|
Track 1: Protecting the Information Economy
Track 2: Emerging Platforms, Emerging Threats
Track 3: Fighting Cyber Crime
Track 4: IT Governance, Risk, and Compliance
Track 4B: Risk and Compliance Technical
Track 5: Safeguarding Corporate Networks
Track 6: Best Practices and Best Kept Secrets
Track 7: McAfee Solutions Overview
Sort By
Track 1: Protecting the Information Economy
Allen Corporation of America: The Message Within
Bill P Fanelli, Principal Architect, Allen Corporation of America
Carlton Jeffcoat, Vice President, Allen Corporation of America
Certain industries have particular concerns about data protection. High value intellectual property, such as pharmaceutical formulas and proprietary software algorithms, can be smuggled electronically. Highly sensitive legal documents are also items for concern. McAfee Data Loss Prevention (DLP) explicitly prevents the leakage of this type of data out of an organization. DLP monitors the movement of tagged files and data with keyword content. DLP technology is uniquely positioned to help with forensics efforts in identifying hidden message carriers. DLP can be configured to monitor the movement of likely carrier files such as photos, music files, and the like. When located, DLP will copy these files to a forensic archive on the DLP manager server. At this point, other tools can scan these files for the presence of hidden data. This presentation demonstrates all of these forensic procedures as well as a completely automated implementation of the above workflow.
Somewhat Technical
Citrix: Work is Not a Place; It's What You Do
Michael Emerson, Director - IT Security, Governance and Business Continuity, Citrix
This session discusses the changing landscape of where and how people work. Work is quickly becoming what you do, not where you report to everyday. To attract top talent and minimize operating expenses, many companies now offer work-from-home programs as part of their employee benefits packages. Alleviating the risk associated with these mobile workers is a challenging task because they are outside the typical reaches of the corporate network and they still require high levels of access to company resources and data. Learn best practices for protecting company applications, assets, and data under these circumstances, and discover how companies strive to make remote workers as safe as workers inside the company walls. Find out how you can protect your company assets without inhibiting the productivity of your mobile workforce.
Not Particularly Technical
Federal Aviation Administration: Preventing a Moving Liability
John Benson, Deputy Director, Office of Information System Security, Federal Aviation Administration, Department of Transportation
The Federal Aviation Administration (FAA) selected McAfee Endpoint Encryption (formerly Safeboot Encryption) to encrypt data on all its laptop and tablet computers. Hear how this solution ensures that all laptop and tablet PC-based data are protected from theft in the event that an FAA computer is lost or stolen. Find out how Endpoint Encryption fully satisfies the Office of Management and Budget mandate and DOT IT policies regarding encrypting personal identity information on all portable computers. While this was an FAA-wide deployment, each line of business worked out its own installation plan and each division had separate training on the implementation. This session discusses the details of the FAA implementation and illustrates how the use of full-disk encryption technologies like McAfee Endpoint Encryption can help you prevent your mobile users from becoming a moving liability to your organization.
Extremely Technical
Intel: How to Protect your Business Data and PCs with Intel Anti-Theft Technology
Steve Grobman, Director, Business Client Architecture, Intel
Steve Kremesec, Manager, Digital Office Enabling and Execution, Intel
Intel will describe how future client platform technologies will solve key challenges related to data and asset theft. Security challenges exist that cannot be overcome by software alone. Intel® Anti-Theft Technology is a set of platform technologies that when coupled with software is able to improve the security, reliability, management and deploy-ability of encryption and theft solutions. The session will cover the architecture and implementation of Intel Anti-Theft Technology and how it will be used in security software solutions from McAfee.
McAfee Foundstone Professional Services: Protecting Your Data in a Virtualized World
Rudolph Araujo, Director, Foundstone Professional Services
As virtualization technology grows in popularity, questions about the security of data in this new virtualized environment are buzzing. Do auditors now have an opportunity to question your compliance with standards such as PCI? Are you confident in your approach to vulnerability, security, and risk and compliance management? Taking a one-size-fits-all approach to securing your data is definitely not the answer. And many may think that technology alone is the answer; but it isn't! There are key considerations when securing your virtual environment and each should be taken seriously: people, process, and technology. Find out from Foundstone Professional Services experts as they discuss these factors from the security impact of virtualization – positive and negative – as well as the best practices that need to be adopted to fit into this exciting new paradigm.
Somewhat Technical
McAfee: Technology Overview - McAfee Network Data Loss Prevention (formerly Reconnex)
Dr. Ratinder Paul Singh Ahuja, VP, Technology, McAfee
Michael Siegel, Director of Product Management, McAfee, Inc.
Through the recent acquisition of Reconnex Technology, McAfee now offers customers a leading next-generation data protection solution—McAfee Adaptive Protection—that enables an organization to protect network information without requiring upfront knowledge of what needs to be protected. Please join us for an in-depth technical discussion of McAfee’s Data Loss Prevention solutions and how, with the help of Reconnex technology, McAfee will lead the way into the future of data loss prevention. You’ll also be among the first to learn about McAfee plans to integrate Reconnex’s products into McAfee ePO through a detailed discussion of the product integration vision.
Somewhat Technical
McAfee: Are We All a Walking Liability?
Suresh Subramanian, Sr. Product Manager, McAfee Inc
Raj Dhesi, Product Manager, McAfee, Inc.
It’s happened to many of us: losing a cell phone or a Blackberry. And when it happens, there is not much chance of getting your data back. As these devices become more sophisticated and their storage capacities become larger, the risk to our companies grows because we are constantly demanding more mobile access to information. Unfortunately, a lost or stolen device has the potential to wreak havoc on more sensitive information we access on them. What exactly does the future hold for mobile security? What are some of the innovative techniques being explored now to keep us all from becoming walking liabilities? This session explores the issues associated with mobile security, as well as some innovative technical solutions to the unique threats brought on by our need for mobility.
Somewhat Technical
McAfee: Exploring the Challenges of Data Loss Prevention
Faizel Lakhani, Product Management, McAfee, Inc.
Today’s security professionals face a daunting challenge: Protecting the organization’s most valuable asset, its information. As organizations invest in new business systems and processes to exchange critical information to, from, and about customers, partners, and employees in real-time, more opportunity exists for information leaks. Data breaches are rapidly becoming the forerunner of IT security concerns, in part because of the increase in both the frequency and severity of such breaches. The situation is further complicated by the need to protect sensitive data whether it’s at rest—i.e. stored within repositories inside the enterprise—in motion, either on the corporate network or on external links, —or in use—encompassing the endpoint not only while the user is connected to the corporate network, but more importantly, when the user is not connected to the corporate network. This task has been compounded by the influx of consumer-based technology into the workplace, such as digital media players, cameras, IM and social networking sites, and USB devices, which are all potential sources of information leaks.
