1. ICT AUDIT, SECURITY & GOVERNANCE SOUTH AFRICA CONFERENCE 2012 GLOBAL BEST PRACTICES FOR COMBATING CYBER CRIME AND ENHANCING CYBER SECURITY 29th 31st MAY 2012, EMPERORS PALACE, JOHANNESBURG, SOUTH AFRICA

2. ICT AUDIT, SECURITY & GOVERNANCE SOUTH AFRICA CONFERENCE 2012 EVENT SUMMARY AND AGENDA AT A GLANCE Guest of Honour Keynote Speeches confirmed by: Jason Jordaan: CFE, PMCSSA, ACE, MTech (Forensic Investigation) ,BComHons (Information Systems), BTech (Policing), Senior Cyber Forensic Examiner, Cyber Forensics Laboratory, Special Investigating Unit, SOUTH AFRICA. David Ocira, BSc Physics and Mathematics, Certified Radio Access Engineer (Wimax, HsDPS, CDMA 2000), Radio Network Planning and Optimization Engineer, Uganda Telecommunications Company, Uganda Mark .E .S. Bernard, CRISC, CGEIT, CISA, CISM, CISSP, ISO 27LA, Director, Governance, Risk and Compliance - Techsecure Holdings Inc, CANADA. Gunjan Bansal - Chartered Accountant, CISA, IFRS (UK), Senior AVP, Operational Risk and Controls - Finance Operations, Credit Suisse, INDIA International Speaker Panel Including: Jason Jordaan: CFE, PMCSSA, ACE, MTech (Forensic Investigation) ,BComHons (Information Systems), BTech (Policing), Senior Cyber Forensic Examiner, Cyber Forensics Laboratory, Special Investigating Unit, SOUTH AFRICA. Ondrej Krehel, Chief Information Security Officer, Identity Theft 911, UNITED STATES OF AMERICA. David Ocira, BSc Physics and Mathematics, Certified Radio Access Engineer (Wimax, HsDPS, CDMA 2000), Radio Network Planning and Optimization Engineer, Uganda Telecommunications Company, Uganda Dr Johann van der Merwe, BSc, MSc and PhD Information Security & Communication Systems, Global Head of Information Security, De Beers Family of Companies, South Africa Mark .E .S. Bernard, CRISC, CGEIT, CISA, CISM, CISSP, ISO 27LA, Director, Governance, Risk and Compliance - TECHSECURE HOLDINGS Inc, CANADA. Gunjan Bansal CISA, Chartered Accountant, IFRS (UK), Senior AVP, Operational Risk and Controls - Credit Suisse, INDIA Ian Melamed, CFE, Higher Diploma in Cyber Law, Principal Consultant, Shaya Infosec, South Africa Country Perspective Sessions Confirmed by: Social Networking Events Schedule Fee per Person R8700.00 REGISTER BEFORE THE 4th OF MAY 2012 AND GET 10% DISCOUNT!! 3. DAY 1 TUESDAY 29 MAY 2012 ICT AUDIT, SECURITY & GOVERNANCE SOUTH AFRICA CONFERENCE 2012 07:00 08:30 - REGISTRATION & WELCOME RECEPTION 08:30 08:45 WELCOME ADDRESS & INTRODUCTION FROM CHAIRPERSON 08:45 09:15 - FIGHTING CYBER CRIME THE NEED FOR, AND BENEFITS OF A COORDINATED APPROACH (PUBLIC - PRIVATE PARTNERSHIPS) No matter how solid each of our individual institutions information security infrastructures could be, we are increasingly dependent upon other critical infrastructure sector partners to keep us functioning all the time. This is especially the case since technology is spanning hundreds of boundaries and virtual computing realities are settling as necessities for businesses world wide. Service dependence on infrastructures like telecommunications, satellite technologies, cloud computing services and many other complex technologies remain even more important for businesses to deliver service, yet there are criminals out there waiting to pounce on the slightest opportunity there is to break into our computer systems. This session will look at several public-private collaboration opportunities that South Africa need to harness to win the war against cyber crime. What are some of the approaches to increase cooperation between businesses and governments against cyber crime? Where appropriate, this presentation could also touch on the steps to move such collaborations to the next level. 09:15 10:00 - FACING THE CHALLENGE OF A CYBER CRIMINAL KNOWLEDGE- BASED ECONOMY Uncovering the evolution of the cyber criminal world into a well-developed, knowledge based economy using Eastern Europe as an example Uncovering the underwater part of the cyber criminal iceberg: An overview of trade platforms where sensitive information assets become the object of desire on the open criminal market. Trends over the last 18 months with specific examples on card fraud, phishing, Trojan development and deployment etc Highlighting proactive approaches toward this ever changing threat landscape with recommendations on fraud prevention. Jason Jordaan: CFE, PMCSSA, ACE, MTech (Forensic Investigation) ,BComHons (Information Systems), BTech (Policing), Senior Cyber Forensic Examiner, Cyber Forensics Laboratory, Special Investigating Unit, SOUTH AFRICA. 