Education Sessions:
Session 1: Detecting the Stealthy Attacker: Who Can You trust?
Presented by: Matt Mosley, NetIQ
Matt Mosley comes to NetIQ with over 15 years of experience in engineering, consulting and management positions with highly successful technology companies. Prior to joining NetIQ, Matt led product management and marketing for Brabeion Software, a leader in IT Governance, Risk and Compliance. As the Senior Product Manager for Security Products at NetIQ, he is responsible for aligning the product roadmap with current and future end user security and compliance objectives. Mr. Mosley has consulted for over two dozen Fortune 100 companies and is a founding member of the ISP Security Consortium, an organization dedicated to improving security amongst Internet providers through the sharing of information and experience. Matt is a frequent speaker at security conferences and holds the CISSP, CISM, and CISA designations.
Despite increasing awareness and implementation of security controls, large organizations are still suffering significant and often public security breaches. How do you detect a potential breach that results from a mistake by an authorized administrator? Are you able to distinguish between a trusted insider and a hacker who has used malware to infiltrate your organization? In this presentation, we will discuss new techniques for protecting sensitive data and mitigating risk and how these approaches differ from traditional solutions.
Session 2: Emerging Trends in Cybersecurity and Risk Management
Presented by: Dr. Ron Ross, Senior Computer Scientist and Fellow, National Institute of Standards and Technology (NIST), and the Honorable Theresa Grafenstine, Inspector General of the U.S. House of Representatives
Dr. Ron Ross leads the Federal Information Security Management Act (FISMA) Implementation Project, which includes the development of key security standards and guidelines for the federal government, contractors and the U.S. critical infrastructure. Ross has authored numerous cybersecurity publications and is the principal architect of the NIST Risk Management Framework. He also leads the Joint Task Force Transformation Initiative Working Group, a partnership with NIST, the Department of Defense and the Intelligence Community, to develop a unified information security framework. He is a 3-time recipient of the Federal 100 award and has been inducted into the Information Systems Security Association Hall of Fame.
Theresa Grafenstine is the fourth person and first woman to be appointed as the Inspector General of the U.S. House of Representatives. She has been with the House OIG since 1998. During her time with the House OIG, Grafenstine led many ground-breaking audits, including the first-ever review of the House Complex fire and emergency response program, as well as numerous security and internal control assessments, including the deployment of Active Directory and the House payroll and financial management systems.
Join Dr. Ron Ross, Senior Computer Scientist and Fellow at the National Institute of Standards and Technology (NIST) and the Honorable Theresa Grafenstine, the Inspector General of the U.S. House of Representatives as they lead an informal discussion on the future direction of cybersecurity and risk management. Ms. Grafenstine will pose a series of probing questions to Dr. Ross on topics ranging from emerging threats in the realm of cybersecurity, the risks of cyberespionage—both in the corporate and government space, issues in cloud and mobile computing, insider threats, industrial control system security, the role of enterprise architecture in helping to secure organizations, and some of the cutting-edge standards and guidelines on the horizon that will help achieve increased levels of security and privacy in information systems.
Session 3: Understanding Cyberthreats in the ERM Ecosystem
Presented by: Ramses Gallego, CISM, CGEIT, ISACA Conference Task Force Member, Guidance and Practices Committee Menber, Topic Leader and White Paper Contributor
Ramses Gallego is security strategist and evangelist at Quest Software, where he also oversees the deployment of services. With a background in business administration and law, Gallego has more than 15 years of security experience with expertise in risk management and governance. Before joining Quest Software, he worked at CA Technologies for 8 years, was regional manager for SurfControl in Spain and Portugal, and most recently was chief strategy officer of the security and risk management practice at Entelgy.
The world we live in is changing. This is a world with no frontiers, no barriers, no secrets. We must expand our vision of the world to include cyberspace as another business landscape, a territory where we have an identity and we do business. Enterprises need to understand the risk that cyberthreats present and incorporate this perspective into their enterprise risk management ecosystem. A blended vision is needed, one that combines physical threats as well as those that come from afar. Join Ramses Gallego as he discusses how to understand the changing face of risk and how cyberthreats must be treated as a security concern.
Session 4: How Vulnerable Are You to Cyberattacks?
Presented by: Marc Vael, CISA, CISM, CGEIT, Chief Audit Executive, Smals
Marc Vael is a director of ISACA and chief audit executive at Smals, a large Belgian IT organization with more than 1,800 people working for the Belgian federal government. He has more than 15 years of experience in evaluating, designing, implementing and monitoring solutions on risk and information security management, incident and business continuity management, data protection/privacy, and IT audit.
An ISACA member for more than 15 years, he is vice president of the ISACA Belgium Chapter, chair of ISACA’s Cloud Computing Task Force, chair of the Knowledge Board, member of the Strategic Advisory Council and past chair of the ISACA Communities Committee.
