CSI Annual Conference

Thursday–Friday, October 28–29, 2010 | Washington, D.C. area

CSI 2010, is the leading IT security management conference on the East Coast. Designed for information security and IT professionals of all levels, the comprehensive program focuses on both technological as well as management solutions.

Conference tracks include:

CSI 2010 sessions include:

Application Security

• Stories From the Front Lines: Deploying an Enterprise Code Scanning Program
• 400 Apps in 40 days
• Skeletons in the Closet: Securing Inherited Applications
• Whitelisting: The Answer to the Falling Dominoes of the Traditional Security Model
• Web Application Security Testing for the Rest of Us
• My Vulnerability Scanner Didn’t Find Anything: Now What?

Back to top

Attacks & Vulnerabilities

• Tackling Blended Threats: The Point Attack of Advanced Persistent Threats
• Network Security Solutions for Critical Infrastructure
• Are you Aware of Logic Bombs?
• Post-Breach Database Forensics
• How To De-DoS Your Wireless LANs
• Thwarting Cyber Attacks with Deep Packet Inspection-Enabled Applications
• Insider Threat:  Identifying Your Insider
• Ontology Agent Decision-Making Support for Vulnerability Management
• Smart Grid Security Threats, Vulnerabilities, and Solutions
• How Many (well-intentioned) Keystrokes Does It Take to Blow Up a Network?
• Rainbowtables Re-implemented
• Case Studies in Data Loss Prevention (DLP) in Healthcare
• New Attacks on Networked Medical Devices, and Countermeasures

Back to top

Awareness Training & Education

• Awareness & the Attack of the Information Leak
• Awareness:  The Corporate Storyteller
• Creating Some "Healthy Paranoia" through Edutainment
• Measuring Effectiveness of Awareness and Training
• Aligning Training with Security Incidents

Back to top

Cloud Security

• The Future of Cloud Security
• Stormy Weather: Securing Cloud Computing
• A Roadmap for Dynamic, Scalable Security in the Cloud
• Leveraging the Cloud for Malware Protection
• Blocking the Covert Channels Used To Compromise the Cloud
• Is Your Organization's Data is Safer in the Cloud?  
• Automated Information Categorization to Secure Cloud Storage
• Key Management: Who Is That Knocking at My Door?
• Small Business Workers Travel to the Cloud  
• Altra Federal Credit Union Gets a Competitive Edge: A Case Study on Secure Cloud Communications

Back to top

Compliance & Policy

• Securing Elgin Community College
• Cyber Security Value Model (CMMI)
• Nailing down Security Regulations
• Applying Continuous Monitoring Techniques to DIACAP
• Data Encryption and Tokenization: An Innovative One-Two Punch to Increase Data Security and Reduce the Challenges of PCI-DSS Com
• Would Your Organization Survive a Compliance Audit?
• Third Party Data Recovery Service Providers: The New Threat to Data Security?
• Multiple Paths to the Same Destination: Alternative Approaches to Contingency Planning
• Governance, Risk & Compliance:An Integrated Approach
• Achieving PCI DSS 1.2 Compliance in Less than 6 Months
• Protecting Health Information.
• Best Practices & Lessons Learned from 100+ IT GRC Implementations
• Monitoring What You Do at Home: Privacy and Security Challenges of the Smart Power Grid

Back to top

Government

• A Process Approach to the Management of Operational Cyber Security Risks
• Myths and Realities in Government IT Security
• IEEE 2600-series Standards for Hardcopy Device Security
• A Front Line View: Results of The 2010 State of Cybersecurity from the Federal Chief Information Security Officer’s Perspective

Back to top

Identity & Access Management

• How the Cloud is Changing Federated Identity Requirements
• User Access Certification: What You Need to Know
• Bridging the Gap Between IAM and DLP
• Protecting Data Center SEDs and NAC
• Evolution or Revolution: The Advancement of IAM
• The Inevitable Pervasiveness of the Role/Rules Engine

Back to top

Incident Response & Forensics

• Building an Enterprise Forensics Response Service
• Cloud Investigations and Forensics
• Feeding Incident Response Findings into Your Detection Systems
• Information Security & Data Breach Incident Response Programs
• Proactive Forensics in Today's Virtual Environment
• The Use of Innovation & Creative Analysis in Incident Response

Back to top

Mobile & Wireless Security

• Mobile Devices The Key to Our Lives and The Best Evidence
• Security and Risk Considerations of Smartphones, iPad and Mobile Devices
• Wireless Incident Response: Responding to a Wireless Security Breach
• Wireless Tsunami: How to Hold onto Your Enterprise Security Perimeter

Back to top

Risk Management & Metrics

• Continuous Monitoring: Panacea or Piece of the Authorization Puzzle?
• Security Outliers: Cultural Cues from High Risk Professions
• Why Technical Metrics Aren’t Enough: 10 Things You Should be Measuring Now for Better Security
• A Guideline for Product-Validation Systems Regarding Security Modules
• The Growing Need for Data Destruction Planning
• Top Five Things You Should Do Before You Buy Another Piece of Information Security Technology
• Security Architecture Metrics
• IT Risk Management and Due Diligence in Mergers and Acquisitions
• Can a Company’s Security Posture be Considered a Component of Financial Goodwill?
• Visibility into the Security Void with SIEM 2.0
• Security Sucks
• The Malware Attribute Enumeration and Characterization (MAEC) Initiative

Back to top

Virtualization

• Virtualization 101: Security Best Practices
• Virtualization Security Panel
• Using Desktop Virtualization To Radically Improve Security Management

Back to top

Web 2.0

• Preventing Online Fraud With Device Fingerprinting Technology
• Managing Social Media Risk in the Workplace
• What Companies Can Learn from Mariposa: Avoiding Disaster, Protecting from Cybercrime
• Command and Control Innovation In Enterprise Crimeware
• Strategy for Defense Against Web-based Advanced Persistent Threats
• IPv6 Security

Back to top