10:00 10:40 - REVIEWING THE LIABILITY OF INTERNET CARRIERS: WHAT THEY ARE DOING AND SHOULD DO TO PREVENT CYBER CRIME Examining what carrier space might have to do with cyber crime The different attitudes in the current carrier space toward cyber crime: We only transport Vs We are responsible Practical examples and case studies Evaluating the role of specific regulations Looking into the future David Ocira, BSc Physics and Mathematics, Certified Radio Access Engineer (Wimax, HsDPS, CDMA 2000), Radio Network Planning and Optimization Engineer, Uganda Telecommunications Company, Uganda 10:40 11:10 - MORNING COFFEE BREAK & SOCIAL NETWORKING 11:10 11:40 - INTERPOLS WORK IN THE CYBER CRIME DOMAIN 11:40 12:00 - QUESTION & ANSWER SESSION & PANEL DISCUSSION 12:00 12:40 INFORMATION ASSURANCE A CRITICAL VALUE DRIVER FOR THE ENTERPRISE Information Assurance and the organisations over-dependence on information communications technologies (ICTs) Information Security & Audit roles in modern day enterprises The need to support the mission of the organisation Information assurance is an integral part of sound management Introducing security Key Performance indicators: What you cant measure, you cant manage 12:40 13:40 - LUNCH AND SOCIAL NETWORKING 13:40 14:15 - PUTTING INFORMATION BACK INTO INFORMATION SECURITY Although we call it "Information Security," for a long time this profession has really been about protecting the infrastructure, not the data. Information is the crown jewels of business. Because information is the new currency of the Internet age, it is an essential mandate that this critical asset be recognized in a robust security management system. The notion of information centric security is crucial for organizations and the evolution of a risk-based paradigm for security has made it clear that a secure organization does not result from securing technical infrastructure alone. A security approach that is mission-centric (i.e., based on strategic drivers) strives to secure the organizations critical assets and processes regardless of where they live. This session explores how to reorient your security program to protect the information itself, not merely the places where it's stored and used. We'll start with the practical basics of Pragmatic Data Security, then show how to evolve towards the Information-Centric Security Lifecycle. Attendees will benefit from key lessons including: How to build an information-centric security program that stretches from enterprise applications down to user's desktops. Which tools work, which don't, and how to properly use them How to make strategic data security investments that will continue to work in evolving environments, such as cloud computing Step by step process to building a data security program Ondrej Krehel, CISSP, CEH, Chief Information Security Officer, Identity Theft 911, UNITED STATES OF AMERICA. OPENING SPEECH OPENING KEYNOTE KEY INSIGHTSKEYNOTE KEY INSIGHTS 4. 14:15 14:45 - SOCIAL NETWORKING AND ITS IMPLICATIONS TO YOUR INFRASTRUCTURE - THE BUSINESS RISKS OF EMPLOYEE INFORMATION SHARING Employees are sharing large amounts of data about their personal and professional lives through social networking sites. Some of this information may appear to have no value - someones favorite color, their address, the name of their boss, or the name of their childhood pet. However, attackers have become increasingly sophisticated at mining and correlating this personal information in creative ways, often putting the business at risk. For example, personal information might be used to answer password reset questions or to lend credibility to a personalized phishing email targeting banking customers, and ultimately threatening account information or the firms reputation. Additionally, information about business relationships, travel destinations, or LinkedIn recommendations may allow attackers, competitors or investors to infer sensitive details about the business. This keynote session exposes the new risks to businesses that have resulted from employee information sharing. Attend and discover: The three classes of gateway data that are putting businesses (and individuals) at risk New ways this data is being mined and leveraged by attackers Case studies of how this data is being used Techniques to defend against the growing threat 14:45 15:20 - CAN A COMPANYS INFORMATION SECURITY POSTURE BE CONSIDERED A COMPONENT OF FINANCIAL GOODWILL? 