 |
|
|
|
|
Orange County Tech-Security
Conference
|
Overview
The Orange County Tech-Security Conference features 25-30
vendor exhibits and several industry experts discussing
current tech-security issues such as email security,
VoIP, LAN security, wireless security, USB drives security
& more. There will be lots of give a ways and prizes
such as iPods, $25, $50 and $100 gift cards, as well
as cash prizes and lots more! This unique conference
format will provide educational speaker sessions as
well as tremendous networking opportunities. You'll
come away with advice and knowledge you can start applying
to your environment immediately. To register for this
conference, click on the link in the left column. Your
registration will include your breakfast, lunch, conference
materials and entrance into the conference sessions
and exhibit area. Scroll down to view the full conference
agenda.
For information on participating as a vendor: sales@dataconnectors.com
| Agenda: |
|
| 8:00am-8:30am |
Check-In
and Opening Introductions |
 |
Data
Connectors is proud to host the Tech-Security Strategies
Conference. |
| 8:30am-9:15am |
Session
One |
|
Peter Bybee, CISSP, CISA
|
2010 Security Threats & Solutions: What recent forensics investigations are identifying as the most common vulnerabilities and what to do about them.
This presentation will offer a summary of incident response investigations that were conducted by Security On-Demand along with data from several other large organizations that conducted forensic investigations into confirmed or suspected security breaches.
We will analyze and provide commentary on the most common attack vectors, how data was compromised, and what kinds of countermeasures should be applied, including technology, people, and process approaches.
As part of the discussion we will highlight the following areas:
Summarization of 2009 Incident response investigations
- Identification of the Top 10 most common attack vectors that led to data and system compromises
- Analysis of Results from Penetration Tests that were conducted over the last year
- Suggested Remediation solutions based on findings where we recommend the actionable priorities for securing data, systems, and facilities
- Anatomy of a Data Breach
- Top 3 Defined Attack Methods
- Understanding the role of 3 rd party security firms to support compliance monitoring needs
- Delegating security monitoring responsibilities to managed security providers
- Determining budget for security countermeasures, processes, and staffing
- Utilizing Cloud based approaches to lower the cost of compliance, security management, and lower IT overhead expenditure.
|
| 9:15am-9:30am |
Break/Vendor
Booth Time |
| 9:30am-10:15am |
Session
Two |
|
Coy Thorp, Security Sales Engineer
|
WatchGuard Live Hack Demonstration: Drive-by Download
Come join WatchGuard in this informative presentation to view a real-world hacking demonstration, something that happens to users every day without their knowledge. WatchGuard will show you the anatomy and power of the “drive-by download”, and teach you how it is leveraged to cause much more damage than just infecting machines with a Trojan or virus. |
| 10:15am-11:00am |
Session
Three |
|
Dave Butcher |
Understanding Managed File Transfer - Insights & Best Practices
As IT departments continually adopt new technologies to improve the performance of their systems, productivity of their end users and relationships with trading partners, they are faced with numerous challenges. One such challenge companies face today is securing and automating large file transfers. Traditional file transfer systems and mediums no longer meet the needs of most organizations or their trading partners, especially when data exposure is a concern. Many organizations have developed in-house solutions that are difficult to manage, lack the ability to track and audit file transfers, and expose the organization to security breaches. A Managed File Transfer (MFT) solution should be secure, easy to manage, and have the flexibility to integrate with existing technologies.
In this presentation, you will:
- Gain a better understanding of the business challenges and drivers of file transfers.
- Identify the security concerns around traditional file transfer systems and mediums.
- Learn best practices to develop security architectures for file transfers.
- Understand how a MFT solution can meet the needs of your stakeholders
|
| 11:00am-11:30pm |
Break/Vendor
Booth Time |
| 11:30am-12:15pm |
Session
Four (includes lunch) |
Andrew Plato, CISSP, CISM, QSA
President / Principal Consultant |
PCI Compliance - Live Long and Prosper
PCI compliance is one of the most important security issues facing business today. However, misinformation and outright lies can lead your compliance efforts astray. This presentation provides the guidance on the reality of PCI complance and how to leverage this effort to improve overall information security. Among the topics covered in this presentation:
Topics Include:
- Dispelling some common PCI compliance myths
- Understanding the PCI "levels"
- The building blocks of compliance
>>click here for the presentation |
| 12:15pm-12:30pm |
Break/Vendor
Booth Time |
| 12:30pm-1:15pm |
Session
Five |
|
Ken Pappas, CEO of True North Security Inc.
