Effectively addressing and coordinating Privacy and Information Security initiatives has moved to the top of the list for companies maintaining customer and employee information. However, there are often gaps in communication and collaboration between Privacy and Information Security activities. These gaps create more complexity and bigger challenges for companies to handle, as well as putting the organization at greater risk for incidents, along with contractual and regulatory noncompliance. Successful Privacy and Information Security programs collaborate together to ensure effective controls are integrated throughout the enterprise. This two-day workshop addresses key focus areas for effective collaboration between Privacy and Information Security groups. This workshop will provide knowledge and tools (supported by case studies) that can be used immediately to help business leaders successfully meet these complex and difficult challenges.
Course Outline
Day 1: Foundation Areas
Information security and privacy trends
Privacy overview and frameworks in use today
Information security overview and frameworks in use today
Laws and regulations
Strategic planning and roadmaps for both security and privacy
Day 2: Collaboration Areas
Policies and procedures
Risk assessments and methods
Business partner privacy and security program reviews and methods
Incorporating privacy and security within applications and systems development
Privacy and security incident response
Who Should Attend
This course is intended for CISO, CSO, CPO, CIO, Legal Counsel, Director, Manager, and IT Audit Director and Manager levels.
You Will Learn
Knowledge and tools to effectively collaborate, build, and/or enhance your Privacy and Information Security program
A ready-to-use and customizable information security and privacy program planning toolkit and framework
An information security and privacy program maturation assessment toolkit and roadmap visual aid
Privacy impact assessment worksheet
A ready-to-use vendor security and privacy program assessment and due diligence toolkit
Other useful tools that you will be able to use immediately upon your return to the office
Christopher Grillo, CPA(inactive), CISM, CISA, CIPP, ITIL is the Director of Information Security for Medica Health Plans. Chris is a business focused and technically adept leader with over 15 years of experience in information security, privacy, risk management, audit, and IT consulting in various industries. Chris has a proven track record of implementing and maintaining effective Information Security programs in various industries.
Prior to joining Medica, Chris was the Director of Information Security at Pearson Education where he led the global Information Security Program. Chris also held Information Security management positions at highly diverse and regulated companies with business operations in energy, auto, finance, and software development. In addition, Chris served as Sr. Principal Consultant at Guardent and Canaudit, where he led comprehensive information security and privacy engagements.
Chris is the author of several seminars such as: Handling Complex and Difficult Privacy and Information Security Issues, Enterprise Security Management, Security Awareness, Acquiring Information Security Tools, and Auditing System Development. He has published several articles and has been quoted in popular magazines such as InformationWeek, Computerworld and the CSI Alert.
Chris is an active member in various Information Security and Audit Associations, Privacy groups, and has served as chairperson of the Computer Security Institute (CSI) Advisory Council. Chris can be reached at christopher.grillo@medica.com or csgrillo@gmail.com.
Rebecca is an information privacy, security and regulatory compliance consultant, author and instructor with her own business, Rebecca Herold, LLC, and over 17 years of experience. Rebecca is authoring her 11th book, and is the editor and primary author for the "Protecting Information" quarterly subscription security and privacy awareness multi-media publication. Rebecca has authored chapters for dozens of books and over one hundred published articles. In 2007 Rebecca was named a "Best Privacy Adviser" by Computerworld magazine and one of the "Top 59 Influencers in IT Security" by IT Security magazine. Rebecca is an Adjunct Professor for the Norwich University Master of Science in Information Assurance (MSIA) program. Rebecca is a frequent speaker and has been quoted in dozens of publications. Rebecca can be reached at http://www.privacyguidance.com, her blog at http://www.realtime-itcompliance.com, and rebeccaherold@rebeccaherold.com.
Risk assessment is viewed by many organizations as a long and complicated process.
This two-day workshop will dispel that myth and provide the attendees the methods and tools required to complete a quality risk assessment for their own organizations (using an industry standard process) in five days or less.
During the training, the students learn the components of the risk assessment process and how they can be effectively used within each organization. The strengths and weaknesses of creating a threat list by brainstorming, checklists or other means are discussed. The results are then reviewed to determine how they can be modified to meet the students' specific needs.
The focus of the class is to review the current laws and standards (NIST, OMB, FISMA, FFIEC, ISO 27002, GLBA, HIPAA, SOX, ITIL, PCI DSS and others) and then learn how to map them to the student's own organizational requirements.