15:20 15:40 - AFTERNOON COFFEE BREAK 15:40 16:15 - IT GOVERNANCE, RISK AND COMPLIANCE: TURNING OPERATIONAL RISKS INTO RETURNS Recent financial upheavals have resulted in a wave of increased regulations, and organizations are facing increasingly stringent government scrutiny and audit requirements. As a result, companies across the spectrum must implement an effective IT governance, risk and compliance (GRC) framework. To perform in this highly complex business environment, IT teams must turn their IT GRC processes into strategic assets. Effective IT controls cannot only help organizations pass audits and assessments, but can also reduce operational risk exposure through improved processes. This session will explore the following: Meeting the challenges of a complex and dynamic regulatory landscape Negotiating risks and managing compliance Reducing operational costs How Using IT to integrate GRC processes offers organizations strategic and operational benefits Leveraging IT to streamline compliance and business processes can create business value Mark .E .S. Bernard, CRISC, CGEIT, CISA, CISM, CISSP, ISO 27LA, Director, Governance, Risk and Compliance - Techsecure Holdings Inc, CANADA. 16:15 16:45 - INFORMATION RISK: THE ELEPHANT IN THE BOARDROOM What is Information Systems Risk How can information risks be managed Applying risk management processes: - Identification - Assessment - Treatment - Monitoring/Review Partnering with key organisational stakeholders to integrate information risk management into an ERM framework Good and Bad Practices Some examples/Case studies How to prevent information risk becoming a crisis Dr Johann van der Merwe, BSc, MSc and PhD Information Security & Communication Systems, Global Head of Information Security, De Beers Family of Companies, South Africa 16:50 - CLOSE OF DAY DAY 2 WEDNESDAY 30 MAY 2012 ICT AUDIT, SECURITY & GOVERNANCE SOUTH AFRICA CONFERENCE 2012 08:45 09:20 - GOVERNANCE, RISK AND COMPLIANCE: MANAGING AND ASSESSING THE CORPORATE IT PORTFOLIO The combination of business changes (market demands), enterprise responses (in terms of IT-intensive organizational changes), and technologies dispersed into business units, creates a need to explore how IT is most effectively and efficiently governed. IT Governance may be defined as a framework for the ongoing leadership, organizational structures and business processes, standards and compliance to these standards, which ensures that IT supports and enables the achievement of both IT and organizational strategies and objectives. IT portfolio management is a restricted collection of IT assets, plotted against investment strategies, which are tied to acceptable risk levels designed to meet business objectives. This is achieved through a calculated, favorable mix (the proportion or variety of investments made in each enterprise area), based on a postulation about future performance, (planned and deliberate development expectations of the enterprise). This session addresses the critical linkage between proactive IT governance and practical IT portfolio management. Mark .E .S. Bernard, CRISC, CGEIT, CISA, CISM, CISSP, ISO 27LA, Director, Governance, Risk and Compliance - Techsecure Holdings Inc, CANADA. 09:20 09:50 - COMMUNICATING THE INFORMATION SYSTEMS RISK MESSAGE: DEVELOPING AN INFORMATION RISK CULTURE & USING RISK LANGUAGE THROUGH OUT YOUR ORGANISATION Communicating the importance of Information Systems Risk management with management and the board Producing a state-of- the-art information risk management Report Ensuring information systems risk ownership throughout your organization The need to include an information risk champion in the executive team Ensuring the Boards information systems risk register is limited to the exposures that are strategic at company level Maintaining good communication with all your stakeholders Developing and managing a culture of information risk management automatically in employees Including information risk management responsibilities in employee job descriptions KEYCASE STUDY PANEL DISCUSSIONKEYNOTE KEY INSIGHTS KEYCASE STUDY KEYNOTE 5. 09:50 10:05 - QUESTION & ANSWER SESSION 10:05 10:35 - MORNING COFFEE BREAK & SOCIAL NETWORKING 10:35 11:10 - SECURITY AND RISK CONSIDERATIONS OF SMARTPHONES, IPADS, IPODS AND MOBILE DEVICES - THE VIRTUAL BOOTH PHENOMENON) The person working on a laptop on the train or plane, or talking on a mobile phone, is blissfully unaware how much sensitive business and personal information is being conveyed to those around. It is almost like he or she is in a virtual booth free from prying eyes and ears. This session examines the phenomenon of the virtual booth, explaining how information seeps through the technical controls in place through ignorance, deliberate fault and cultural pressures. It provides research and case studies and offers reasons why this occurs