Wednesday March 30th 2011, 2PM EDT

Watch Now <56:11>

It's 2011. Why are we still dealing with drive-by downloads? This session combines telemetry data from two web security products with millions of users to answer some of today's top questions. Where are the malicious payloads hosted? How are criminals infecting legitimate sites? Do we really want to block the unintentionally malicious sites? Use these answers to optimize your web security efforts.

Sponsored by Cisco Systems, Global Platinum Sponsor

(ISC)2 members can receive 1 CPE credit for attending the live webcast. Use your after event email as confirmation.

Patrick Peterson, Chief Executive Officer and Cisco Fellow
Authentication Metrics, Inc. and Cisco Systems, Inc.

Patrick Peterson joined IronPort Systems in 2000 and defined IronPort’s email security appliances and invented SenderBase, the industry’s first reputation service. In 2008, after Cisco’s acquisition of IronPort, Peterson became one of 14 Cisco Fellows. He leads research projects to understand cutting-edge criminal attacks and the business models they support.

In 2009, extending years of work at IronPort and Cisco, Peterson founded Authentication Metrics, Inc (AMI) to create a new trust framework for email. AMI leverages email authentication standards to secure the email channel. Peterson serves as CEO of AMI and remains an active Cisco Fellow.

Henry Stern, Senior Security Researcher, Cisco

Henry Stern joined IronPort Systems in 2006 as one of the original engineers responsible for IronPort Anti-Spam (TM), the industry’s most accurate anti-spam filter, and invented IronPort’s Multidimensional Pattern Recognition (TM) technology for combatting image threats. Henry has been involved in the anti-spam community since 2003, serving as a committer for the Apache SpamAssassin project and a contributor to both the SURBL and URIBL spam domain name blocklists.

Watch Now <56:11>

Arthur Coviello, Jr., Executive Chairman, RSA, The Security Division of EMC, and Executive Vice President, EMC Corporation

Organizations worldwide have high hopes for the cloud. Hope in its potential to transform IT infrastructures, applications, and information management and in its ability to revolutionize business. But before we can trust that the cloud is safe for real business, we need a secure foundation of dynamic controls and trustworthy measurement. Art Coviello and Richard McAniff, Chief Development Officer and Member of the Office of the President, VMware, Inc.unveil innovative advances toward a trusted cloud.

Art Coviello is responsible for RSA’s strategy and day-to-day operations as it delivers EMC’s global vision of information-centric security.  Mr. Coviello was Chief Executive Officer of RSA Security, Inc. prior to its acquisition by EMC in 2006. He joined the company in 1995 and has been a driving force in its rapid growth, increasing revenue from $25 million in 1995 to revenues of over $600 million in 2009.  Mr. Coviello’s expertise and influence have made him a recognized leader in the industry, where he plays a key role in several national cyber-security initiatives. Mr. Coviello has spoken at numerous conferences and forums around the world.  Mr. Coviello has more than 30 years of strategic, operating and financial management experience in high technology companies. In addition, he currently serves on the Board of Directors at EnerNOC (a leader in Demand Response Systems for energy conservation).

Mr. Coviello graduated magna cum laude from the University of Massachusetts.

Download <7:09>

Philip R. Reitinger Deputy Under Secretary for the National Protection and Programs Directorate (NPPD) and Director of the National Cybersecurity Center (NCSC), U.S. Department of Homeland Security

Town Hall at RSA Conference 2011: Join NCSA and leading cybersecurity experts, including senior officials from the White House and key federal government agencies, for an in-depth dialogue about ways to increase collaboration in the face of more and more sophisticated threats in cyberspace. This will be an interactive Q&A with leading government cyber security officials and industry experts on topics that are important to risk managers in both the private and public sector, domestic and international.

