April 2015 – Threat Manangement
By Isaac Salles on March 31, 2015
Date |
Venue |
Presentations |
|
– |
Check back after this event. |
Details: |
Date |
Thursday, April 9, 2015 (Register) |
Event Start Time – End Time |
2:00 – 5:00 pm |
Overall Event Title |
Threat Management |
Event abstract |
In today’s shifting threat landscape, threat management must be a part of an organizations comprehensive information security and risk management program. An effective threat management program combines IT security disciplines of threat detection, incident management, and monitoring and logging in order to in order to reduce the impact of risks to an organization’s IT systems and data.In this session, various presenters will cover emerging technologies and approaches to threat management as well as the key elements of a threat management program, its challenges and insight as to how to overcome common challenges. |
Venue |
Bloomberg LP, 731 Lexington Ave, New York, NY 10022
|
Dress Code |
Business casual |
Event kickoff opening remarks |
2:00 – 2:10 |
Speaker |
NYMISSA President Joseph Rivela, CISSP |
Session description |
Welcome attendees |
|
|
Session Title |
Leveraging a Human-Centric Approach to Mitigate Risk Inside the Extended Enterprise |
Start Time – End Time |
2:10 – 2:55 |
Session Description |
Well publicized breaches highlight the harm that insiders can cause – as intentional malice, unknowing compromise by an outsider, or merely negligence as a careless user. The dramatic growth in information sharing within an enterprise, increased scale and complexity of enterprise IT infrastructure, and greater presence of employee-owned devices are all contributing factors to the increased risk from insiders. However, mitigating the harm that insiders can cause must be approached from a human perspective, because human actions remain at the core of insider risks. This session will provide recommendations for CISOs to effectively leverage and analyze the human-generated data sources in the enterprise – from email and chat communications to file and web browser activity – and successfully tackle insider risks from a human perspective. Key themes that will be emphasized include: enabling visibility across multiple modes of human-generated data sources; gaining context on digital activity for improved understanding and situational awareness of risks inside the enterprise; and adopting a proactive approach to identify suspicious activities before they become significant incidents. |
Speakers |
Guy Filippelli, CEO of RedOwl |
Bio(s) |
Guy Filippelli is the CEO of RedOwl, which provides a software platform for organizations to monitor and investigate high-risk activities inside the enterprise. He leads RedOwl’s overall strategy with the vision of delivering unparalleled visibility and context of activities inside the enterprise, while enabling human inference through a powerful user experience that reflects a fundamental appreciation for analytic workflows. Prior to founding RedOwl, Guy co-founded Berico Technologies, a high-end engineering firm, and Praescient Analytics, a data analytics and training company that works with cutting-edge software platforms to service a variety of industries. Guy holds a B.S. in Economics from the United States Military Academy at West Point, and received his B.A. and M.A. in Philosophy, Politics, and Economics from Oxford University. |
|
|
Session Title |
Insider Threat Analytics |
Start Time – End Time |
2:55 – 3:30 |
Session Description |
TBA |
Speakers |
Nanda Santhana, VP of Solutions at Securonix |
Bio(s) |
Nanda has over 10 years’ experience serving organizations in information security, risk management, and compliance. He specializes in the domains of Data Protection, Insider Threat, Identity Management, Role Based Access Controls, Cyber Threat Management, PCI DSS Compliance and Third Party Risk Management and frequently speaks on these topics. As an information security professional, Nanda has served several global clients across industry verticals on engagements ranging from information security strategy development, insider threat, risk assessments, to detailed design & deployment of enterprise security solutions. Prior to Securonix, Nanda worked for Oracle and Sun Microsystems where he was responsible for Global Fortune 500 solution implementations and sales for all security products. |
Networking Break |
3:30 pm – 3:50 |
Session Title |
Threat Management Panel |
Start Time – End Time |
3:50 – 4:30 PM |
Session Description |
Inquires to the professionals who leave and breach threat management on a day to day basis. Panelists will include professionals from Bloomberg and Blackstone, with more to be announced |
Speakers |
TBA |
Bio(s) |
|
|
|
Who should attend (customize to each session content) |
Who should attend this session:ISSA Members, ISACA Members and FS/ISAC Members (and other ISAC’s)This program has been created for information security practitioners, but may also be of interest to the following:Auditors who intend to evaluate threat management within an enterprise.Security practitioners seeking to accomplish or implement Threat Management objectives.Security Management & Executives – With a goal of understanding industry practices trends, and seeking perspective on implementing technical assessment activities in the context of a broader application security program. |
|
Posted in Event Calendar, General