and why it is a business problem. The session discusses the need to change awareness and behavior in regard to this issue, and how this will be a slow change because there is a need for a change in attitude and understanding as well as behaviour. Express a greater understanding of the operational and behavioral risks of mobile computing Demonstrate appreciation of the psychological research that has helped us to understand the causes of the virtual booth phenomenon Convey a greater insight into how staff can be educated to operate in a more secure way Motivate staff more effectively so they more likely to act in ways that reduce of the risks of mobile working in public places Consider an alternative perspective in information security 11:10 11:45 - PURE SECURITY: AWARE, ADAPTIVE AND ACTIONABLE SECURITY SOLUTIONS Implementing intrusion prevention systems as a next generation technology The shift from Intrusion Detection systems (IDS) to Intrusion Prevention Systems Understanding the threats and knowing the impact on your development requirements Deploying accurate and granular attack prevention solutions Acting as a point of protection and forensic evidence 11:45 12:15 - AUDIT & CONTROL CONSIDERATIONS IN ELECTRONIC COMMERCE This seminar provides insight to those professionals who have grappled with electronic commerce and information security issues surrounding the continued growth of virtual markets. Electronic Commerce (EC) is a range of applications that extends the core business activities of the enterprise into a virtual electronic community that is shared with customers, suppliers, business partners, employees, and prospects. Connecting businesses and consumers, be it for banking, retail sales, or confirming airline reservations, controlling electronic commerce (EC) will require an integrated examination of electronic data interchange (EDI), electronic funds transfer (EFT), electronic benefits transfer (EBT), and the Internet. Unsecured electronic commerce presents risks which could create a 'black hole' of liability for organizations, seminar attendees will be prepared for the challenges of auditing, assessing and securing automated financial electronic commerce applications, with an aim of avoiding such corporate liabilities. Gunjan Bansal - Chartered Accountant, CISA, IFRS (UK), Senior AVP, Operational Risk and Controls - Finance Operations, Credit Suisse, INDIA 12:15 12:50 - SAFEGUARDING PERSONALLY IDENTIFIABLE INFORMATION: ASSESSING AND MITIGATING THE RISK OF CREDIT CARD & ONLINE PAYMENTS This presentation will address the most significant issues in identity fraud faced by todays businesses. Charged with ensuring the security of your organizations confidential personally identifiable information what risks threaten the integrity and security of these data and how will you mitigate these risks using the available information security technology? What role does information assurance play in providing a controlled work environment for protecting and safeguarding the confidentiality of personally identifiable information. This presentation covers the following: Understanding Credit Card Fraud The Invisible enemy Identity Theft Automation Cyber Fraud Issues Focusing on technology security and regulatory issues Regulating consumer credit Card Security, Chip & Pin Ensuring consumer protection Monitoring of credit systems - Payment networks and regulation - The role of a credit bureau Innovations in online payments and credit card processing Ondrej Krehel, CISSP, CEH, Chief Information Security Officer, Identity Theft 911, UNITED STATES OF AMERICA. 12:50 13:00 - QUESTION AND ANSWER SESSION 13:00 14:00 - LUNCH AND SOCIAL NETWORKING 14:00 14:30 - SECURING E-BANKING AND MOBILE PHONE BASED TRANSACTIONS FROM CYBER ATTACK. Cyber crime threatens to stall the growing popularity of both electronic and mobile banking services, now increasingly regarded as a must have for many bank customers, especially corporate. The problem banks are facing is how to introduce enhanced security measures for e-banking and mobile banking services without making their web-banking systems unusable for the customer. Protecting electronic and mobile banking transactions from cyber attack requires an intelligent, multi-layered approach to online security. In the current banking climate, using the right mix of cyber fraud detection systems and intelligence means that suspicious cyber transactions can be crosschecked with a wealth of data. Combining real-time cyber fraud detection tools with customer information across various channels gives banks a complete, enterprise-wide view of customer behavior to reduce cyber fraud and increasing the detection speed of fraud patterns to stay ahead of rapidly-changing cyber threats on the horizon. KEY INSIGHTS KEY INSIGHTS KEYINSIGHTS &PRACTICALS KEYINSIGHTS &PRACTICALS 6. 