McAfee has taken a unique approach to data loss prevention, starting with the premise that information protection solutions should not require security teams to know exactly what information needs protection from whom. This session explores the challenges of deploying a complete data loss prevention solution. Questions examined will include:
- Where is your organization’s confidential & sensitive data?
- How, where, and when is the data transmitted and by whom?
- How can the data be controlled and protected?
- What is your organization’s financial risk (from a leak)?
Not Particularly Technical
McAfee: Securing your Mobile Workforce with McAfee Encrypted USB
Tom de Jongh, Director Data Protection USB, McAfee
Everyday, employees are walking out of their offices, unaware of how unsecure their portable devices are. USB drives, due to their small size and portability, are great for storage but a security nightmare. Come learn how McAfee Encrypted USB storage devices incorporate built-in user access control and strong data encryption, ensuring that sensitive data remains secure wherever it travels.
Perot Systems, South Carolina Department of Probation / Parole / Pardon Services, and McAfee: Panel - Is it Possible to Get ROI from your Data Protection Efforts?
Simon Hunt, Vice President / CTO, Data Protection Business Unit, McAfee, Inc.
Jim Motes, CISO, Perot Systems
David O'Berry, Director of Information Technology Systems and Services, South Carolina Department of Probation, Parole, and Pardon Services
Money and resources have been pouring into data protection efforts at companies of all sizes ever since data privacy regulations—like California’s landmark Senate Bill 1386 legislation and the Payment Card Industry Data Security Standard—went into effect. Noncompliance can result in penalties such as public reporting, fines, loss of credit card acceptance privileges, and legal action. But beyond complying with regulations, is there really any return-on-investment (ROI)? Are there other positive impacts on the bottom line that aren’t readily apparent? Or should a true ROI calculation of these efforts even be attempted? Is continuing compliance really all we can and should hope for out of these efforts? Join a lively panel discussion that will tackle these issues that are pressing on CIOs, CSOs, CEOs, and even CFOs across diverse industries. This panel also will map out what the components of a reasonable ROI model might look like for data protection. This session is a must for anyone beginning a data protection project, already in the process of designing a solution, or attempting to justify ongoing expenditures for their efforts.
Not Particularly Technical
The Doe Run Company: The Different Faces of Threats
Craig Williams, Information Security Officer, The Doe Run Company
Learn what The Doe Run Company is doing to secure its critical data and protect against malicious data loss. Hear how the company deployed McAfee products to all the employees that connect to its virtual private network, allowing for safe remote computing, as well as network security.
Not Particularly Technical
Travelers: Do You Have an Insurance Policy for your Data?
Rick Lacafta, CISO, Travelers Insurance
The threat and risk environment changes rapidly in security and compliance. New techniques and threats are constantly being developed by criminals, hackers, and terrorists. The compliance environment also changes rapidly with the advent of new laws, as well as requirements placed upon businesses by regulations and other internal procedures. Internal users are also becoming an ever increasing threat as they become more mobile and require more access to sensitive data. How does one of the world's leading companies, Travelers, provide the necessary insurance to protect company data? This session discusses how the company approaches management of risk for their assets. This session offers insights to help you establish your own risk management program and provide the necessary insurance policy for your data.
Somewhat Technical
Track 2: Emerging Platforms, Emerging Threats
Advance Auto Parts and McAfee Avert Labs: Emerging Rootkit Techniques and Trends
Joel Yonts, CISO / VP Information Security, Advance Auto Parts
Aditya Kapoor, Research Scientist, McAfee Avert Labs, Inc.
Rachit Mathur, Research Scientist, McAfee Avert Labs, Inc.
Rootkits and blended threats that use rootkit technology to hide have grown rapidly in recent years. Rootkits are partnering with parasitic malware, boot sector viruses, and botnets or using multiple stealth techniques at once. This session examines the changing rootkit threat landscape in its short four-year life span, breaks down rootkit techniques, and provides McAfee's outlook for rootkits and defenses as well as real world implications.
Somewhat Technical
Ciphent: Web 2.0 - Hacking the Brand
James Foster, CEO, Ciphent, Inc.
The continued emergence of web technologies to include social networks, blogs, web services, widgets, and mobile applications has created an entirely new breeding ground for security threats. Hear Ciphent explain how hackers are now targeting corporate brands through misinformation, click manipulation, network traffic, and social network communities. Learn steps you can take to avoid becoming a victim of brand espionage.
Somewhat Technical
Citrix Systems: The (In)securities of Virtualization
Kurt Roemer, Chief Security Strategist, Citrix
Hear an expert from Citrix provide insights on the security of virtualization.
Somewhat Technical
Citrix, Intel, McAfee, Norfolk Southern, and VMware: Panel - Virtualization
Kurt Roemer, Chief Security Strategist, Citrix
Rudolph Araujo, Director, Foundstone Professional Services
Steve Orrin, Director of Security Solutions, Intel Corporation
Jason Yuan, Group Manager - BD and PM, McAfee, Inc.
Tony Samms, Director of Information Security, Norfolk Southern Corporation
Nand Mulchandani, Senior Director - Security Product Management and Marketing, VMware
Join experts from Citrix, Intel, McAfee, Norfolk Southern, and VMware for an animated discussion and Q&A on virtualization and security.
Somewhat Technical
McAfee Avert Labs: Anti-virus is Dead. Long Live Anti-virus!
Ahmed Sallam, Chief Software Architect, McAfee
Igor Muttik, Senior Architect, McAfee, Inc.
A flood of new malware is effectively staging a denial of service attack on traditional security solutions. Hear McAfee explain how elements of traditional anti-virus scanners, behavioral scanning, telemetry systems (also known as “herd technology”), and several other emerging technologies will allow malware protection to scale into the future untroubled.
Somewhat Technical
McAfee Avert Labs: Malware on Second Life - Myth or Reality?
Francois Paget, Senior Virus Research Engineer, McAfee Avert Labs, Inc.
As businesses begin to embrace virtual worlds, does this expose them to new threats? Hear McAfee Avert Labs discuss the real world of Trojans and viruses that can be created easily for virtual environments like Second Life.
Somewhat Technical
McAfee Avert Labs: The Backstage Tour
Chris Barton, Lead Anti-Spam Scientist, McAfee
Dmitry Gryaznov, Senior Research Architect, McAfee, Inc.
Alex Hinchliffe, Anti-Malware Research Manager, McAfee, Inc.
Join McAfee Avert Labs for an exciting look into the never before seen world of the infrastructure and processes behind new techniques to fight malware. Topics include an overview of new antimalware technologies as well as sample submission management, the telescope effect and process, and the big iron infrastructure.
This presentation is not available for download.
