Hawaii’s 19th Annual Discover Security Conference 2012
22
Halekoa Hotel October 10-11, 2012 Attendee Packet Hawaii’s 19th Annual Discover Security Conference 2012 Reboot Required? Paving the way for Security-Centric Architectures
Transcript of Hawaii’s 19th Annual Discover Security Conference 2012
Halekoa Hotel
October 10-11, 2012
Attendee Packet
Hawaii’s 19th Annual
Discover Security Conference 2012
Reboot Required?
Paving the way for Security-Centric Architectures
Remember the days when a simple reboot used to be the solution to any computer problem? The first question asked in response to practically every computer glitch was “Did you restart or reboot the system to see if that fixed your problem?” So, the current question is “Do we need a security and IT reboot to handle all the upheaval change occurring now?” For some of us, those rebooting days ended. Just as computers needed constant patching, so did our network. Hypothetically, our network started out with just a directory server, a file and print server, and a simple application. Then we needed a backup media server to recover from those pesky anomalies called power outages or natural disasters or user errors. Later still, viruses and malware required us to protect ourselves with firewalls, desktop management, patch management, intrusion prevention systems. And the patching continued. To protect ourselves from stealing from ourselves and yet create more mobile access, we added data leakage prevention, data encryption, authentication, and then multi-factor authentication systems. Mobile device access reinforced our need for mobile device management solutions; some integrate, and some don’t integrate with the desktop management solution. Eventually, we learned that we needed protection from criminal elements seeking to gain access to the biggest amount of data in our companies – the databases. And the patching continued. Then on top of that, we needed to prove how secure our networks are to our prospective regulated industries – banking and securities exchange listed companies first, then healthcare, government, and anyone that accepts credit cards. So we needed log servers with log repositories, to document every transaction, legitimate, accidental, or otherwise, for every firewall, authentication mechanism, application, database, IP address, and MAC address we could find. And then we needed business intelligence to decipher and search through those logs to tell us what violations to look for and how to easily correct them. And then, somewhere along the way, virtualization became the way of the future. People want to expose some parts of this complicated network into the cloud in the hopes of simplifying bits and pieces of the network or taking costs out of managing and operating the network? To some, this scenario is old news and oversimplified, but many of us are going through this evolution of our networks. This conference is dedicated to all of you, tasked with running the entire network, and organically integrating new technologies, replacing old ones, augmenting others, and negotiating the overlaps in capabilities as you go along. Whether your enterprise requires a traditional data center, a virtual infrastructure for private cloud, a public cloud architecture or somewhere in between, you still need to worry about security, disaster recovery, compliance, performance, and availability. And, of course, all of this needs to be done with a limited budget. So let’s take a step back to learn from each other. Let’s find out the best way to re-engineer our networks. And after all the patches and new ideas we’ve accumulated from this conference, it will be time to ….. REBOOT! OR NOT, THAT IS THE QUESTION.
When: October 10 & 11, 2012 (Registration begins at 7:15 am)
Where: Hale Koa Hotel – Honolulu, Hawaii
TIG
REGISTRATION FEE:
ISSA MEMBER: $35.00 NON-ISSA MEMBER: $70.00
ISSA Discover Security Conference 2012
Schedule (Day 1)
Wednesday 10-Oct-12
Time Vendor Speaker Topic
0700 -0800 (Breakfast and Registration)
0815 - 0830 ISSA Jock Purnell/ Roland Yee
(Welcome and Announcements)
0830 - 0910 McAfee Cassandra Johnson Measuring and Managing Risk
0915 - 0955 IBM Michael Montecillo Threat Management in an Ever-Changing Environment
0955 - 1025 (Break and Exhibitions)
1025 - 1105 SecureDNA James Ochmann/ Dwayne Yuen
Surfing with Sharks, Why the Internet is Such an Unsafe Place
1110 - 1150 Cisco Mathew Valites Implementing a Security Incident Response Framework
1150 - 1200 ISSA Roland Yee (Announcements and Lunch and Acknowledgement of Sponsors)
1200 - 1300 HP Enterprise Security
Jerry Fraizer (Lunch Time) How to Create an "Off The Shelf" Trojan -- and How to Mitigate
1300 - 1315 (Break and Exhibitions)
1315 - 1355 TIG Paul Cacho Security and Wireless design considerations for BYOD
1400 - 1440 Infoblox Timothy J. Connelly Network Security: More Than Just Firewalls
1440 - 1500 (Break and Exhibitions)
1500 - 1540 Checkpoint Mark Bennett Digital Forensics vs. Digital Anarchy
1545 - 1625 Websense Joe Gow Protecting your information asset - critical success factors for data loss prevention
1630 - 1710 Fortinet / Hawaiian Telcom
Bryan Wood/ Michael Miranda, Sr.
