 |
|
|
|
|
San Antonio Tech-Security
Conference
|
Overview
The San Antonio Tech-Security Conference features 25-30
vendor exhibits and several industry experts discussing
current tech-security issues such as email security,
VoIP, LAN security, wireless security, USB drives security
& more. There will be lots of give a ways and prizes
such as iPods, $25, $50 and $100 gift cards, as well
as cash prizes and lots more! This unique conference
format will provide educational speaker sessions as
well as tremendous networking opportunities. You'll
come away with advice and knowledge you can start applying
to your environment immediately. To register for this
conference, click on the link in the left column. Your
registration will include your breakfast, lunch, conference
materials and entrance into the conference sessions
and exhibit area. Scroll down to view the full conference
agenda.
For information on participating as a vendor: sales@dataconnectors.com
| Agenda: |
This Conference Qualifies
For
CPE Credits.
|
| 8:15am-8:45am |
Check-In
and Opening Introductions |
 |
Data
Connectors is proud to host the Tech-Security Strategies
Conference. |
| 8:45am-9:15am |
Session
One |
Patrick M. Hayes, QSA, SCF
Managing Director
|
Relevant Impact: Developing Business-Driven Security Program
Creating protection and compliance solutions capable of reacting to any real or perceived threat at any point in time is an impossible task, yet that is the challenge organizations are faced with everyday. How and where should organizations focus their efforts to minimize impact in a world of never ending risk?
Participants will learn about current and relevant topics impacting organizations and highlight the topics impacting the security landscape. The presenter will introduce to how to create an effective security program strategy using an impact-based approach that establishes business context in order to develop strategic security services justified to your specific mandates. Through the alignment and utilization of enterprise & security architecture frameworks, the presenter will demonstrate how you can develop an enterprise security strategy, articulating a complete set of business requirements for your organization.
Patrick Hayes is the Managing Director of Seccuris and a Certified Sherwood Applied Business Security Architect and PCI-DSS Qualified Security Assessor. Patrick is responsible for Seccuris’ US operations including all facets of business development, recruitment and delivery oversight for client engagements for a wide range of Information Security Services including Enterprise Security Architecture, Security Program Development, PCI-DSS, Managed and Cloud Security Services.
During his 20-year career Patrick has operated in several key senior information technology and business operations roles with AT&T Canada, IC Group, and IBM Canada. With program delivery responsibilities for multi-million dollar technology programs, Patrick has experienced success that has translated into awards for his clients and the companies he has worked with. |
| 9:15am-9:45am |
Break/Vendor
Booth Time |
| 9:45am-10:15am |
Session
Two |
|
Bill Thompson |
The Dynamic World of Threat Detection, Containment & Response
Regardless of size, network security is a top priority for all organizations. Networks are more vulnerable than ever due to the inherent risk of facilitating remote access in conjunction with the volume of traffic and the speed at which that traffic is flowing. As organizations migrate from 1Gb to 10Gb and beyond, network security tools struggle to keep up with these increasing connection speeds as the tools may not be designed to process the volume of packet traffic going through the protected link. Therefore, it is vital to implement security architectures and strategies that not only prevent security breaches, but can also dynamically react to potential threats and scale to meet future needs.
>>click here for the presentation |
| 10:15am-11:00am |
Session
Three |
|
Grant Asplund
Blue Coat Evangelist
|
Considerations to Protect and Speed Up Your Network
With the explosion of BYOD and the seemingly ubiquitous use of handheld devices, IT organizations are challenged to maintain security and control and mitigate the impact of the associated explosion of network traffic as a result of these devices. These devices introduce security, control and performance issues that must be addressed.
This presentation discusses:
- Growth/size of BYOD market and the network traffic they generate
- Growth of IP based network traffic and the flood of video
- BYOD challenges vs traditional laptop/desktop
- Threat landscape – mobile threat vectors – mobile malware delivery networks
- The need for Web and mobile Web application and operational controls
- The need for highly granular network visibility, optimization and control of network traffic
>>click here for the presentation |
| 11:00am-11:30pm |
Break/Vendor
Booth Time/Lunch |
| 11:30am-12:15pm |
Session
Four |
|
Terrence Davis
|
BYOD: Bring Your Own Device or Bring Your Own Danger?
Understanding the benefits and the risks
>>click here for the presentation |
| 12:15pm-12:30pm |
Break/Vendor
Booth Time |
| 12:30pm-1:15pm |
Session
Five |
|
Mark Rodriguez
System Engineer
Southwest Region |
Analyzing the DNA and Risks associated with Privileged Accounts.
Privileged accounts and passwords are extremely powerful, and have complete control of the target system with full access to all of the information on that system. This vulnerability could potentially cause tremendous financial losses and reputational damage for businesses.
For enterprises, privileged accounts are especially difficult to manage:
- The average enterprise has thousands of privileged identities, accounts, and passwords. Manually managing and updating these are a time-consuming, costly and repetitive process.
- Administrative and application accounts (hard-coded, embedded credentials) are found on virtually every piece of hardware, software, and application within an organization, including virtual environments.
