Business Intelligence in Information Security
Chris Calvert, Manager, Security Intelligence
IBM Global Services
This talk will define and then discuss the application of Business Intelligence
techniques to the field of Information Security. The ability to identify
non-obvious relationship is massive amounts of data can significantly
improve your overall security posture. You already have the data, now how do
you use it to get ahead of the threats to your Enterprise. Intrusion
Detection and Vulnerability Scanning data can be put to very powerful
use, beyond the obvious, in answering specific business questions.
This data can dramatically enhance the speed and accuracy of many of your
most critical information security business decisions. These decision types
include; financial, technological, response-oriented, and policy & procedure.
Come see how to use the cutting edge disciple of business intelligence in
your Enterprise Information Security Program.
Chris Calvert is the Manager of Security Intelligence for IBM's
Managed Security Services delivery. Since joining IBM, Chris has
worked in ethical hacking, forensic investigation, and security operations.
Chris' current focus is on the application of intelligence and
business intelligence disciplines to the field of Information Security.
Chris has 16 years experience in Information Security, Information Warfare,
Special Operations and National Intelligence. Chris served on active
duty in Military Intelligence and Special Operations in Eastern Europe
and the Middle East. Since then Chris has supported the National
Intelligence community and the Department of Defense in many different
positions and agencies. Chris is a Certified Information Systems
Security Professional (CISSP), Certified Information Security Manager
(CISM) and an IBM Certified Professional IT Security Architect.
The Weakest Link? Your Customers and Identity Theft
Rob Hamadi, Director of Communications,
British Publishers Associatio
Identity thieves are constantly seeking to exploit the smallest weakness.
When our customers or employees fall victim, we could be left carrying the
can. Rob Hamadi, author of "Identity theft: What it is, How to Prevent it
and What to do if it Happens to You" takes us through the nature of
identity, some of the most common attacks and defences and points out some
ways forward for consumers, government and industry.
Author of "Identity Theft: What It Is, How to Prevent It, and What to Do If It Happens to You", Rob Hamadi was born in Jarrow, northeast England and studied engineering at Cambridge University. As Head of Communications at The Publishers Association he leads on high technology crime issues and liaison with law enforcement, and has worked on cases from the UK to the former Soviet Union. He is the founding chair of the Digital Content Forum's Cybercrime Industry Action Group, attends the Home Office/National High Technology Crime Unit Internet Crime Forum on behalf of the Internet Enforcement Group of the British Content Industries and is a member of the Rating and Filtering Sub-group of the Home Secretary's Taskforce on Child Protection on the Internet. In 2002 he led a fact-finding mission to the USA for the Department of Trade and Industry. As a result of the mission team's in-depth consultation with Federal Law Enforcement agencies a broad cross-section of the UK content industries began work on a new regime for policing copyright issues on the internet. From 1988 to 2002 he served as a London borough councillor.
The Ever Changing Role of Information Security Officer
Sheryl Rose, Vice President, Data Security
First Data Corporation
Sheryl is the Vice President of Information Security at First Data Corporation (FDC)
where she is responsible for the Operations' disciplines including Firewall,
VPN, Security Monitoring Center, Intrusion Detection Administration and Access
Control. She has been with FDC for 7 years where is has also served as the
Director of Information Technology Audit. Prior to FDC, Sheryl held various
consulting/audit positions at PriceWaterhouse Coopers, Wells Fargo, and
Guaranty National. She has a Masters degree in Computer Information Systems
and an undergraduate degree in Accounting
Threat Protection Technologies - Trends, Signatures, and Anomalies
Dr. Fengmin Gong, Chief Scientist
McAfee Inc
Security threats are increasing in frequency and sophistication.
Counter-threat technologies are also rapidly evolving. There is a
general lack of understanding on how different security tools address
various security threats, and in particular, there is much confusion
about signature-based versus anomaly-based detection methods. In this
talk, we will discuss the spectrum of threat protection steps from
detection to prevention in short-term and long-term. We will examine
the real difference between detection by string-match signatures and
detection by integrated methods. An improved understanding of these
technologies should benefit both developers and users.
Dr. Fengmin Gong is the chief scientist for McAfee IntruShield products. In his role with the company, Gong is responsible for leading the development of advanced intrusion detection and prevention algorithms and methods. Additionally, Gong focuses on the development of new signatures and profiles to counter emerging cyber threats.
