This page contains a Flash digital edition of a book.
TRACK SESSIONS TRACK SESSIONS
Session Classifi cations
S Strategic TF Technical Futures IT Intermediate Technical bF Business Futures
buSINESS OF SECuRITy (CONTINuED)
AT Advanced Technical ALC Advanced Legal Compliance ApD
Advanced Professional
ICpD
Individual Contributor
CTO Panel: Beyond Tomorrow
Development Professional Development
Day: Wednesday 29th October
CTOs from a cross-section of leading computer security
Start: 10.30 End: 11.30 ID: BUS-302
integrators, service and solution will provide a sense of where
buSINESS OF SECuRITy our industry is going. How is risk changing and how are security
Moderator:
solutions transforming to meet the evolving needs of large
Paul Fisher, Editor, SC Magazine
Non-implementation The Espionage Factor: Why it Must be Part of Your Day: Tuesday 28th October and small organisations? What impact will the Software (and Panelists:
issues about the
Organisation’s Security Equation
Start: 09.00 End: 10.00 ID: BUS-201
Security) as a Service (SaaS) model have? Can these solutions
Gerhard Eschelbeck, CTO, Webroot Software
security industry, such
As the nature of security threats evolves within our globalised
be better leveraged to protect the enterprise? What new security
as strategic trends,
David Drab, Principal,
Peter Tippett, CTO, Verizon Business
economy, enterprises must adapt quickly to protect their most
technologies and disruptive technologies, will have a major
fi nancing (e.g., VC
Information & Content Security Services,
Neil Murray, CTO, Mimecast
valued asset: trade secrets. To better defend against economic
impact on the industry in three years time?
investment in security
espionage, executives must consider the “Espionage Factor”.
Xerox Corporation
Services Ltd.
IT
start-ups) and broad
This session will outline how enterprises can implement a
service offerings such
predictive counter-intelligence strategy.
S
The Phantom Malice:
Day: Wednesday 29th October
as auditing and
RE
G
Hidden Dangers of Drive-by Downloads
consulting will be
Start: 11.45 End: 12.45 ID: BUS-303
discussed in this track. Bridging the Security Gap Between IT
In the last few months, McAfree Avert Labs has seen a marked increase
Day: Tuesday 28th October
N
IS
TE
OW
R
in “drive-by downloads”. Drive-by Downloads are a form of large-scale
Toralv Dirro, EMEA Security Strategist,
and Other Business Units
Start: 10.15 End: 11.15 ID: BUS-202
malware distribution that opens a backdoor for attackers to access
McAfee AVERT Labs
Click here for all
There is strong evidence that many security vulnerabilities are caused by
CL
Ulrich Lang, CEO,
ICK
H
E
R
individual PCs and corporate networks containing intellectual property
Track Session incorrect security policies and confi gurations (i.e. human errors) rather E
Co-Founder, Object Security
and sensitive information, which in turn would have a huge negative
information
than inherent weaknesses in IT systems and security mechanisms.
effect for a business’ brand and reputation. Come to this session to gain
Administrators need in-depth understanding of the security features
a greater understanding of the problem, learn about the potential risks to
and vulnerabilities of ever-changing IT ‘silos’. This is true both in service
IT
the business and receive guidance for fi nding the best solutions.
oriented architecture (SOA) and non-SOA IT environments, but agile SOA
style environments complicate this scenario even further. To avoid overly
complex, error-prone policies, mapping of enforcement to policies and DEvELOpERS AND AppLICATIONS (ConTInUED on nEXT PAGE)
confi gurations needs to be automated - such as Model Driven Security. TF
Sponsored by: Security Remodeling: Day: Monday 27th October
10 Tips for Retrofi tting Transactional Systems
Society-Wide PKIs and Mobile Signatures:
Start: 11.30 End: 12.30 ID: DEV-105
Day: Tuesday 28th October
In lean times, starting over isn’t always an option! Developers and
The Future Of Electronic IDs
Benjamin Jun, VP of Technology,
Start: 11.45 End: 12.45 ID: BUS-203 implementers who must secure legacy databases, webservers,
Europe is implementing national-scale PKIs on electronic IDs
Cryptography Research, Inc.
Bill Nagel, Analyst,
and application servers will learn about incremental changes that
for authentication to and digital signing for eGovernment and
Forrester Research
can signifi cantly improve transactional security. We discuss 10
eBanking. Maximising citizen uptake of services requires adequate
Sessions in this
improvements that improve your odds of detecting security fl aws
commercial involvement from the early stages. Mobile signatures
track will focus on
and reduce the impact of security breaches.
IT
can increase the attractiveness of an eID solution by combining
topics related to the
security with portability and convenience.
