conference banner

Agenda

  • 7:30AM-8:30AMRegistration And Networking Breakfast
  • Sponsored by
  • 8:30AM-8:45AMOpening Remarks And Seminar Overview
  • Moderator:  Bob Bragdon
  • Publisher
  • CSO magazine
  • 8:45AM-9:45AMPenetration Testing: Do You Need One, How To Do It And What Do You Hope To Find?
  • Speaker:  Ed Bellis
  • Vice President & CISO
  • Orbitz Worldwide
  • A penetration test can be a compelling, if not somewhat chilling, way to learn where your organization's vulnerabilities lie and gauge their relative severity. Chinks in an organization's technological armor are sometimes the culprit. Too often, though, what most pen tests will uncover are flaws in process or the human element. The greatest firewall and anti-virus software in the world is no match for a careless employee who writes a password on a sticky note. Throughout the year, Ed Bellis performs a variety of different tests on the many facets of Orbitz's business. He'll take us through several case studies – what he does, why he does it, what he expects to get out of it and the kind of value he gets from his extensive testing program.
  • 9:55AM-10:25AMBusiness Technology Briefings
  • These technology briefing sessions cover specific data loss prevention technologies, techniques and case studies. They'll provide you with options you can put into place once you return to the office.

    Data Loss During Downsizing: As Employees Leave, So Does Your Corporate Data
    Speaker:  Jenny Yang
    Senior Manager, Data Loss Prevention
    Symantec

    Many employees are leaving their current positions, due to either job loss or to pursue other opportunities. Companies should be aware that these employees may well be walking off with sensitive or confidential data. This puts your company at risk for a potentially serious data breach. The theft of proprietary data, such as customer lists or intellectual property, can also put your company at a competitive disadvantage. In this session, you'll hear how data loss prevention solutions can help safeguard your valuable information assets.

    Plug Your Data Leaks
    Speaker: Victor C. Lee
    Director, Data Protection Marketing
    Trend Micro, Inc.

    Are you losing data without even knowing it? The loss of confidential information and intellectual property is no longer limited to malware and hacker attacks. The increased use of mobile systems, wireless networks and collaboration technologies -- combined with today's economic challenges -- increase the risk of data leaks from within. And any data leakage event can result in negative financial impacts for your organization in the form of fines, litigation fees, damage to your brand, loss of customer confidence and bad press.  
     
    Achieving regulatory compliance with business governance and privacy regulations also requires comprehensive security policies to keep information confidential and protect customer privacy. In this session, you'll learn the impact of data leakage, how the market for data loss prevention tools has evolved, and the latest best practices for implementing DLP solutions.

  • 10:30AM-11:00AMNetworking Break
  • 11:00AM-11:30AMIndustry Keynote: Information Risk Management And Data Loss Prevention
  • Speaker:  Katie Curtin-Mestre
  • Director, Data Security Group, Product Marketing
  • RSA, the Security Division of EMC
  • Information is an organization's most valuable asset. In this session, RSA's Katie Curtin-Mestre will talk about how to deploy Data Loss Prevention solutions, both individually and working in concert with each other, as part of an overall technological approach to information risk management.
  • 11:30AM-12:30PMPanel Discussion: DLP Best Practices
  • Moderator:  Bill Brenner
  • Senior Editor
  • CSO magazine
  • Panelist:  Dan Swartwood
  • Director, Information Safeguarding
  • The Walt Disney Company
  • Panelist:  Jason Stradley
  • Senior Security Advisor
  • British Telecom
  • Panelist:  Bill Boni
  • CISO
  • Motorola
  • This panel discussion, moderated by CSO senior editor Bill Brenner, will explore best practices for data loss prevention (DLP) systems, the roles of DLP, using DLP and setting up DLP systems for maximum security firepower. Panelists will share their best practices for preventing data loss and data leakage, and give you some action items you can put in place when you get back to the office.
  • 12:35PM-1:35PMLunch With Discussion Groups
  • Join a conversation and make a connection while you relax over lunch.  CSO magazine staff along with our sponsors
    will lead stimulating discussions on topics of the day. 