Somewhat Technical
Monetary Authority of Singapore: Security Threats Targeting Financial Institutions
Tony Chew, Director - Technology Risk Supervision, Monetary Authority of Singapore
This session goes beyond the headlines to examine what is really happening in cyber security in the bowels of the financial services industry. This presentation looks at the looming internal and external security threats and attacks targeted at financial institutions around the world. Real life incidents will be dissected to extract important lessons which should be learned by everyone in IT, risk management, audit, and compliance.
Not Particularly Technical
Qualcomm and McAfee: Mobile Security Issues and Emerging Threats
Kevin Watkins, Security Researcher, McAfee, Inc.
Joshua Davis, Vice President - Information Security, Qualcomm Incorporated
Everybody is going mobile, but what does that mean from a risk management perspective? Join McAfee and Qualcomm for two different looks at mobile security and privacy. McAfee examines threats such as malware on devices, while Qualcomm addresses the mobile infrastructure.
Somewhat Technical
VMware: The (In)securities of Virtualization (II)
Nand Mulchandani, Senior Director - Security Product Management and Marketing, VMware
Hear an expert from VMware provide insights on the security of virtualization.
Somewhat Technical
Track 3: Fighting Cyber Crime
AccessData and Application Security: Forensics in the Fight Against Cyber Crime
Dr. Michael Staggs, Senior Systems Engineer, Access Data
Josh Shaul, Director, Technical Strategy, Application Security, Inc.
Forensics in the enterprise is no longer simply for employee investigations. Forensics technology can be an important tool for large scale incident response, eDiscovery, information assurance and Freedom of Information Act (FOIA) compliance. Forensics also can be an important way to understand security breaches, such as access to web-enabled databases. This session examines forensics technology from various perspectives, including the strengths and weaknesses of the products and tools and how they can be used to address a variety of security issues. Learn how cybercriminals got in—and what they left behind.
Somewhat Technical
Department of Homeland Security: The Role of Cyber Security in Critical Information Protection
Brett Lambo, Director, Cyber Exercise Program, Homeland Security
Cyber risks to critical networks and systems continue to escalate. As the importance of implementing strong cybersecurity practices grows across government and the private sector, so do the roles and responsibilities of cyber responders and the importance of collaboration across organizations both public and private. America’s cyber infrastructure serves as a vital linkage among the 17 critical infrastructure and key resource sectors, as well as a fundamental element of all emergency response operations at the federal, state, local and tribal government levels. Since 85 percent of the critical infrastructure in the U.S. is owned by the private sector, this unity between the cyber response community in the government and private sector will be essential to effective protection and defense. Increasing the collaboration, information-sharing, and capabilities for coordinating response efforts are critical elements to ensuring effective mitigation steps are taken to reduce cyber risks and barriers to effective cyber response. Cyber attacks may begin within a government agency and quickly move to the private sector or vice versa. The topics explored in this session include: control systems security, information sharing/fusion best practices, future vulnerabilities and threats, and the government's current process/practice for securing the nation's critical infrastructure/critical resources.
This presentation is not available for download.
Not Particularly Technical
FBI, McAfee, Secure Computing and Starwood: Cyber Crime Response
Supervisory Special Agent, , FBI
Joe Telafici, Vice President, Avert Operations, McAfee
Phyliss Schneck, Vice President of Research Integration, Secure Computing
Peter Aschwanden, Sr. Manager, Cyber Incident Prevention, Starwood Hotels & Resorts Worldwide
Find out what these panelists from various sectors are seeing when it comes to cyber crime. Learn what it is like to be in the field with the ongoing fight.
FBI: Effective Cyber Crime Investigations - A Case Study
Supervisory Special Agent, , FBI
A key component in the global fight against cybercrime always will be successful prosecutions of actual cybercriminals. But successful prosecutions require effective investigations, which often face various challenges in cooperation between corporate victims and law enforcement officials. This session examines what goes into an effective cyber crime investigation from both a law enforcement and industry perspective. Through a case study example, learn best practices in cooperating with law enforcement to bring cybercriminals to justice.
This presentation is not available for download.
Somewhat Technical
McAfee Avert Labs: Exploiting the Internet for Profit
Rahul Mohandas, Virus Research Engineer, McAfee Avert Labs, Inc.
Vinoo Thomas, Virus Research Lead, McAfee Avert Labs, Inc.
The majority of Internet users get infected with malware while browsing questionable sites, right? Not quite. Every class of legitimate web sites—educational, government, financial…even technology vendors—has witnessed a compromise. Attackers, aided by automated systems for exploiting vulnerabilities, have enjoyed stunning success in the last year or so. This session analyzes the recent trends in the emergence of attack toolkits and their evolution over time. Find out about popular techniques adopted by malware authors to mass infect machines, as well as the challenges security vendors face in detecting and preventing these threats.
Somewhat Technical
McAfee Avert Labs: The Economics and Finances of Cyber Crime
Joe Telafici, Vice President, Avert Operations, McAfee
Most solutions to cyber crime have focused on technological improvements or legal consequences. However, the current economic model that makes cybercrime so profitable can be leveraged to reduce the rewards of computer crime and reduce the threat landscape via market forces. Where has customer convenience made creating a distributing malware so cheap and easy that the temptation is so great and the risks so low? How are legitimate processes like online advertising funding malware development? How do the technological choices of real businesses create the current incubator of criminal tools? This session explores these and many other questions.
Somewhat Technical
McAfee Avert Labs: The State of Cybercrime
Toralv Dirro, Security Strategist, McAfee Avert Labs, Inc.
Pedro Bueno, Research Scientist, McAfee, Inc.
Malware is on the rise, with over 400 new detections per day. Cybercrime groups are growing in sophistication, with 80 percent of all attacks now estimated to be financially motivated. Identity theft is on the minds of consumers and businesses alike, with complaints to the Federal Trade Commission reaching nearly 260,000 last year. This session presents the state of cybercrime around the globe, identifying technical trends in malware and developments in organized cybercrime, and using password-stealing Trojans in the financial sector as a case study of cybercrime in action.
Not Particularly Technical
McAfee: Defending Against Social Engineering Attacks
Craig Schmugar, Threat Researcher, McAfee, Inc.
Social engineering is arguably one of the most successful tactics an adversary can use in committing cybercrime, often craftily exploiting the very controls security professionals implement. But all is not lost. The elements that make a cybercrime attack of this nature successful also can be turned around by augmenting defenses based on the social engineering aspects themselves. This session highlights how social engineering has been used to carry out cybercrime and malware attacks, including a look at the evolution and success of the tactics as well as considerations when creating countermeasures.
Somewhat Technical
McAfee: Hacking Exposed Live 2008
Brian Kenyon, Director of Solutions, McAfee, Inc.
George Kurtz, SVP/GM, McAfee, Inc.
