12:00pm - Lunch Buffet
12:00pm - Welcoming Remarks
Marci McCarthy
CEO and President
T.E.N.
Biography
12:10pm - SSA Insights & Trends
Rob Roy
Federal CTO
Fortify
Biography
Download the Presentation (pdf) 2011 Cost of Cyber Crime Study (pdf)
Fortify Stuxnet Whitepaper (pdf) Fortify Software Security Center Brochure (pdf)
12:30pm - Morning Keynote
Dr. Eugene Schultz
CTO
Emagined Security
Biography
The Proliferation of High Profile Cyberattacks: Is There an End in Sight? > Download the Presentation
Twenty years ago cyber attacks were by today’s standards relatively benign. Attackers cracked passwords, broke into systems, and installed backdoor access mechanisms. The cybe rsecurity landscape has changed considerably since then, with well-financed organized gangs of cyber thieves breaking into systems of their choice practically at will and installing incredibly sophisticated malicious code that takes months to develop. Many high profile cyber attacks against the US military and government agencies and Fortune 500 companies have occurred in recent years. Enabled by a wide range of exploitable vulnerabilities in software, the rate of attacks has been accelerating to the point that a spokesperson for the U.S. military admitted that there is currently insufficient knowledge concerning how to stop these attacks. Research by the Ponemon Institute and other organizations shows that cyber security-related financial losses have also been growing rapidly year-by-year, yet somehow many people do not realize that they, too, are becoming more likely to experience cyber attacks that have potentially catastrophic consequences. Will current trends continue, or will there be an end in sight? This presentation addresses this question by focusing on a paramount issue--why and how we should concentrate on avoiding making critical errors in software during the software development life cycle so that cyber attackers do not have nearly as target rich an environment as they currently do.
1:15pm - Evolution of Application Security: From Breach to Mobile Applications
John R. South
Chief Security Officer
Heartland Payment Systems
ISE® Central Executive Award Winner 2011
ISE® North America Executive Award Finalist 2011
Biography
T.E.N. Success Story
Download the Presentation
Heartland’s 2008 breach was not atypical to the attack scenario that a number of companies face today. Heartland adopted an aggressive integrated approach to remediating their breach, as well as evolving its applications development environment to bring practical insight on the underlying security of new and existing applications. To support the application security framework that is applied across the entire application development space, analysis tools such as HP Fortify were incorporated into Heartland’s security strategy for both remediation of application vulnerabilities and to demonstrate compliance with the industry standards. With the application space moving rapidly towards the various mobile computing platforms, the software development lifecycle has had to evolve to provide for the increased diligence needed in securing today’s applications.
2:00pm - Break
2:15pm - Social Media and the Potential of Cyber Security Attacks
Aaron Barr
Director of Cyber Security
Sayres and Associates
Download the Presentation (pdf)
Aaron Barr is back—and he wants more cybersecurity offensives (ARS Technica)
Social networking via Facebook, Twitter, LinkedIn, YouTube, and MySpace are now an important part of the business scene as this platform empowers businesses to build a brand, expand their reach, connect with customers and partners and facilitate the “flow of business.” Employees toggling between “friending” on Facebook and “businessing” on corporate systems leave a company open to to number of security threats and provide a treasure trove of information which include the exposure of personal data in the workplace, the release of corporate data to the public, the risk of identity fraud and a host of security, governance and compliance challenges. Further,Aaron will share how the perfect storm is brewing between the number of people using social media and the increasingly sophisticated malware attacks being launched to prey on the data. And now with the proliferation of third-party applications for mobile devices, the complexity and diversity of security issues becomes even greater as users download unsecured applications and use mobile devices for personal reasons.
3:00pm - Executive Roundtables
Aaron Barr
Director of Cyber Security
Sayres and Associates
Selling Application Security within the Commercial Enterprise
John Keane
Information Technology Specialist
Military Health System
Biography
Selling Application Security within a Government Agency
Barmak Meftah
Chief Products Officer
Fortify, an HP company
Biography
Cloud Security
Ryan English
Practice Principal, Application Security Professional Services
Hewlett-Packard Company
Biography
Security & Mobility
Chris Tignor
VP, Information Security & Risk Management
Capital One
ISE® North America Commercial Executive Award Finalist 2008
ISE® Mid-Atlantic Commerical Executive Award Winner 2008
Biography
Security & Social Media
4:15pm - Afternoon Keynote
Dennis Dickstein
Chief Privacy and Information Security Officer
UBS Wealth Management
Author of "No Excuses"
Biography
No Excuses: A Business Process Approach to Managing Operational Risk and Information Security
Download the Presentation
Is there a cohesive method of thinking about application, software and information security across a shifting threat landscape? The possibility of loss due to people, process or technology failure is called operational Risk. Weaknesses and failures in application, software and information security are operational risks. This session will explain operational risk and provide an overview of an innovative and integrated framework to manage the risk of people, process and technology failure, including security risk, by integrating business process management with operational risk management.
5:00pm - "No Excuses" Book Signing and Reception
Dennis Dickstein will be signing his book on the HP Protect show floor. Visit the Fortify booth to watch demos.