At the end of the workshop, the attendees will take away a thorough understanding of the risk assessment process, the tools they need to perform the task at their own organization, examples of threat lists, sample control lists and a management summary letter template and other valuable tools.
Course Outline
This Qualitative Risk Assessment course addresses the following tasks:
How the risk assessment process works
Using Heat Maps to determine levels of risk
Mapping legal and regulatory requirements to establish a baseline set of controls
Using GAP analysis to establish risk assessment quality
Risk mitigation techniques
Final documentation requirements
Who Should Attend
Enterprise risk management
IT Risk management
Audit
Business Continuity Planning / Disaster Recovery Planning
Information Security
Applications development
Business planning
You Will Learn
Risk Management basics
Project Impact Analysis: the due diligence portion of project management
Risk Assessment: documentation of how management meets its fiduciary
Risk Mitigation: using key concepts to reduce identified risk to an acceptable level
Compliance checking and vulnerability assessment
The required knowledge and ability to provide effective risk management and consulting for your organization
Speaker - Thomas Peltier, President, Thomas R. Peltier Associates, LLC
Tom Peltier has been an information security professional for over thirty years. During this time he has shared his experiences with follow professionals and because of his work has been given the 1993 Computer Security Institute's (CSI) Lifetime Achievement Award. In 1999 the Information Systems Security Association (ISSA) bestowed its Individual Contribution to the Profession Award and in 2001 he was inducted into the ISSA Hall of Fame. Tom was also awarded the CSI Lifetime Emeritus Membership Award. Over the past decade, Tom has averaged 4 articles published a year on various computer and information security issues, including developing policies and procedures, disaster recovery planning, copyright compliance, virus management and security controls. He has had six books published on policy development and risk assessment. He co-authored four other information security books. He continues to speak and teach information security courses throughout the world.
This fast-paced one-day hands-on workshop will provide you with exposure to all the major components of computer forensics -- identification, preservation, analysis, and reporting.
Instructor Mark Spencer will draw upon his extensive experience in both the public and private sectors to lead the class through applying the proper tools to a "seized" hard drive in a case involving employee wrongdoing. Commercial and open-source tools designed to forensically tackle different types of electronic data will be applied during the investigation.
Computer Forensics Kickstart has been designed to prepare you to select and implement computer forensics tools that will be critical to successful investigations.
This is a hands-on workshop, please be sure to bring your laptops.
Course Outline
Identifying the "Universe of Data"
Critical computer forensics tools
Acquiring data at rest and in motion
Constructing proper searches
Evidence goldmines
Professional report structure
Who Should Attend
Anyone curious about computer forensics
Experienced practitioners looking for a refresher course.
You Will Learn
You will learn which tools are necessary to conduct successful computer forensics investigations and how experienced computer forensics practitioners implement them.
Speaker - Mark Spencer, Vice President of Electronic Evidence , First Advantage Litigation Consulting
Mark Spencer is a Vice President of Electronic Evidence with First Advantage Litigation Consulting where he provides expert consulting and computer forensics services to corporate and government clients. In addition to his case-related responsibilities, Mr. Spencer beta tests computer forensics software and assists with client development and marketing. His professional engagements have included cases involving evidence elimination, computer intrusion, intellectual-property theft, online undercover operations, employment disputes, and large-scale electronic discovery projects. Before First Advantage Litigation Consulting, Mr. Spencer performed computer forensics investigations for EvidentData, Inc. and the Suffolk County District Attorney's Office. He earned a Bachelor of Arts in Criminal Justice from the University of Massachusetts, Boston, successfully completed the Massachusetts Criminal Justice Training Council's Basic Course of Training for Reserve Police Officers, and holds numerous industry certifications. He has also been a regular presenter on computer forensics related topics at numerous industry events and on television.
While Vista has received lots of venom since its release, it has great features people have never taken the time to learn. It is still a mystery why it acts the way it does. This session will help you understand these mysteries and how to use Vista successfully. Revealed will be where your virtualized files go so repair is easy. Lock down Vista to comply with Federal regulation and stay secure. Learn where adjustment to control files can make your program Vista friendly. Add a hidden layer of security that groups can't override and few even know exits. Make a self-booting Live CD of Vista that you can easily customize (forensics, disaster recovery, and penetration testing). All this and much more!
