OPENING KEYNOTE (Open Session) 9:30AM

Opening Keynote Welcome and Introduction
               Kathy Wilcox, President & CEO, WSA

Dr. Whit Diffie, Chief Security Officer, Sun Microsystems Information Security at One Hundred-Timeline of Information Security Best known for his 1975 discovery of the concept of public key cryptography, Diffie spent the 1990s working primarily on the public policy aspects of cryptography and has testified several times in the Senate and House of Representatives.

CONFERENCE SESSIONS

• Putting Vulnerability Assessment into Action
• Protecting the Enterprise from Intruders
• Missing Link in Network Security
• InfoSec Strategic Planning

• Threats of the Future

• The Evolution Mandate:  Network, Operations and Security Management Convergence
• Expediting Restoration of Mission Critical Functions, or Fixing it When it Counts
• Effectively Implementing Encryption to  Protect Sensitive Stored Information
• Preparing for the Impossible:  Managing Business Risk in the Age of Terrorism

CONFERENCE FEATURE PANEL
Putting Vulnerability Assessment into Action
In this panel discussion we are going to hear from industry experts who are leveraging their deep wealth of knowledge in vulnerability assessment and creating new classes of solutions that are able to proactively protect enterprise networks.
Moderated by:
Jim Reavis, President, Reavis Consulting Group
Panelists:
Wen Tseng, VP Information Security Risk Manager, Washington Mutual
Arvin Babu. CEO, Perfigo
Peter Gregory, Chief Security Strategist, VantagePoint Security
Kip Boyle, CSO, PEMCO Corporation
Caleb Sima, CTO, SPI Dynamics
Gidi Cohen, CEO, Skybox Security

CONFERENCE FEATURE SESSIONS
Preparing For the Impossible:  Managing Business Risks in the Age of Terrorism
The tragic events of 9/11 have taught us many hard lessons. Mr. Hager former VP of Network Security and Disaster Recovery, OppenheimerFunds,  managed to survive and watch the plans that he had build be placed into action that led to restored operations less than five hours later. In this compelling address, Mr. Hager will share his personal experiences and explain the important business considerations that ensure the continuity of our business operations
Mike Hager, Enterprise Security Manager, Covestic

InfoSec Strategic Planning
The concept of information security and information assurance is on the
cutting edge of new developments in global accessibility, always-on
technology, laws/regulations, e-commerce and trusted R&D, especially at
colleges and universities.
Stanton Gatewood, CISO, University of Georgia

Expediting Restoration of Mission Critical Functions, or Fixing it When it Counts
This discussion presents a process that can be used to identify which functions are indeed critical to the organization, determine a priority for restoration of the lost function, determine the requirements and speed of restoration, and finally identify basic means to fulfill that promise
Ed Telders, Security Manager, PEMCO Financial Services

CONFERENCE SPEAKERS

Diana Kelly Stanton Gatewood Jim Reavis

Terry Ramos Joe Cupano Ed Telders

Mike Hager Dr. Herbert Thompson Greg Farris

MID DAY KEYNOTE (Open Session) 12:30PM

Francis D'Addario, VP Partner & Asset Protection, Starbucks "Protecting the Starbucks Experience Exceptionally from Origin to Cup" Francis D'Addario will share his team’s operating mission of ‘Protect people. Secure Assets. Contribute margin. Support mission'.

PEER TO PEER ROUNDTABLE SERIES                          Hosted by: (Invitation Only)
BUSINESS CONTINUITY- Expecting the Unexpected      Moderated by:  Michael Ness, Director Corporate Security & Risk Management    Sponsored by: CSO, CISO - Roles and Challenges     Moderated by:  Stanton Gatewood, CISO, University of Georgia    Sponsored by: SECURE IDENTITY MANAGEMENT      Moderated by:  Russell Jones, Partner, Deloitte    Sponsored by:

INDUSTRY EXPERT PANELS (Open Session) 1:30 PM

Identity Management- Managing Secure Access
Managing secure access to applications, services, and facilities is becoming an increasingly critical business need. Relative to meeting this need, what are the most significant Identity Management technology gaps and how will the industry evolve to close them?
Moderated by:
Agnes Kirk, Enterprise Security Services Manager, Dept. of Information Services, State of Washington
Panelists:
Terence P. Brown, President and CEO, Caymas Systems
Tony Fascenda, CEO, CTO, KoolSpan
Raj Rayru, Identity Management Technology Manager, Washington Mutual
Leif Sundeen, Product Manager, RSA Security
David Frogel, Director, Business Development, Courion Corporation

             

Patch Management
System administrators race to apply security patches before hackers can take advantage of newly discovered vulnerabilities. Due to the critical nature of these patches, they have to be applied quickly and securely.  Which criteria should you look for? What should you look at? On what timeline? At what cost?
Moderated by: 
Ernie Hayden, Manager, Enterprise Information Security, Port of Seattle
Panelists:
Wyatt Banks, Senior Systems Engineer, NetIQ Corporation
Gary Stowell Ph.D., VP Business Development/Product Management, St. Bernard Software
Don Leatham, Director of Marketing, PatchLink
Kevin Kin, Principal Systems Engineer, Symantec Corporation

 

FUNDAMENTALS OF SECURITY (Open Session)

