Techno-Security 2003 Agenda: Sunday April 27, 2003
|
Encase Enterprise Edition - Network Enabled Forensics - Cyndy Schroeder - Product Manager, Guidance Software 11:30 AM - 1:00 PM
Based on EnCase technology that is relied upon by thousands of investigators worldwide, EnCase Enterprise Edition is the first ever network-enabled computer forensic software. As an investigator have you been faced with determining where on a network does electronic evidence reside. Is the evidence still on the machines or has it been deleted? Are you a key IT or info security member of a Computer Incident Response Team that has been asked to immediately assess the extent of an incident’s impact? How it was perpetrated and how are you are going to stop it from happening again? EnCase Enterprise Edition (EEE) provides a crucial compliment to organizations’ existing security tools of perimeter defenses, vulnerability assessments, and intrusion detection systems. Come learn how EEE completes the organization’s arsenal of defenses by fulfilling vital enterprise investigation requirements: immediate incident impact assessment, comprehensive forensic analysis, and multi-language document search capability.
PDA Forensics - Amber Schroader - Paraben 1:00 - 3:00 PM
This lecture will discuss the issues associated with PDA forensics and basic rules that can be followed to guarantee integrity of the data. Basic structure and popular security methods used on devices will be discussed. Following scenario practicals with PDAs involved will be walked through with a sample acquisition. Both Windows CE and Palm devices will be discussed as well as unique options for all types of PDA devices.
Forensic Analysis of Tape Media - Michael Cotgrove – Vice President Software Development, eMag Solutions LLC 3:30 - 4:30 PM
Tapes store an enormous amount of information and often represent a complete snapshot of all computer files at a certain date. Consequently, they must always be considered an essential part of any investigation. Unfortunately, there are hundreds of logical tape formats and without a tool such as MM/PC it may not be possible to restore, and hence investigate files from an unknown tape, or even a known tape. Automatic format determination can save many hours trying to establish the tape format. Before processing a tape, it is always best to make a working copy, i.e. an exact duplicate. A very important aspect of any investigation is to determine when files were last changed or accessed. Many tapes have this information but once the files are restored on the hard disk, these details can be accidentally changed, thus extracting the details directly from the tape ensures correct information. With the fast changing world of computers, it is essential that any tool used to help read tapes be continuously updated to match latest versions of backup programs. The presentation will discuss many aspects of forensic tape analysis, showing the possible solutions that MM/PC gives an investigator.
Network Security and Forensic Analysis - Dave Capuano, VP of Marketing Silent Runner 4:30 - 5:30 PM
In this presentation we will discuss how of Network Security and Forensics Analysis methods can unite security and IT by providing the information necessary for both deploying and maintaining network security and availability. Topics of discussion will include: Network Analysis and its value to the security process.
|
Preventing Digital Leakage - Dr. Martin Lambert, Founder & CTO, SealedMedia 12:15 - 1:00 PM
Sealing your perimeter does not protect you from insiders. The majority of current security technologies attempt to seal the perimeter of the enterprise, to protect critical information from external threats. This does little to protect that information from insiders, i.e. those capable of doing the most damage. Until the advent of document sealing technologies, which seal individual files rather than perimeters, it has been axiomatic that this is a problem without a solution, since end users must ultimately download and open digital files on their local desktop, where they are no longer secure. In Dr. Lambert's presentation he will explain how document sealing solutions can provide persistent protection, control and tracking of critical digital documents, regardless of their location, and the architectural pitfalls to look for when choosing a document sealing solution.
Database Protection: Keeping the 'Apple of your Eyes' Safe - Chad Harrington, Security Products, Director - Entercept Security Technologies 1:00 - 1:45 PM
Databases can be treasure chests for hackers. They often contain confidential information that, if disrupted or stolen, can cause severe harm to organizations. SQL injection attacks, buffer overflows, and worms are commonly used methods of accessing and manipulating data, system resources and program files to launch attacks or elevate privileges. Until we can rely on developers to write completely secure code, organizations' most critical information will remain threatened unless database security evolves and becomes a higher priority. Security-savvy organizations are realizing that constantly applying patches is not enough to provide the highest level of protection. Implementing technologies that proactively shield the most crucial database resources and configurations to avoid modification or deletion can provide an additional layer of security without incurring added complexity and administrative overhead to the security management problem.
Organizational Cost-Benefit Considerations For Implementing Biometric Systems - Dawn Alexander - Sales/Marketing Director, SecureNet Solutions 1:45 - 2:30 PM
Dawn Alexander will provide an overview of the state of the biometrics industry. She will discuss current technologies and the challenges/benefits that organizations should consider as they determine whether to implement biometric solutions. Ms. Alexander is the Co-founder and Sales/Marketing Director of SecureNet Solutions, a network security services company.
Business Defense & Disaster Recovery - Phil Drake, CBCP 2:30 - 3:30 PM
This special session will be presented by one of the most experienced Certified Business Continuity Planners in the country. Reguardless of the type of disaster, we all need to consider our recover process long before the event. Phil will describe many of the latest disaster prevention concepts for use at work as well as from home. Topics covered will include: Emergency Communications Employee Considerations Sheltering In Place S.A.M.E. Radios (As important as a smoke detector) Disaster Planning for Small-Medium Businesses Much More!