A good day for a security professional is when nothing bad happens, when no one really knows they are even there. However, this state of bliss is becoming harder to come by as the hackers are more sophisticated and more malicious than ever before. This session features a live demonstration of today’s most advanced attacks and exploits. Attendees will be amazed with the latest tactics and just how simple it is for cybercriminals to penetrate even the best-defended networks. Throughout the demonstration the proper countermeasures will also be discussed so users can leave with a renewed sense of security and knowledge of their opposition. Warning: This presentation is not for the faint of heart.
Extremely Technical
Secure Computing: Organized Online Criminal Enterprises: Profile of Who, Where, and How
Dmitri Alperovitch, Director Intelligence Analysis & Hosted Security, Secure Computing
No abstract available.
Track 4: IT Governance, Risk, and Compliance
Cerner Corporation: HIPAA Compliance from a Practical Perspective
Gary Long, Information Security Officer, Cerner Corporation
The Health Insurance Portability and Accountability Act (HIPAA) was passed into Federal law in August 1996. The act is meant to provide better access to health insurance, limit fraud and abuse, and reduce the overall cost of health care. Interpreting and making sense of the HIPAA Privacy and Security Rules is a challenge to each and every covered entity and business associate. In addition, state laws are putting more pressure on covered entities to determine when unauthorized access of protected health information (PHI) occurs and to notify the patient upon occurrence. This session provides a practical approach to understanding HIPAA requirements and maintaining compliance by implementing countermeasures, developing processes, and creating documentation.
Somewhat Technical
FishNet Security: Welcome to the Club!
Pamela Fusco, Chief Security Strategist, FishNet Security
Welcome to the Club: You are part of the advanced security industry and have an increasing role and scope of responsibility.
– Static is no longer a mainstay, dynamics are in multiple design, and capacity are now the endless frontier of today and our future.
– “Always on to reboot “ has become part of our daily genre. “Click, clack, tic, toc—I am in and you‘re out”! The people’s technology is the technology that enhances, degrades, and/or becomes apart of business operatives. What’s a corporate professional to do when it comes to allowing or defying the use of technologies, resources, and applications that are in high demand by their employees and clients?
– History is an excellent indicator of our future thus ignoring or delaying involvement in this ever evolving landscape will lead to certain disaster. Consumers are accepting and introducing dynamic risks at alarming proportions. The impact on businesses has proven to be significantly positive for some and negative for others.
– Endless buzzing and spattering of consolidation and partnerships with speculation of how it all works or will work has engaged the world.
During this briefing attendees will be presented with profiles of business to consumer issues detailing how to bring it to the office, take it home, and bring it back again without creating a meltdown or granting a pinhole, approved but unknown access to assets.
Not Particularly Technical
Forrester Research: The Current and Future State of IT GRC
Marc Othersen, Sr. Analyst, Security & Risk Management, Forrester Research, Inc.
Many IT organizations are struggling with establishing effective IT governance practices. Failing to properly link IT governance, risk, and compliance (IT GRC) programs together is a leading cause of ineffective or inefficient efforts. This session will define the IT GRC discipline, explore real-world practices used by successful IT organizations to establish robust IT GRC programs, and present a three-year IT GRC market analysis. Participants will be presented with:
– A clear definition of the IT GRC discipline
– A lifecycle-based framework defining a comprehensive IT GRC program
– A set of leading practices regarding the establishment, automation, and management of an IT GRC program
– A case study of a successful IT GRC program
– The future of IT GRC technology and practices
HP: Integrated Risk and Compliance Management For Better Business Outcomes
Chuck Klein, BladeSystem Advantage Program Marketing Manager, HP
Montserrat Mane, Security & Risk Management Services Principal, HP
Amit Raikar, Secure Advantage Alliances, HP
Steve Scott, Compliance Log Warehouse, HP
Learn how you can manage enterprise risk and compliance end-to-end with best-in-class integrated solutions from HP Secure Advantage and McAfee. Find out how to protect data and resources with solution components like the McAfee Content Security Blade Server on HP BladeSystem and provide validation via out-of-the-box seamless integration of McAfee products such as Intrushield, Message Web Security, Foundstone, and ePO with HP's Compliance Log Warehouse. Learn how HP with its information security service management approach delivers integrated HP/McAfee solutions you need from desktop to data center.
McAfee: Optimization and Risk Assessment
Michael Fey, SVP, technical sales and services, McAfee
McAfee’s optimization and risk assessment is intended to provide organizations insight into the level of maturity of their current security operations and processes, and to highlight areas of security risks. This assessment enables organizations to better understand the current processes and controls as they are mapped to industry best practices and become more optimized. Through a combination of qualitative sets of questionnaires and quantitative scan information mapped to industry standards such as ISO17799 and CVE, organizations can better understand their baseline level of risks. Find out how organizations can achieve a higher level of maturity and reduce overall risks by using this information to implement recommended processes and technical controls.
Somewhat Technical
McAfee: Reducing the Total Cost of Compliance
Evelyn de Souza, Senior Manager - Risk and Compliance Solutions, McAfee, Inc.
Richard Noguera, Director - Compliance, McAfee, Inc.
With the ever increasing number of federal, international, and commercial regulations across industries and geographies, it is critical that the cost of compliance does not exceed its intended benefits. This session discusses the concept of an enterprise controls framework. Learn how a well-defined framework can be used to ‘upward’ manage the audit cycle, reducing the impact to operations and the overall cost of external audit. Find out how the controls framework can be leveraged across the enterprise to enable risk management and information security the opportunity to collaborate with organizations such as corporate compliance and internal audit. Hear how an enterprise control framework can be used proactively to prepare and mitigate the risk of future regulation.
Not Particularly Technical
Purdue University, Travelers, and Xerox: Panel - CISO State of the Union
Scott Ksander, CISO, Purdue University
Rick Lacafta, CISO, Travelers Insurance
Audrey Pantas, Director, Information Security Office, Xerox
Each year, CIOs, CISOs, and other executives tasked with IT governance, risk, and compliance (IT GRC) activities see an evolution of the problems they face. Changes in U.S. state legislation, adoption of newly evolving technologies, and uses of new applications like Facebook and YouTube all potentially impact the state of IT GRC programs. This panel explores upcoming challenges, best tools and best practices, how responsibilities have evolved in 2008, and predictions for 2009.
Not Particularly Technical
Secure Computing: Deploying Firewall Compliance Solutions within High Assurance Environments
Scott Montgomery, VP, Global Product Strategy, Secure Computing
A high assurance environment is one in which the assets being protected are extremely valuable—typically human lives, high dollar value items, or high privacy items (SSN, DL, brand, intellectual property). High assurance environments present unique security challenges, particularly when keeping pace with continuously changing regulatory and compliance requirements. This session will present case studies of three different customers. Discover how these organizations approached their compliance dilemmas. Find out how they leveraged a variety of firewall deployment strategies within their high assurance environments. And, hear how they successfully used these strategies to achieve compliance with regulations like PCI, NERC, and CIP.