14:30 15:20 - OUTSOURCING & THE IMPACT ON INTERNAL CONTROLS Companies that want to enter new markets face a different set of problems in getting up to speed on that business plan. Thanks to new technologies, executives can divide up their organization's value chains, handle the key strategic elements internally, outsource others advantageously anywhere in the world with minimal transaction costs, and yet coordinate all essential activities more effectively to meet customers' needs. Under these circumstances, moving to a less integrated but more focused organization is not just feasible but imperative for competitive success. What is outsourcing exactly? How does it differ from downsizing and re-engineering? Identify what IT services or areas can be successfully outsourced without compromising an enterprises IT security posture What are the risks associated with outsourcing? Managing Outsourcing through Agreements Outsourcing makes sense when...? What does outsourcing really buy you? Demonstrate how to determine effectively if a managed security service provider is right for the organisation What are the impacts of outsourcing on internal controls? Outsourcing What is Information System Audits Role? Outsourcing What is Information Securitys Role? Demonstrate and prove how smart IT security outsourcing can potentially save money and how poor decisions can result in the inverse effect Utilise proven, real-world examples and take aways for successfully managing and collaborating with a managed security service provider in a global enterprise environment 15:20 CLOSE OF DAY DAY 3 THURSDAY 31 MAY 2012 ICT AUDIT, SECURITY & GOVERNANCE SOUTH AFRICA CONFERENCE 2012 08:00 08:40 - INCIDENT MANAGEMENT- RESPONSE, REACT, RECOVER Detecting an intrusion or any form of a breach too late is unacceptable to most organizations there's too much to lose. Security is about what you do before an incident occurs because a cyber event will occur. In reaching this understanding then, all that is left for information security leaders to do is decide their companies' security needs and make the right tactical and strategic calls to fulfill them. I don't want to go to my CEO's office and say, I got great news. Our intrusion detection system detected this breach and we lost a million client records.' We have a problem, he said. Let's face it: Anyone who thinks that they'll never get breached is in a dream world. There will always be a breach, he added. It's just a question of how do you manage a breach before and after, what are some countermeasures you're going to put in, and what are the dynamics of your business because security has to be matched up with what is generating capital. This presentation will cover: Facing the harsh reality that attacks will always occur and that they are increasingly becoming sophisticated. Understanding the three Rs and their role in ensuring business continuity Highlighting the huge impact people have on business continuity Realising that technology alone does not work 08:45 09:15 - DEVELOPING AN ENTERPRISE DIGITAL FORENSIC/ELECTRONIC DISCOVERY CAPABILITY Identifying Requirements for an Enterprise. Digital Investigative/Electronic Discovery Capability Administrative Considerations for an Enterprise Digital Investigative/Electronic Discovery Capability. Identifying Resources (Software/ Hardware/Facility) for Your Team. Ondrej Krehel, CISSP, CEH, Chief Information Security Officer, Identity Theft 911, UNITED STATES OF AMERICA. 09:15 09:45 - RESILIENCY: THE CONVERGENCE OF SECURITY, BUSINESS CONTINUITY AND IT OPERATIONS The formidable challenges facing management today and the growing complexity of IT systems that support business operations make continuity planning a high priority for IT management. This session examines the convergence of tasks and responsibilities of the security, business continuity and IT departments in the continuity planning and management process. In addition it intends to provoke discussion on the responsibility of each of the three departments and attempt to come up with a recommended standard approach. Where does one department draw the line as a way of maintaining both effectiveness and efficiency of business continuity? Mark .E .S. Bernard, CRISC, CGEIT, CISA, CISM, CISSP, ISO 27LA, Director, Governance, Risk and Compliance - Techsecure Holdings Inc, CANADA. 