongress.com
Two-day Conference Pass Before Sept. 18: $995 After Sept. 18: $1,495 One-day Conference Pass Before Sept. 18: $725 After Sept. 18: $1,099
What’s new?
Security Innovators Throwdown
Mock jury trial
We are debuting this competition to honor the brightest, recently launched information security companies. Competitors will get the chance to present their newly developed technologies or services before our expert judges. Judges will determine just which vendors have the best business plans and most robust tools that not only could garner interest from venture capitalists, but also possible investment from them.
With the help of leading IT security experts from the Department of Justice and others, the keynote session, “Your day in court: Turning legalize and security-ize into jury-ize,� will arm delegates with the facts they need to find success in front of a judge and jury. Understanding the legalities of how critical data is accessed and what to do when it is illegally breached is crucial these days.
Newsletters (continued)