Hosts:

• Shannon Kellogg, Senior Director, Government Affairs and Public Policy, EMC Corporation
• Michael Kaiser, Executive Director, National Cyber Security Alliance

Guests:

• Howard A. Schmidt, Special Assistant to the President & Cybersecurity Coordinator
• Philip Reitinger, Deputy Under Secretary, DHS
• Patrick Gallagher, Deputy Under Secretary of Commerce for Standards and Technology & Director, NIST

Philip R. Reitinger was appointed by U.S. Department of Homeland Security (DHS) Secretary Janet Napolitano to serve as the Deputy Under Secretary for the National Protection and Programs Directorate (NPPD) on March 11, 2009. In this role, Reitinger leads the Department’s integrated efforts to reduce risks across physical and cyber infrastructures. He oversees the coordinated operational and policy functions of the Directorate’s subcomponents, which include Cybersecurity and Communications (CS&C), Infrastructure Protection (IP), Risk Management and Analysis (RMA), and the United States Visitor and Immigrant Status Indicator Technology (US-VISIT) program. On June 1, 2009 Reitinger also became the Director of the National Cybersecurity Center (NCSC), which is charged with enhancing the security of federal networks and systems by collecting, analyzing, integrating and sharing information among interagency partners. In this role, Reitinger is responsible for coordinating situational awareness and reporting for federal cybersecurity organizations and personnel.

As Deputy Under Secretary for NPPD and Director of NCSC, Reitinger provides strategic direction to the Department’s cybersecurity efforts while ensuring preparedness and response capabilities across all federal computer systems.

Prior to joining DHS, Mr. Reitinger was the Chief Trustworthy Infrastructure Strategist at Microsoft Corporation. In that role, he worked with government agencies and private sector partners to enhance cybersecurity and infrastructure protection. In November 2001, Mr. Reitinger became the Executive Director of the U.S. Department of Defense’s (DOD) Cyber Crime Center, which provides electronic forensic services and supports cyber investigative functions at DOD. Before joining DOD, Mr. Reitinger was Deputy Chief of the Computer Crime and Intellectual Property Section at the U.S. Department of Justice. At the Department of Justice, Mr. Reitinger chaired the G8 subgroup on High Tech Crime. Reitinger has represented government and industry on critical information technology and security initiatives throughout his career, including the Industry Executive Subcommittee of the President’s National Security Telecommunications Advisory Committee (NSTAC), where he chaired the Next Generation Networks Task Force. He was the first Chairman of the Software Assurance Forum for Excellence in Code (SAFECode), the President of the Information Technology-Information Sharing and Analysis Center (IT-ISAC), and a member of the Executive Committee of the IT Sector Coordinating Council (IT SCC). Mr. Reitinger was a member of the Federal Emergency Management Agency National Advisory Council and the Information Security and Privacy Advisory Board (ISPAB) of the National Institute of Standards and Technology. He was also a member of the CSIS Commission on Cybersecurity, which developed recommendations for the 44th Presidency.

Reitinger holds a law degree from Yale Law School and a bachelor’s degree in electrical engineering and computer science from Vanderbilt University.

Ulrich Waldman, Research Associate, Fraunhofer Institute for Secure Information Technology SIT

The new German eID card allows for a high-level of security and economy of personal data based on mutual authentication of citizens and service providers on the Internet. The session introduces new concepts, technologies, infrastructure services, application scenarios, and economic opportunities from an international point of view.

Ulrich Waldmann is a graduate computer scientist from the Technical University Darmstadt, Germany. Since 2002 he works as research associate at the Fraunhofer Institute for Secure Information Technology SIT in Darmstadt in the area "Transaction and document security". His working fields include smart cards, health cards and telematics, security concepts, smart card standardization, eID cards, RFID and biometry. He contributes to the introduction of the German health card, health professional card and national identity card. He is engaged in standardization of chip card protocols on national level (DIN), editor of the German health professional card specification, project manager of the eID card test center at the Fraunhofer SIT and organizer of the annual SIT-SmartCard Workshop.

Download <7:41>

John Whaley, Chief Technology Officer, MokaFive

IT departments are considering BYOPC (Bring Your Own PC) initiatives, due to factors including cost, employee demand for choice and freedom, and more contractors and part-time workers. But the big issue is security: how can you ensure the security of an unsecured, employee-owned desktop that you have no access to? This session will address different BYOC models and share best security practices.

