Security Directions, A Virtual Conference

Protecting Your Enterprise in a Dynamic Environment

Staying ahead of the bad guys is a challenge under any circumstances. For IT and security professionals, the current state of the global economy is forcing businesses to engage in cost-saving endeavors that increase their risk profile-risk that they must then mitigate. But for security experts, resolving one threat doesn't mean the job is done; it's a cumulative endeavor. Security professionals must maintain their ability to combat the known threats while building strategies and tools to fight the as-yet unknown vulnerabilities.

At the Security Directions Virtual Conference, IT and security professionals will hear experts discuss these and other topics, including cloud and managed security services; encryption, DLP, and data protection; application security; identity management; compliance solutions around PCI, HIPAA, Mass Breach Law, etc; and mobile solutions. Register today to be a part of this important virtual event.

Panel discussions will include:

Security in the Cloud

One of the most challenging issues facing enterprise Security environments is the advent of Cloud Computing. Offering significant Cost savings over in-house managed models, the cloud also poses a significant challenge in assuring secure computing practices that address corporate needs and regulatory compliance imperatives. The questions is not "if" your business will adopt cloud computing, the question is "when" (increasingly security executives are finding out that the "when" was six months ago)... they just didn't know.

Protecting Critical Information in Your Enterprise

At its most basic level, good information security is about controlling access to information so that the people, both inside and outside your organization, who should have access to it, can have that access... and the people who shouldn't have access to it, can't get access.
But in today's complex computing environments and even more complex business environments that is far from a simple task. You must know where your data is, what's important and what isn't, who should have access and who should not. Sounds simple enough? It's not.

Managing Roles and Identity

Identity Management has been the buzzword for the past several years as businesses have moved to address risks targeted by regulatory compliance. What better way to protect information assets than to control who has access to what? But in reality this sounds far easier than it actually is. You need to understand what data you have, where it's located, and who should have access to it.

Regulation Update: What's Important, What's New and What's Coming Down the Road

The vast majority of businesses justify the investments they make in information security by tying those investments to meeting regulatory compliance directives. The challenge is keeping on top of what regulations they need to address and the exact requirements of those regulations. If you don't have a staff of 20 attorneys at your disposal (and even if you do) it is a near impossible task. In our Regulation Update we'll hear about what regulations you should be paying attention to today and what's pending at the state and federal levels-or even internationally.

Security on the Move: Mitigating Mobile Data Risk

Five years ago most organizations would be hard pressed to identify where all of their critical information was. Today that is a vastly more difficult task. It's not just about the mobile workforce, it's about all the partners & suppliers who are walking around with your data. It's about the various form factors that mobile data travels on (laptops, USB drives, iPods, etc.) or where it ends up (internet kiosks, public computers, blackberry's etc.). Protecting your data on the move is an imperative for every organization. So what are the best practices? In this session we'll explore the challenge, the solution and the best practices.

Speakers:

Bob Bragdon, Publisher, CSO

As Publisher of CSO, the leading information resource for security, risk and privacy executives, Bob Bragdon leads all operations for the full CSO product line, including CSOonline.com, the award-winning CSO magazine, the CSO portfolio of national and regional events and theSecurity Smart Newsletter. A respected name in the both the media and security industries, Bragdon is invited to work closely with security vendors and chief security officers-in both the public and private sectors-to identify, interpret and address the challenges of today's complex security and risk management environments.

A popular public speaker, Bragdon participates in myriad industry events via face to face and webcast appearances, as well as user-group conferences for companies such as PricewaterhouseCoopers and Siemens and Johnson Controls.. Bragdon is also often quoted by major media organizations including CNN, The Washington Post, National Journal Technology Daily, and United Press International (UPI). In 2007, he was named as a 'Top Innovator' by BtoB magazine.

Prior to his role as publisher, Bragdon served as vice president of event marketing for COMDEX at Key3Media Events where he managed sales, marketing and sponsorships for the six North American Comdex events. He was also responsible for co-developing several security-focused programs and events, providing Bragdon with a first hand look at the evolving security industry. Additionally, Bragdon held various management positions in marketing, sales and product development at SOFTBANK, Ziff-Davis and Cahners Publishing.

