|
|
|
|
Loading...
|
|
| |
|
|
|
advertisement
Loading...
|
|
|
|
|
|
|
 |
|
Click here to register! |
 |
| | |
| |
 | | |
|
New
Perspectives on the Threat Landscape |
|
07:00 |
ARRIVAL & REGISTRATION |
|
08:30 |
OPENING & WELCOME
|
|
08:45 |
 The Economics of
Information Security: Ten trends you should know about
Bruce Schneier, Founder/CTO, BT Counterpane Internet Security
Acclaimed author and security guru, Bruce Schneier, takes his cue from economics to explain why security so often fails, and offers new solutions for security success. |
|
10:00 |
How
to destroy your organisation overnight - without breaking the law
Toby Stevens, Director,
Enterprise Privacy Group (UK)
In this lively presentation, Toby provides straightforward, practical advice that you can apply immediately within your organisation, to protect it from a privacy disaster. |
|
10:40 |
TEA BREAK & NETWORKING |
|
11:10 |
The
weakest link
Simon Perry, Vice
President, Security Strategist, CA International
Are your staff and your customers your biggest asset or biggest security liability? How do we reconcile these alternate views of reality, and what does it mean for the future of IT, and of IT’s role in the business? Simon will examine current security trends, including remote working, integrated networks, and identity management and shared services in the context of these questions. |
|
11:50 |
Organised
crime & the Internet
Greg Day, Senior Security
Strategist, McAfee
Greg, a recognised evangelist in the security industry and security analyst at McAfee, takes a look at the threats, tools and opportunities that organised crime is exploiting and the implications for business. |
|
12:30 |
LUNCH & NETWORKING |
| |
|
TRACK 1: |
| Privacy,
risk, compliance & governance (management) |
| The growing number of new and emerging privacy regulations and laws in the past few years is staggering, and security and privacy professionals must often address these issues ancillary to other job responsibilities. This track will cover some of the most pressing and current compliance, privacy, governance and risk management issues, as well as the appropriate organisational policies and practices to be effective and the latest in forensic tools and techniques. |
|
13:30 |
INTRODUCTION TO TRACK
Craig Rosewarne |
|
13:35 |
Information
governance framework
John Aisien, VP of product management, Oracle Fusion Middleware, EMEA |
|
14:10 |
How
to audit the hidden success factors of information security in your
business
Maiendra Moodley, technical
security advisor, South African Reserve Bank
Most organisations adopt accepted security and governance frameworks, hire competent staff and express vocal support for the need for information security, but it remains that a number of security initiatives still fail to deliver. Why? In this presentation, Maiendra examines some of the 'hidden' critical success factors that organisations should ensure are entrenched. |
|
14:45 |
Fraud
analysis in real time
Maeson Maherry, business development director, L@w Trust
ID theft and impersonation (read phishing attacks) are running rife, and simple security measures are not solving the problem. Maeson will look at the sophistication of the threat and the shortcomings of authentication-only approaches, and then look at the patterns that need to be recognised in order to stop these attacks. |
| |
|
TRACK 2:
|
|
Architecture,
Infrastructure & Defenses (Technical) |
| This technical track is designed primarily for security administrators and architects who are more hands-on. It focuses on more efficient ways to protect corporate assets from unwanted intrusion and takes a hands-on look at the different facets of information security architecture and infrastructure requirements, with practical advice for planning, deploying and securing enterprise solutions |
|
13:30 |
INTRODUCTION TO TRACK
Paul Furber |
|
13:35 |
Beyond
the perimeter
Nick Lowe, regional director, Check Point
Today an enterprise needs many different vendors to provide protection for the infrastructure. This often results in many different vendors, with many different views on management and ultimately, an unmanageable environment that costs a fortune! In his presentation, Nick will explore the emerging topics of data security and how an enterprise can re-gain control of operations and costs. |
