Agenda - Network Security Conference 2011, Mumbai

Agenda

8.00AM - 9.20AM: Registration

9.20AM - 10.00AM: Inaugural Keynote: A New Security Blueprint
Speaker
Vaidyanathan Iyer, Sales Leader, IBM Security Solutions

10.00AM - 10.30AM: Session 1
Insider Threat: Identifying Your Insider
• The Insider Problem – An Inconvenient Truth
• Insider Threat Landscape
• Insider Threat Impact & Challenges
• The Probable Causes / Vulnerabilities
• Mitigation Strategies

Speaker
Abhilash Sonwane, Sr. Vice President, Cyberoam

10.30AM - 10.50AM: Session 2
Securing your Journey to the cloud
While cloud computing offers a fundamentally new way to cost-effectively and quickly deploy new services and augment existing capabilities, it’s not without any challenges. Security is top most concern for organization moving to cloud. How we can address security concerns by deploying the appropriate solutions and following best practices to secure their journey into the cloud.

Speaker
Kamal Sharma, Technical Sales Consultant - India & SAARC, Trend Micro India

10.50AM - 11.20AM: Morning Break
A chance to meet up with your friends and have a cup of coffee!

11.20AM - 11.50AM: Session 3
Securing the Virtual Infrastructure
• Threats to the Virtualization Stack
• Some Solutions to Secure the Virtualization Stack

Speaker
Vijay Mahajani, Sr. Manager, Wipro Consulting Services

11.50AM - 12.10PM: Session 4
Identity Fraud – Evolution and Solutions
• Attack Vectors – Phishing, Pharming, Smishing, Vishing, Trojans, Man-in-the-Middle, Man-in-the-Browser
• Appropriate countermeasures for each possible attack – Multi-factor authentication, One-time-passwords, various token form-factors, biometrics, PKI

Speaker
Tejas Lagad, Director of Product Management, BFSI, Nexus Technology

12.10PM - 12.30PM: Session 5
When Encryption Isn’t Enough
Protecting proprietary information and intellectual property is vital to the success of any organization. Although security measures have been taken secure these critical data from the outside world, the fact is that the greatest threat to data security comes from the inside from the very users who have access to corporate data resources. While many enterprises have successfully deployed or are in the process of implementing an encryption solution, protection against both outsiders and insiders requires a solution which is a combination of strong encryption technology and has DLP (Data Loss Prevention) functionality

Speaker
Kamal Sharma, Technical Sales Consultant - India & SAARC, Trend Micro India

12.30PM - 1.00PM: Session 6
The Changing Face of Endpoint Security
Endpoint security was a strategy where software is distributed to end-user devices but centrally managed - virus and spy ware detection, full disk encryption, remote access VPN. As more of our networks become endpoint devices, managing the network is now managing the endpoint. Access Control, Identity Management, Hygiene, and Intrusion Detection are now part of a more comprehensive endpoint security strategy. This session will examine real life examples of expanded, rethought endpoint security.

Speaker
K. K. Mookhey, Principal Consultant, Network Intelligence India

1.00PM - 2.00PM: Lunch
Break for lunch and a chance to catch up with each other!

2.00PM - 2.30PM: Session 7
Securing Web Applications - Lethal Attacks On The Rise
Web attacks are becoming extremely sophisticated and lethal for corporate environment and attackers end up finding exploitable entries on open surface. It is imperative to understand the associated threats and attack vectors to defend your assets by deploying software security measures, policies and controls across applications. Attacks are rising against financial applications like banking and trading, logical attacks and delivery of payloads are becoming easier in era of vulnerable browsers. Web threats are converging and encompassing mobile, browsers, PDA devices and other components. We will try to take a holistic view of next generation threats against web application and software during the talk with some quick demonstrations to understand real impact.

Speaker
Shreeraj Shah, Director, Blueinfy & SecurityExposure

2.30PM - 3.00PM: Afternoon Break
Some time out for you to grab another coffee and a well earned rest.