Somewhat Technical
Tyco and McAfee: Global Security and Governance in a Highly Distributed Environment
Jeff Hughes, Dir, IT-GRC Solution Marketing, McAfee, Inc.
Darren Guarino, Director IT Security, Tyco int
With 118,000 employees in 60 countries and multiple major business units Tyco has had to develop robust and broad-based risk and compliance strategies to meet increasing regulations both internally and externally. In this presentation Darren Guarino, Director of Information Security at Tyco International, talks about how they evaluate risk assessment and audit solutions and their key criteria for technology selection. Pushing the complete standardization of products and services across the global enterprise simply is not effective for a global enterprise such as Tyco. As a global security and governance entity Tyco must have robust logic and selection criteria.Therefore, an architectural approach is used where the product is the decision process, guidance, and architectural artifacts, not the decision itself. The decision to select the best vulnerability assessment tool for a line of business, for instance, was based on many factors that will be discussed in this session. Joining this engaging conversation with a some pertinent questions for Darren will be Jeff Hughes, Director of GRC, Solution Marketing for McAfee.
University of Houston: Steps to Achieving Payment Card Industry Certification Across a Distributed Organization
Mary Dickerson, Interim Executive Director for IT Security, University of Houston
Ricardo Rodriguez, Senior IT Security Analyst, University of Houston
The University of Houston has spent considerable time and effort instituting a new payment card industry (PCI) certification program for merchants operating across the campus network. This session describes their PCI certification implementation approach, which has been certified by an independent third party. Learn how their approach allows for tailoring policies, procedures, and implementation technology by merchant rather than a draconian, centralized common solution requiring everyone to meet a single approach.
Somewhat Technical
Track 4B: Risk and Compliance Technical
Agiliance, Application Security, HP, McAfee and Q1 Labs: Panel - Elements of a Solid IT Governance, Risk, and Compliance Program
Patrick Conte, CEO, Agiliance
Josh Shaul, Director, Technical Strategy, Application Security, Inc.
Chris Whitener, Chief Security Strategist, HP
Richard Noguera, Director - Compliance, McAfee, Inc.
Brendan Hannigan, President and COO, Q1 Labs
This panel of McAfee and McAfee SIA™ partners will present key observations learned from customer implementations, discuss how different controls audit solutions are factoring into customer environments, and respond to customer questions about the IT governance, risk, and compliance (IT GRC) tools in the market today. Are there too many IT GRC tools available, or is there a unique need for each one? Join us for this insightful look at how customers are using today’s tools.
Somewhat Technical
McAfee: Emerging Standards - Open Vulnerability Assessment Language and eXtensible Configuration Checklist Description Format
Kent Landfield, Director, Security Research, McAfee, Inc.
The process of securing the enterprise is moving from controlling the perimeter to protecting the systems and data within that perimeter. The growing importance of compliance and especially system and application configuration has produced a multitude of assessment tools to meet the need. The resulting proliferation of assessment tools is naturally accompanied by multiple, incompatible technical check definitions and compliance/check result formats. The US government and Department of Defense are pushing a solution to these incompatibilities by requiring standardization, namely, Open Vulnerability Assessment Language (OVAL) and eXtensible Configuration Checklist Description Format (XCCDF). The OVAL specification standardizes technical check definitions and result reporting. The XCCDF specification standardizes compliance checklist execution and reporting. XCCDF leverages the OVAL specification by referencing the technical checks that need to be executed. As vendors adopt these standards the resulting product changes will naturally filter to all customers. This session begins with an overview of the major features of these two standards and ends with a panel discussion of how implementation and deployment of these standards can affect and improve the enterprise ecosystem.
Somewhat Technical
McAfee: Modern Challenges for Vulnerability and Compliance Assessment in the Enterprise
Eric Fredericksen, Solutions Architect, McAfee, Inc.
Vulnerability and compliance assessment tools are transitioning from the bleeding edge into the main stream, and customer requirements are maturing accordingly. The early technical challenges are being overcome and replaced with organizational and integration challenges. Requirements on the frequency and extent of assessments of all types are tightening. At the same time, mobile devices represent a growing share of customer asset pools, reaching towards 50 percent in some cases. There is an increasing need to ensure assessment of these devices as tracking their network location is becoming increasingly difficult. Enterprises are managing an increasing number of security systems as pressure is being placed on budgets. There is a corresponding need for security systems to be smart, to require a minimum amount of configuration, and to get the job done without burdensome, ongoing configuration management. Customers want their assessment tools to integrate with existing systems with a minimum of configuration and maintenance. They want to aim their assessment tools at existing information repositories and to flexibly specify assets and asset groupings, not network address ranges. This session examines how assessment tools will meet the challenges to reduce costs for IT, continue to improve enterprise security, and meet the demands of the latest audit requirements.
Somewhat Technical
McAfee: Standards based Auditing - Using Emerging Technology Standards to Reduce the Compliance Cycle
Lal Narayanasamy, Senior Manager - Product Management, McAfee, Inc.
Richard Noguera, Director - Compliance, McAfee, Inc.
The emergence of standards-based policy auditing is revolutionizing the way compliance of IT assets are managed in large public-sector and corporate environments. McAfee is in the forefront of this revolution that holds the potential to bring about large scale improvements in audit effectiveness and productivity. Through a tour of tools such as McAfee Policy Auditor and McAfee Vulnerability Manager that have been built around the paradigm of standards-based auditing, we will share approaches and best practices that can help you make the most of this emerging phenomenon.
Somewhat Technical
Track 5: Safeguarding Corporate Networks
Accenture: Enterprise Vulnerability Management - Business Drivers and Deployment Options
John Coffman, Manager - IO Security, Accenture
Patrick Joyce, Security Consultant, Accenture
Today’s companies often struggle with the question of whether to outsource security or keep it in-house. Hear Accenture, a leading managed security provider, discuss key elements of their managed security service and its advantages.
Somewhat Technical
Adena Health System, EDS, Georgia State University, and Qualcomm: Leading Perspectives on the Evolution of Network Security
Brian Young, Senior Systems and Security Analyst, Adena Health System
Marven Goodman, Director of US Government Security Operations, EDS
Tammy Clark, Chief Information Security Officer, Georgia State University
Manish Gupta, VP Product Management, McAfee Inc
Joshua Davis, Vice President - Information Security, Qualcomm Incorporated
As technology advances, the network is becoming more critical and increasingly difficult to secure. Corporations must consider an assortment of issues, including access, authentication, visibility, protection, monitoring, compliance, mobility, and virtualization. Hear a set of leading panelists discuss their views on the evolution of network security.
Not Particularly Technical
BT Counterpane, McAfee and Techtonica: 30,000 to 30 - Managing Network Security Information Overload
Toby Weir-Jones, VP, Product Strategy, BT
William Boyle, Product Line Executive - Public Sector, McAfee, Inc.