|
14:10 |
Drawing
blood from a stone
Haroon Meer, technical
director, Sensepost
SensePost has compromised literally hundreds of networks around the globe over the past few years. During this talk Haroon will go step-by-step through a few case-studies, showing how little gaps in security lead to huge compromises, and will try to share some of the thinking behind such compromises. He will also discuss some of the custom tools built during these engagements (and, for the lazy, make the tools available for download). |
|
14:45 |
Secure
routing – where unified threat management and networking converge
Trevor Dearing, enterprise solutions manager, EMEA, Juniper Networks
In this session, Trevor will explore the opportunities for enterprises to drive down costs, improve overall security and simplify both security and network management. through secure routing, without compromising performance and functionality. |
| | |
|
TRACK 3:
|
|
Threat Assessments, Attacks
& Countermeasures (Technical & Business) |
| This
track offers fresh insights into countermeasures and emerging threats,
covering the key issues behind anticipating the challenges. It explores,
from a threat management perspective, the challenges and steps to be
taken to defend your networks, recognise attacks, and take appropriate
countermeasures. |
|
13:30 |
INTRODUCTION TO TRACK
Jon Tullett |
|
13:35 |
The 24
hour vulnerability to malware lifecycle
Craig Stabler, technical
specialist, IBM Internet Security Systems (ISS)
In his presentation, Craig will review the tools and techniques used by X-Force to create attacks in collaboration with government agencies, industry consortia and software developers. |
|
14:10 |
The art of evasion – IDS/IPS
circumvention
Nithen Naidoo, Security Consultant, Enterprise Risk Services - Security
and Privacy Services, Deloitte & Touche
With IDS and IPS solutions being more widely deployed, attack simulation teams have had to adapt methodologies to assess and circumvent detective controls. In his presentation, Nithen will cover techniques and tools developed during a research project into IDS / IPS evasion. He will briefly introduce the audience to the history of IDS / IPS solutions, before assessing and comparing different types of IDS / IPS technologies. |
|
14:45 |
e-Mail
and the Internet: tools or threats?
Mike Hibbert, director of
Africa and Middle East, Marshal
Mike Hibbert, director of emerging markets at Marshal, explores the implications and potential cost to your business and your company’s reputation of not protecting your employees against exposure to inappropriate materials. He will discuss the threats, what measures you can take to protect yourself and your company; how you can enforce e-mail and Web usage policies; and prevent malicious or inappropriate content from being e-mailed or accessed via the Web. |
| | |
| 15:20 |
TEA
BREAK & NETWORKING |
| 15:40 |
What is Microsoft
planning to do about security?
Fred Baumhardt, security
technology architect, Microsoft Corp. |
|
16:20 |
The
Doom Session Panel: Moderated by Bruce Schneier
Microsoft, Symantec, McAfee,
Fortinet, Sensepost, CA |
|
17:00 |
Cocktails
& Networking |
|
|
 | | |
| |
|
07:30 |
ARRIVAL & REGISTRATION |
| 08:30 |
OPENING & WELCOME
Conference chairman: Jeremy Maggs,
SAFM |
| 08:45 |
VoIP
encryption in a surveillance society
Phil
Zimmermann, creator of Pretty Good Privacy |
| 10:00 |
Security in
a changing threat landscape
Graeme Pinkney, head of threat
intelligence, EMEA, Symantec
Graeme will review the major IT security threats in a changing
threat landscape, their implications and the best way to combat them. He
will draw a comparison between the local market and other first-world
countries, and critically assess the future viability of SA's
technological development in light of these challenges. |
| 10:40 |
TEA
BREAK & NETWORKING |
| 11:10 |
When
vendors attack: avoiding bad security practice by hitting the panic
button
Dr Naveed Moeed, Technical Consultant (MEA), RSA, The Security
Division of EMC
Naveed draws from industry experience and ISC2 best practices, as he engages in a frank and real discussion of the pitfalls and recommendations in implementing a holistic information and identity management strategy. He places particular emphasis on the new-style of information-centric security approach and focuses on encryption, PKI, key management and, in particular, building encryption into the application and storage level. |