- Administrative or application accounts are shared, which means that the system does not track WHO logged in as an Administrator, merely that a login occurred—a significant audit challenge.
- Unlike a personal identity, such as JDoe, administrative or application accounts are nearly impossible to disable due to high potential for disruption to business.
- Administrative and application accounts are subject to regulations such as Sarbanes Oxley, PCI, and Basel II, requiring that companies prove exactly who logs in to sensitive systems and, increasingly, what they are doing.
Do you know how many privileged identities are in your environment?
|
| 1:15pm-1:45pm |
Session
Six |
|
Mike Jackson
Solutions Engineer
|
Five Security Questions to Ask When Choosing a Cloud Provider
Increasingly, companies are moving components of their business operations to the cloud, including backup and disaster recovery. The reasons are compelling:
- Reduced IT expenses
- Greater efficiency
- Greater collaboration and mobility
But news headlines are a stark reminder that not all Clouds are created equal. When evaluating a Cloud service provider to manage your critical business data, it’s important to understand how your security goals and those of the Cloud provider are aligned.
Asking five critical questions today could save you considerable headaches tomorrow. Learn what these questions are and how they can help you ensure a secure cloud solution for your organization.
>>click here for the presentation |
| 1:45pm-2:30pm |
Session
Seven |
|
Chadd Milton
Principal Sales Engineer |
Fight back against Java exploits and Spear-Phishing
Your adversaries have figured out that the quickest way into your network is through your users and a new favorite exploit pathway is through Java. Java is proving itself to be an absolute security mess but you can't just uninstall it - the bad guys are using this to their advantage as is evidenced by the wave of recent 0days found in the wild. Using Java based exploits among a big bag of other tricks, our adversaries are hitting our users on a daily basis. Spear-phishing using malicious links or weaponized document attachments; watering-hole attacks using hijacked legitimate sites; poisoned search engine results and social networking worms; and scare ware tactics are all on the rise. Training your users is not an effective solution to this problem. Join us for an educational discussion and learn how you can turn the tide against user directed threats.
In this session, we will discuss:
Real-world case studies of Java exploits in the wild, spear-phishing and watering hole attacks.
The emergence of virtualized environments for the browser, PDF reader and complete document suite that can detect zero-days without signatures, thwart attacks in progress and feed pre-crime forensic information to the broader security infrastructure.
The differing motives of adversaries and how they are targeting your users and duping them into becoming the unwitting accomplices to breach.
>>click here for the presentation
|
| 2:30pm-2:45pm |
Break/Vendor Booth Time |
| 2:45pm-3:15pm |
Session
Eight |
|
Matt Hubbard
Sr. Regional Product Manager
|
Securing Your Physical, Virtual, Cloud Infrastructure
Protect confidential data, ensure compliance and prevent costly damage, without hindering productivity. Join Trend Micro and learn how to secure your data at rest or in motion; accessible on servers, desktops, laptops, tablets, smartphones and even removable media. Let Trend empower you to prevent unauthorized access and data breeches throughout your enterprise, regardless of whether your infrastructure is physical, virtual or in the cloud.
>>click here for presentation |
| 3:15pm-4:00pm |
Session
Nine |
Neal Hartsell
VP of Marketing |
Real-time Security Analytics: Visibility, Alerting or Forensic Digging - Which is it?
Global cybercrime is now a $388 billion business. It only takes minutes for hackers to breach your network and exfiltrate valuable assets. But, it takes weeks to months to figure out it even happened. Signature products are easily bypassed. Other point security products aren't able to piece together multistage attacks. Log management and forensics tools are rearview mirrors at best. The attack surface, hacker automation, and overwhelmed security personnel are creating the perfect opportunity for your company to make the wrong headlines. It’s time for a new approach.
Security Analytics is an emerging market focused on finding, contextualizing and automating action around the hard to find activity that leaves breadcrumbs of dangerous activity in the massive volume of data companies are collecting. Click Security is focused on Real-time Security Analytics - the real-time conversion of data into actionable intelligence that helps organizations address a broad range of security needs associated with BYOD, IP Theft, Consumerization of IT, APT's and more.
In this session we will address the following questions:
1. What is a security analytic anyway?
2. Who on my staff would actually use this product?
3. What problems does it actually solve?
4. Does it replace products like Log Management systems and SIEMs? |
| 4:00pm-4:45pm |
Session
Eight |
Jay Gregg |
Dynamic Security against Modern Threats in a Virtualized Environment
Securing the network has never been more challenging. First, threats are increasingly targeted, fast-moving and evasive. Second, the computing environment is constantly changing with initiatives like virtualization and BYOD. This presentation reviews these challenges and offers approaches to network security that keeps pace with both the dynamic computing and threat landscapes.
>>click here for the presentation |
| |
Prize Drawings For All In Attendance |
| 4:45pm-5:30pm |
Session
Nine |
 |
|
| |
Prize Drawings For All In Attendance |
| |
|
Event Sponsors/Exhibitors
|