Randy V. Sabett, J.D., CISSP, Partner in the Washington, D.C. office of Sonnenschein Nath & Rosenthal LLP

Randy V. Sabett, J.D., CISSP, is a partner in the Washington, D.C. office of Sonnenschein Nath & Rosenthal LLP, where he is a member of the Internet, Communications & Data Protection practice group and the Intellectual Property & Technology practice group. He counsels clients on information security, privacy, IT licensing, and patents, dealing with such issues as Public Key Infrastructure (PKI), digital and electronic signatures, federated identity, HIPAA, Gramm-Leach-Bliley, Sarbanes-Oxley, state and federal information security laws, identity theft, and security breaches.

Mr. Sabett is a Commissioner for the Commission on Cyber Security for the 44th Presidency and has been recognized as a leader in Privacy & Data Security in the 2007, 2008, and 2009 editions of Chambers USA: America's Leading Lawyers for Business. He has also been recognized as one of the Top 50 Under 45 by the American Lawyer's "IP Law and Business" and is listed in the International Who's Who of Business Lawyers.

Mr. Sabett teaches Information Policy as an adjunct professor at George Washington University and is on the faculty of IANS. Mr. Sabett also participates on the advisory boards of various information security start-up companies. He is also a frequent lecturer and author on issues involving information security, and has appeared on or been quoted in a variety of national media sources.

Dan Swartwood, Director, Information Safeguarding The Walt Disney Company

Dan has focused his career on data protection, privacy and intellectual property protection issues in the technological world. He is currently the Director, Information Safeguarding for the Walt Disney Company, one of the largest media and entertainment companies in the world. In this role he helps business leaders understand and manage the risk to intellectual property.

Prior to Disney, Dan and his team provided leadership to all aspects of Motorola's global Data Protection efforts. Before Motorola, he was the Data Privacy Officer at HP and the first ever Corporate Privacy Manager at Compaq Computer. Dan is one of the original Certified Information Privacy Professionals.

He is the co-author of five bi-annual proprietary information loss surveys sponsored by the American Society for Industrial Security, International, and has authored articles and speaks at national and international conferences. He holds a Master of Science degree in Strategic Intelligence from the US Defense Intelligence College.

Mark Weatherford, Director and Chief Information Security Officer, California Office of Information Security

Mark Weatherford was appointed by Governor Arnold Schwarzenegger to his position as Director and Chief Information Security Officer of the California Office of Information Security in June 2008. In this role, he has broad authority over California's cyber security activities and is responsible for state government information security program policy, standards, and procedures.

Mr. Weatherford previously served as the Chief Information Security Officer for the State of Colorado where he was appointed by two successive governors to develop and lead the state information security program. A former U.S. Naval Cryptologic Officer, Weatherford led the U.S. Navy's Computer Network Defense operations and the Naval Computer Incident Response Team and as a member of the Raytheon Company, he successfully built and directed the Navy/Marine Corps Intranet Security Operations Center (SOC) in San Diego, CA.

Mr. Weatherford holds a BS from the University of Arizona and an MS from the Naval Postgraduate School.

Paul Wilkinson, Attorney and Technology Consultant, San Diego, California

Paul Wilkinson is an attorney and technology consultant based in San Diego, California. From 2005 until 2009, he led the implementation of XBRL (eXtensible Business Reporting Language) at the U.S. Securities and Exchange Commission, initiating the agency's transition from unstructured document disclosure to structured data disclosure, and oversaw other SEC technology policies. Wilkinson's current focus is the application of technology to reduce legal and financial costs and risks.

He served on the U.S. House of Representatives senior leadership staff and as a and wire service reporter and editor and radio producer. Wilkinson is currently advising an industry consortium to standardize consumer information and a company using industry standards to authenticate business information. Wilkinson was Editor in Chief of the Pepperdine Law Review. He is a graduate of Northwestern University, where he studied economics and history and earned his degree from its Medill School of Journalism.

Chris Wolf, Senior Analyst, Hogan & Hartson LLP

Chris Wolf, who leads the privacy and data security practice group at the law firm of Hogan & Hartson LLP, is widely recognized as one of the leading American practitioners in the field of privacy and data security law. He is known to clients as a practical problem solver on issues arising from the collection use, retention, sharing, and security of personal data; as a thoughtful compliance counselor focused on risk management; and as an effective advocate on the entire range of international and domestic privacy issues.

Drawing on nearly 30 years as a litigator, Chris represents clients in all kinds of privacy and data security litigation that results from the disclosure or exposure of private information, including through data security breaches.

Chris has appeared as a speaker for the International Association of Privacy Professionals and he is a frequent television guest on privacy and related issues, appearing on PBS, NBC, MSNBC, CNN, Fox News, and others.

conference, virtual, security