Practical Security in a BYOD World
1710 - 1745 (Exhibitions)
ISSA Discover Security Conference 2012 Schedule (Day 2)
THURSDAY 11-Oct-12
Time Vendor Speaker Topic
0700 -0800 (Breakfast and Registration)
0815 - 0830 ISSA Jock Purnell/ Roland Yee
Day 1 Wrap Up and Acknowledgement of Sponsors (Acknowledgement of non-Speaking Sponsors)
0830 - 0910 FireEye Jason Gael Next Generation Threats: Advanced, Targeted… Successful. How to Stop Them.
0915 - 0955 Direct Defense Jim Broome Security That Works While on a Budget
0955 - 1025 (Break and Exhibitions)
1025 - 1105 Sonicwall Michael Favinsky The Threat of Social Media
1110 - 1150 CoreSecurity Dan Vrebalovich Prevention Through Predictive Security Intelligence
1150 - 1200 ISSA Roland Yee (Announcements and Lunch)
1200 – 1300 Secure Technologies
HI
Duane Takamine (Lunch Time) Secure Cloud Computing Roadmap for 2013
1300 - 1315 (Break and Exhibitions)
1315 - 1355 Palo Alto Networks
Santiago Polo Breaking the Lifecycle of Modern Threats
1400 - 1440 nCircle Tim Keanini Advanced Persistent Threats
1440 - 1500 (Break and Exhibitions and Last Drawings before Reception)
1500 - 1540 F5 Joe O'Donnell Identity Management, SSO, and BYOD. Do They Relate?
1545 - 1625 Coalfire Jim Cowing Control and Secure the Cloud with Confidence and PCI Compliance Update
1630 - 1710 Referentia Tony Giandomenico/ Mark L
Threats to Information Assets
1710 - 1715 (Closing Remarks and Appreciation)
1715 - 1745 (breakdown of booths and cleaning)
1730 - 2000 RECEPTION RECEPTION at Waikiki Ballroom
ISSA Discover Security Conference 2012
Participants
- CheckPoint
- Cisco
- Coalfire
- Comspec
- Core Security
- Direct Defense
- F5
- FireEye
- Hawaiian Telcom/Fortinet
- Hewlett Packard Enterprise Security Products Group
- IBM
- InfoBlox
- McAfee
- nCircle
- NetScout
- Palo Alto Networks
- Referentia Systems
- Secure-DNA Managed Services
- Secure Technology Hawaii
- Sonicwall
- Technology Integration Group
- WebSense
ISSA Discover Security Conference 2012 Speakers
LISTED IN ALPHABETICAL ORDER BY VENDOR NAME
CheckPoint Topic: Digital Forensics VS Digital Anarchy Speaker: Mark Bennett, Security Engineer, CheckPoint Bio: Mark Bennett has been in the security field now for twelve years and has worked with Many different types of technologies. He has seen the changes in threats over the years and has worked diligently at learning how to mitigate, as well as protect against them. Mark started off as a System Administrator for a company, administrating a UNIX network. He moved eventually to full service VAR where he would go to different customer sites installing, configuring and troubleshooting customer related issues. He has a broad view of the industry due to this experience and has applied his knowledge in different environments and industries, from automotive, to law enforcement. He helped to design and build a redundant data center solution across two different states providing the security architecture for it for a Health Care Organization. Mark’s drive for knowledge took him in the direction of Intrusion Detection/Prevention, and later to his GCIH in Incident Handling, and GCFA in Forensics. He was so amazed and humbled by the things being taught by the instructor that he wanted very much to teach others what he had just learned. He attended the SANS at night program to learn how to become a SANS Instructor, and knew at that time, that was the direction he wanted to go. Mark is also a Black Belt instructor and believes, “you may be an instructor, but you are always a student. This humbling attitude approach to being an instructor keeps your skills sharp. Helping others to learn helps you to learn.
Synopsis: Mark will present a live demonstration of hacking a device, forensic evidence gathering, timeline analysis, and memory analysis.
