2012 Information Security Executive Summit:

"Enabling Leaders"

Registration Fee - $250

ISC2, CSO Rountable, and ISSA Members Claim Your $100 Discount During Online Registration - valid until 4/30/12

* No discount code is required - simply make your fee / discount selection during registation

• Vendors and consultants please refer to the link in the Event Sponsor section at the bottom of the page to be considered as an event sponsor. Registration by vendors or consultants as a delegate will not be approved during post registration validation, as this event is designed specifically for information security executives, e.g. CISOs, CAE, IT Risk / Compliance leaders, CPOs, etc.

Don't have time to read the entire page; watch the event video!

Every attendee of the Summit has an equal chance of winning the Grand Door Prize of an iPad 3

Also, the golf tournament prizes include a set of Calloway golf clubs, a Charbroil Grill 2 Go BBQ, a 51" RC helicopter, and a cocktail chiller.

As a professional with information security program leadership responsibilities inside corporations and government organizations (e.g. CISO, CAE, IT Risk / Compliance Leaders, CPOs, Corporate Council, CIO, VP IT infrastructure / Service Management, etc. - vendors and consultants please see the note above), you are invited to join us at the 2012 Information Security Executive Summit. The event has been designed to offer a platform to network with your peers,

share insights, learn management techniques, and discuss important topical issues. The event's theme "Enabling Leaders" provides insightful models, methodologies, case studies, and more - each delegate will be empowered with tools, and documented case studies, to help you succeed.

Delegate Sessions

Delegate sessions are designed to offer maximum interactivity with the group through presentations by distinguished experts, round table discussions, and expert panels.

Key Note (Session 1) - The Rising Challenge of Cyber Crime - Ghost Click: A Case Study: In 2011 the FBI investigation concluded its investigation and in conjunction with Estonian Police arrested the criminals involved in a massive global CyberCrime case that employed more than 4,000,000 botnets around the world and netted them millions of dollars. During this presentation you will learn about Trend Mirco's role and learn how dangerous organized CyberCrime risks are.

Session 2 - The Rise of Global Espionage: A Real Life Case Study:  Delegates will review a case study based on the Tracking Ghostnet investigation, and touch on a couple of others. You will be provided copies of the case studies reviewed to help back up your budget proposals. 

Session 3 - Real and Present Danger - An Inside Look at the Russian and Chinese Hacker Underground: You have all heard the term cybercrime, and you have heard about all things cybercrime – stolen credentials, identity theft, fraud, blackmail, DDOS and more. You may have even heard that there’s a lot of money in it. During this session, delegates will have an unprecedented look into the underground world of Russian and Chinese hackers and black market traders.

Key Note (Session 4) -  InfoSec in The New World Order: Rugged DevOps and More ... Information security is rightly afraid of being marginalized: it has already happened.  With the advent of cloud, the velocity of change is breathtaking: while most IT struggle with monthly releases, agile IT businesses routinely conjure thousands of AWS servers, performing over 10 deploys per day. Organizations like Netflix, LinkedIn, Etsy and others have shown the competitive advantage that the combination of commoditized cloud infrastructure and DevOps processes can create.

They are quickly releasing features to market, saving the business money, while helping the business win. This agility and cost-savings delights the business. And with good reason, it terrifies security. If security was easily marginalized in a conventional IT organization, DevOps can completely bypass security. DevOps aligns the former adversaries of Dev and Ops. Security needs to enable ludicrous speed or be left behind. Where security has failed, we believe Rugged DevOps can succeed, by integrating into DevOps, helping develop applications that are scalable, available, survivable, securable, and supportable.

In this talk, Gene will be presenting key findings of his 10 years of research of high performing IT operations and security organizations, and his more recent research on the DevOps movement.  He will talk about why he believe DevOps is so important to addressing the dysfunctional marriage between IT and the business, and what  security must do to survive and thrive in this new regime.

Session 5 - Supply Chain Security Risk or Management?:  Anticipating and managing risks in your organization’s supply chain is becoming more complex every day. With increasing natural disasters and global instability you need more information at your fingertips to know and anticipate which events may affect the security and operations of your organization. By growing your knowledge of and managing your organization’s Supply Chain Risks in a more holistic manner you add intrinsic value to the bottom line and increase the value proposition of your services to the organization.

Session 6 - Legal Horizons: Delivered in a presentation style session, delegates will learn about the requirements of the new SEC CyberSecurity Risk Disclosure Guideline, as well as some new and pending state and federal breach notification laws and their impact on your organization.

Session 7 - Developing and Optimizing an Information Security Metrics Program:  One of the most important communications tools in information security management are metrics. During this session you will learn from noted expert and author on the topic, Lance Hayden PhD, on how to design, develop and manage metrics to measure and report on the efficiency and performance of your information security program.

Session 8 - Security Risk Management Using an Operational Risk Management Framework: Weaknesses and failures in information security are operational risks. During this session you will learn from noted author and expert on the topic, Dennis Dickstein, on how to build an information security risk management program based on an Operational Risk Management Framework. This session will: (1) describe an innovative and proactive operational risk management framework that integrates business management with risk management; and (2) apply this framework to information security in a way that provides a cohesive method of managing information security across a shifting threat landscape.

Session 9 - Developing an Enterprise Information Security Strategy:  In order for Security Departments to perform at an elevated level of value to an organization, it must think and operate strategically, even when taking tactical steps to address an issue. Designing and promulgating an enterprise security strategy is a critical first step in achieving this goal. During this presentation you will learn structured models used to design highly effective enterprise information security strategies for your organization.

A Special Note for Golfers

Fully stocked mens and ladies locker rooms and showers are available for tournament players.