Prior to his role at McAfee, Gong was a founding-team member for and Director of Intrusion Detection Technologies at IntruVert Networks, which was acquired by Network Associates in 2003. Before joining IntruVert, Dr. Gong was director of advanced networking research at MCNC, a provider of sophisticated electronic and information technologies and services aimed at businesses and government departments. While at MCNC, he was involved in advanced security and networking projects for agencies such as DARPA, NSA, NSF, NLM, NIST, and NASA. During his time at MCNC, he was also Adjunct Assistant Professor of Computer Science at North Carolina State University.
During a distinguished academic and publishing career, Dr. Gong has written and contributed to nearly 40 academic papers on network intrusion, anomaly detection, secure collaboration, multimedia content delivery, and network quality of service. His work has been presented at many industry events such as IEEE technical forums, as well as RSA, NETSEC, RAID, DISCEX, SIGGRAPH, and NOMS.
Dr. Gong earned his M.S. in computer science from Washington University, St. Louis in 1988 and his D.Sc. in computer science in 1992. He is also a graduate of Xi'an Jiaotong University, China where he completed his B.S. in computer organization and architecture and M.S. in computer science.
Exploring Grand Challenges In Trustworthy Computing
Dr. Eugene Spafford, Purdue University /
Executive Director, Center for Education and Research in Information Assurance and Security / Member of the President's Information Technology Advisory Committee
We are presented with numerous challenges to make our information systems
more secure, increase our confidence in our stored data, and protect the
privacy of our personal information. However, under the steady barrage of
attacks and flaws, it is sometimes difficult to think in terms of "big"
challenges that can inspire us to make revolutionary, rather than
evolutionary, strides.
In this presentation Prof. Spafford will discuss a few of the trends and problems that have
been occupying researchers and industry over the last few years. He will
explain why advances against these challenges are unlikely to provide
long-term improvements in the security of our infrastructure. From this,
he will then discuss the results of the recent CRA Grand Challenges conference
on information security, including some discussion of how we might proceed
to make progress on each of these four grand challenges.
Eugene H. Spafford is a professor of Computer Sciences at Purdue University and a professor of Electrical and Computer Engineering, a professor of Philosophy (courtesy appointment), a professor of Communication (courtesy), and is Executive Director of the Center for Education and Research in Information Assurance and Security. CERIAS is a campus-wide multi-disciplinary Center, with a broadly-focused mission to explore issues related to protecting information and information resources. Spaf has written extensively about information security, cybercrime, software engineering, and professional ethics. He has published over 100 articles and reports on his research, has written or contributed to over a dozen books, and he serves on the editorial boards of most major infosec-related journals.
In his career to date, Professor Spafford and his students are credited with a number of security "firsts," including the first open security scanner, the first widely-available intrusion detection tool, the first integrity-based control tool, the first multistage firewall, the first formal bounds on intrusion detection, the first reference model of firewalls, and some of the first work in vulnerability classification databases. Much of the current security product industry can therefore be viewed as based, in part, on his past research. His current research is directed towards issues of public policy and information security, architecture and construction of highly-secure systems, and cyberforensic technologies.
Dr. Spafford is a Fellow of the ACM, Fellow of the AAAS, Fellow of the IEEE, and is a charter recipient of the Computer Society's Golden Core award. In 2000, he was named as a CISSP, honoris causa. He was the year 2000 recipient of the NIST/NCSC National Computer Systems Security Award, generally regarded as the field's most significant honor in information security research. In 2001, he was named as one of the recipients of the "Charles B. Murphy" awards and named as a Fellow of the Purdue Teaching Academy, and in 2003 was named to the "Book of Great Teachers" -- thus receiving all three of the University's highest awards for outstanding teaching. In 2001, he was elected to the ISSA Hall of Fame, and he was awarded the William Hugh Murray medal of the NCISSE for his contributions to research and education in infosec. He is a 2003 recipient of the Air Force medal for Meritorious Civilian Service. In 2004, Spaf was named as the recipient of the IEEE Computer Society's Taylor Booth medal, and of the ACM SIGCAS's "Making a Difference" award.
Among his many activities, Spaf is chair of the ACM's U.S. Public Policy Committee, is a member of the Board of Directors of the Computing Research Association, and is a member of the President's Information Technology Advisory Committee (PITAC). He is a member of the FBI's Regional Computer Forensic Laboratory program, and of several corporate boards of advisors.
More information may be found at .
In his spare time, Spaf wonders why he has no spare time.
