Monday, March 23
10:00 AM - 11:00 AM
George Gerchow, Cloud Security & Compliance Evangelist, VMWare
•
The politics behind SaaS
The politics behind SaaS•Behind-the-scenes look at SaaS based architecture
Behind-the-scenes look at SaaS based architecture•Reduced footprint
Reduced footprint•Reverse proxy
Reverse proxy•Secure connection
Secure connection•SCAP (Security Content Automation Protocol)
SCAP (Security Content Automation Protocol) •Encryption options
Encryption options•From minimum viable product to GA in 3 months
From minimum viable product to GA in 3 months11:15 AM – 12:15 PM
Jerry Tilson, Information Security Technology Leader, Mary Kay, Inc.
•Setting expectations and deploying DLP
Setting expectations and deploying DLP•Rule writing
Rule writing •Getting the false positive rate under control
Getting the false positive rate under control •Gathering information you never considered before
Gathering information you never considered before•Common DLP pitfalls and oversights
Common DLP pitfalls and oversights1:30 PM – 2:30 PM
Dr. Nataraj Nagaratnam, Engineer & Chief Technology Officer, Security Solutions, IBM Security Systems
•How cloud impacts security posture
How cloud impacts security posture•A comprehensive approach to managing access
A comprehensive approach to managing access•Learn to protect applications and data, and gain visibility in hybrid cloud environments
Learn to protect applications and data, and gain visibility in hybrid cloud environments3:15 PM – 4:15 PM Research Study
Efrain Ortiz, Director, Market and Technology Innovation Group
•The similarities between biological and digital disease control
The similarities between biological and digital disease control •An epidemiological analog that can be used to communicate day to day processes and success
An epidemiological analog that can be used to communicate day to day processes and success •The (S.I.R) graph Susceptibility, Infection, Recovery as a means of tracking a large number of systems over long periods
The (S.I.R) graph Susceptibility, Infection, Recovery as a means of tracking a large number of systems over long periods•Lessons learned from biology that can be applied to digital diseases
Lessons learned from biology that can be applied to digital diseasesTuesday, March 24
8:30 AM – 9:45 AM
Dipto Chakravarty, EVP Engineering & Products, ThreatTrack Security, Inc.
•Learn how private, hybrid and public clouds increase the complexity of security assurance
Learn how private, hybrid and public clouds increase the complexity of security assurance •Side-effects of data center walls’ disappearance and mobile device proliferation
Side-effects of data center walls’ disappearance and mobile device proliferation •Artifacts of targeted threats when multi-tenancy is exploited, and APTs proliferate throughout the ecosystem.
Artifacts of targeted threats when multi-tenancy is exploited, and APTs proliferate throughout the ecosystem. •How to set up a cloud with layered security so that it can be defended against blended threats
How to set up a cloud with layered security so that it can be defended against blended threats •How to combine the techniques to combat the worst of “outside in” and “inside out” targeted attacks
How to combine the techniques to combat the worst of “outside in” and “inside out” targeted attacks10:00 AM – 11:00 AM
Bill Dean, Director of Computer Forensics, Sword & Shield Enterprise Security
•If your “cloud” is compromised, what data will you have available for analysis?
If your “cloud” is compromised, what data will you have available for analysis?•Understand the sources of evidence available from various cloud models
Understand the sources of evidence available from various cloud models•Examples of how a compromised cloud provider equals compromised clients
Examples of how a compromised cloud provider equals compromised clients•How "far" you can really take the security testing of cloud providers
How "far" you can really take the security testing of cloud providers2:00 PM – 3:00 PM
John Willson, Technical Architect Consultant Project Team, aemera.org
•Get to know the philosophy behind an open data protocol
Get to know the philosophy behind an open data protocol•Test a business application solution stack as it relates to the OData protocol using a COBIT 5-like approach
Test a business application solution stack as it relates to the OData protocol using a COBIT 5-like approach•Where the OData protocol fits with respect to HTTP(s) and HTML
Where the OData protocol fits with respect to HTTP(s) and HTML•How to defend against 3 specific attacks that could be using OData
How to defend against 3 specific attacks that could be using OData•Acquire resources, tools, and knowledge in advance of the widespread use of this coming global standard protocol
Acquire resources, tools, and knowledge in advance of the widespread use of this coming global standard protocol3:30 PM – 4:30 PM
David Etue, Vice President, Corporate Development Strategy, SafeNet, Inc.
•Discuss data control, ownership, and identity management in the cloud
Discuss data control, ownership, and identity management in the cloud•Are the latest technologies helping or hindering data security?
Are the latest technologies helping or hindering data security?•Regulatory concerns
Regulatory concerns•Updates to global legal issues
Updates to global legal issuesWednesday, March 25
9:45 AM – 10:45 AM
Randall Brooks, CISSP, CSSLP, Engineering Fellow, Raytheon Cyber Solutions Inc. (RCSI)
•CSA and SAFECode's practices for secure development of cloud applications
CSA and SAFECode's practices for secure development of cloud applications •Common threats to cloud computing
Common threats to cloud computing •How to avoid design and implementation issues
How to avoid design and implementation issues •Benefits of secure development training
Benefits of secure development training •Free online resources for application security training
Free online resources for application security training11:00 AM – 12:00 PM
Dr. Ram Keralapura, Director of Data Science, Netskope
•Learn how unsupervised machine learning techniques can identify relationships not apparent to humans and lead to effective results
Learn how unsupervised machine learning techniques can identify relationships not apparent to humans and lead to effective results•Why context matters in detecting anomalies in the cloud
Why context matters in detecting anomalies in the cloud•Real-world examples of cloud anomalies from enterprise cloud usage data, and the forensic drill-downs behind them
Real-world examples of cloud anomalies from enterprise cloud usage data, and the forensic drill-downs behind them•An actionable roadmap for getting started with anomaly detection in the cloud
An actionable roadmap for getting started with anomaly detection in the cloudTOOLS & DEMOS
CLOUD & DATA PROTECTION
Top-notch training. Compelling speakers. Meaningful interactions.
Join the conversation using #InfoSecWorld
Contact Us
Registration/General Inquiries:
Customer Service
(508) 879-7999 ext. 501
Speaking Opportunities:
Katherine Teitler
Director of Content Development
[email protected] or (508) 532-3624
Exhibit Sales:
Vendors A-L
CJ Oliveri
Director of Sales, Conference Division
[email protected] or (508) 532-3609
Vendors M-Z
Howard Weinman
Director of Sales, Conference Division
[email protected] or (508) 532-3652