John Whaley is responsible for the technical vision of MokaFive. He holds a doctorate in computer science from Stanford University, where he made key contributions to the fields of program analysis, compilers, and virtual machines. He is the winner of numerous awards including the Arthur L. Samuel Thesis Award for Best Thesis at Stanford, and has worked at IBM's T.J. Watson Research Center and Tokyo Research Lab. John was named one of the top 15 programmers in the USA Computing Olympiad. He also holds bachelor's and master's degrees in computer science from MIT and speaks fluent Japanese.

Download <6:39>

Jeremiah Grossman, CTO, WhiteHat Security

Jeremiah Grossman will draw from the most recent WhiteHat Security Website Security Statistics Report – a trove of information from over 1,600 websites – to introduce the most prevalent vulnerabilities putting data at risk. This presentation will place special emphasis on separating historical trends from the current state of web application security.

Jeremiah Grossman, founder and CTO, WhiteHat Security, is a world-renowned Web security expert. A co-founder of the Web Application Security Consortium (WASC), he was named one of InfoWorld’s Top 25 CTOs in 2007 and is often quoted in publications such as SC Magazine, Forbes and USA Today. Grossman is an influential blogger who encourages open dialogue regarding vulnerability trends.

Download <6:21>

Richard Howard, Intelligence Director, iDefense

This talk is a discussion about current cybersecurity trends identified in 2010 and manifested in 2011 across the spectrum of cybercrime, cyber war, cyber espionage, cyber hacktivism and cyber terrorism.

Rick spent five years working as the iDefense Intelligence Director and is now the General Manager. He served in the US Army for 23 years and retired as a lieutenant colonel in 2004. He spent the last two years of his career as the US Army's Computer Emergency Response Team Chief (ACERT) coordinating network defense, network intelligence and network attack operations. Rick holds a Master of Computer Science degree from the Naval Postgraduate School and an engineering degree from the US Military Academy, where he also taught computer science later in his military career. He has published many papers on technology and security and most recently contributed as an Executive Editor to the first book published by Verisign / iDefense: “Cyber Fraud: Tactics, Techniques and Procedures.”

Download <6:03>

Bruce Jones, Global IT Security Manager, Kodak

This talk will present a risk management framework that can be used to monitor compliance, evaluate risk, communicate with various levels of management and help drive business decisions that are in alignment with the business objectives and the risk tolerance of the organization. It will give attendees practical tools that they can take away and begin using immediately.

With over 29 years at Kodak Bruce has served in various roles in manufacturing, purchasing and information security.  Much of his career has been dedicated toward the support and implementation of information systems to support Kodak’s global business.  
              
His current responsibilities include ownership for the IT Policies and IT Internal Control Standards, management of the resources responsible for compliance, risk, security, e-discovery and forensics, providing leadership for all investigations related to potential data security issues and monitoring the various global regulatory or legal obligations related to IT Security.

Bruce serves as an industry advisor for the RIT Masters Degree in Computer Security and Information Assurance (MS/CSIA) and as a InfraGard board member.

Download <7:07>

Francis deSouza Senior Vice President, Enterprise Security, Symantec Corporation

Each IT trend brings new security challenges. Today, consumerization challenges the control over which devices access networks. The Cloud challenges the control over applications and infrastructure. Collaboration challenges the control of information once it crosses enterprise boundaries. This discussion will explore how answering the most basic question– “Who are you?” – could be the key to navigating these trends.

Panelists:

Michael Barrett, Chief Information Security Officer, PayPal, Inc.
Jonathan Penn, Vice President, Forrester Research, Inc.
George Thangadurai, General Manager of PC Client Services, Intel
Michael Waters, Manager of Enterprise Security, Booz Allen Hamilton

Francis deSouza is senior vice president of the Enterprise Security Group at Symantec. In this role he leads engineering, product management, field enablement, business development, and operations for Symantec's Endpoint Security and Management, Data Loss Prevention, and Information Risk Management businesses. Most recently, deSouza served as senior vice president of Information Risk Management where he led Symantec's compliance and security management, messaging security, and archiving businesses. deSouza joined Symantec through the company's acquisition of IMlogic in February 2006. At IMlogic, he was founder and chief executive officer, building the company into a recognized leader in the rapidly growing market for instant messaging security with more than 750 customers across 23 countries. Prior to IMlogic, deSouza served as product unit manager at Microsoft, directing a team in the development of the enterprise real-time communications platform, including instant messaging, chat, Voice over IP and NetMeeting. Previously, he founded Flash Communications, which quickly emerged as a leader in the corporate instant messaging space and was acquired by Microsoft in 1998. deSouza graduated from the Massachusetts Institute of Technology (MIT) with BS and MS degrees in Electrical Engineering and Computer Science.