Cisco Topic: Implementing a Security Incident Response Framework Speaker: Matthew Valites – Information Security Investigator
Bio: Based out of Silicon Valley, Matt has been an Investigator for Cisco's Computer Security Incident Response Team (CSIRT) for over 5 years. Originally a systems and mail administrator, he joined Cisco via the WebEx acquisition. He brings with him expertise in Incident Response and security monitoring in a SaaS and Cloud environment. Synopsis: Over 10 years, security threats have grown from network annoyances to attacks on sensitive infrastructure. Evidence indicates that security threats are growing more sophisticated and aimed at embedding malware in infrastructure. This session will share Cisco CSIRT's evolving architecture for addressing sophisticated, embedded threats, and how that infrastructure is used for investigations
Coalfire Topic: Control and Secure the Cloud with Confidence & PCI Compliance Update Speaker: Jim Cowing, Director, Coalfire Bio: Jim Cowing is a Director with Coalfire’s Security Consulting Group with over ten years of security consulting experience and twenty years of financial services industry experience. Well known in Hawaii, Jim is currently providing data security services for many Kama’aina companies. Mr. Cowing is a CISSP, PCI-QSA, PA-QSA, CISM and CPA who has helped thousands of financial services, ecommerce, enterprise, government and health care companies understand and fulfill the often complex and stringent security compliance requirements of their respective industry. Synopsis: In the early years of cloud computing, the idea was just to get there - to start achieving some of the promised efficiencies. But now, as cloud initiatives mature, the focus has turned to ensuring data security and privacy - no small feat, given the range of threats and global regulations organizations encounter. Understanding these challenges and addressing them appropriately is crucial for the survival of organizations that pursue and engage in cloud computing. We’ll also address the importance of policy-driven configuration management and compliance control. Policy-driven configuration automation solutions can detect system changes and check whether those changes are compliant to industry, regulatory or your own self-defined best practices. This allows enterprises to maintain continuous compliance in the cloud by detecting changes and comparing them to configuration and security policies. In addition, we’ll also provide an update on the latest in PCI compliance – find out about how point-to-point encryption (P2PE) can help reduce risk, and best practices for handling mobile payments and the security issues surrounding this fast-moving technology.
Core Security Topic: Prevention Through Predictive Security Intelligence Speaker: Dan Vrebalovich, Field Sales Manager, Western US, Core Security Bio: Dan has nearly 15 years of direct sales and sales management experience for enterprise software companies Core Security, BiTKOO, CA Technologies and BMC Software. Dan’s technology focus has been in the Information Security, Risk Management and Identity & Access Management domains. He is adept at enabling customers to balance the requirements for security controls and compliance with operational efficiencies aligned to business objectives/growth. Dan has a proven record of exceeding management expectations and financial targets. Prior to his IT sales career, Dan’s athletic career in volleyball included being an NCAA All-American at UCLA and the University of Hawaii. Then onto a professional beach volleyball career, as a founding member of Association of Volleyball Professionals (AVP) and top 10 World Ranking for over a decade before moving onto to managing the AVP Tour as President & COO. Synopsis: When you speak with IT security professionals many will say how important it is to be able to respond quickly to a security incident. While incident response is important, a program that works to predict and prevent incidents from happening is where the industry is moving its focus. In order to do this, CISO’s and their teams need to take the massive volume of security data generated by the layers/tools in place and funnel this down to what we call Predictive Security Intelligence. Through this intelligence, teams can find, prioritize and fix the gaps in controls and critical vulnerabilities that can be chained together to compromise critical data. Prevention is the best medicine.
Direct Defense Topic: Security That Works While On A Budget Speaker: Jim Broome, Managing Principal, Direct Defense Bio: Mr. Broome is a seasoned IT/IS veteran with 20+ years of information security experience in both consultative and operational roles. Mr. Broome leads DirectDefense, where he is responsible for the development and delivery of application and network vulnerability assessments, penetration tests, wireless security assessments and security strategy services. Previously, he was a Director with AccuvantLABS where he managed, developed, and performed information security assessments for organizations across multiple industries, while also developing and growing a team of consultants in his charge. Prior to AccuvantLABS, Mr. Broome was a principal security consultant with ISS and their X-force penetration testing team. Mr. Broome has also developed and provided training courses on several security products, including being a primary author of the CheckPoint Software CCSA/CCSE/CCSI training program, as well as creating and delivering numerous client-focused training programs and events.