    DLP and ERM: Achieving Persistent Information Protection
    Facilitator:  Ed Gaudet, SVP, Corporate Development and Marketing, Liquid Machines           
     
     An integrated DLP and ERM solution delivers on the promise of persistent information protection of electronic content both inside and outside the enterprise. During this discussion, we'll compare and contrast DLP and ERM, explore several integration use cases, outline technical approaches to achieve integration, and review real-world customer requirements from leading users of both technologies.

    The Threat from Within: How Insiders Have Become Your Greatest Security Risk
    Facilitator: Bill Aubin, Vice President, Endpoint Security, SBU

    courtesy of Lumension

    Information security experts are bracing for the law of unintended consequences to swing into action in 2009 as layoffs, downsizing and low morale bring out the worst in previously trusted insiders looking to profit from proprietary intellectual property, customer contact lists, trade secrets and any other sensitive information. Many employees have admitted as much. Last December, 53 percent of survey respondents reported that if they were fired tomorrow, they would definitely take company data with them to their next employer. To neutralize the threats posed by insiders with ample motivation, IT departments have to remove the means and the opportunities to commit crimes. In this discussion, you'll learn:

    *  How employees and partners are engaging your IT assets and intellectual property
    *  The different types of insider threats
    *  Key steps to prevent insider threats within your organization
    *  How one company has effectively enabled its employees while mitigating the insider threat risk
  • 1:40PM-2:35PME-mail: Lock Down Without Locking Out
  • Speaker:  Randall Gamby
  • Independent Security Analyst
  • formerly of the Burton Group
  • E-mail is an essential avenue of communication into and throughout the enterprise. It's also a fairly common conduit for viruses and other forms of malware to get in through the side door. You can lock down your e-mail without locking out your users or potential business partners. That's a key piece of the puzzle when achieving that delicate balance between locking down and locking out.
  • 2:40PM-3:10PMBusiness Technology Briefings
  • These technology briefing sessions cover specific data loss prevention technologies, techniques and case studies. They'll provide you with options you can put into place once you return to the office.

    Guarding Against Data Loss: The Escalation of a Serious Threat
    Speaker: Simon Hunt
    Vice President & CTO,  Data Protection Business Unit
    McAfee

    Even in an economic downturn, companies have to be able to provide universal protection for their most vital asset - their corporate and customer data. It is possible to provide that level of protection in a manner that does not have a negative impact on the bottom line. In this session, you'll learn about today's biggest DLP threats, the potential impact of those threats on your organization, and DLP solutions that can fit into  your security strategy.

    Unlock the Potential of Web 2.0 While Preventing Threats and Data Loss
    Speaker: Mark Small
    Vice President, Enterprise Sales
    Websense
     
    Emerging technologies like Web 2.0 offer great opportunities for innovation and collaboration, but those opportunities come with risk. Today's Web is dynamic. User-generated content and active threats expose your employees and your organization to risks like lost productivity, regulatory non-compliance and data loss. As the CSO, you have to coach executives and business owners on the importance of using controls to mitigate risk. Therein lies the dilemma -- how can you capitalize on the opportunity presented by these new technologies while securing your organization's employees and information? During this informative session, you can learn how to do just that.


  • 3:15PM-4:00PMSafeguarding The Nation's Regulatory Environment
  • Speaker:  Marty Colburn
  • Executive Vice President & CTO
  • FINRA
  • Data from the nation's stock exchanges is a critical component in performing regulation of the financial markets. Investor confidence depends on ensuring that this data is safeguarded. This closing session will give you insight into how the security and technology executives at FINRA, the largest independent non-governmental regulator for all securities firms doing business in the United States, keep this level of data safe and secure.
  • 4:00PM-4:15PMClosing Remarks And Summary
  • Moderator:  Bob Bragdon
  • Publisher
  • CSO magazine
  • 4:15PM-5:30PMThe Windy City Cocktail Reception
  • sponsored by Websense