Download <10:28>

Joseph Menn, Author

Hear from law enforcement and security professionals on how they worked together on some of the biggest cybercrime cases to date. What made those collaborations succeed where others failed? Is it getting easier or harder for the public and private sectors to work together? What does each side need to learn from the other, and what emerging policies could improve the situation?

Panelists:

Keith Mularski , Supervisory Special Agent, Cyber Division, U.S. Federal Bureau of Investigation
Kimberly Peretti , Director of Advisory Forensic Services, PricewaterhouseCoopers
Pedro Bustamante, Panda Security
Joe Stewart , Director of Malware Research, SecureWorks

Joseph Menn is the author of the nonfiction 2010 cybersecurity bestseller FATAL SYSTEM ERROR: The Hunt for the New Crime Lords Who are Bringing Down the Internet. The book has been named to the official reading list of the US Strategic Command and has been enthusiastically recommended by industry publications and mainstream press as diverse as Business Week, The Guardian, and the New Yorker.  He covers security, privacy and other technology issues for the Financial Times from a base in San Francisco and previously spent a decade covering tech for the Los Angeles Times. His previous books include the 2003 volume ALL THE RAVE: The Rise and Fall of Shawn Fanning’s Napster.

Download <8:15>

Bill Veghte, Executive Vice President, Software & Solutions, Enterprise Business, HP

An applications transformation has begun, creating both challenges and opportunities: with users (consumers) demanding everything as a service, anywhere, how can enterprises secure critical corporate infrastructure assets and information? Building security into applications, assessing risk - even before coding begins, and applying quality and operational management using ITIL concepts to the practice of security are key.

Bill Veghte is Executive Vice President of HP Software & Solutions, a $3.6 billion business unit delivering innovative software and services that help enterprises develop, manage, defend and automate applications and infrastructure. Of equal importance for our more than 50,000 customers is using these products and services to protect and optimize business data. Before joining Hewlett-Packard, Bill spent the past two decades at Microsoft in a variety of senior leadership roles in engineering and sales. Most recently, he managed the company’s $15 billion global Windows business and was instrumental in launching Windows 7. He is known for his passion for technology, commitment to customers and ability to achieve results.

Download <4:09>

Hoyt Kesterson, Senior Consultant, Terra Verde Services

An increasing number of small companies are finding that their banks have sent the company’s funds to criminals who have successfully deluded the bank into believing the transfer was authorized. What went wrong—weak authentication functions on the part of the bank or sloppy practices at the business? Can a judicial ruling force a movement to stronger authentication practices?

Panelist(s):

• Joseph Burton , Partner, Duane Morris, LLP
• John Facciola , United States Magistrate Judge, U.S. District Court for the District of Columbia
• Andrew Peck , United States Magistrate Judge, U.S. District Court for the Southern District of New York
• Steven Teppler , Partner, Edelson McGuire, LLC
• James Woodhill , Founder and Chairman, Authentify, Inc.

Hoyt L. Kesterson II is an Arizona-based technology expert with Terra Verde Services. He has more than 40 years of experience in information security and related technologies.  For 21 years he chaired the international standards group that created the X.509 digital signature certificate, a fundamental component in digital signature and securing web transactions, He is a founding member of the ABA’s Information Security Committee and the eDiscovery and Digital Evidence Committee. A testifying expert, he has participated on ALI-ABA CLE web-casts on digital evidence and lectured on data breach at the ABA 2008 Annual meeting. He is an acknowledged contributor to a book on e-discovery and a book on digital data and the rules of evidence, both published by the ABA.

Download <11:19>

James Elste, Director, Security Strategy and Programs, Symantec Corporation

Richard A. Clarke’s book, “Cyber War” provides a grim assessment of our ability to defend against cyber attacks. His challenge: “First, we must initiate a broad public dialogue about cyber war.” This session will frame a debate on critical cyber defense topics, outline a legislative agenda, share “The Nevada Example” of public/private dialogue, and engage the attendees utilizing “crowd-sourcing” techniques.