Topic: 2011 was a tough year for many companies. Between budget cuts and the rash of public breaches, many companies found out the hard way about what does and does not work when applying security to their environments. Based on the well-documented stats from last year’s breaches, as well as our extensive knowledge gathered from performing penetration testing for the past 15+ years, DirectDefense will discuss the common techniques being utilized in these attacks and the steps that a company can put into practice to prevent the success of these attacks in their own environment. Best of all, our approach can be utilized by the largest or smallest of organizations, since they are based on simple techniques and a common sense approach to security. In this Presentation we will cover the following topics: • Preventing Hacking Attempts • Preventing Malware • Preventing Physical Attacks • Preventing Social Engineering Attacks • Dealing with Compliancy
F5 Networks Topic: Identity Management, SSO, and BYOD. Do They Relate? Speaker: Joe O’Donell, Systems Engineer, F5 Networks Bio: Joseph O'Donnell is a Systems Engineer for F5 Networks with over 20 years in the IT industry focusing mainly on application performance and security. He has worked with many Fortune 100 companies in his career to analyze business critical applications, providing performance recommendations, security enhancements, capacity planning and problem resolution. Working with multiple groups within organizations, applied enhancements to all tiers of the application infrastructure, utilizing Application Quality Management technologies. Synopsis: It's no secret that there is a proliferation of userid's and passwords being created for the myriad of applications that exist within and enterprise. And, it's also no surprise that everybody is seeking the best way to deploy tablets and smartphones, without compromising security. This presentation will focus on a way to deploy single sign on, integrated with some of the Application Delivery systems available today. And, how this can help in deploying mobile devices securely. The technology can also help in identifying different types of mobile devices, and whether they should be considered as guests or authorized users. This presentation will also show ways of meeting some of these requirements in ways you may not have considered. So, please bring an open mind to this session.
FireEye Topic: Next Generation Threats: Advanced, Targetted…..Successful. How to Stop Them Speaker: Jason Gael, Systems Engineering Manager, FireEye Bio: Jason Gael, Senior Security Systems Engineer, is focused on educating customers to better protect themselves from modern malware, such as advanced persistent threats, spear-phishing attacks, and drive-by downloads. Jason has worked in security and software related industries for 20 years. He is currently Systems Engineering Manager – US Wesr with FireEye, Inc., a security company based in Milpitas, Ca. Previous to FireEye, Jason held Senior roles at Websense, Catbird, Surfcontrol, Lightsurf, Magnifi, Santa Cruz Operation (SCO), and Borland. Jason lives in Santa Cruz, California, where he enjoys sailing, skateboarding with his son, and world-class disc-golfing. Synopsis: Linkedin, Zappos, IMF, Citibank, RSA, Epsilon, Lockheed and many others have been attacked. In fact, over 95% of enterprises are easily compromised as advanced attacks simply bypass traditional signature-based defenses such as NGFW, IPS, AV, and Web gateways. The security hole is real and it is pervasive. Don’t be the next headline. Learn how to protect yourself The presentation will cover:
The new threat landscape – advanced, zero-day and targeted APT attacks
How advanced attacks easily bypass your current security
The hole left open by traditional signature-based technologies
Plugging the security hole
Next generation security for next generation threats
Fortinet and Hawaiian Telcom Topic: Practical Security in a BYOD World Speaker: Bryan Wood, Director of Western Territory and Channel Sales, Fortinet Michael Miranda, Sr. Product Manager, Hawaiian Telcom Managed Services Bio: Bryan Wood has several years experience in the networking and network security industry. Current role is Director of the Western Channel Team from Minnesota out to the Hawaiian Islands. Previous experience includes:
3COM Corporation (Business Development Manager VOIP Technology)
WatchGuard Technologies (Territory Manager) - UTM Company
NitroSecurity (Regional Sales Director) - IPS Company
Fortinet (Manager, Western Channel Sales).
Michael Miranda is Sr. Manager of Product Management for Hawaiian Telcom’s Managed Services which provides services to configure, manage and monitor the network infrastructure and cyber security for customers. He acquired extensive experience in cyber security threat analysis, intrusion analysis, defense configuration and incident response as a contractor for the U.S. Government. As a software developer, he produced enterprise applications and tools that enhanced operations and improved security data analysis capabilities. Mr. Miranda is a licensed Hawaii State attorney and U.S. Registered Patent Attorney. He practiced law privately and in service to the Hawaii State Senate for five years prior to focusing on his cyber security career. Mr. Miranda, a resident of Honolulu, also holds the following certifications: Certified Information Systems Security Profession (CISSP), GIAC Certified Intrusion Analyst (GCIA) and GIAC Systems and Network Auditor (GSNA). Synopsis: Bring your own device (BYOD) is one of the latest trends that pushes the boundaries of IT security professionals. It tests the limits of securing the enterprise while allowing maximum usability and productivity for end users. Fortinet and Hawaiian Telcom will discuss conventional wisdom of IT architecture, what additions might be needed, and how BYOD can be safely enabled.
