Agenda

Monday, May 4

8:00 am Registration and Morning Refreshments

9:00 am Opening Remarks

Dan Srebnick, Associate Commissioner, IT Security & Chief Information Security Officer, Department of Information Technology and Telecommunications (DoITT), City of New York

9:15 am Opening Keynote

Hacking, Social Engineering and Other Things That Keep Us Awake at Night

Johnny Long, Hacker, Security Expert and Author

The first step in preventing a security problem is to know that a threat exists in the first place. In this fascinating and entertaining presentation, Johnny shows us just what we're up against out there. In his own words: "I am a hacker. I've been a professional hacker for over ten years. I've spent the bulk of my career breaking into computer networks and sliding past security guards to gain access to secure facilities." Johnny is an ethical hacker, however, and he is most definitely on our side. His perspective sheds new light on the security challenges that face us daily.

10:15 am Morning Break

10:45 am Concurrent Session

Virtualization and Security

Almost any IT department worth its salt is deploying virtualization technology today to reduce power usage, make server and operating system deployments more flexible, and better use storage and systems resources. However, virtualization can be both a blessing and a curse, serving up improved security while at the same time hiding dangers. This session will provide advice on important security issues in managing your virtual network.

Kenneth D. Biery, Jr., Professional Services Manager, Verizon Business

Securing the Mobile Enterprise

When a workforce is empowered with mobile technology, productivity rises but at the same opens the door to new vulnerabilities and security risks, not to mention personal liability for data loss. This session looks at the latest tools, solutions and policies for assessing vulnerabilities, shoring up defenses and avoiding the type of incidents that we have been reading about all too often lately.

Brian Ford, Consulting Engineer, Office of the Chief Technology Officer, Cisco Systems

Project Management Security Boot Camp

This session is designed for project managers and project team members who are not security experts. NYC DOITT will present the Security Accreditation standards that every project should be following to ensure compliance with the operational policies and procedures of New York's accreditation mandates. Attend this session to gain the management skills and standards necessary to meet the requirements of these mandates and to reduce your audit risk.

Roman Garber, IT Security Specialist, Department of Information Technology and Telecommunications (DoITT), City of New York

11:45 am Lunch

12:35 pm Keynote

Stop Reacting: Manage People, Information, and Risk

Michael Santarcangelo, Author, Into the Breach

Information - the lifeblood of the modern organization - is under constant attack. The current approaches to protect information are reactions that make it harder for people to do their jobs and may actually increase risk. We face an epidemic where 1 in 9 adults have had their personal information compromised - information entrusted to organizations. The current methods are not working. It is time to adopt a new way of thinking, and a new way of acting, in an effort to change the way people protect information. This session will discuss the underlying challenge that must be addressed when people are disconnected from the consequences of their actions. You will learn how to successfully engage, empower, and enable people to take back responsibility and enjoy the success that reduces risk by changing the way people protect information.

1:30 pm Afternoon Break and Refreshments

2:00 pm Concurrent Sessions

Aligning Information Security into Overall Governance

Security starts with people and information. No matter what technology is used, its success requires organization-wide agreement and understanding of what security really entails and how information is to be stored and classified. This session looks at some of the security strategies and practices currently being used in both public and private sectors that have successfully shifted the security perspective from the technical to an enterprise level.

Carl Cammarata, Chief Information Security Officer, The City University of New York (CUNY)

Tackling Secure Application Development

This session will highlight the importance of building security early into the application life cycle process. No longer can security be an afterthought; it must be embedded into the application development process early on. This session will provide practical techniques for putting a plan and framework in place to develop secure code.

David Stern, Manager, Security Engineering, Department of Information Technology and Telecommunications (DoITT), City of New York

3:00 pm General Session

How to Avoid that "NY Post Moment"

Security Incident Response: New York Case Studies

How quickly can you respond to a security threat? Data theft, system attacks, operational errors - the list can seem endless. Fortunately, a threat loses its strength once it is identified and understood. Therefore, the key to survival is spotting a threat before it wreaks havoc, and better yet, to prevent it from happening in the first place. This session analyzes several actual incidents with the goal of raising awareness and reducing reaction time.

Gijo Mathew, Vice President, Product Marketing, CA, Inc.

Christopher Novak, Principal, Network and Information Security, Verizon Business

4:00 pm Executive Reception

Network with your colleagues and discuss technology solutions with the event sponsors.

Conference times, agenda, and speakers are subject to change.
For current updates, please visit the Executive Events website at http://www.govtech.com/events.