Education Sessions | Agenda | Why Attend | FAQs | The Virtual Conference Environment
Earn up to 5 free CPE without the cost of travel!
How to Earn CPE (489K)
Cyberthreats are emerging more rapidly than ever in today’s expanding threat landscape. Organizations are faced with constantly staying abreast of a wide variety of cyberthreats in order to avoid falling prey to cybercriminals’ attacks.
Join ISACA, SearchCompliance and SearchSecurity in our upcoming virtual conference for this look at the state of cybersecurity. Hear expert opinions on the current landscape, best practices on what do to about threats against your business, and how to be proactive in the face of creative and evolving adversaries.
Join us on 24 April from 7:45AM to 4:30PM EDT (UTC–6) to:
- Connect with thousands of your peers from across the globe
- Earn 5 FREE CPE hours without the cost of travel
- Ask questions directly to industry experts and speakers
- Enhance your professional knowledge
Session 1: Emerging Threat Update
Presented by: Kevin Beaver, independent information security consultant
With more than 23 years of experience in IT, Kevin Beaver has served in various information technology and security roles for healthcare, e-commerce, financial firms, educational institutions and consulting organizations. He is a top-rated information security speaker at conferences produced by TechTarget, Gartner, RSA, CSI, SecureWorld Expo and The IIA. Additionally, Beaver has authored or co-authored 10 information security books including Hacking For Dummies — one of the all-time best-selling information security books.
Sophisticated crime on the Internet is more convenient for cybercriminals than ever and enterprises are forced to deal with an ever evolving threat landscape. Furthermore, changes in the underlying infrastructure used by enterprise IT, the shift to the cloud, the rolling wave of mobile adoption, all of this means that new attack vectors open up every day. This presentation sorts the new attacks that are merely flashy from those that represent genuinely new areas of broad concern, and areas where new best practices for defense need to be developed as rapidly as possible. This session will be updated up till the moment it’s presented, but at a minimum, attendees can expect to learn the latest on:
- Malware automation toolkits
- Application attacks
- Real-world, in-the-wild attacks on mobile devices
- Commonly-overlooked vulnerabilities that must be addressed.
Session 2: Cyberespionage: How the US Government is Addressing Top Challenges
Presented by: Theresa M. Grafenstine, CISA, CGEIT, CRISC, Inspector General U.S. House of Representatives, and
Dr. Ron Ross, senior computer scientist and information security researcher, National Institute of Standards and Technology (NIST)
Theresa Grafenstine is the fourth person and first woman to be appointed as the Inspector General of the U.S. House of Representatives. She has been with the House OIG since 1998. During her time with the House OIG, Grafenstine led many ground-breaking audits, including the first-ever review of the House Complex fire and emergency response program, as well as numerous security and internal control assessments, including the deployment of Active Directory and the House payroll and financial management systems.
Dr. Ron Ross leads the Federal Information Security Management Act (FISMA) Implementation Project, which includes the development of key security standards and guidelines for the federal government, contractors and the U.S. critical infrastructure. Ross has authored numerous cybersecurity publications and is the principal architect of the NIST Risk Management Framework. He also leads the Joint Task Force Transformation Initiative Working Group, a partnership with NIST, the Department of Defense and the Intelligence Community, to develop a unified information security framework. He is a 3-time recipient of the Federal 100 award and has been inducted into the Information Systems Security Association Hall of Fame.
In a world where cyberespionage and cyberattacks are a reality, governments, organizations, and individuals must
remain vigilant to protect themselves, their systems, and their data from an ever-evolving threat landscape. The
National Institute of Standards and Technology (NIST) Special Publication 800 series provides security guidelines to
protect US federal systems and organizations from these threats. In this session, Dr. Ron Ross and the Honorable
Theresa Grafenstine will discuss the recent changes to NIST 800-53 (revision 4). These changes were designed to
increase the security posture of the US government by addressing evolving cyberchallenges including:
- Insider threat
- Mobile and cloud computing
- Application security
- Firmware integrity
- Supply chain risk
- Advanced Persistent Threat (APT)
Attendees will learn more about these growing threats, what risks they present, and how to implement an effective system of security controls to protect themselves, their organizations, and their nations.
Session 3: Enabling Business through Mobile Security
Presented by: Jack Gold, founder and principal analyst at J. Gold Associates LLC.
Jack E. Gold is Founder and Principal Analyst at J. Gold Associates. Gold has more than 35 years in the computer and electronics industries, including work in imaging, multimedia, technical computing, consumer electronics, software development and manufacturing systems. He is a leading authority on mobile, wireless and pervasive computing, advising clients on business analysis, strategic planning, architecture, product evaluation/selection and enterprise application strategies. Before founding J. Gold Associates, he spent 12 years with META Group as a vice president in Technology Research Services.