Hewlett Packard Enterprise Security Topic: How to Create an “Off The Shelf” Trojan --- and How to Mitigate Speaker: Jerry Fraizer, Tipping Point Solutions Architect, HP TippingPoint Bio: Jerry Fraizer has worked in the information technology industry for over 14 years in various information security and network engineering roles. Jerry has spent the majority of his career as hands on engineer and architect working on large high transaction networks in PCI-DSS and SOX compliant organizations including a division of Ticketmaster and The City of Irvine, California. Jerry is TippingPoint Security Expert #2058, a Certified Ethical Hacker, holds a Cisco CCNP in Routing & Switching, and holds a Cisco CCNP in Security Synopsis: The speaker will be sharing information related to off the shelf Trojan creation. The speaker will demonstrate how to quickly create and deploy a Trojan in the organization. The speaker will then demonstrate how to detect, mitigate, and prevent this type of unwanted activity.
IBM Topic: Threat Management in an Ever-Changing Environment Speaker: Michael Monteceilo
Bio: Michael Monteceilo is the IBM Security Services Threat Research and Intelligence Principal. He has more than eight years of experience in information security, during which he has served as a Senior Threat Researcher within the Managed Security Services Threat Intelligence Center (also known as the X-Force Threat Analysis Service), as a Vulnerability Management Coordinator and Forensic Investigator for the State of Michigan as well as a consultant and Principal Security Analyst for Enterprise Management Associates, an industry analysis firm. Testament to Michael’s efforts he has won two State Police awards for Professional Excellence and has published more than 30 research articles. As the Threat Research and Intelligence Principal within IBM Security Services conducts research on emerging threat trends and works to ensure that client security needs are met with standard offerings. Synopsis: The threats that IT security experts face in safeguarding their environments are constantly increasing in their frequency and complexity. In this session, Mike Monticello, Threat Research and Intelligence Principal within IBM Security Services, will share results of their study. This study specifically focused on all aspects of online threats that affect Internet security at organizations around the world and what organizations are doing to protect their enterprises against attack. You'll hear the latest insights including:
What do hackers know about security environments and where are they targeting their latest attacks?
What techniques are hackers launching to try to bypass existing security methods?
What can your organization do to protect against these ever-changing threats and emerging vulnerabilities?
This session will deliver the latest details on the current and future threat landscape from the world-renowned IBM X-Force research and development team, which pulls data from their database of 75,000 computer vulnerabilities, 150 million daily intrusion attempts, 40 million spam and phishing attacks and 10 billion web pages and images to assemble a complete picture of the threat landscape. Mike will share insights into how the enemy targets systems and provide information to better understand the latest countermeasures being used by top organizations to repel these constant network, desktop and server attacks. This unique session is specifically designed to help organizations understand the changing nature of the threat landscape.
InfoBlox Topic: Network Security: More Than Just Firewalls Speaker: Timothy J. Connelly, Manager Systems Engineering, InfoBlox Bio: As Manager of Systems Engineering, Tim Connelly is responsible for the pre-sales consulting team in the west for InfoBlox, and works with customers to define and implement Automation for Change Management and Policy Compliance. With 25 years of engineering experience in
the computer and communications industry Tim brings depth of understanding of complex solutions for large and small organizations. Tim speaks at many industry events on a variety of topics including Network Management and Network Change Control. He has held positions at several industry leading companies, including Director of Systems Engineering for Netcordia, acquired by InfoBlox in 2010. And was Director of Research and Development for Toshiba Americas, responsible for development of Toshiba’s wireless mobility solutions. Before Toshiba Tim held several positions with Madge Networks, a global network equipment provider. Before Madge, Tim was with AlliedSignal Aerospace (now Honeywell) as Sr Network Architect. Tim holds a Bachelor of Science degree in computer science from the University of Southern California. Synopsis: When Network Security is discussed, most conversations focus on firewalls. While firewalls and policies are the first line of defense for a comprehensive security policy, other network devices are often overlooked – and that creates new security gaps across the infrastructure. While compliance requirements may be implemented, often the review is a single snapshot in time and there are weeks or months where violations will never be detected. There may be sufficient security solutions and policies in place, but they don’t have the time or the manpower to manually check everything every day. This presentation will present and demonstrate best practices associated with security across other layer 2 and 3 network devices and discuss how automation can play a key role in closing potential gaps in the infrastructure.
