Information Assurance Management Summit

May 2 & 3, 2012

As a professional with Information Security and Assurance responsibilities, you are invited to join us at the 2012Information Assurance Management Summit at Don Shula’s Hotel & Golf Club in Miami Lakes, Florida.

The event has been designed to offer a venue in which professionals managing information security and assurance services in corporations and government have a platform to network with their peers, share insights, learn new professional management practices, and discuss important topical issues. It also offers an opportunity to demonstrate our responsibility as leaders by supporting the community through participation in our Charity Golf Tournament.

During the Summit delegates will participate in interactive sessions led by leaders in the field:

• Innovation in practice methodologies for IT Governance;
• Supply Chain Risk Management;
• Aligning Security Risk Management with an Operational Risk Management Framework;
• Skills for information security and assurance management;
• A look ahead at legislation coming our way from Washington and e-Discovery Challenges;
• The innovation crisis - human resources for the future demand?
• and more

Delegate Sessions

Delegate sessions are designed to offer maximum interactivity with the group through presentations by distinguished experts, round table discussions, and expert panels.

Day 1 Key Note - The Rise of Global Espionage: A Real Life Case Study:

All too often the basis of an annual or project base information security budget proposal is challenged and the supporting business case fails to drive home the importance and urgency of the real and present threat. During this informative session on global espionage, deletgates will review a case study based on the Tracking Ghostnet investigation, and touch on a couple of others. We’re going to give you access to copies of, and help you understand, as well as, leverage these case studies to back up your budget proposals like never before. Read the article posted on the home page of our web site entitled, “Confidence with Cause?”.

Session 2 - Supply Chain Security Risk or Management?:  Anticipating and managing risks in your organization’s supply chain is becoming more complex every day. With

• catastrophes becoming more frequent;
• growing state, national and international debt issues rising;
• repercussions on workforce civil unrest which is propagating onto the front door of America and abroad;
• hacktivism is on the rise and is seen in a sympathetic manner likening it to the acts of the fabled Robin Hood instead of the criminal activity it is; and
• more

you need more information at your finger tips to know and anticipate which events may affect the security and operations of your organization. By growing your knowledge of and managing your organization’s Supply Chain Risks in a more holistic manner you add intrinsic value to the bottom line and increase the value proposition of your services to the organization. We’re going to talk about how simply auditing your outsourcers is not enough anymore, and introduce you to the evolving area of Supply Chain Risk Management.

Session 3 - Information Management Governance - Using The DIRECTION Methodology: Delegates will learn a structured methodology for developing Information Management policies and standards, using the DIRECTION methodology. The methodology walks professionals through the end-to-end process of design, development, maintenance, and decommissioning IT Governance. Understand the traps many information security and assurance professionals fall into that create new challenges and obstacles, and more importantly how to avoid them.

Session 4 - Information Security Metrics: One of the most important communications tools in information security management are metrics. During this session you will learn from noted expert and author on the topic, Lance Hayden PhD, on how to design, develop and manage metrics to measure and report on the efficiency and performance of your information security program.

Session 5 - SEC Cybersecurity Risk Disclosure Guideline: Delivered in a presentation style session, delegates will learn about the requirements of the new SEC Cybersecurity Risk Disclosure Guideline.

Session 6 -Security Risk Management Using an Operational Risk Management Framework: weaknesses and failures in information security are operational risks. During this session you will learn from noted author and expert on the topic, Dennis Dickstein, on how to build an information security risk management program based on an Operational Risk Management Framework. This session will:

• describe an innovative and proactive operational risk management framework that integrates business management with risk management; and
• apply this framework to information security in a way that provides a cohesive method of managing information security across a shifting threat landscape.

Day 2 - Key Note - The Rising Challenge of Cyber Crime - Ghost Click: A Case Study - (Session 7): In 2011 the FBI investigation concluded its investigation and in conjuction with Estonian Police arrested the criminals involved in a massive global cybercrime case that employed more than 4,000,000 botnets around the world and netted them millions of dollars. During this presentation you will learn about Trend Mirco's role and learn how dangerious organized cybercrime risks are.

Session 8 - Real & Present Danger - A Look at the Russian Underground: You have all heard the term cybercrime, and you have heard about all things cybercrime – stolen credentials, identity theft, fraud, blackmail, DDOS and more. You may have heard that there are markets for goods connected to computer crime. You may have heard that there’s a lot of money in it (enough to pay off the national debts of most states including the USA, if you total all reports on damages by cybercrime). As usual the problems lie in connecting the dots. What are the mechanisms behind these black markets? What are the goods? Who pays for them and by which means? Surely you cannot just walk into a chat room, drop your credit card number and part with the digital loot, or can you? What if you end up being a trade object yourself? Screenshots are shown of actual high profile advertisements such as post about mysql [dot] com root access for sale. During this session, noted expert on the Russian black market and professional ethical hacker, Almantas Kakareka, answers these questions and offers delegates an unprecedented look into the underground world of Russian hackers and black market traders.

Session 9 - Changes in the Healthcare's HITECT Regualtion for 2012 and What It Means To You: The
Department of Health and Human Services’ (HHS) Office for Civil Rights is proposing modifications to the Health Information Technology for Economic and Clinical Health Act (HITECH). These changes would most certainly create significant issues for healthcare companies and other covered entities. HHS has sent to the White House Office of Management and Budget (OMB) for review a proposed rule regarding disclosures of electronic health record information under HIPAA privacy rules. If approved, this new proposed change to HITECH will bring both challenges and opportunities to healthcare CIOs and leaders.

Meet & Greet Reception

The Meet & Greet Reception will offer attendees a great opportunity to network with their peers and solution providers while enjoying the Florida evening breeze, complementary cocktails.

After the Meet & Greet, if you are in the mood you can stroll the hops and restraunts of Miami Lakes Main Street.

Golf Tournament

The tournament itself is designed to be a fun and relaxing event, ideal for networking with your peers. 

Tournament golfers will play eighteen (18) holes beginning with a shot gun start. Teams will be assigned by your event host, and communicated on the morning of the tournament.

Tournament Play 

This event is for players of every kind, whether golf is a mastered sport or a relaxing pastime. All teams shall begin the tournament in shotgun style, and the course shall be played as "stroke pay" simply meaning, all strokes are counted (scoring rules may allot for adjustment in certain circumstances). 

As an official tournament, scoring shall be recorded on an individual basis and calculated using the Callaway Scoring System. Each golfer is responsible to ensure a score is accurately kept of all strokes and penalties. Final scoring calculations shall be performed by the Resort Golf Director.

Attire

Normal club attire is expected in order to play in the event, i.e. golf shorts (no cut-offs), collared shirt.