| 11:50 |
That’s
really not the point! Separating fact, fiction and the totally
irrelevant
Charl van der Walt and Haroon
Meer, Sensepost
How dangerous are zero-day attacks to your business? How useful is your corporate firewall? How import is SSL on your Web site? Does it really matter how many vulnerabilities your scanner checks for? Using real-life examples and live demos, Charl and Haroon will demonstrate why many of the statements used most often in security advertisements just don't matter that much at all. |
|
12:30 |
LUNCH
& NETWORKING |
| | |
|
TRACK 1: |
| Privacy,
risk, compliance & governance (management) |
| The growing number of new and emerging privacy regulations and laws in the past few years is staggering, and security and privacy professionals must often address these issues ancillary to other job responsibilities. This track will cover some of the most pressing and current compliance, privacy, governance and risk management issues, as well as the appropriate organisational policies and practices to be effective and the latest in forensic tools and techniques. |
| 13:30 |
INTRODUCTION TO TRACK
Craig Rosewarne, Information
Security Group of Africa |
| 13:35 |
How
Volkswagen protected itself
Pierre Hardoin, sales specialist
identity management, BMC Software
How well your business manages its identity information directly impacts your organisation’s performance. Pierre reviews the requirements and steps taken by Volkswagen, which expects to save between €5-10 million per year since installing new access and identity management tools at its worldwide data centres. |
|
14:10 |
Computer
forensics & electronic discovery: What you really need to know!
David Oswald, director, Forensic Restitution
Taking a look at case law from both South Africa and overseas, David will tackle the important questions management need to consider when it comes to computer forensics and e-discovery. In particular, he focuses on questions to be raised in obtaining ‘Anton Pillar’ type orders, the restrictions that need to be placed on the computer forensic personnel when the documents may be reviewed, and the role of keywords when obtaining evidence files for the review of data. |
| 14:45 |
Head
or tails? Making sense of the information security standards lanscape
Johan Botha, managing director, Analytix
Johan will analyse the important business drivers for information security today, and bring some clarity to the confusing information security standards landscape, eg, ISO 17799, ISO 27001, COBIT, ITIL, NIST etc. He will provide insight into how ‘best practice’ could be applied to ensure the successful adoption and implementation of these information security standards and frameworks. |
| | |
|
TRACK 2: |
|
Architecture,
Infrastructure & Defenses (Technical) |
| This technical track is designed primarily for security administrators and architects who are more hands-on. It focuses on more efficient ways to protect corporate assets from unwanted intrusion and takes a hands-on look at the different facets of information security architecture and infrastructure requirements, with practical advice for planning, deploying and securing enterprise solutions |
| 13:30 |
INTRODUCTION TO TRACK
Paul Furber, ITWeb |
| 13:35 |
Building
an enterprise security architecture
Luc Billot, security consulting engineer, Cisco
During this session, Luc reviews what an solutions an enterprise should implement in order to build a Secure Network - from the existing security features available on routers and switches to more advanced security appliances. |
| 14:10 |
 Building
secure applications & securing SOA
Johann van der Merwe and Yusuf
Moosa Motara, consultants, Security & Privacy Services Group, Deloitte
& Touche
In this joint presentation, Johann and Yusuf will walk delegates through common application requirements and the corresponding design and implementation decisions that should be made during the development of secure applications. They also take a close look at the major security challenges enterprises will face on their way to a successful service oriented architecture (SOA) implementation.