3.00PM - 3.30PM: Session 8
IT Governance Risk and Compliance : Making sense of Data Overload
Today enterprises have technologies to secure the information in the form of various point solution. This has lead to huge data about issues but no prioritization and actionable intelligence. Every CISO is charged with developing a system that guarantees the safety of the information within his/her enterprise.
Speaker
Parag Deshpande, Principal eGRC Consultant, RSA

3.30PM - 4.00PM: Session 9
The Advanced Persistent Threat – Pilfering “Intellectual Property” purely for profit
With the advent of recent attacks on Google, Microsoft and host of other technology firms, defense contractors and large corporations, the focus remains common – Intellectual property & Data theft through “The Advanced Persistent Threat” (APT). While the threats underlying the APT are not new, they involve combination of various attack vectors exploiting trusted social connections, use of sophisticated malware, hardware to execute a focused attack and maintain “Persistent” access within the organization to covertly pilfer reams of sensitive corporate data.

Speaker
Kartik Shinde, Senior Manager - Advisory Services, Ernst & Young

4:00PM - 4.30PM: Session 10
Intelligent Workload Management: Addressing Security & Identity Concerns
The responsibilities of today's IT executive can be summarized as follows: How to meet the needs of an increasingly demanding and diverse set of end users while minimizing the cost, complexity and risk of running a 21st century data center. Today, workloads need to be able to run across physical, virtual and cloud environments. Workload and application portability across platforms has become a key evaluation criteria by IT. Intelligent Workload Management enables IT organizations to manage and optimize computing resources in a policy-driven, secure and compliant manner across physical, virtual and cloud environments to deliver business services for end customers. This talk focuses on IWM and different aspects that make a product IWM ready.

Speaker
Jaimon Jose, Distinguished Engineer, Novell Inc

4:30PM:
Conclusion

TRACK B: Web Security

08.00AM - 09.00AM: Registration

09.00AM - 09.40AM: Inaugural Keynote A New Security Blueprint

10.00AM - 10.30AM: Session 1
Strategy for Defense Against Web-based Advanced Persistent Threats

10.30AM - 11.00AM: Session 2
Dealing With the Ins and Outs of Web Security
• Common attacks on Web applications and how to avoid them
• Checklists for action: developing a secure baseline for Web applications
• Tools and techniques for testing Web and database application security: cradle to grave

11.00AM - 11.30AM: Morning Break
A chance to meet up with your friends and have a cup of coffee on the house!

11.30AM - 12.00PM: Session 3
Social Networks: Minimizing the Risks of the New Frontier
• Weighing the value of social networking with its risks
• Specific vulnerabilities to watch out for with social networking
• How spam, application vulnerabilities and malware are being used to infiltrate social networking sites
• The ease of phishing and what to do about it
• User education, policies and enforcement

12.00PM - 12.30PM: Session 4
Google and Beyond: Advanced Search Engine Hacking and Web-Based Intelligence Gathering
• The basics of how Google and other search engines can be used to identify real-world vulnerabilities
• The next generation of search engine hacking techniques to gather sensitive data from within Web applications
• Aggregating data from freely available public sources to profile targets during a penetration test
• How to leverage visualizations while performing open-source intelligence gathering
• How to use tools to find data leaks in your own organization, and how to secure yourself from these types of attacks

12.30PM - 1.00PM: Session 5
Information Warfare – A cloud based and conventional approach

01.00PM - 02.00PM: Lunch
Break for lunch on the house and a chance to catch up with each other!

2.00PM - 2.30PM: Session 6
Cloud Computing: Usage and Risks

2.30PM - 3.00PM: Session 7
Server-side Verification of Client Behavior

03.00PM - 03.30PM: Afternoon Break
Some time out for you to grab another coffee and a well earned rest.

3.30PM - 4.00PM: Session 8
Securing your Web Applications

4.00PM - 4.30PM: Session 9
Identity As A Service

04.30PM:
Conclusion