Thursday, September 9, 2010 --- 8:30 A.M. EST.
NOTE: This event is limited to 50 individuals. In the past we have had troubles with individuals registering for events and not attending; this wastes a lot of food and money. We expect to have a waiting list for this event. If you register for this event, please cancel your registration if you can't attend so that others can make the meeting.
Agenda:
8:30 a.m. Arrival, Check-in & Networking
8:50 a.m. ISSA message, Upcoming Events
9:00 a.m. InfraGard message
9:10 a.m. FBI priorities, Cyber Crimes and programs
10:00 a.m. Refreshment Break
10:10 a.m. Exploring Three Modern Attack Vectors
11:10 a.m. Refreshment Break
11:20 a.m. PCI – Trends and emerging requirements
12:20 p.m. concluding remarks, raffle drawing
12:30 p.m. Lunch
1:00 p.m. InfraGard member meeting
2:00 p.m. End of event, need to vacate premises
Menu
Salad
Mixed Green Salad
Baby Lettuces, Julianne Carrots & Jicama, Cherry Tomatoes with Citrus Vinaigrette Drizzle
Freshly Baked Bread and Butter
Entrée(s) - Guest's Selection of:
Arroz con Pollo
Tender Chicken Sautéed in Annatto Oil with Crisp Peppers & Onions in a Latin-style Sofrito
Flavored Rice
Pressed Cuban sandwich
Roasted Pork Loin, Cured Ham & Swiss Cheese with Mustard on Pressed Cuban Bread
Palomilla Sandwich
Sautéed Strips of Skirt Steak served with Caramelized Peppers, Onions and Chimichurri Sauce
Dessert:
Espresso Tres Leches
Creamy Sponge Cake Soaked in a Variety of Milks
Infused with Espresso & Topped with A Chocolate Whipped Cream
Coffee, Tea, Ice Tea and Soft Drinks
Presentations
There will be three speakers at this event.
1. InfraGard - FBI
A. Princessa Brown, Special Agent - Tampa Division - Orlando R.A.
B. BIO
C. Presentation: FBI priorities, Cyber Crimes and Programs
D. Presentation Abstract.
2. Accuvant, Inc.
A. Brian Serra -- CISSP, QSA, PCI Program Manager
B. Brian Serra entered the security field in 1992 and has extensive experience in the information security field including security advisory services, PCI compliance, vulnerability assessments, penetration testing, security architecture, policy development / review and hands-on implementation service. Mr. Serra has an impressive background including information security experience at Forsythe Solutions, Telenisus, Ernst & Young LLP (E&Y) and Secure Computing. While at Forsythe/Telenisus, Mr. Serra developed and delivered various offerings around PCI compliance and security vulnerability assessments. While at E&Y, Mr. Serra built the Chicago Extreme Hacking lab and provided security training for many of the industry's best security consultants. At Secure Computing, he provided product support and installations as a senior engineer. Mr.Serra is also an IRCA Certified Lead Auditor for ISO 27001 (ISMS).
C. Presentation: PCI -- Trends and emerging requirements
D. Abstract: As the pressure for organizations to become PCI compliant increases, there are a number of common myths and mistakes around this process. Brian Serra, Accuvant PCI Program Manager and QSA, will identify these myths and mistakes and how to address them.
Topics of discussion include:
Current PCI compliance statistics
Top vulnerabilities from compromised merchants
Ongoing compliance management
PCI policy and standards requirements
PCI scope reduction or elimination
What's new with PCI
3. McAfee
A. Brian Contos, CISSP - Director Global Security Strategy & Risk Management at McAfee
B. Mr. Contos has over 15 years of security engineering and management expertise. He has worked throughout North and South America, Europe, the Middle East, and Asia. At McAfee he advises government organizations and G2000s on security strategy. He has written two books including Enemy at the Water Cooler – Real Life Stories of Insider Threats, and Physical and Logical Security Convergence which he co-authored with former NSA Deputy Director William Crowell. He has delivered speeches at industry events like RSA, Black Hat, Interop, OWASP, CSI, ISACA, ISSA, InfraGard and eCrime. He is often quoted by business and industry press, and has written articles for Forbes, NY Times, London Times, Computerworld, and many others. He was formerly the Chief Security Strategist for Imperva, the Chief Security Officer for ArcSight, and has held management and engineering positions at Riptech, Bell Labs, Tandem Computers, and DISA.