|
| 14:45 |
Securing
large IT projects
Marinus van Aswegen, founder,
Telic Consulting
Securing a large ERP implementation can be a formidable task for both IT and business. Security is often not designed in, but rather bolted on once the project has gone live, making it even harder to secure. In this session, Marinus will explore the various approaches to securing such projects and how risk modelling techniques can assist in identifying the actual security risks. |
| | |
|
TRACK 3:
|
|
Threat Assessments, Attacks
& Countermeasures (Technical & Business) |
| This
track offers fresh insights into countermeasures and emerging threats,
covering the key issues behind anticipating the challenges. It explores,
from a threat management perspective, the challenges and steps to be
taken to defend your networks, recognise attacks, and take appropriate
countermeasures. |
| 13:30 |
INTRODUCTION TO TRACK
Jon Tullett, Unwired |
| 13:35 |
Mobile/wireless
security do's and don'ts
Gary Middleton, general manager
security solutions, Dimension Data
In separating fact from fiction, Gary examines some of the common
wireless and mobile security challenges for business today, and proposes
step-by-step solutions to plug the holes between the user, the airspace
and the wired infrastructure. |
| 14:10 |
 Patching
on the wire: Effective solution or compromise?
Andrew Ochse, senior product
manager, SecureData
Andrew reviews the new threat landscape and how it is significantly different from what organisations faced previously, as well as the technology and philosophy approach behind patching on the wire.
|
| 14:45 |
Asset-based
threat management
Logan Hill, business unit
executive: security & availability, Faritec
Logan argues the case for threat management as a repeatable function/service, one that provides for a mechanism whereby the executives of the business can be assured that the services and information transaction flows, and which generates the businesses revenues, are adequately protected. |
| | |
| 15:20 |
TEA BREAK & NETWORKING |
| 15:40 |
The
Future of Network Security: How security platforms will transform
networking
Richard Stiennon, Chief
Marketing Officer, Fortinet
Imagine the ultimate secure network: No bad traffic, no viruses, no worms, no spam, no attacks, no bad guys and no inappropriate use. Utopia or reality? Richard takes a closer look at the future of network security and how, in his opinion, security platforms will transform networking as we know it. |
| 16:20 |
The
Jericho Forum: Delivering the de-perimeterized future
David Lacey, Jericho Forum |
| 17:00 |
CONFERENCE
CLOSING - DAY 2
Craig Rosewarne, Information Security Group of Africa |
| | | |
|
|
|
 |
NINE
must-read security books are up for grabs
You could be one of 10 lucky
delegates to win one of the following must-read security books that are up
for grabs in the Intersoft lucky draw at the 2007 Security Summit.
- Computer Security 2/e: 20 Things Every
Employee Should Know (2 copies)
- Computer Forensics Jumpstart (1 copy)
- Secrets of Computer Espionage (1 copy)
- Anti-hacker toolkit (1 copy)
- Hacking Exposed 5th Edition (1 copy)
- Hacking Exposed: Web Applications 2nd
Edition (1 copy)
- Security and Usability (1 copy)
- Art of Deception (1 copy)
- Art of Intrusion (1 copy)
Click here for more information on these books
|
|
|
|
|
|
| |
|
|
|
|
Speaker
documentation |
|
Conference
delegates click
here to access the speaker documentation. |
|
| |
|
Endorsed by |
 |
| |
|
EVENT SPONSOR |
|
 |
|
SecureData is a specialist value-added distributor of perimeter,
application, network, and endpoint information security and risk
management solutions. SecureData's security and risk management
solutions include best-of-breed business continuity, secure content and
threat management solutions, devices and appliances for the perimeter,
data centres, network, endpoints, messaging and Web. |
|
|
PLATINUM SPONSORS |
|
|
For
close on three decades, Oracle has built a reputation for delivering
many of the industry's most secure solutions.
Enterprises today rely on Oracle to meet their information protection
and security needs — for both Oracle and non-Oracle systems. Oracle
ensures security inside the data centre and beyond, spanning the
database, middleware, and business applications.
Also sponsor of Executive CIO Roundtable |
|
|
|
|
GOLD SPONSORS |
|
|
|
SILVER
SPONSORS |
|
|
|
BRONZE SPONSORS |
|
|
|
DISPLAY
SPONSORS
|
|
|
|
NOTEBOOK
SPONSOR
|
|
|
VIP
LOYALTY CARD SPONSORS
|
|
Card sponsor |
|
|
|
VIP loyalty card supplied and
printed by:
|
|
|
|
|
|
|
|
|
|