Panelist(s):

• James Earl , Executive Director, Nevada Technological Crime Advisory Board
• Christopher Ipsen , Chief Information Security Officer, State of Nevada
• Mischel Kwon, Vice President, RSA, The Security Division of EMC

James Elste is the Director of Security Strategy & Programs for Symantec, where he advises security, IT and business executives on industry trends and innovative security methodologies. He has extensive experience developing and managing enterprise security programs, in both the public and private sectors, and served as the CISO for the State of Nevada. In addition, he has significant consulting experience with IBM Global Services and Ernst & Young. James holds a BS in Business from the University of Texas at Dallas and MS in Information Assurance from Norwich University. He is a Certified Information Systems Security Professional (CISSP), a Certified Information Security Manager (CISM) and is Certified in the Governance of Enterprise Information Technology (CGEIT).

Download <6:28>

Brad Hill, Principal Consultant, iSEC Partners

Transition In the spirit of the “OWASP Top 10”, this session will identify common flaws and failures of identification and authentication protocols from the last 15 years. Those inventing, implementing, deploying and evaluating such systems may find the list useful in avoiding similar mistakes. Examples from the literature and the author’s experience are discussed, and mitigation strategies provided.

Brad Hill is a Principal Consultant with iSEC Partners.  He has over a decade of experience as a software engineer and consultant. Brad has presented original research and training content at major conferences including Black Hat, SyScan and numerous OWASP events.  His research focuses on authentication technologies, including XML, Web Services, SOA and single sign-on, and he recently served for two years as an invited expert on the W3C XML Security Working Group.

Download <8:36>

George Kurtz, Worldwide Chief Technology Officer and Executive Vice President, McAfee

The explosive growth of Internet enabled devices is reshaping communication and commerce worldwide. Simultaneously, miscreants are abusing the Internet’s open architecture, leaving users at risk. The current cybersecurity model is reactive and unable to keep pace with the malware explosion. McAfee CTO George Kurtz will explain the required paradigm shift of driving security down the stack.

As worldwide chief technology officer, George Kurtz is responsible for driving the integrated security architectures and platforms that have propelled McAfee into a leadership position in digital security. His entrepreneurial background and ability to commercialize nascent technologies enable him to drive innovation throughout McAfee by identifying market trends and correlating them with customer feedback to optimize product direction and development.

Kurtz's previous roles at McAfee include senior vice president and general manager of the Risk and Compliance Business Unit, where he was responsible for driving worldwide growth in the risk and compliance segments. He helped transform McAfee from a point product company to a provider of security risk management and compliance optimization solutions. Kurtz formerly held the position of senior vice president, McAfee Enterprise, where he was responsible for helping to drive the growth of the enterprise product portfolio on a worldwide basis.

Download <8:16>

Dawn Cappelli, Technical Manager, Carnegie Mellon University Software Engineering Institute
Joji Montelibano, Insider Threat Security Analyst, Carnegie Mellon University, SEI, CERT Program

CERT has developed strategies to help organizations combat insider threat, based on a database of over 400 actual cases and with over nine years of research. To test these proposed strategies, CERT created the Insider Threat Lab to simulate events from actual cases. This panel will present three of these simulations and demonstrate how to best deploy countermeasures against malicious insider IT sabotage activities.

Joji Montelibano is a member of the Insider Threat team at CERT. He has over 15 years experience in the fields of software development, network engineering, and security. He began his career as a developer for the petroleum and chemical industries, where he created customized simulation programs for companies such as Shell Oil, Sunoco, and Foster Wheeler. Prior to joining CERT, Joji was a Senior Information Security Analyst for the RAND Corporation, where his main projects focused on securing and ensuring the availability of military networks and communications. He holds an undergraduate degree in Chemical Engineering from Stanford University, and Master’s degrees from Harvard University and the University of Southern California. His certifications include the CISSP, CSTE, CCNP, and ACSA.