|
Knowing More About Threats, Risks and Regulations
How valuable would it be if you had and understanding of the cyber threats, risks to your business and security regulations? Come learn how hackers are gaining entry into your networks and what countermeasures you can take today to prevent it. We will provide an update on the threat landscape and commentary on what is causing the rise in cyber crimes, highlighting examples of clever ploys using social media sites as a means to lure your employees into “accepting” malware, spyware and viruses. What you will find most interesting is our predictions on tomorrow’s threats and what actions you can take today to possibly protect your network and data from a breach.
Key takeaways include:
- Where Cyber Crime is growing
- What’s driving the rise in cyber crime
- Why yesterday’s technology failing
- The top security change drivers of 2010 and what actions you must take now to stay ahead of the curve
- How to create an effective defense-in-depth strategy and understand the latest threats and their implications
- Newer Web 2.0 threats
- And so much more
Ken Pappas is the CEO of True North Security Inc. and is a recognized expert on network and data security for personal and business threat protection. As a sought-after Security Evangelist and public speaker, Ken has appeared on NBC TV and Radio stations speaking on Cyber terrorism and has been featured in Fortune, the Wall Street Journal, Tech News World, S.C. Magazine, and many others around the world.
>>click here for the presentation |
| 1:15pm-1:45pm |
Session
Six |
|
Jim Shaeffer, CEO |
10 Simple Rules for Implementing an Encryption Strategy
Organizations are becoming more and more proactive about data security, with data encryption viewed as a core element to their defensive measures.
Encryption of data is being adopted at a rapid rate to comply with industry regulations, protect intellectual property, obtain safe harbor from data breachdisclosure laws, and effectively manage risk. As encryption proliferates, IT professionals are making critical decisions that directly contribute to, or detract from, an organization's ability to effectively manage encryption keys and data security.
Data is an organization's most valuable asset and it must be protected.
Designing and implementing an encryption strategy is not complicated if you understand the needs of your organization and establish the right decision-making criteria for encryption solutions. Simplicity, breadth, manageability and efficiency are the primary requirements security-minded organizations must build into their encryption strategy. A solution that has the least complexity will make the jobs of IT professionals easier, be more cost-effective and time-efficient, while at the same time protecting data and meeting compliance standards.
>>click here for the presentation |
| 1:45pm-2:00pm |
Break/Vendor
Booth Time |
| 2:00pm-2:45pm |
Session
Seven |
|
Berenice Jacobs, CISSP |
Securing Administrative Passwords
Identity Management Tools, such as Single Sign-On and Directories are examples of important building blocks in any organization's Identity Management infrastructure. However, these tools are only geared towards individual users. An additional solution for privileged users should be deployed to complement the Identity Management Infrastructure.
Cyber-Ark’s Suite of products can manage Identity Management for Privileged Accounts by providing:
- Frequent and automatic password changes of shared privileged accounts
- Strong auditing of privileged passwords usage to ensure accountability
- Secured long term storage and automatic failover to eliminate risks of loss and to ensure availability during disaster recovery
- Removing clear text passwords embedded in scripts, and automatically changing them according to corporate policy
|
| 2:45pm-3:30pm |
Session
Eight |
|
John Dasher, Senior Director, Data Protection
|
Data Protection – Don’t Be The Next Data Loss Story
Many business owners are asking themselves, is my data safe? For most the answer is no. Join MacAfee and eSecurityToGo as we discuss the biggest threats to data protection, why data protection is important and how McAfee’s DLP compares to others.
>>click here for the eSecurity presentation
>>click here for the McAfee presentation
|
| 3:30pm-3:45pm |
Break / Vendor Booth Time |
| 3:45pm-4:30pm |
Session Nine |
Jim Doherty, Chief Marketing Officer
|
Virtual Privacy vs. Actual Security: What You Need to Know |
| 4:30pm-5:15pm |
Session Ten |
Werner Schmidt, Altaware, Inc.
Pat Brogan, Palo Alto Networks |
Why Firewalls and IPS's are Dead
>>click here for the presentation |
| 5:15pm-5:30pm |
Prize Drawings For All In Attendance |
Event Sponsors/Exhibitors
|