Course Outline
Vista History
Demonstration of Vista Virtualization
What are dot Manifest files
How to re-adjust Manifest files
What is Biba integrity label security
Demonstration of security labels
How to create live Vista CD's
What are the diagnostic tools in Vista
Demonstration of troubleshooting common Vista problems
How to increase Vista security
You Will Learn
Where your files went when Vista virtualized them and methods of assessing and repairing virtualization problems. They are not where you think.
How to get legacy programs to run in Vista by adjusting one file most people don't even know exists. The dot manifest.
How to lock files and folders from users that can't be overridden by group membership, all from a single command line entry.
How to make a bootable Vista live CD that can be used for diagnostics, disaster recover, even forensics. You'll even be able to put your favorite tools on this invaluable CD to meet your exact needs.
How to grasp the full range of trouble-shooting ability aided by 300 different tools in Vista.
How to finish securing Vista so it complies with federal standards.
Who Should Attend
Technicians and supervisors who are moving to Vista
Managers and Executives who need to make a decision on Vista
Speaker - Brad Smith, Director, Computer Institute of the Rockies
Brad Smith (RN, ASCIE, BS-Psy MCNPS, CISSP, NSA-IAM) started his computer training in 1971 and is still going strong. Living in the North West, Brad is currently working as a private practice informatics nurse helping rural and frontier medical facilities comply HIPAA. His company, the Computer Institute of the Rockies was selected as the 2005 Microsoft Small Business Solution Partner of the Year for its innovative and cost effective business solutions. He is a frequent speaker at the national medical and security conferences, where he makes complex ideas simple to grasp. Brad is known for his high-energy style of presenting and the real-world experiences he shares during these sessions. He values an active session where everyone is encouraged to share their ideas.
Risk assessment is viewed by many organizations as a long and complicated process.
This two-day workshop will dispel that myth and provide the attendees the methods and tools required to complete a quality risk assessment for their own organizations (using an industry standard process) in five days or less.
During the training, the students learn the components of the risk assessment process and how they can be effectively used within each organization. The strengths and weaknesses of creating a threat list by brainstorming, checklists or other means are discussed. The results are then reviewed to determine how they can be modified to meet the students' specific needs.
The focus of the class is to review the current laws and standards (NIST, OMB, FISMA, FFIEC, ISO 27002, GLBA, HIPAA, SOX, ITIL, PCI DSS and others) and then learn how to map them to the student's own organizational requirements.
At the end of the workshop, the attendees will take away a thorough understanding of the risk assessment process, the tools they need to perform the task at their own organization, examples of threat lists, sample control lists and a management summary letter template and other valuable tools.
Course Outline
This Qualitative Risk Assessment course addresses the following tasks:
How the risk assessment process works
Using Heat Maps to determine levels of risk
Mapping legal and regulatory requirements to establish a baseline set of controls
Using GAP analysis to establish risk assessment quality
Risk mitigation techniques
Final documentation requirements
Who Should Attend
Enterprise risk management
IT Risk management
Audit
Business Continuity Planning / Disaster Recovery Planning
Information Security
Applications development
Business planning
You Will Learn
Risk Management basics
Project Impact Analysis: the due diligence portion of project management
Risk Assessment: documentation of how management meets its fiduciary
Risk Mitigation: using key concepts to reduce identified risk to an acceptable level
Compliance checking and vulnerability assessment
The required knowledge and ability to provide effective risk management and consulting for your organization
Instructor - Thomas Peltier, President, Thomas R. Peltier Associates, LLC
Tom Peltier has been an information security professional for over thirty years. During this time he has shared his experiences with follow professionals and because of his work has been given the 1993 Computer Security Institute's (CSI) Lifetime Achievement Award. In 1999 the Information Systems Security Association (ISSA) bestowed its Individual Contribution to the Profession Award and in 2001 he was inducted into the ISSA Hall of Fame. Tom was also awarded the CSI Lifetime Emeritus Membership Award. Over the past decade, Tom has averaged 4 articles published a year on various computer and information security issues, including developing policies and procedures, disaster recovery planning, copyright compliance, virus management and security controls. He has had six books published on policy development and risk assessment. He co-authored four other information security books. He continues to speak and teach information security courses throughout the world.