McAfee Topic: Measuring and Managing Risk Speaker: Cassie Johnson, PMP, CISM, CISSP, DOD Security Engineer, McAfee Bio: Cassie Johnson is a DoD Security Engineer with McAfee and has worked in the federal space for over 12 years. Synopsis: Measuring and managing risk for today’s constantly changing environments can be a challenge. Set up consistent and regular processes to identify and prioritize the risk on your network.
nCircle Topic: Advanced Persistent Threats Speaker: Tim TK Keanini, CTO, nCircle
Bio: Tim Keanini brings 20 years of technical expertise from both the information security and gaming industries, which provides him with unique insight into the dynamic problems customers face for risk management. As CTO, Tim's technical vision for nCircle has been shaped by his intimate understanding of both the "gaming mindset" which always takes into account an active opponent and his experience and respect for the ever-changing and complex nature of each customer's IT operations.
Prior to joining nCircle, Tim was the Vice President and Director of Network Services at Morgan Stanley Dean Witter Online where he managed the network, security and enterprise services divisions as well as leading the design and implementation of the IP networking and security systems for all online trading. Tim previously worked at Cisco Systems as a Financial Accounts Systems Engineer working with the country's largest financial institutions on a variety of technical issues. Before taking on information security, Tim played an instrumental role at Broderbund Software, working on the design of titles such as Carmen Sandiego World and The Living Books Series, as well as leading the company's online strategy across all product lines.
Tim is regarded as an industry expert in network security and has been featured in several publications such as Information Week, Federal Computer Week, CNET News and CIO. He has also spoken at leading industry forums such as the RSA Conference, SANS Network Security, e-Gov Information Assurance Conference, SecTOR and IT Security World.
Synopsis: Over the last year the cyber security threats have changed dramatically to include three distinct categories of attackers, and all three types of attackers are targeting companies and their data. In this presentation, Mr. Keanini will discuss the differences in motivation and intent for each of the three different types of attackers and discuss how security teams can use OODA loop principals in combination with the tools they already have to create and refine practical cyber security defenses that work against all types of attackers.
Palo Alto Networks Topic: Breaking the Lifecycle of Modern Threats Speaker: Santiago Polo, Palo Alto Networks Bio: Santiago Polo is a Senior Systems Engineer at Palo Alto Networks and a Certified Network Security Engineer. Santiago brings twenty years of systems engineering experience to the Palo Alto Networks team. Prior to his work at Palo Alto Networks, he had a background in network and application security with technology manufacturers such as Juniper Networks,
3com, and Lucent Technologies, and as an end user at the Los Angeles Department of Water and Power. His interests in network security began early in his career while studying system vulnerabilities and exploits, and carrying these interests into his profession. Santiago began his career in technology after completing his B.S. in Electrical and Computer Engineering at the University of California at Irvine.
Synopsis: Network attacks are becoming both more sophisticated and more common, with all types of enterprises and all types of information being targeted by attackers. In this presentation we will shine light on the lifecycle of a modern network attack to understand how the threat landscape has changed and what is required from us as security professionals to protect our networks and users today.
Referentia Topic: Threats to Information Assets Speaker: Mark L, Director of Security Solutions, TSC Advantage Anthony K. Giandomenico, Director of Business Solutions, Referentia Bio: Mark L is the Director of Security Solutions for TSC Advantage. He is a former military intelligence officer with extensive experience supporting critical intelligence programs. Anthony K. Giandomenico is Referentia’s Director of Business Solutions and Marketing responsible for creating solutions for customers utilizing Referentia’s smartgrid and cyber security technologies. Mr. Giandomenico and his team evaluate and assess the needs of companies and government agencies then they develop a customized security & solutions plan to address each requirement. Referentia services various customers including the Department of Defense, utility companies and diverse commercial businesses. Synopsis Protecting an organization’s information assets is a global issue that is not solved with only firewalls and fences. This presentation provides insight into defender actions to a major cyber incident, such as the activities of an Advanced Persistent Threat (APT), as well as current insider threats. The impact and extent to which companies are compromised from stolen proprietary information cannot be underestimated, thus it is crucial for companies to take a proactive stance toward safeguarding their intellectual property (IP). To understand the process of planning and response to advanced threats, the speakers will cover defender planning and actions in general and discuss how advanced threats require modification or enhancements. They will outline the defender lifecycle and how organizations can take a holistic approach to find, fix and protect IP and trade secrets from security threats in today's global marketplace.