09:45 10:20 - MOBILE FORENSICS THE GOOD, THE BAD AND THE UGLY! We like to think that doing a factory reset on our old phones and tablets is enough to keep our private data safe before selling them for an upgrade to the latest gadget, but a new survey of phones, tablets and computers proved that a factory reset is essentially worthless on Android phones and tablets. When it came to mobile phones, research has shown that the most commonly found information was porn, lots and lots and lots of porn. In addition and of the most importance, mobile devices forensics unearthes the following information even after the seller did a factory reset or a reinstall of the operating system: Porn, Court records, Social Security Numbers, Resumes, College applications, Cookies, Child support documents, Employee records, Bank statements, Credit card statements, Tax returns, Emails, Contact lists, Photos, and more. What are the good, the bad and the ugly sides of digital forensics? 10:20 10:50 - MORNING COFFEE BREAK & SOCIAL NETWORKING PANEL DISCUSSION 7. 10:30 11:00 - IDENTIFYING, COLLECTING AND ANALYSING DIGITAL EVIDENCE TO PROTECT CORPORATE DIGITAL ASSETS. Ian Melamed, CFE, Higher Diploma in Cyber Law, Principal Consultant, Shaya Infosec, South Africa 12:00 12:45 - A WAKE UP CALL TO ALL INFORMATION TECHNOLOGY, SECURITY & AUDIT EXECUTIVES BECOME BUSINESS RELEVANT! 12:45 13:00 - CONFERENCE CLOSING REMARKS 8. ICT AUDIT, SECURITY & GOVERNANCE SOUTH AFRICA CONFERENCE 2012 29th 31st MAY 2012 EMPERORS PALACE, Johannesburg, South Africa CONFERENCE REGISTRATION FORM PLEASE PRINT DATE OF REGISTRATION: TITLE: FIRST NAME(S) SURNAME: PREFERRED NAME FOR TAG: ORGANISATION/EMPLOYER: POSITION: WORK ADDRESS: E-MAIL ADDRESS (REQUIRED) TELEPHONE MOBILE COUNTRY (Please tick () below where appropriate) PAYMENT METHOD TOTAL AMOUNT ENCLOSED ($) WITH THIS FORM SPECIAL REQUIREMENTS Special Assistance: Please indicate if you have a disability or require assistance to be able to participate fully in the Conference. Please state the type of assistance required: Dietary Requirements: We may be able to provide for special meal requirements. Please specify if you have any: Privacy: Do you agree to have your contact details included on the delegate list? _ Yes _ No Registration Cancellation Policy Cancellation of a registration must be notified in writing to Conference Organising Committee. Cancellations prior to the 10 th of May 2012 will receive a full refund less R1600 administration fee. No refund will be given for cancellation after the 10th of May 2012, however substitutions will be possible. Agreement to terms and conditions: I wish to register for the ICT Audit, Security & Governance South Africa Conference 2012 and acknowledge the registration terms including the cancellation policy. Signature: _______________________________________ DIRECT DEPOSIT BANK TRANSFER REGISTER BEFORE THE 4th OF MAY 2012 AND GET 20% DISCOUNT!! Fee per Person R8,700 9. Cancellation Policy Please ensure you have read this carefully before submitting your registration form. Everest Leadership Training (ELT) operates a 20 working day cancellation policy. Any cancellations received after 20 days or any delegate that does not attend will be subject to full payment. You may transfer to another course/conference for a transfer fee of 20% of the initial booking fee plus the difference between the value of the course/conference you are transferring to. This will be invoiced or refunded. Please note that the replacement course/conference must take place within 6 months of the initial application. Alternatively you may send another colleague to the initial booked course/conference without incurring any additional fees. A full refund less an administration fee of R1,600.00 will be given for cancellation requests received up to 20 working days before the event. Cancellations must be made in writing to the Conference Organising Committee and reach Everest Leadership Training offices before the 20 working days deadline. The information you provide on this form may be used in future by Everest Leadership Training to enhance service delivery. Except to the extent you indicate your objection below, we may also use your information (a) to keep you informed of our products and services; (b) occasionally to allow companies outside our group, as we see fit, to contact you with details of their products/services; or (c) for our research consultants to contact you for research purposes. By submitting this form, you will be indicating your consent to the use of your information as identified above. VAT The conference fee is inclusive of 14 % VAT.