Greg Brown, Sr. Director of Product Management, McAfee, Inc.
Daniel Blander, President, Techtonica, Inc.
Whether your environment experiences 30,000 security events per week or per hour, finding the 30 that matter most is the objective of your security management process. Success is determined by how long it takes to find that "needle in a haystack.” Learn how collaborative security architectures can allow that information to become your ally.
Somewhat Technical
EDS, Kyoto University, Oracle, and Scottrade: Panel - Best Practices for Network Intrusion Prevention System Deployment
Shawn Chaillou, Director - SPPS Security Operations Center, EDS, Inc.
Hiroki Takakura, Associate Professor, Kyoto University
Gail Coury, Vice President - Risk Management for Global IT, Oracle
Grant Bourzikas, Director of Business Continuity, Scottrade
A leading set of panelists shares its perspective on deploying and using intrusion prevention solutions (IPS). Hear panelists discuss whether intrusion detection systems (IDS) are dead, or if IDS can co-exist with the primary requirement of IPS.
Somewhat Technical
HBOS, Idaho State Tax Commission, and McAfee: Network Access Control - Hype vs. Reality
Richard Fry, Operational Security Assessment and Governance Manager, HBOS
Glenn Haar, IT Resource Manager, Idaho State Tax Commission
Greg Day, Security Analyst, McAfee, Inc.
As an industry initiative, network access control (NAC) has been around for a long time with many promises to eliminate a host of problems in one fell swoop. When Cisco first introduced it as network admission control in late 2003/early 2004, some analysts said it would grow from a $100 million market to multi-billions in just a few years. Today there is no shortage of NAC solutions in the market, with products at the endpoint, inline in the network, out of band, as well as woven into existing network infrastructure products. This session focuses on detailing real world examples of how companies have implemented NAC solutions.
Somewhat Technical
HP ProCurve and McAfee: A Better Way to Do NAC
Mauricio Sanchez, Chief Security Architect, HP ProCurve
Manish Gupta, VP Product Management, McAfee Inc
Network Access Control (NAC) is not dead. To the contrary, NAC is alive and well and must be considered as an integral part of a sound, holistic security strategy to protect against security threats, increase corporate security posture, and demonstrate regulatory compliance to security access policy. Learn how HP ProCurve ProActive Defense network solutions and McAfee Unified Secure Access solutions together enable a synergistic NAC solution where 1+1 equals 3 and not just 2.
HP: Beat Appliance Fatigue, Reclaim your Data Center, and Reduce your Complexity and Costs
Gary Thome, Vice President - BladeSystem Architecture and Strategy, HP
The only response IT has been able to make to the never-ending waves of spam and related threats has been to throw more and more products at the problem. One way or another they find ways to stitch these solutions together to provide protection. Over time this approach has held back the worst of the problem but in doing so it has created another unforeseen issue—appliance fatigue. Data centers are filling up with racks of appliances all trying to solve one piece of the problem. This approach doesn’t scale. It leads to spiraling complexity, ever increasing power and cooling requirements, and massive costs. Learn how a blade server based approach can provide the security you need and the complexity and cost reduction you want, all while taking less resources to help you go green.
McAfee Avert Labs: Best-of-Breed Anti-spam - How We Deliver Effectiveness to Beat the Leaders
Chris Barton, Lead Anti-Spam Scientist, McAfee
Massive scalability and performance are meaningless unless they are coupled with industry leading catch rates and false positive performance. McAfee Avert Labs is recognized as a world leader in threat research and mitigation. Join Avert Labs to learn what drives the wheels of spam, why we never let the sun set on our spam watching and how we deliver up to the minute protection that stops 99 percent of the problem.
This presentation is not available for download.
McAfee Avert Labs: Learn About the Latest Network Security Threats from McAfee Avert Experts
Rahul Kashyap, Manager Vulnerability Research, McAfee Avert Labs, Inc.
Jianhong Xia, Research Scientist, McAfee Avert Labs, Inc.
This session focuses on a number of important topics, including database protection, peer-to-peer traffic management, and productivity applications security. Learn about the trends and complications involved in protection against vulnerabilities in the Microsoft Office suite. Find out why a protocol analysis based solution can provide in-depth coverage to combat this trend. Learn the complexity of SQL injection attacks and how to detect and prevent them.
Extremely Technical
McAfee: Anatomy of Two Lethal Cousins - Distributed Denial of Service and Botnets
Zheng Bu, Senior Manager, McAfee, Inc.
Garrick Zhu, Research Scientist, McAfee, Inc.
Botnet and Distributed Denial of Service (DDoS) attacks have become some of the most serious threats to enterprise networks. The most recent Kraken botnet contains over 400,000 exploited machines, including machines from many Fortune 500 companies. Malicious attackers can make Internet attacks like DDoS much more damaging with the help of botnets. Learn how botnet and DDoS attacks are linked together, and find out why you need a complete solution to cover each and every phase of these complex attacks.
Extremely Technical
Track 6: Best Practices and Best Kept Secrets
Ciphent: Secrets to Endpoint Security - Defining the Strategy that Works
Doug Vandemark, Sr. Consultant, Ciphent
Kevin Harriford, CTO, Ciphent, Inc.
One of the largest challenges for an information security professional is managing the systems of an ever-increasing mobile workforce. McAfee ePolicy Orchestrator helps create a flexible managed environment for today's security-driven infrastructure. We will take an in-depth look at dynamic system configuration through the use of new reporting and automation functionality. In addition, we will explore techniques used in the field for quick and effective Host IPS configuration and updates. Join us for this comprehensive look at Endpoint Security.
Somewhat Technical
Citrix Systems and McAfee: McAfee Openness and Mixed Vendor Environments
Ricardo Bonefont, IT Governance and Compliance Manager, Citrix Systems
Richard LaBella, Manager, Citrix Systems
Peter Simmons, Sales Engineer, McAfee
Joe Gottlieb, Vice President - Corporate Strategy, McAfee, Inc.
With McAfee’s open architecture, a tight integration between McAfee and partner solutions delivers greater security and more efficient solutions. This session discusses these integrations and how customers can benefit from them. Acquiring a company with another vendors security solution or migrating from one security vendor to another can increase complexity or open companies to risk during the migration process. To help customers migrate from other vendor solutions, McAfee enables ePolicy Orchestrator to manage and/or replace Symantec antivirus, reducing migration time and minimizing risk. McAfee ePolicy Orchestrator also delivers additional management value by supporting third party partner solutions. The McAfee Security Innovation Alliance (SIA) is a technology ecosystem designed to assist in creating the world’s leading security solutions. Working together, McAfee and its partners deliver security solutions that help solve challenging customer problems.
Somewhat Technical
Manpower and McAfee: ePolicy Orchestrator 4.0 Best Practices and Migration
Lance Fahey, Technical Security Specialist, Manpower, Inc.