Dawn Cappelli, CISSP, is Technical Manager of CERT’s Enterprise Threat & Vulnerability Management team and the Insider Threat Center at CERT, in Carnegie Mellon’s Software Engineering Institute. Her team assists organizations in improving their security posture and incident response capability by researching threat areas; developing assessment methods; and providing information for preventing, detecting, and responding to illicit activity. Dawn’s focus has been insider threats since 2001, including threat analysis and modeling; assessments; and insider threat workshops. Dawn has 30 years experience in software engineering, technical project management, and information security. Before joining CMU in 1988 she worked for Westinghouse as a software engineer developing nuclear power systems.

Download <12:23>

Jim Anderson, Executive Consultant, Emagined Security Inc.
James Christiansen, CISO, Evantix

Many CISOs dread the budget cycle, frustrated for lack of a persuasive business case. This updated session for RSA Conference 2011 looks at key parts of an infosec business case. The objections will be flushed out and neutralized, the needed alliances will be forged, and success will be yours. Attendees take away a useful template to craft business cases for the key elements of their information security programs.

Jim Anderson’s career focus is on implementing information risk management programs for enterprises. He has been VP, Global Information Security Services for Visa, and headed the Int’l Institute for Information Integrity. Anderson led information security at Morgan Stanley and Lexis-Nexis, Inc. and has published many infosec articles. Anderson’s MBA is from Univ. of Chicago Booth School of Business.

James Christiansen is responsible for developing the vision and development of third party risk management for Evantix. Prior to joining Evantix, James was CISO for Experian Americas.  James joined Experian after serving as CISO for General Motors where his responsibilities included worldwide implementation of security.  Prior to joining GM he was SVP and Division Head of Information Security for Visa International, responsible for development and implementation of their worldwide information security program.  James has been featured in the New York Times as a leader in information security.  He has an MBA and BS, is the author of the “Internet Survival Series”, contributing author of “CISO Essentials” and numerous industry papers.

Download <13:06>

Benjamin Tomhave , Senior Security Analyst, Gemini Security Solutions

The legal defensibility doctrine provides a sound risk management strategy that converges business, legal, and information security interests. However, part of that doctrine hinges on what is reasonably foreseeable. This panel will bring together business, security, and legal experts to discuss how to best tackle challenges to legal defensibility based on reasonable foreseeability.

Panelists:

• Dan Houser, Security and Identity Architect, (ISC)²
• Serge Jorgensen, Vice President, Sylint Group, Inc.
• Rafal Los , Security Evangelist, Blogger, and WebAppSec SME, HP
• Dave Navetta, Partner, InfoLawGroup LLP

Ben Tomhave is Sr Security Analyst with Gemini Security Solutions based in Chantilly, VA, specializing in solutions architecture, security planning, security program development and management, and other strategic security solutions. Ben holds a Master of Science in Information Security Management from The George Washington University. He is a Certified Information Systems Security Professional (CISSP), member of the American Bar Association Information Security Committee and eDiscovery and Digital Evidence Committee, member of ISSA, member of OWASP, and member of the IEEE Computer Society. He is a published author and an experienced public speaker. Ben has worked in a variety of security roles for companies including BT, AOL, Wells Fargo, ICSA Labs, and Ernst & Young.

Download <8:05>

Philippe Courtot, Chairman and Chief Executive Officer, Qualys, Inc.

As cloud computing adoption accelerates, the security model is shifting from the network layer to focus more on the data and where it resides within global datacenters. This major shift in computing is forcing enterprises, vendors and security professionals to rethink their security model in order to make the data secure yet accessible everywhere. Technology futurist Paul Saffo will host a lively discussion on this topic with two cloud computing pioneers, Philippe Courtot of Qualys and Dave Cullinane of eBay/CSA, taking live questions from the audience via Twitter (#RSACcloud).

Philippe Courtot has a history of building innovative companies and transforming them into industry leaders. As CEO of Qualys, he has worked with thousands of companies to improve their IT security and compliance postures. Courtot received the SC Magazine Editor's Award for bringing on demand technology to network security and for co-founding the CSO Interchange, a forum for sharing information in the security industry. Before Qualys, Courtot was the Chairman and CEO of Signio, Chairman and CEO of Verity and Chairman and CEO of cc:Mail. He holds a Masters Degree in Physics from the University of Paris.

Download <8:24>