S secure development,
implementation and Locking the Backdoor: Day: Monday 27th October
Software and Security as a Service: Day: Tuesday 28th October
operation of package New Backdoor Threats in Application Security
Start: 13.15 End: 14.15 ID: DEV-106
and custom developed
The risks and the rewards
This session describes a high-level classifi cation of application
Start: 16.05 End: 17.05 ID: BUS-207
applications, whether
Chris Wysopal, Co-Founder and Chief
backdoors. It provides real world examples of application
There is much buzz around Software as a Service (SaaS).
they are legacy, Web-
Technology Offi cer, Veracode
Moderator backdoors, mechanisms they use, and strategies for detection.
Certain security services can also be delivered using the “as-a-
Jon Collins, Analyst, Freeform Dynamics
based, or other (e.g.,
It reveals new malicious code delivery techniques opened up by
service” model. This panel of security vendors and consultants
peer-to-peer). This
considers both the risks and rewards of SaaS and security as a
Panelists:
Web 2.0 as well as challenges presented by social networking
track will also include
applications and malware delivered via ad networks.
TF
service, and delivers practical advice on what organisations
Gerhard Eschelbeck, CTO, Webroot Software
sessions related to
should be thinking about today. Eldar Tuvey, CEO, ScanSafe
applied cryptography.
Peter Bauer, CEO, Mimecast Services Ltd.
Turning the Tables: Day: Monday 27th October
David Stanley, MD EMEA,
Click here for all
Online Service Security that Thwarts Your Adversary
Start: 14.30 End: 15.30 ID: DEV-107
Proofpoint
S
Track Session
Online entertainment and social networks present unique security
Greg Hartrell, Lead Program Manager,
information
challenges. Unwieldly security countermeasures can quickly ruin
Microsoft Corporation
Outsourced Applications: Day: Tuesday 28th October
users’ experience while being marginally effective at preventing
An IT Dream or Security Nightmare?
attacks. This session explores how online services can be used to
Ari Medvinsky, Software Architect,
Start: 17.15 End: 18.15 ID: BUS-208
turn the tables, giving your business or service a fi ghting chance of
Microsoft Corporation
Although outsourcing application development reduces the bottom
Jack Danahy, CTO and Founder, defending against online threats.
IT
line, what are the potential effects on organisational security? The rise
Ounce Labs
in third-party, offshore development has raised signifi cant questions
regarding the security of returned applications. This session Security Testing in Web 2.0 World Day: Monday 27th October
discusses how to incorporate software assurance into SLA’s, while
also requiring a measurable, objective review of the applications.
S
Web 2.0 has changed the game for security testing. Desktop-like
Start: 16.00 End: 17.00 ID: DEV-108
web applications with hidden attack surface, error suppression,
and rich client-side interfaces simply don’t work with traditional
Billy Hoffman, Security Researcher,
Strategies for Enterprise Data Protection
“crawl and inject fault” security testing. This session discusses the
Hewlett Packard
Day: Wednesday 29th October
techniques needed to properly test Web 2.0 applications for security
R
b
y
Across Three Continents
Start: 09:00 End: 10.00 ID: BUS-301
vulnerabilities with real-world examples and live demonstrations.
AT
RE
G
IS
TE
A new rule affects every business: failure to protect customer
Larry Ponemon, Chairman and Founder,
data and proprietary business information can lead to serious
26
TH
S
EP
T
EM
B
E
R
0
The Ponemon Institute
consequences. Learn how the cost of a data breach is quantifi ed
Dynamic Software Analysis Using Day: Tuesday 28th October
& S
A
v
E £
1
0
in the US and UK and which trends and strategies across US, UK,
Tim Matthews, VP Marketing,
Computer Forensics Techniques
Germany, and Australia are emerging to defeat these threats.
S
Start: 09.00 End: 10.00 ID: DEV-201
PGP Corporation
Despite the diffi culty of reviewing software without source code,
Peter Bayer, Technical Security
we buy a lot of COTS without further investigation. This session
Specialist, Saab Combitech
shows how a virtual environment for dynamic software analysis
IT
Register now at www.rsaconference.com/2008/europe/pb1
can reveal hidden facts before a large scale roll-out of a COTS.
by 26th September and save £100 off the Full Conference standard registration rate
Page 1  |  Page 2  |  Page 3  |  Page 4  |  Page 5  |  Page 6  |  Page 7  |  Page 8  |  Page 9  |  Page 10  |  Page 11  |  Page 12  |  Page 13  |  Page 14  |  Page 15  |  Page 16  |  Page 17  |  Page 18
Produced with Yudu - www.yudu.com. Publish online for free with YUDU Freedom - www.yudufreedom.com.