Mid-Atlantic CIO Forum: Meeting Announcement
Topic: Security: Emerging Threats – Effective Responses
Date: October 14, 2010
Location: Towson University
Please join members of the Mid-Atlantic CIO Forum and invited guests at the October 14, 2010 meeting!
CIOs are constantly challenged to provide adaptive security strategies to present and emerging threats. Balancing costs versus risks, meeting compliance and improving efficiencies are intrinsic to a sufficient and successful security strategy. Security is core to an organization?s success. What are the threats, defenses and responses CIOs must understand and be prepared to employ in today?s business environment?
John Pescatore, VP Distinguished Analyst, Gartner, Inc. will present an update on new threats and discuss how security practices are changing to address these threats in a more challenged economic environment.
?Many factors are changing that are breaking existing approaches to information security. Security defenses need to evolve in many areas to deal with what is now called the ?advanced persistent threat? ? targeted, financially motivated attacks. At the same time, businesses want to take advantage of cloud computing and social networks but security has been a major inhibitor. The regulatory environment continues to evolve, as well, with PCI, FISMA and NERC/CIP requirements further impacting security budgets.?
Mr. Pescatore?s presentation will provide Gartner?s projection of the most critical current and future threats and highlight key approaches for security evolution to deal with changes in threat, technology and business environments. We will discuss security metrics for measuring both the effectiveness and the efficiency of information security programs, as well as detail best practices for matching the optimal security approach to meet the demands of business while also protecting customer and corporate data.
In the second part of the meeting, a more in?depth look at cybercrime, particularly the law enforcement view will be presented. Supervisor Special Agent David W. Musgrove, FBI – Cybercrime Squad, will present ?Social Engineering Threats on the Net?. The lack of an understanding of threats and secure measures by employees and contractors can result in significant breaches in business as well as a possible risk to national security. To illustrate these risks and how to protect against them, SSA Musgrove will discuss OSINT (Open Source Intelligence) counterintelligence versus easy threat access, On-Line Resumes (exposing yourself to vulnerabilities and unintended attacks), ACH Fraud and Zeus Botnet (financial business risk). In addition. SSA Musgrove will discuss knowing when a CIO should call in law enforcement and/or US Cert and what is expected of the CIO and the company when law enforcement does come in.
Please join our members at the meeting! This is a full member meeting of the Forum. The meeting starts at 8:00 AM and ends by 1PM. Brunch and lunch are provided. Pre-registration is required. Meeting logistics including agenda, directions to the meeting place and parking information will be emailed to you after you register. For registration for this meeting, please contact: Bonnie Lawson at blawson@towson.edu or 410-704-4252.