Effectively addressing and coordinating Privacy and Information Security initiatives has moved to the top of the list for companies maintaining customer and employee information. However, there are often gaps in communication and collaboration between Privacy and Information Security activities. These gaps create more complexity and bigger challenges for companies to handle, as well as putting the organization at greater risk for incidents, along with contractual and regulatory noncompliance. Successful Privacy and Information Security programs collaborate together to ensure effective controls are integrated throughout the enterprise. This two-day workshop addresses key focus areas for effective collaboration between Privacy and Information Security groups. This workshop will provide knowledge and tools (supported by case studies) that can be used immediately to help business leaders successfully meet these complex and difficult challenges.
Course Outline
Day 1: Foundation Areas
Information security and privacy trends
Privacy overview and frameworks in use today
Information security overview and frameworks in use today
Laws and regulations
Strategic planning and roadmaps for both security and privacy
Day 2: Collaboration Areas
Policies and procedures
Risk assessments and methods
Business partner privacy and security program reviews and methods
Incorporating privacy and security within applications and systems development
Privacy and security incident response
Who Should Attend
This course is intended for CISO, CSO, CPO, CIO, Legal Counsel, Director, Manager, and IT Audit Director and Manager levels.
You Will Learn
Knowledge and tools to effectively collaborate, build, and/or enhance your Privacy and Information Security program
A ready-to-use and customizable information security and privacy program planning toolkit and framework
An information security and privacy program maturation assessment toolkit and roadmap visual aid
Privacy impact assessment worksheet
A ready-to-use vendor security and privacy program assessment and due diligence toolkit
Other useful tools that you will be able to use immediately upon your return to the office
Christopher Grillo, CPA(inactive), CISM, CISA, CIPP, ITIL is the Director of Information Security for Medica Health Plans. Chris is a business focused and technically adept leader with over 15 years of experience in information security, privacy, risk management, audit, and IT consulting in various industries. Chris has a proven track record of implementing and maintaining effective Information Security programs in various industries.
Prior to joining Medica, Chris was the Director of Information Security at Pearson Education where he led the global Information Security Program. Chris also held Information Security management positions at highly diverse and regulated companies with business operations in energy, auto, finance, and software development. In addition, Chris served as Sr. Principal Consultant at Guardent and Canaudit, where he led comprehensive information security and privacy engagements.
Chris is the author of several seminars such as: Handling Complex and Difficult Privacy and Information Security Issues, Enterprise Security Management, Security Awareness, Acquiring Information Security Tools, and Auditing System Development. He has published several articles and has been quoted in popular magazines such as InformationWeek, Computerworld and the CSI Alert.
Chris is an active member in various Information Security and Audit Associations, Privacy groups, and has served as chairperson of the Computer Security Institute (CSI) Advisory Council. Chris can be reached at christopher.grillo@medica.com or csgrillo@gmail.com.
Rebecca is an information privacy, security and regulatory compliance consultant, author and instructor with her own business, Rebecca Herold, LLC, and over 17 years of experience. Rebecca is authoring her 11th book, and is the editor and primary author for the "Protecting Information" quarterly subscription security and privacy awareness multi-media publication. Rebecca has authored chapters for dozens of books and over one hundred published articles. In 2007 Rebecca was named a "Best Privacy Adviser" by Computerworld magazine and one of the "Top 59 Influencers in IT Security" by IT Security magazine. Rebecca is an Adjunct Professor for the Norwich University Master of Science in Information Assurance (MSIA) program. Rebecca is a frequent speaker and has been quoted in dozens of publications. Rebecca can be reached at http://www.privacyguidance.com, her blog at http://www.realtime-itcompliance.com, and rebeccaherold@rebeccaherold.com.
This one-day workshop is an introduction to the state of network and application attacks and countermeasures in information security. Designed for managers with a technical (but not necessarily security) background, this class walks through key attack types, defense strategies, and corresponding management activities required to protect against these threats. Watching demos of insecure software and networks, students will see the damage potential encompassed by these attacks. Due to the students' high-level vantage point, particular emphasis will be placed on Return on Investment (ROI) for various defensive activities, as well as how to prioritize resources with a limited budget.
While this is a demonstration based class, students are encouraged to bring their own laptops.
Course Outline
Attack vectors
Exploit examples
Security as a band-aid solution
Secure application and network architectures
Application security activities
Network security activities
Enterprise controls
Who Should Attend
Information technology managers with a basic understanding of networks and/or applications who wish to gain an understanding of the current state of network and application-layer attacks and defenses.
You Will Learn
Students will be armed with an understanding of what the current threat landscape is and what the various defense strategies are with relation to network and application security. This class will allow them to make educated decisions about how to best defend against these threats.