Secure-DNA Managed Services Topic: Surfing with Sharks, Why the Internet is Such an Unsafe Place Speaker: Jason Martin, Secure DNA James Ochmann, Secure DNA
Bio: Jason Martin is the President and CEO of Secure DNA, an Information Security Company that provides security solutions to companies throughout the United States and Asia. Prior to joining Secure DNA he was a Manager within KPMG’s Information Risk Management group. Along with providing strategic direction for Secure DNA as well as direct management of the security solutions team in his professional services role he has successfully designed, implemented, and operated security programs for multi-billion dollar organizations within Hawaii and the US Mainland as well as provided subject matter expertise as an executive level security advisor to companies throughout the world. He is a Certified Information Security Manager (CISM), a Certified Information Systems Security Professional (CISSP), a Certified Information Systems Auditor (CISA), Certified in the Governance of Enterprise IT (CGEIT), and holds the designation as Certified in Risk and Information Systems Control (CRISC). He is co-author of the Syngress book Information Security Risk Assessment Toolkit: Practical Assessments through Data Collection and Data Analysis. He has advised Lawmakers on emerging cyber security risks and is working with legislatures to enhance state privacy laws. He is a frequent speaker and instructor at security and audit training events and seminars, is a founder of the Shakacon Security Conference, and is on the board of advisors for the Hackito Ergo Sum security conference in France. He is a former board member for the Hawaii chapter of ISACA and is a current board member for the Hawaii chapter of INFRAGARD. James Ochmann is a Consultant with Secure DNA Consulting specializing in web application and network security. He is a graduate student at the University of Hawaii studying Electrical Engineering with a focus on computers. He is a member of the Greyhats, a student organization dedicated to security issues. He has a lifelong interest in technology and security and is currently doing research on the Tor anonymous routing network for his master's thesis. Synopsis: Drive-by-malware sites are the most prevalent attack vector for spreading malicious software on the Internet today. Cybercrime has grown in size and sophistication in the past few years, with larger and more resilient botnets leading to record levels of spam, credit card theft, and banking fraud. Today we’ll provide an inside look into the modern malware industry: how online criminals leverage vulnerable web applications, ads, and search engine poisoning to funnel traffic to drive-by-malware sites; the commercialization of exploit kits and bot packs and their role compromising everyday users; and show just how easy it is to purchase and setup your own botnet. As an added bonus we’ll walk through actual incidents that we’ve investigated where major sites were compromised for the purposes of serving malware. This walkthrough will include showing what a crimeware distribution control site looks like based on video we took after we were able to take control of such a site as a part of our malware analysis and incident response process.
Secure Technology Hawaii Title: Secure Cloud Computing Roadmap for 2013 Speaker: Duane Takamine, VP/CTO Secure Technology Hawaii
Bio: Duane is a co-founder and VP at STHI and in this role he sets the technical direction for STHI and provides deployment, support, and guidance for security and disaster recovery projects at many of Hawaii’s top 250 commercial firms. He has been a regular speaker at many Hawaii security events now for 15 years. Synopsis: Cloud Computing presents a number of complex and in many cases unique challenges to the enterprise. There are a broad range of issues that an enterprise must confront in order to utilize Cloud Computing in a reasonably safe and secure manner and consistent with their security policy. This presentation will cover some of the more practical security related challenges associated with deploying Cloud Computing in the enterprise, from authentication and identity management to information protection in the cloud. These challenges will be discussed from the technical, policy, and legal and regulatory perspective.
Sonicwall Topic: The Threat of Social Media Speaker: Michael Favinsky, Sonicwall Bio: Michael Favinsky has spent over a decade on the front lines of information security. Through the course of his career, his roles have included security incident handling, audit, implementation, project management, consulting, and sales in the entertainment, financial, medical, manufacturing, retail, and telecom industries. In addition to his experience, Michael holds a Bachelor of Science degree in Computer Science and is a GIAC Certified Incident Handler. Michael currently works as a Senior Systems Engineer at Dell Sonicwall. This will be Michael’s fourth time attending and third time presenting at ISSA Hawaii’s Annual Discover Security Conference. Synopsis: Social networks from Facebook to LinkedIn are posing serious security threats to organizations. Malicious links and compromised social media APIs are a few of the risks emerging from both user behavior and flaws in application software. Creating a holistic Web 2.0 strategy that incorporates acceptable use policies, user education, and Next Generation Firewalls is vital to protecting your organization from what is becoming a major threat vector. Join Dell Sonicwall as we explore optimal practices for securing your business from social network threats.
