|
Governance and Compliance Track
|
|
08:45 – 09:45
|
Strategies for Managing Risk and Thriving in a Dynamic Environment
Speaker(s): Gail Coury, Vice President, Risk Management, Global IT, Oracle |
|
09:45 – 10:15
|
Break
|
|
10:15 – 11:15
|
Compliance is Not The Same as Security!
Moderator: Robert K. West, CEO and Founder of Echelon One
Panelists:
Niall Browne, CISO, LiveOps
Irfan Saif, Principal, Deloitte & Touche LLP
Jason Hoffman, VP Tech Operations, SINET
Suzanne Widup, President, Digital Forensics Association
Overview: Is there a split between those who believe that "compliance" can be achieved simply by following best practices to "secure" an environment? What has compliance morphed into in 2009 after another year of increased regulatory pressure and increased adoption of cloud computing and SAAS? Is compliance obtained by doing what it takes to pass an audit, completing scans with popular scanning tools, or is it doing whatever it takes to mitigate business risk? Our panelists will explore the latest approaches to compliance as we all prepare for 2010. |
|
11:15 – 12:15
|
Unified Controls Frameworks
Moderator: JJ Thompson , Partner, Rook Consulting
Panelists:
Brandon Dunlap, Research Director, Brightfly
Niall Browne, CISO of LiveOps and former Co-chair on BITS
James Anderson, Executive Consultant, Emagined Security
Kevin Watkins, Security Researcher & Architect, McAfee
Kimberly Getgen, Principal, True Catalyst
Overview: The concept of "unified", "de-duplicated", or "rationalized" controls is not new. Since SOX, companies have increased internal efforts to simplify compliance, yet few have been successful. In the past year, the burden has shifted from identification of the population of proposed controls to focus on the best ways to identify appropriate controls, standardize control populations, and begin activities to simplify and make measurable improvements to the internal control environment. In this session, panelists will discuss a few popular control frameworks as well as the wrong… and right… way to leverage them. |
|
12:15 – 01:30
|
Lunch Break
|
|
01:30 – 02:15
|
Afternoon Keynote: "Why We Must Develop a New Model for Collaboration in Cyber Security: A Perspective on America’s Innovation Crisis"
Speaker(s): Pascal Levenson , Founder and Managing Partner of Levensohn Venture Partners
|
|
02:15 – 03:15
|
Innovation Gap / Crisis Panel: "What are the Opportunities to Advance Innovation in the Cyber Security Market"
Moderator: Robert Rodriguez, Chairman and Founder of the Security Innovation
Panelist(s):
John Stewart, Chief Security Officer at Cisco
Audrey MacLean, Professor at Stanford University
David Rice, Director for Policy Reform at U.S. Cyber Consequences Unit
|
|
03:15 – 03:30
|
Break
|
|
03:30 – 04:30
|
International Update on Privacy for GRC
Speaker(s): Francoise Gilbert, Managing Director, IT Law Group
Overview: Multinational businesses face the governance, risk, and compliance challenge of following dynamically-changing privacy laws around the world. Hear an update on international privacy laws in Europe and Asia from a recognized international privacy law expert, Francoise Gilbert. She will talk about different approaches to compliance worldwide, how to comply with restrictions on data transfer, making decisions about privacy practices that make sense for your business, as well as recent developments from data commission decisions, enforcement actions and regulatory guidance. She will also cover new breach notification and data retention requirements.
|
|
04:30 – 06:00
|
Reception/Raffle
|
|