Detailed Program Information

Registration Desk Open

Session Details

E-Mail Room Open
Sponsored by MPC/Gateway, AN EDUCAUSE Gold Partner

Session Details

Seminar 1A - The Life Cycle of a Security Breach
PLEASE NOTE: Separate registration and fee are required to attend this seminar.

Session Details

Speaker(s)

• Edward Carter, Senior Security Analyst, Ohio University
• Thomas Conley, Senior IT Security Analyst, Ohio University
• Matthew Dalton, Director, Information Security, Ohio University

Abstract

Security breaches are a major concern for institutions of higher education and have received national attention over the past few years. This seminar will explore Ohio University's widely publicized journey through the conditions leading up to the breach; immediate, short-term, and long-term consequences; and the path to the future.

Seminar 1F - What's New for Security in Windows Vista?
PLEASE NOTE: Separate registration and fee are required to attend this seminar.

Session Details

Speaker(s)

• Jason Fossen, SANS Instructor, Enclave Consulting LLC

Abstract

This session will discuss the new security-related technologies in Windows Vista. The course includes topics such as BitLocker Drive Encryption, Mandatory Integrity Control, IPSec AuthIP, the new Windows Firewall, Internet Explorer 7.0 Protected Mode, Windows Defender, and more. The course assumes you already have a Windows security background and only includes the differences between Windows XP/2003 and Vista.

[Special Instructions: This is a hands-on course with exercises, so you must bring a laptop or virtual machine with Windows Vista Ultimate or Enterprise Edition preinstalled. Ideally, your laptop will have a Trusted Platform Module (TPM) chip in the motherboard, but this isn't required. You should also bring a USB flash drive of at least 16MB in capacity, especially if your laptop lacks a TPM chip. And don't forget to bring the Vista installation DVD too!]

Brought to you by the SANS Institute.

Seminar 2F - Establishing an Information Security Program
PLEASE NOTE: Separate registration and fee are required to attend this seminar.

Session Details

Speaker(s)

• Cedric Bennett, Emeritus Director, Information Security Services, Stanford University
• Steven Schuster, Interim Executive Director, Cornell University

Abstract

This interactive session will provide an overview of areas such as growing the program, gaining broad support, finding resources, focusing direction, and planning for what comes next. We'll take a look at staffing models, assessing risk, policy development, raising campus-wide awareness, training staff, privacy issues, and operational and technical controls. Participants will be given an opportunity to discuss and potentially address security issues from their own institutions.

Refreshment Break for Preconference Seminar Participants
Sponsored by Oracle, An EDUCAUSE Gold Partner

Session Details

Lunch for Preconference Seminar Participants
Sponsored by Oracle, An EDUCAUSE Gold Partner

Session Details

Seminar 1P - Mix and Match for Higher Education IT Compliance Managers: Top Ten Tips to Decide the IT Frameworks for Your Institutional Needs
PLEASE NOTE: Separate registration and fee are required to attend this seminar.

Session Details

Speaker(s)

• M. Peter Adler, Partner, Pepper Hamilton LLP

Abstract

Given the large number of state, national, and international laws and regulations that call for security and privacy compliance, how does a higher education institution select an appropriate compliance approach? Since many of the regulations themselves don't provide sufficient guidance for compliance, what standards and compliance frameworks are appropriate? This seminar will introduce each of the prevailing standards and frameworks, including COBIT, COSO, ITIL, ISO, and NIST, and will discuss how to mix and match them to create a comprehensive information security and privacy risk management program.

Seminar 3P - Navigating the Shifting Landscape
PLEASE NOTE: Separate registration and fee are required to attend this seminar.

Session Details

Speaker(s)

• Phillip Deneault, Network Security Officer, Worcester Polytechnic Institute
• Brian Smith-Sweeney, Project Lead, New York University

Abstract

The information security community has seen two major paradigm shifts occur in the last several years. On the threat side, attacker motivations have become more profitable, more organized, and more advanced. At the same time, OS and application vendors have taken a secure-by-default mind-set, enabling network protections and hardening default system configurations, which affects our ability to quickly and centrally assess threats as much as it does an attacker's ability to compromise a system. These shifts require a major rethinking of how we manage security in the enterprise. This seminar will explore the shifting landscape and practical steps to address this dynamic threat landscape. Topics will include strategic versus tactical thinking in IT security, security information program management, IT security architecture, and incident response.

Refreshment Break for Preconference Seminar Participants
Sponsored by Oracle, An EDUCAUSE Gold Partner

Session Details

First-Time Attendees: How to Get the Most Out of the Conference Experience

Session Details

Speaker(s)

• Gary Dobbins, Director, Information Security, University of Notre Dame
• Rodney J. Petersen, Government Relations Officer and Director of Cybersecurity Initiative, EDUCAUSE

Abstract

This session will help you get the most out of your attendance at the Security Professionals Conference. Beyond a conference overview, we will address how to make smart choices about which sessions to attend, network with colleagues in similar situations, be intentional about taking home what you learned, and become more professionally involved in the activities of the EDUCAUSE/Internet2 Security Task Force.

• View Session Resources

More Information

For more information, see:

http://connect.educause.edu/Library/Abstract/FirstTimeAttendeesHowtoGe/46788

Birds-of-a-Feather Sessions (Affinity Groups)

Session Details

Abstract

We invite you to join colleagues for birds-of-a-feather discussions. During this discussion session you can network with those who share similar interests or responsibilities and discuss topics of particular interest to you. These sessions are designed to encourage you to exchange experiences and insights with colleagues. You can also establish a new group by notifying us in advance (security-task-force@educause.edu) or signing up at the bulletin board near the registration desk.

Groups include:

Create Your Own Group:
Commuter and Two-Year Colleges
Research Universities

Existing Groups:
California State University/University of California Campuses
Committee on Institutional Cooperation (CIC) IT Security Working Group
Ivy-Plus IT Security Officers Group
Virginia Alliance for Secure Computing and Networking (VASCAN)

BoF/Affinity Group Dinners (optional)

Session Details

Dinner on Own

Session Details

Program Committee Dinner (by invitation only)

Session Details

Security Task Force Working Group Dinners (optional)

Session Details