Loading images...
Loading images...
Loading images...

Convergence, Compliance and Cost Savings

Date Venue Presentations
Check back after this event.

Bob West, CEO and Founder of Echelon One, will deliver a keynote address about managing risk and aligning business and technology strategies. The keynote will be followed by presentations from NY Metro ISSA sponsors. Topics will include: Emerging Threats and Best Practices, A Consolidated and Virtualized Network Security Infrastructure, How Malware Is Getting Down to Business and Tales from the Compliance Edge.

After the presentations, please join us at our networking reception where you can meet other NYMISSA members and sponsors, share stories and enjoy the food & drinks.

  • Venue: Bank of NY Mellon, 101 Barclay Street, New York, NY
  • Dress Code: Business Casual

Registration and full details are now available at cvent

Session Details:

Session 1:  Keynote Address: Convergence and The Road Ahead

For organizations to effectively manage risks on enterprise level, security must be aligned with business and technology strategy. Security programs have always had human resource, compliance, legal and audit issues to take into account. All types of risk need to be understood and communicated effectively between security and the rest of the organization. In this session Bob West, CEO of Echelon One will discuss how organizations can create effective governance structures, engage the rest of the organization, manage risks consistently, and drive savings into the organization.

Session 2:  Emerging Threats and Security Best Practices
Josh Shaul, VP Product Development, Application Security Inc.

The presentation will highlight several issues related to database threats and more specifically database security, risk and compliance.  Attendees will learn how hackers and their approaches have changed in the past decade, how they continue to evolve, and how they are impacting the landscape with regard to threats to data. The session draws on several recent sources of research to illustrate how attackers are targeting data at a rate the industry has never before seen, how organizations are impacted, and how they are reacting. Attendees will then be introduced to the database security, risk and compliance lifecycle and advised of best practices that allow organizations to pragmatically secure sensitive data and ground compliance initiatives where the data lives – in the database.
The session will conclude with Database Security 101 – easily achievable first steps that can significantly improve an organizations database security posture.

Session 3:  Achieving the Promise: A Consolidated and Virtualized Network Security Infrastructure
Sanjay Raja, Senior Product Line Manager, Crossbeam Systems Inc.

More than ever, IT budgets are stretched thin. IT staff are pressured to cut costs, reduce management complexity and save resources, all while facing an increasingly sophisticated threat landscape. The rise of integrated security platforms and virtualization solutions has been a major step forward in addressing some of these problems, but many of these solutions still fail to perform effectively within an integrated multi-application security infrastructure. This presentation will highlight the core obstacles to achieving a consolidated, virtualized security infrastructure, as well as the options available to help network managers simplify delivery of security services, while still meeting their needs for performance, scalability and reliability.

Sesson 4:  Corporate IT Security: How Malware is Getting Down to Business
Roel Schouwenberg, Senior Anti-Virus Researcher, Kaspersky Lab, Americas

It’s not news that the IT security threat landscape is getting worse by the day.  In 2008 alone, the Kaspersky antivirus lab saw an 8x increase in malware.  Today’s malware imposes significant business risks due to the highly organized nature of attacks – applications, websites and social networks are all subject to attacks and vulnerabilities.  Today’s hackers are highly organized professionals with vast networks who are able to precisely target a specific division as part of a bigger enterprise to ensure the attack remains stealthy.  In fact, these attacks are so stealthy that a corporate target may not even realize his/her machine has been compromised for days, weeks or months.  During this presentation, Roel Schouwenberg, Senior Anti-Virus Researcher at Kaspersky Lab Americas, will examine what this means for the corporate environment and what organizations need to pay attention to in order to stay on top of these threats and evaluate their security approaches.

Sesson 5:  Tales from the Compliance Edge
Matthew R. Alderman, Director of Strategic Alliances at Qualys

Many organizations are tasked with meeting not one but multiple regulatory IT compliance concerns and, in effort to meet myriad complex requirements, have attempted to streamline and automate IT compliance and information security activities.  As a result of this industry trend, many IT security vendors are promoting use of their solutions as IT compliance tools for automating IT compliance processes. With the merging of IT security and IT compliance topics in software solutions, several organizations have been impacted by selecting solutions that were not applicable to their requirements. This presentation is a discussion of observations from the IT security consultant point of view and provides real world information collected from actual IT security and compliance software implementation engagements that can help enable organizations avoid mishaps that have occurred, how to evaluate the pros and cons of different approaches, and understand what best practices can be leveraged to promote success for IT security and compliance initiatives.