Technology Integration Group Topic: Security and Wireless design considerations for BYOD. Speaker: Paul Cacho, Director, Security and Wireless Practice, Technology Integration Group Bio: Paul Cacho has over 17 years of experience in the IT consulting and reseller channels. Before joining TIG, Paul was Chief Technology Officer for a network integrator specializing in application delivery and virtual desktop technologies. While there, he developed and implemented a Managed Services Provider (MSP) division that offered leading edge technology solutions for network monitoring, IT outsourcing and hosting. Paul was previously the Director of Systems Engineering for a large regional IT solutions provider. He was responsible for developing engagement methodologies and services offerings around network, data center and security solutions. As Director of the Security and Wireless Practice at TIG, Paul is responsible for developing and implementing the go to market strategy and partner alignments. Paul has over 17 years of experience in the consulting and reseller channels in both sales and professional services, including sales and management roles. He began his career as a Systems Engineer in the network infrastructure space and has worked directly in enterprise network environments. Paul also works closely with the sales leadership at TIG in assuring the security and wireless messaging is presented to the diverse TIG client base as well as engaging directly with clients to develop the appropriate security strategy their specific business requirements. Paul has developed strong relationships in the industry and continues to leverage those relationships to provide “best of breed solutions” for TIG’s clients around the country. Synopsis: BYOD or the “consumerization” of IT is one of the few initiatives in recent memory that has not been created or planned in the IT department. Many organizations literally found themselves racing to support BYOD when their CIO or CEO brought a tablet to work and demanded corporate network and application access from this device. TIG will discuss the network, security and wireless design considerations that many organizations overlook when planning their support strategy. The TIG Enterprise Roadmap (TIGER) methodology plays a big part in our consulting strategy which maintains that each network and organization is unique and there is no one defined set of eco-system products that is right for all organizations. We will discuss the need for context aware security and a policy based approach to network access control (NAC) as well as an in depth look at the importance of a proper Wireless LAN design in support of BYOD.
WebSense Topic: Protecting your information assets – critical success factors for data loss prevention Speaker: Joe Gow, Director of Product Management – DLP, Websense
Bio: Joe Gow is the Director of Product Management at Websense responsible for leading product strategy and development for the company’s data loss prevention products. Prior to this role Joe has held numerous product management leadership positions including most recently leading the encryption and key management business at Symantec. Joe has for the past 14 years provided product management leadership at both early stage start-up and industry leading companies encompassing an array of security solutions that include: encryption and key management; mobile devices; security policy and compliance management; security configuration management; network access and admission control; LAN/WAN transport security, and communication security for IP telephony and Wi-Fi. Synopsis: In his discussion, Joe will present a realistic view of how to deploy and support data loss prevention products in the enterprise. Topics will include: - evolving threat environment for sensitive corporate information (key trends and drivers) - what is DLP and how does it mitigate the business risks associated with information loss - key success factors for deploying DLP in enterprise networks - life cycle model for DLP deployment - The changing IT landscape: emerging challenges in protecting critical information
Menu – Day 1 & 2 Breakfast Day 1 – DeRussy Hall
Assorted Muffins
Assorted Danishes Coffee, Decaf, & Tea
Fruit Juice
Lunch Day 1 – Banyan Tree Showroom Hale Koa Salad
Grilled Skirt Steak with Shitake Mushroom Sauce Paired with Broiled Mahi-Mahi Fillet or Crab Cake
Served on Local Style Fried Udon Noodles and Sautéed Zucchini with Tomatoes
Red Velvet Cake
Breakfast Day 2 – DeRussy Hall
Assorted Muffins
Assorted Danishes
Coffee, Decaf, & Tea Fruit Juice
Lunch Day 2 – Banyan Tree Showroom Hale Koa Salad Herb Marinated Grilled Sirloin Steak
Paired with Citrus Honey Mustard Glazed Chicken Breast Fresh Mashed Potatoes
Herb Roasted Garden Vegetables Dutch Apple Pie with Vanilla Ice Cream
Afternoon Break Day 1 & 2 – DeRussy Hall Assorted Cookies
Assorted Fruits
Assorted Soft Drinks and Juices
Reception on Day 2 (starting at 5:30 pm) – Waikiki Ballroom
Music played in the background during the initial cocktail hour
Reception Agenda 5:30 p.m. - 8:30 p.m. Bar Service Available 5:30 p.m. - 8:30 p.m. Hors d'oeuvre Stations Open
5:30 p.m. – 7:00 p.m. Musical Entertainment 5:30 p.m. Sponsor Recognition 7:00 p.m. Prize Raffle Drawing
7:30 p.m. - 8:00 p.m. Last Call