C. Presentation: Exploring Three Modern Attack Vectors: Insiders, Industrialized and APTs
D. Abstract: This is an intermediate to advanced level presentation that pulls from McAfee Labs research as well as real-life customers. This is original content designed to paint a clear picture of today's threat landscape and through doing so illustrate the differences between insider threats, industrialized hackers, and advanced persistent threats (APTs).
Attacks are coming from all angles. In some cases they are very rudimentary; in others they are highly complex. Organizations must be able to protect themselves regardless, and do so in a way this is in parity with business operations, maintains employee and partner agility, and is manageable without the complexity of the solution being worse than the attack itself.
Failure to address these three different attack types can result in everything from diminished brand loyalty, regulatory penalties, and lost revenue, to stolen intellectual property, economic competitive disadvantage, and military competitive disadvantage.
Based on research from McAfee Labs and customer interactions across the globe in the public and private sector, there is much information that can be shared about these attackers and their strategies.
This will be an interactive presentation and audience questions and feedback will be solicited throughout – not just at the end, so that the audience's experiences will help to add color to the discussion.
Attendees will leave the presentation more knowledgeable about insider threats, industrialized hacking, and APTs. They will have a strong grasp of the attacker motives and understand their attack vectors. The audience will also be exposed to several non-vender, non-product specific countermeasures that they can leverage within their own organizations.
Speaker Bio:
Kevin came to security from a development and system administration background. He has many years of experience performing security services for fortune 100 companies, and in his spare time contributes to a large number of open source security projects. Kevin founded and leads the development on B.A.S.E. (the Basic Analysis and Security Engine) project. The BASE project is the most popular web interface for the Snort intrusion detection system. Kevin is an instructor for SANS, teaching both the Incident Handling and Hacker Techniques class and the Web Application Security class. He has presented to many organizations, including Infragard, ISACA, ISSA and the University of Florida.
Sponsors:
InfraGard:
Primary Business function: A professional association partnered with the FBI.
InfraGard is a partnership between the FBI and the private sector (with private sector being broadly defined to include everything that is not FBI). It is an association of businesses, academic institutions, state and local law enforcement agencies, and other participants dedicated to sharing information and intelligence to prevent hostile acts against the Critical National Infrastructures of the United States.
Accuvant:
Primary Business function: A leading IT Security Consulting Firm.
Accuvant is the only research-driven information security partner delivering alignment between IT security and business objectives, clarity to complex security challenges and confidence in enterprise security decisions. Based on our clients' unique requirements, Accuvant assesses architects and implements the policies, procedures and technologies that most efficiently and effectively protect valuable data assets.
McAfee:
Primary Business function: World's largest dedicated security technology company.
McAfee, Inc., headquartered in Santa Clara, California, is the world's largest dedicated security technology company. McAfee is relentlessly committed to tackling the world's toughest security challenges. The company delivers proactive and proven solutions and services that help secure systems and networks around the world, allowing users to safely connect to the Internet, browse, and shop the web more securely. Backed by an award- winning research team, McAfee creates innovative products that empower home users, businesses, the public sector, and service providers by enabling them to prove compliance with regulations, protect data, prevent disruptions, identify vulnerabilities, and continuously monitor and improve their security.
Fishnet Security:
Headquartered in Kansas City, Missouri, FishNet Security is a national leader in Information Security solutions, integration, and professional and managed services. Since it’s founding in 1996, FishNet Security continues to be a market leader in helping businesses, government, educational institutions, and other organizations define the true risks in their environment and deploy the right solutions and technologies to ensure the continued success of day-to-day operations and objectives. With offices spanning coast-to-coast, located in 25 US cities, and a 15,000 square foot Security Operations Center (SOC), near its headquarters in Kansas City, FishNet Security is able to provide industry leading engineers, consultants, forensic teams, educators, and account managers to all facets of businesses and organizations throughout the United States. We focus on the threat…so you can focus on the opportunity
To cancel your registration.
ISSA Central Florida, will be ordering sandwiches for all those we register. Please, help us reduce the amount of food that goes to waste, by letting us know if you can’t make the meeting. You can unregister (click here) or sending an email to Meetings with your name and email address you used when registering.