Torry Campbell, Strategic Security Engineer, McAfee, Inc.
Greg Wirt, Senior Product Support Specialist, McAfee, Inc.
McAfee introduced a number of significant enhancements to ePolicy Orchestrator with the release of version 4.0, including user configurable dashboards and improved directory implementation. One of McAfee's leading support specialists for ePolicy Orchestrator will present some of the considerations and steps to ensure an easy migration to ePolicy Orchestrator 4.0 and provide an overview of those enhancements.
Somewhat Technical
McAfee: A Case Study on Securing McAfee's E-mail Infrastructure
Dr. Martin Carmichael, Chief Security Officer, McAfee
Learn from McAfee’s CSO how the company uses its own products, in conjunction with other products, to secure its email infrastructure and remove threats before they reach user’s desktops. We will discuss the challenges IT faces and drill down into the tools, techniques, and best practices used to counter the threats. We will also discuss how the latest demands of corporate governance and industry regulation have driven new operating practices and standards as well as e-discovery and forensics.
Extremely Technical
McAfee: Panel - Meet the McAfee Vulnerability Management Experts
Bob Tesh, Group Manager, Solutions Marketing, McAfee
Greg Cummings, Senior Director - Engineering, McAfee, Inc.
Eric Fredericksen, Solutions Architect, McAfee, Inc.
Pinkesh Shah, Sr. Director Product Management, McAfee, Inc.
Gain an in-depth understanding of McAfee software, services, and consulting capabilities, and learn how to address your vulnerability management issues. This panel session discusses ways in which McAfee helps customers comply with regulations and standards in the area of vulnerability and policy management, as well as how to improve your overall IT security risk posture. Learn best practices in establishing a vulnerability management program, and find out what lies ahead for McAfee in this area. Learn more about the integration of McAfee Vulnerability Manager with other products, such as McAfee Remediation Manager, McAfee Network Security Platform, and McAfee ePolicy Orchestrator.
Somewhat Technical
Microsoft and McAfee: Implementing Network Access Control in Microsoft Environments
Dan Wolff, Senior Solution Marketing Manager, McAfee, Inc.
Joseph Davies, Senior Program Manager, Microsoft
Microsoft delivered a significant piece of network access control (NAC) technology in February 2008 with the introduction of Network Access Protection (NAP) as a part of Windows 2008 server. Both analysts and users indicate that NAC can be deployed less expensively and more widely throughout the enterprise as an embedded feature of existing network infrastructure versus as separate products. Hear McAfee and Microsoft present best practices around the integration of McAfee’s MNAC endpoint protection with Microsoft’s NAP technology and how to provide critical health checks on a NAP infrastructure.
Somewhat Technical
NSA: How Do We Enhance Security in Tomorrow's Network?
Will Janssen, Chief SNAC, NSA
The ever-changing landscape of today's network is a clear indicator of the challenges that we will face when tomorrow's network arrives. Securing this future net is a task that we all face together, regardless of whether we operate in the public sector or government sector. In NSA's Information Assurance Directorate, we see several options for combining current and bleeding edge technologies to enhance the security of the net and data. Get a peek into what we view as key technical elements, courses of action and hard problems which must still be addressed.
Oracle and McAfee: Best Practices for Network Intrusion Prevention System Deployment
Dan Molina, Director - LTAM Advanced Business Solutions, McAfee, Inc.
Gail Coury, Vice President - Risk Management for Global IT, Oracle
Leonid Stavnitser, Director of Security Solutions Center - Global IT, Oracle
Oracle has been a customer of McAfee network Intrusion Prevention System (IPS) for many years with one of the largest global implementations. In close partnership with McAfee, they were able to deliver a state-of-the-art intrusion prevention and detection solution. Hear about Oracle’s security objectives and how they were able to justify the business case and implement IPS without “breaking the business.” Learn about the integration of IPS with other security components providing simplified reporting and remediation.
Somewhat Technical
Secure Computing: Stopping Blended Threats - Inside and Out, Web and Mail
Grant Murphy, Director Web Gateway Security Products, Secure Computing
Stephen Newman, Director, Product Management, Secure Computing
Web security used to mean stopping employees from visiting sites with offensive or pornographic content. E-mail security used to mean stopping marketing spam. Today, we face a much different challenge. Every day, profit-motivated cyber crooks are launching blended and targeted threats aimed at compromising systems and stealing information. Insiders and pseudo-insiders have access and means to intentionally or accidentally cause great harm. The evolving threats you face today include blended e-mail and web attacks, data leakage, malware, phishing, and spyware. We will discuss network-based best practices and practical solutions to protect your organization against today's blended Web and mail threats, prevent data leaks, and secure outbound e-mail. Leave this session with a clear vision and plan for identifying and neutralizing the blended threats facing your organization today. Plus, learn ways to protect your Web and messaging infrastructure from the threats of tomorrow.
Not Particularly Technical
State of Connecticut: Challenges and Opportunities Architecting and Deploying Data Encryption in a Highly Distributed Corporate Environment
Frank Ward, President, WCG LLC
Corporate environments today not only have to protect against malware and attacks on their infrastructure but also compliance and the loss of sensitive data. It is not only important to encrypt that data but also to prove a device was fully encrypted at the time it was lost. This session covers architecting and deploying encryption in a highly distributed environment. The challenges of deploying in such an environment present unique opportunities to foster collaboration and improve enterprise processes. Seen from this perspective, deploying enterprise encryption solutions not only produces the well-understood benefits of greatly enhanced data protection, it also significantly strengthens processes and partnerships within the enterprise itself.
Somewhat Technical
Track 7: McAfee Solutions Overview
BAE Systems and McAfee: Endpoint Protection - Maximum Protection, Minimum Effort
John Fulmer, Director, IT Security & IT Projects, BAE Systems, Inc.
Vimal Solanki, VP, Solution and Competitive Marketing, McAfee, Inc
Candace Worley, Sr. Dir of PM, McAfee, Inc.
Exponential growth in cyber crime malware, targeted attacks on the rise, and the threat of data loss coming from all directions: Welcome to today’s endpoint security challenge. Enterprises relying on anti-virus products alone are leaving themselves vulnerable. Learn how McAfee reduces the cost and complexity of endpoint security through best-in-class integrated, multi-layered endpoint protection. Hear from McAfee customers on how they are efficiently managing security and controlling IT security costs.
Not Particularly Technical
BT Counterpane, McAfee, and Techtonica: Internal Networks - Building Security into Core Networks
Toby Weir-Jones, VP, Product Strategy, BT
Sangram Dange, Group Product Manager, McAfee inc.
Daniel Blander, President, Techtonica, Inc.
Until recently, the network security focus has been protecting the perimeter from external threats. Now wide open networks, mobile and remote access, and transparent business relationships have placed the threats inside the perimeter. Learn how to layer security within your network core, deploy virtual IPS, and create policy zones to protect specific assets and elements of your network infrastructure.