In the current global media, cyberthreats are increasingly identified as not just linked to IT nerds hacking into IT infrastructures, but now to other attackers threatening IT and physical infrastructures. During this presentation, hear 6 valuable lessons -- illustrated with real examples -- learned from cyberattacks. Then learn about 11 practical mitigation strategy solutions. Finally, see how the COBIT framework is used to help you with control objectives for proactively countering these cyberattacks.
Further Insight: Participants may submit questions during the live Q&A sessions that follow each presentation.
Agenda
Live Show:
Date: 22 March 2012
Title: Enterprise Risk Management: Provide Security from Cyberthreats
Show hours: 9:00–16:00 CDT (UTC-5)
Virtual Seminar Agenda
| 9:00 |
Doors open |
| 9:15–10:15 |
Session 1 and Live Q&A |
|
|
| 10:15–10:30 |
Booth Activity |
| 10:30–11:30 |
Session 2 and Live Q&A |
|
|
| 11:30–11:45 |
Booth Activity |
| 11:45–12:30 |
Networking Lounge |
| 12:30–13:00 |
Spotlight Session 1 |
| 13:00–14:00 |
Session 3 and Live Q&A |
|
|
| 14:00–14:15 |
Booth Activity |
| 14:15–15:15 |
Session 4 and Live Q&A |
|
|
| 15:15–15:45 |
Spotlight Session 2 |
| 15:45–16:00 |
Booth Activity & Prize Giveaway |
| 16:00 |
Doors Close |
Spotlight Session 1: Building a Culture of Security
Presented by: Jo Stewart-Rattray
Jo Stewart-Rattray is director of information security at RSM Bird Cameron.
Stewart-Rattray is past president of the ISACA Adelaide Chapter, and is the chair of ISACA's Leadership Development Committee, and is a member of the COBIT Security Taskforce. She has been a member of ISACA's Board of Directors and the Security Management Committee.
Stewart-Rattray has 24 years experience in the IT field; some which were spent as CIO in the utilities space, and 15 in the information security arena. She specializes in consulting in information security issues, with a particular emphasis on governance in both the commercial and operational areas of businesses. She provides strategic advice to organizations across a number of industry sectors, including banking and finance, utilities, automotive manufacturing, tertiary education, retail and government.
This spotlight session is based on the work undertaken by the ISACA Security Culture Taskforce in creating the publication Creating a Culture of Security. Join Jo Stewart-Rattray, Security Culture Taskforce chair, as she defines and identifies culture and provides suggestions and benefits for building a security culture.
Spotlight Session 2: COBIT Process Assessment Model
Presented by: Greet Volders
Greet Volders is a managing consultant with her consultancy, Voquals N.V. Volders is experienced in quality management for the IT department, IT governance using COBIT and the development and optimization of business processes.
Since 2002, Volders has been an active member in development teams for COBIT and was part of the team who created COBIT QuickStart. Volders is an accredited trainer for the COBIT Foundation Course and the IT Governance Implementation training, using COBIT. Volders has experience in the internal processes of conforming to SOX and CMMI.
The PAM combines COBIT 4.1 with ISO/IEC 15504-2, and provides the basis for a robust, dependable assessment approach. Join Greet Volders as she explains how the COBIT Assessment Programme is designed to provide consistency and reliability so business and IT leaders can have confidence in the assessment process and the quality of the results as they maximize the business value of their IT investments.
FAQs
FAQs and Tips for an Enriching, Educational Virtual Experience
How to Earn CPE (156K)
Describe the virtual conference experience.
You (and several hundred of your peers) will enter a vibrant interface to experience expert informational sessions, peer interaction and the sharing of technology solution insights. Attend sessions with security and compliance experts, visit vendor booths for product information and speak with representatives to answer your questions, download background information on enterprise risk management best practices, and interact with your peers.
How will I be reminded of the seminar?
We don't want you to miss this live interactive broadcast. We will send you email reminders with a link to the environment the day before and the morning of the event, and an Outlook calendar invitation to block out the time on your schedule.
What will I get from this virtual seminar?
Walk away with proven techniques from top experts on managing enterprise risk for improved results. This is a great venue to network with hundreds of peers and leading information systems experts, as well as ISACA staff.
PC Requirements
Click Here to Run System Check
For Technical Support, please email support@inxpo.com
To attend this event you will need a Windows PC with Internet Explorer 6.0 (minimum), or Firefox 3.0 to 3.0.17 and 3.6. Mac users will need Firefox 3.0 to 3.0.17 and 3.6 or Safari 3.1 or higher. We support Windows XP, Windows Vista and Windows 7 on PCs;. Leopard, Tiger, and Snow Leopard on Macs. Linux Fedora Core 10 is also supported. Macromedia Flash Player 10 or higher is required. Access to the internet using high-speed access (Cable, DSL, Network) is highly recommended for the overall environment and required for all presentations. Pop-up blockers must be disabled; cookies and JavaScript must be enabled. On entering the seminar, a system check is run to identify computer requirements essential to interact with the virtual conference. It is recommended to view the environment with the display resolution of 1024 x 768.