Computer Forensics Tool Testing Project - Dr. James Lyle & Doug White NIST 3:30 - 4:45 PM
The National Institute of Standards and Technology (NIST) has been around for over one hundred years. Its mission is to develop and promote measurement, standards, and technology to enhance productivity, facilitate trade, and improve the quality of life. As a result of NIST’s integrity and objectivity in meeting its mission, NIST has been requested to provide support in the area of electronic crime investigations; and computer forensic tools are a critical part of corporate and criminal investigations. The Computer Forensic Tool Testing (CFTT) project at NIST has established the means to evaluate software tools used in corporate and criminal investigations and provide the documentation that detail capabilities of a particular tool when held to specified criteria. Currently individual organizations or agencies have been conducting testing on tools that are in use by their respective investigators. However, these processes are random and due to time constraints and equipment may not cover the appropriate tool attributes. Through a national response, NIST has acquired a list of the type of tools that should be subjected to this testing and the specific tool version. NIST has established a methodology for testing computer forensic software tools by development of tool requirements specifications, test procedures, test criteria, test sets, and test hardware. The results provide the information necessary for toolmakers to improve tools, for users to make informed choices about acquiring and using computer forensics tools, and for interested parties to understand the tool capabilities. This approach for testing computer forensic tools is based on well-recognized international methodologies for conformance testing and quality testing.
Career Pathing Opportunities in IT Security - David Kim, B.S.E.E., - Chief Operating Officer of (ISC)2 Institute 4:45 - 5:30 PM
IT Security as a profession is one of the few hot topics in the IT career space given the recent downturn in the LAN/WAN/IP and telecommunications industry. Many IT professionals who matured their careers in vendor certification programs such as Microsoft and Cisco Systems are now faced with a void in IT jobs and long-term career paths. The International Information Systems Security Certification Consortium known as (ISC)2 is fulfilling this void by providing IT professionals with career pathing opportunities in the IT Security profession with their highly recognized and respected CISSP and SSCP certification credentials. This presentation will address career pathing opportunities in the IT Security profession as well as introduce the importance of (ISC)2 ’s CISSP and SSCP certification credentials and how IT professionals can migrate their current IT experience in the field of IT security. David Kim, B.S.E.E., is the Chief Operating Officer of (ISC)2 Institute, the training and content development arm of (ISC)2. Mr. Kim is responsible for all content and product development for the CISSP and SSCP certification credentials which includes training course development, online e-Learning courseware, books, and other products concentric to both certifications. Prior to joining (ISC)2 Institute, Mr. Kim was active in IT Security consulting, providing vulnerability assessments and audits and developing IT Security Strategic Plans for large commercial, government, and higher-education clients throughout the country.
|
Special Presentation 12:15 - 1:00 PM
The Human Security Hole - Building a Security-Aware Company - Marshal Postnikoff, Megafacts 1:00 - 1:45 PM
Building a Security-Aware Company Security is everyone’s business and needs to become part of the way everyone conducts his or her daily business, from the Officers/Directors, CEO, at the top on through the entire organization. Most of the focus to date on solving security problems for corporations has centered on the technology. This approach has unfortunately ignored one of the most important elements of a successful security solution – the human aspect.
Identity Theft Investigation - Stephen Pearson High Tech Crime Institute 1:45 - 2:30 PM
Online identity theft is an ever growing problem. The computer and internet has just made it that much easier to do. Online identity theft techniques will discuss the ways that people are losing their identity online. We will also discuss how the criminals are using these stolen identities online. The session will also briefly cover cyberstalking.
Proactively Identifying & Securing Your Network - Steve Branigan, CTO, Lumeta 2:30 - 3:15 PM
Network Protection: The Next Battlefield for Homeland Security - Mr. Albert E. Sisto, Chairman, President and CEO of Phoenix Technologies 3:15 - 4:00 PM
Mr. Sisto believes that electronic warfare and disruptive computing are no longer threats that only concern the government. Today, global corporations are also facing the threat of intrusion attack. Corporate network security is the next battlefield of homeland security. In corporate America, the security discussion has been "up-leveled" to the CEO. There is a new, heightened awareness of hacking; ways to prevent successful intrusion attacks are now part of our daily thinking. Mr. Sisto would discuss the danger electronic terrorists pose to homeland security, critical steps companies should take to ensure optimal network security, key characteristics of a secure network, and the various challenges faced by network security solutions in a presentation titled "Network Protection: The Next Battlefield for Homeland Security."
Anti-Piracy - Zachary Toczynski - IDSA 4:00 - 4:45 PM
Protecting Email as a Communication Medium from the Growing Threat of SPAM - Enrique Salem, President and CEO of Brightmail 4:45 - 5:30 PM
In the past 12 months, spam attacks have grown by 500%. The viability of email as a communication tool is under attack and technology must work to protect it. This presentation offers insight into the latest spamming techniques, their impact on security, productivity, customer retention, resource drain and email itself, as well as outlining the latest techniques used to fight it, both in-house and outsourced.
|
|