Somewhat Technical
HBOS and McAfee: Real Security for Virtual Systems
Richard Fry, Operational Security Assessment and Governance Manager, HBOS
Jason Yuan, Group Manager - BD and PM, McAfee, Inc.
Virtualized systems are subject to all the same threats as physical systems, and more: virtualization vulnerabilities grew over 400 percent from 2006 to 2007. In this session, McAfee experts discuss protection priorities for online and offline virtual machines and ways McAfee products and services can help. Through its early commitment and strong partnerships, McAfee offers the most complete virtualization protection in the industry. Learn about options like host intrusion prevention system shielding and enveloping, access protection rules, offline virtual image scans, and specialized network and vulnerability signatures. Take away practical ideas for extending security (and managing efficiently) across physical and virtual environments, saving money, and reducing risk.
Somewhat Technical
HP and McAfee: Total Data Protection
Kirk Godkin, Personal Systems Group Commercial Products, HP
Montserrat Mane, Security & Risk Management Services Principal, HP
Amit Raikar, Secure Advantage Alliances, HP
Chris Parkerson, Group Product Marketing Manager, McAfee, Inc.
McAfee’s solution for complete data protection with encryption, DLP, and device management helps companies of all sizes prevent data loss that can damage their business and meet their regulatory and governance requirements. This solution employs a unique approach – McAfee Adaptive Protection – that not only tackles protecting the data you know, but also helps you uncover and protect what you don’t know. Come to this session to learn about how McAfee is teaming with HP to deliver our solutions to you through the HP Secure Advantage portfolio. In addition you will learn how HP ProtectTools Disk Encryption leverages McAfee’s encryption technology to bring easy-to-use, proven protection pre-installed on HP business desktops and notebooks. You will also learn how the HP Data Protection services portfolio can be leveraged to accelerate the implementation and adoption of HP and McAfee data protection technologies from your desktops to the data center.
Somewhat Technical
IDC and McAfee: When Easy to Own Isn't - The True Cost of Appliances
Chris Christiansen, Program Vice President - Security Products and Services, IDC, Inc.
Greg Hampton, VP Product Management, McAfee Inc
Join McAfee Vice President of Product Management, Greg Hampton and Chris Christiansen of IDC to learn how McAfee identified a new trend in emerging threats and built a breakthrough solution to address them. Traditional anti-spam vendors have been selling customers on the vision that the appliance solves all the problems associated with running software on individual servers. For a while, this seemed like a more appealing way to implement e-mail and web security, as you could rack and stack as needed. Now we’re seeing the downside to that approach as it drives up complexity and cost. Hear IDC discuss their recent study into the TCO of blade servers as a modern security platform. Learn how you can save money and time and reduce overhead by adopting the scalable blade server as your security solution.
Somewhat Technical
Jabil, McAfee, and Wipro: Reduce Security Cost and Complexity with McAfee ePolicy Orchestrator
Bert Amodol, Senior Vice-President Security Engineering, A Large Financial Institution
Rex Tolman, Senior Manager, Global Information Security of Jabil, Jabil
Thevi Sundaralingam, Group Product Manager ePO & Pl, McAfee, Inc.
Arun Singh, General Manager & Head - USA, Wipro Technologies
More than 35,000 enterprise customers manage protections on 60 million PCs and servers with McAfee ePolicy Orchestrator (ePO). The single agent, single console approach reduces the cost and complexity of managing network, data, endpoint, and compliance products for McAfee and its partners. Find out how you can save your sanity and overtime costs using data collaboration, customized dashboards and reports, unified management of physical and virtual environments, and automation of tasks.
Somewhat Technical
McAfee: If You Are a McAfee Customer, You Already Have Much of What You Need to Deploy Network Access Control
Sangram Dange, Group Product Manager, McAfee inc.
Dan Wolff, Senior Solution Marketing Manager, McAfee, Inc.
Traditionally, Network access control (NAC) solutions have required customers to change: change their networks, their policies, and the way they do business while increasing operational costs, complexity, and errors. McAfee’s NAC solutions adapt to customers' business and infrastructure while reducing operational cost, unifying tools and reducing complexity. This session explains how McAfee can help you implement NAC today without a forced network upgrade. Hear how McAfee's NAC solution suite combines powerful yet flexible policy control with a wide range of enforcement methods to protect your network and mitigate risk. Should you stop there? Learn about optional integrations for automatic remediation and protection of remote access, wireless networks, and critical systems that can’t run agents. Find out how you can fully integrate NAC into your security and compliance infrastructure and maximize its payoff.
Somewhat Technical
McAfee: Security Innovation Alliance - An Innovative Approach to Heterogeneous Security Management
Bert Amodol, Senior Vice-President Security Engineering, A Large Financial Institution
Joe Gottlieb, Vice President - Corporate Strategy, McAfee, Inc.
Because security risk management is a heterogeneous challenge, McAfee solutions must openly integrate and interoperate with a wide variety of technologies. Working together across the Security Innovation Alliance, McAfee and its technology partners help enterprises master technology complexity while eliminating threats, reducing risk, and increasing compliance. The challenge is daunting but can be overcome with three types of innovation: integrating products into solutions, automating for process efficiency, and transforming process effectiveness through new security behaviors and workflows. This presentation highlights customer use cases enabled by these innovations in a showcase of practical security risk management.
Not Particularly Technical
McAfee: Support and Services - Improving Time-to-Value and Maintaining Value
Andrew Berkuta, Sr. Principal Consultant / Strategist, McAfee Corporation
Justin Drummond-Murray, Services and Support Marketing, McAfee, Inc.
In an ever-evolving threat environment, security is not just the purchase of a product. McAfee Support and Services capabilities enable you to realize the full value of your investment. Learn about McAfee support tools already included in your contract to assist in maximizing your security and reducing vulnerability patch cycles. Find out how tailored support options and assessment services can identify the value you are already receiving from security and help you refocus investments to areas that are less protected.
Not Particularly Technical
PwC and McAfee: Proving Compliance with Payment Card Industry
Evelyn de Souza, Senior Manager - Risk and Compliance Solutions, McAfee, Inc.
Frederick Rica, Principal, PricewaterhouseCoopers
Aaron Davies-Morris, Director, PwC
Payment Card Industry Data Security Standards (PCI DSS) best practices are evolving quickly. PricewaterhouseCoopers and McAfee examine some of the most pressing PCI DSS challenges, including the impact of version 1.2 changes, and strategies for optimizing compliance. See the McAfee PCI Mapping Tool and discover how you can leverage your existing McAfee solutions towards PCI compliance. This session will include a customer case study and a roundtable discussion to review lessons learnt, best practices and how organizations are complying with PCI.
Not Particularly Technical
|