Speaker - Hugo Fortier, Security Consultant, Security Compass
Hugo Fortier is a Security Consultant with a strong background in e-commerce security. He specializes in penetration testing, source code review, and closed source application review. Hugo is a noted expert in penetration testing and reverse engineering and has delivered engagements for a variety of service offerings, including code reviews, network penetration testing, web application penetration testing, wireless auditing, and VOIP penetration testing. Hugo has been involved in the development, implementation and maintenance of a security infrastructure for a major online banking project in Canada. He is also the founder of the RECON, the Reverse Engineering Conference.
Rohit Sethi, Manager of Professional Services, Security Compass, is a specialist in threat modeling, application security reviews, and building security controls into the software development life cycle (SDLC). Mr. Sethi is a frequent guest speaker and instructor at several national conferences. He has written articles for Security Focus and the Web Application Security Consortium (WASC), and has been quoted as an expert in application security for ITWorldCanada and Computer World. At Security Compass, Rohit teaches hundreds of students various topics on web application security in cities across North America. He has also managed and performed extensive threat analysis, source code reviews, and penetration testing for clients in financial services, utilities, telecommunications and healthcare. He is often consulted for his dual expertise in information security and software engineering.
As the sophistication and threats caused by malicious attacks continue to increase, there is a need for incident responders to increase their knowledge and broaden their skills. MANDIANT's Incident Response course is specifically designed for information security professionals and analysts who respond to computer security incidents. This hands-on class uses lab exercises to cover the different phases and activities in the Incident Response process. Students will learn how to build Incident Response toolkits and automated scripts. They will also acquire process memory from suspicious binaries running in the Windows operating system. The final exercise will be performing a live response on a compromised Windows system to collect the volatile evidence present on a live system prior to the system being powered down.
Course Outline
The different phases and activities of the Incident Response process
Building a trusted toolkit
The Live response process
Building a live response script
Perform live response on compromised Windows & UNIX systems
Windows volatile/physical memory acquisition and analysis
Understanding and detecting Windows rootkits
Who Should Attend
Information technology staff
Information security staff
Corporate investigators
Other staff that have a need to perform Incident Response or investigate suspect network and systems use/misuse.
You Will Learn
How to perform a Live response on a compromised Windows system
How to build a trusted toolkit for Windows live response
How to build a Windows live response script
How to dump and examine Windows physical memory
How to understand and detect Windows rootkits --the basics
Kris Harms is a Senior Consultant at Mandiant with six years experience in computer security and incident response. He has extensive experience conducting large scale incident investigations for Fortune 100 companies, e-commerce sites and financial institutions. He has also supported multiple counter-intelligence investigations at several government entities. Mr. Harms has lead investigations and conducted evidence discovery for several multi-million dollar litigations. These investigations brought attention to the lack of published information on System Restore Points, leading to Mr. Harms' authoring of "Forensic Analysis of System Restore Points in Windows XP", and the creation of Mandiant's Restore Point Analysis Tool. The Restore Point Analyzer provides forensic examiners an understanding of the content found within System Restore Points which are frequently overlooked as a source for data. The article was recently published in the International Journal of Digital Investigation. Prior to joining Mandiant, Mr. Harms worked for SRA International and played a key role as an Information Assurance Engineer for the Government Accountability Office. During this time, he became the technical lead for the development and maintenance of the agency's intrusion detection and incident response capabilities. Mr. Harms was also the technical lead for workstation security, providing secure solutions for auditors and support staff while on-site and off-site. This program included leading a successful rollout of agency-wide personal firewalls which incorporated never before implemented 802.1x capabilities. A frequent industry speaker and instructor, Mr. Harms has appeared on the CBS News program 60 Minutes and PBS's Wealth and Wisdom. Mr. Harms holds a Bachelor of Arts degree in Applied Science and Technology from The George Washington University.
"Enjoyed the mix of the highly technical hacking versus Policy & Awareness. Smaller size (compared to RSA) made it easier to speak with other people and make connections." Laura Nelson, Data Architect
UPS
"The sessions were very good, however, I most enjoyed the engaging conversation of my peers." Robert E. Lee, Jr., CEO
RK Goodworks, LLC
"It's the first conference I've seen with a track just for Security Training & Awareness." Tami Kilbourne, Sr. Technical Analyst
Philip Morris USA