• Security vs. Mobility:  Mobilizing the Enterprise - 10:30AM - 11:00AM
• SPAM:  How They Do It and What You Can Do To Stop It - 11:15AM - 11:45AM
• Securing the Middle:  Defending against the new breed of application-level attacks - 12:00PM - 12:30PM

Expert Presentations cover the essential elements required when protecting people and assets in your organization

CONFERENCE KEYNOTE BREAKFAST - 7:30 am
(Conference Attendees and ISSA Members Welcome )

Hosted by:

Welcome and Introduction - 8:00 am
Michael Ray, President, ISSA Puget Sound Chapter

Keynote Speaker - 8:15 am

Kirk Bailey, CISO, City of Seattle "Mischievous Musings and about a Career Gone South" ”Nobody told me that being a security professional would be easy.  On the other hand, nobody ever warned me about it becoming an absurdity."

Forensics Panel Discussion - 9:30 am

"Digital Forensics in the Corporation:  How should companies handle forensic investigations?" Moderated by: Peter Stephenson, Director of Information Assurance Center for Regional & National Security, Eastern Michigan University Panelist: Philip Conrod, Director Global Information Security, PACCAR Alan Moe, Security Engineer, Premera Blue Cross Dave Dittrich, Senior Security Engineer, University of Washington Gordon Ross, President an CTO, Battiture, Inc.

CONFERENCE SESSIONS

• Credit Card Fraud & Identity Theft
• Next Generation Approach to Risk Management
• What Physical Security & IT Have to Offer Each Other
• Mitigating Threats
• Towards a Virus Free Campus
• Exposure Through the World Wide Web
• Host Application Security for Linux

CONFERENCE FEATURE CASE STUDIES
"Towards a Virus Free Campus"
How Temple University staff created a campus-wide culture of awareness to mitigate security threats. History, The Plan, Awareness, Training and the Acid Test.
Ariel Silverstone, CISO, Temple University

Convergence:  What Physical & IT Have to Offer Each Other
Case study material (Cisco, First Data Corp, Zenith, National Insurance and others) shows how companies are building integrated security programs into the business processes and controls of their organizations, and getting an improved ROI for both their security and IT expenditures.
Ray Bernard, PSP, Principal Consultant, Ray Bernard Consulting Services (RBCS)

CONFERENCE FEATURE PANEL
Credit Card Fraud and Identity Theft
A panel discussion to explore systems and techniques that may help minimize your companies online exposure to Credit Card Fraud and Identity Theft
Moderated by:
Michael Ness, Director Corporate Security & Risk Management, GiftCertificates.com
Panelists:
Detective Michael Cate, Bellevue Police Department, Financial Crimes Unit
Ravila White, Information Security Coordinator, Bill & Melinda Gates Foundation
Paul Du Frense, VP & Fraud Program Manager, Enterprise Risk Management Division, Corporate Security, Washington Mutual

 

CONFERENCE RESEARCH SESSION
Next Generation Approach to Risk Analysis & Management
Forensic Analysis of Risks in Enterprise Systems (FARES^sm)
FARES^sm is the result of four years of university research, peer-reviewed publication and successful field trials in a financial organization.
Peter Stephenson, Director of Information Assurance Center for Regional & National Security, Eastern Michigan University

CONFERENCE SPEAKERS

Michael Ness Ray Bernard Adam Thomas

Peter Stephenson Ariel Silverstone Crispin Cowan

Michael Eddington Anthony Rocca Adam Thomas

PEER TO PEER ROUNDTABLE SERIES                                            Hosted by: (Invitation Only)
PRIVACY & REGULATORY COMPLIANCE Moderated by: Marc R. Menninger, CISSP, Senior Information Risk Manager, PEMCO Corporation Sponsored by:  PHYSICAL & DIGITAL SECURITY CONVERGENCE Moderated by:  Ed Telders, Security Manager, PEMCO Finanacial Services Sponsored by:

INDUSTRY EXPERT PANELS (Open Session) 12:30PM

IDS vs. IPS Industry Expert Panel
Panel of experts discuss issues around the Intrusion Detection and Prevention predicament that everyone using either is confronting.  Is IPS marketing hype?  Is IDS dead?
Moderated by: 
Ariel Silverstone, CISO, Temple University
Panelists:
Don Brooks, Manager, Security Practices, Sana Security
Hezi Moore, CTO, Reflex Security
Darren Rogers, Senior Systems Engineer, TippingPoint Technologies
Byron Cleary, Senior Security Engineer, Lancope
Frank Simorjay, Senior Security Sales Engineer, NFR Security
Peter Schawacker, IPS Technical Evangelist, McAfee
Robert L. Geiger, Sr. Director, Product Development, Symantec

FUNDAMENTALS OF SECURITY (Open Session)

• Protecting and Simplifying Application Access - 9:15AM - 9:45AM

• Elements of a Successful Patch Management Strategy - 10:00AM- 10:30AM

• Addressing the Root Cause of Network Insecurity- 10:45AM - 11:15AM
• Live Web Hacking Demo: Top Web Application Attack Methods and How to Combat Them - 11:30AM - 12:00PM

Expert presentations on the essential elements required to secure people and assets in your organization.