CONFERENCE SESSIONS 12 CPE Credits Includes Two Day Conference Pass, Conference Sessions, Keynotes, Vendor Presentations, and Lunch

March 25, 2009

March 26, 2009

The OWASP Security Spending Benchmarks Project Dr. Boaz Gelbord, Executive Director, Information Security, Wireless Generation The Process to Achieve Business Alignment with Security Joe Nelson, Senior Consultant, Security Executive Council John A. Ekberg, Emeritus Faculty, Security Executive Council Security under Crisis Conditions Michael Corby, Consulting Director, M Corby & Associates, Inc. Your Business Contingency Plan Needs To Incorporate Alternative Fuels Charles Cresson Wood, Independent Information Security Consultant Don’t Lose Your Security Head in the Cloud David Sherry, CISO, Brown University 201 CMR 17.00: Identity Theft and the Commonwealth of Massachusetts Dennis Huamán, Board member and Breakfast Meeting Chairman, ISACA Boston Chapter Building a “World Class” Enterprise Information Security Program John R. Schramm, SVP, Enterprise Information Security, Fidelity Investments Corporate Incident Response - Packaging a Digital Evidence Case for Law Enforcement Det. Lt. John J. McLean, NEMLEC Computer Crime Unit, Medford Police Department Trends in Cell Phone Forensics Thomas Ralph, Chief-Cyber Crimes Division, Massachusetts Attorney General’s Office Christopher W. Kelly, Assistant Attorney General-Cybercrime Division, Office of the Attorney General The Cost of a Data Breach Jim Cusson, Director of Security Development Services, Commonwealth of Massachusetts Timothy Guerriero, Director of the Security Vulnerability Monitoring & Remediation Management Group, The Commonwealth of Massachusetts Incident Management Response: The Importance of a Good Plan of Action Chris Glebus, CBCP, VP, Corp Continuity & Client Services, State Street Corporation Panel Discussion: Information Security- Cheap but Good Anne Oribello, Senior Information Security Analyst, Genzyme Corporation Panelists: Terri Curran, Director of Corporate Information Security Services, Bose Corporation Michael J. Corby, Consulting Director, M Corby & Associates, Inc. David Sherry, CISO, Brown University Panel Discussion: Risk Management for the 21st Century David Dumas, Director of Network Security, Verizon Network and Technology Panelists: Candy Alexander, Chief Information Security Officer, Long Term Care Partners, LLC Lori Adamo, President, Code Red Business Continuity Services, LLC Ken Patterson, CISO, Harvard Pilgrim Health Care Scott W. Emery, Managing Director & Partner, i-fact@nalysis

How to Become a More Successful Information Security Professional Thomas R. Peltier, Security Sage The Frugal ISO Morey Straus, Information Security Officer, NHHEAF Network Organizations Leilani Lauger, Information Security Officer, Loyola University Chicago Recent Developments in Data Security Laws David Goldstone, Partner. Goodwin Procter, LLP. How to Evaluate Desktop PII Scanners David Escalante, Director of Computer Policy & Security, Boston College Are You or Your University Prepared? John P. Tommaney, Director of Emergency Management and Preparedness, Boston College Security Compliance Program on a Shoe String Budget Candy Alexander, Chief Information Security Officer, Long Term Care Partners, LLC Data and Compliance at Risk: Assess and Address Your Organization’s Data Security Needs Mike Spinney, Senior Privacy Analyst,The Ponemon Institute Identity and Access Management Mitigates Risks During Economic Uncertainty Andras Cser, Senior Analyst, Forrester Making Sense Out of Log Data Paul Scheib, CISO, Children's Hospital Boston An FBI CyberCrime Briefing FBI- Boston Division Panel Discussion: Security Leadership-The Evolution from Securing Technology to Securing Information Joe Nelson, Senior Consultant, Security Executive Council John A. Ekberg, Emeritus Faculty, Security Executive Council Panelists: David Dumas, Director of Network Security, Verizon Network and Technology David Escalante, Director of Computer Policy & Security, Boston College Jim Cusson, Director of Security Development Services, Commonwealth of Massachusetts Panel Discussion: Business Impact Assessments and Their Security Implications Michael Corby, Consulting Director, M Corby & Associates, Inc. Panelists: Lawrence Robert, Director of Business Continuity, Sun Life Financial John McWilliams, Consultant, JH McWilliams and Associates Panel Discussion: Legal Developments in Network Security & Data Privacy Robert J. Scott, Managing Partner, Scott & Scott, LLP Panelists: Paul Paray, Senior Vice President, Willis HRH Jon Murphy, Special Agent, United States Secret Service Michael Pickett, Special Agent, United States Secret Service

OPEN VENDOR SESSIONS
(Complementary Vendor Presentations and Industry Panels)

Industry Expert Panels

March 25, 2009

March 26, 2009

Saving the Endpoint by Keeping the User in Mind	Network Access Controls—Is it Time to Jump on the Bandwagon?
PCI DSS—More than Just Compliance	Data Protection—Standing Your Ground to Protect Your Information
Regulation 201 CMR 17.00 - Applicable Technologies to Ensure Compliance

Presentation Theater
March 25, 2009	March 26, 2009

Five Reasons Why You Should and Should Not Deploy 802.1X Right Now Presented By: Steve Pettit President/CTO	A User-centric Approach to Enterprise-wide Data Protection Presented By:
Raising the Bar: Outsourcing Security to Increase Operational Maturity Presented By: Dan Ritari, V.P., Deluxe Ed Bassett, CIBER, Security thought leader