The mass proliferation of mobile devices around the world in recent years has brought about new channels for delivering services and information to people anywhere anytime. Many organizations including merchants and financial institutions have made significant investment in developing and offering mobile applications, mobile web applications, SMS/USSD applications to provide consumers with better access and experience when accessing their services. These new channels bring about new challenges to organizations. This session seeks to explore the risks and security considerations that mobile technology brings about. Session learning objectives include:
- Appreciate different mobile application offerings
- Recognize the business benefits of secure mobile applications
- Understand risk exposures surrounding mobile applications
- Define security measures to mitigate risk exposures
Session 4: Cloud, Cyberthreats and Defense Strategies
Presented by: Chenxi Wang, former vice president, principal analyst serving security & risk professionals, Forrester Research Inc.
Chenxi Wang is a leading expert on mobile security, endpoint security, application security, and cloud security. She leads the effort at Forrester to build the research portfolio that addresses how enterprise mobility, consumerization, and emerging threats affect security strategy, policy, architecture, application development, and operations. Wang's research builds on her in-depth technical insights and her years of research experience. She has also written extensively about global data privacy laws and the China technology market and closely follows the technology adoption trends in that market.
Cloud computing has effectively multiplied the potential for cybercriminals to exploit weaknesses. According to Wenke Lee, director of the Georgia Tech Information Security Center, "In 2013, we expect the continued movement of business and consumer data ... into the cloud will lure cybercriminals into attacking these relatively secure, but extremely tempting, technology platforms." But this does not mean that cloud computing should be avoided. Rather, with the right security strategy, the cloud can add value to your company. In this session, attendees can expect to learn:
- The latest cyberthreats against the cloud
- Defense and mitigation strategies for the cloud
- How to use the cloud to augment your security profile
Further Insight: Participants may submit questions during the live Q&A sessions that follow each presentation.
Date: 24 April 2013
Title: The State of Cybersecurity
Show hours: 7:45–16:30 EDT (UTC-6)
Virtual Seminar Agenda
||Doors open: Prepare for networking by setting up your personal profile and avatar for the day!|
||Session 1: Emerging Threat Update|
||Exhibit Hall and Networking Lounge Open, Live Chats|
||Technology Spotlight Session: Step up to the IT Security Challenge|
||Exhibit Hall Open|
||Session 2: Cyber Espionage: How the US Government is Addressing Top Challenges|
||Exhibit Hall Open, Live Chats|
||Technology Spotlight Session: What Businesses Need to Know about Cyber Security: An Expert Panel Discussion|
||Exhibit Hall Open|
||Session 3: Enabling Business through Mobile Security|
||Exhibit Hall Open, Live Chats|
||Technology Spotlight Session: BlackBerry 10 Security--What IT Needs to Know|
||Exhibit Hall Open|
||Session 4: Cloud, Cyber Threats and Defense Strategies|
||Exhibit Hall Open|
Gain exposure to new thoughts and ideas to discover, implement and deliver results. The Virtual Conference provides a convenient and open forum where you can:
- Participate in educational sessions presented by knowledgeable speakers and industry experts
- Earn up to 5 CPE hours with no travel cost
- Connect with peers around the world
- Explore the exhibit hall in between sessions, and interact with sponsors, speakers, experts and peers
A resource center, complete with additional information and materials such as white papers, ISACA Journal articles and speaker materials, will also be available.
FAQs and Tips for an Enriching, Educational Virtual Experience
How to Earn CPE (489K)
Describe the virtual conference experience.
You (and several hundred of your peers) will enter a vibrant interface to experience expert informational sessions, peer interaction and the sharing of technology solution insights. Attend sessions with security and compliance experts, visit vendor booths for product information and speak with representatives to answer your questions, download background information on enterprise risk management best practices, and interact with your peers.
How will I be reminded of the seminar?
We don't want you to miss this live interactive broadcast. We will send you email reminders with a link to the environment the day before and the morning of the event, and an Outlook calendar invitation to block out the time on your schedule.
What will I get from this virtual seminar?
Walk away with proven techniques from top experts on managing enterprise risk for improved results. This is a great venue to network with hundreds of peers and leading information systems experts, as well as ISACA staff.
Click Here to Run System Check
For Technical Support, please email [email protected]
The Virtual Conference Environment
- Exhibit Hall—Stop by vendor booths to learn more about products and services important to you and your organization.
- Resource Center—Browse content by subject in this digital library. Select content for immediate viewing or save it for future reference.
- Conference Hall—Make yourself comfortable in a virtual auditorium where speakers and presentations take place.
- Networking Lounge—Connect with attendees from across the globe. Start a discussion, meet new people or capture the latest information from your peers in this live, dynamic environment.