Date: August 14, 1130-1PM Topic: Moving the Cheese: Next Generation Migratory Resource Protection Roland Cloutier, ADP’s Chief Security Officer, will share his ideas on the latest advances in security threat mitigation and the security intelligence landscape. Among the topics he will address are the cyber kill chain concept, threat visualization, holistic security intelligence, and the use of […]
Date: July 10, 1130-1PM Topic: APT1: Then and Now Mandiant is the industry leader in detecting and investigating advanced cyber attackers. The company tracks multiple threat actors and recently released a report on one such group it refers to as “APT1.” The report links APT1 to the 2nd Bureau of the People’s Liberation army (PLA) General staff […]
Date: June 12, 1130-1PM Topic: Who is watching the code? Source Code Repo Anti-Tampering Roughly one-third of US intellectual property value is the form of software, a third is in patents and other copyrighted materials, and the balance is in trade secrets. (Source: http://www.ipnav.com). Every company depends on proprietary software for competitive advantage, to improve customer service, to […]
Date: May 15, 2013 1130-1PM Topic: Data Loss Prevention for the Security Practitioner DLP technologies are becoming more mature and capable. However, like any security technology, a technology-first or –only approach is doomed. In this presentation, we will examine a systemic approach to establishing a successful DLP program. We will also examine several best practices that help […]
Date: April 10, 2013 1130-1PM Topic: Employees at companies all over the world have embraced the new breed of mobile devices and mobile applications that give them more personal productivity. Businesses have realized this trend and are actively moving to enable greater business productivity on the very devices their employees are bringing into the workplace. These […]
Security Architecture Security in today’s corporate world, both commercial and Federal, has never been more complex. We find ourselves confronted with a more advanced set of adversaries, more complex enterprise architectures blurring the outside edges of security domains while making use of mobile, cloud, and BYOD architectures, and even more demands on compliance audit reporting. […]
“Thanks for Recovering….Now I can Hack You!” Why do disaster recovery (DR) exercises fail? Is it a lack of planning or a lack of testing? Both of these would cause an exercise to fail, but is this really a failure? If a DR team member learns something from the exercise, or if the documentation is […]
The Human Aspect of Targeted/Apt Attacks Looking at the human aspect of offensive cyber operations is one of the most interesting parts of a malware analyst’s day. Malware that was generated by an algorithm, such as a polymorphic PDF, is a little boring because you know you aren’t fighting against a human on the other […]
See What You Have Been Missing: One organization’s experience on the implementation of SIEM In medium to large organizations with complex IT architectures, it is often difficult to gain full visibility into the organizational IT environment. Security Information Event Management (SIEM) systems are known as tools that can help organizations to gain the much needed […]
Abstract Ask not what Identity can do for the Cloud, Ask what the Cloud can do for Identity. It is now well established that identity is core to the success and security of cloud computing. But how can the power of the cloud transform the way we consume, manage and even think about identity? Thanks […]