CSI 2008 focuses on security's "game-changers", but what precisely about identity or the virtualized data center or Web 2.0 actually matters from a security practitioner's point of view? Framing the right questions and defining the industry's agenda takes more than one voice-which is why we'll have a crew of the industry's best minds on hand to discuss and enlighten.
Monday, November 17
8:30am - 10:45am
Identity 2.0, Virtualization
Brian Snow
Brian Snow joined the National Security Agency in 1971 where he became a cryptologic designer and security systems engineer. Brian spent his first 20 years at NSA doing and directing research that developed cryptographic components and secure systems. Many cryptographic systems serving the U.S. government and military use his algorithms; they provide capabilities not previously available. He created and managed NSA's Secure Systems Design division in the 1980s. He has many patents, awards, and honors attesting to his creativity. Brian will focus on next steps in architecture and design.
Pam Dingle
Pam Dingle, identity systems integrator at Nulli Secundus and one of the foremost experts (outside Microsoft) on Microsoft's CardSpace initiative. She'll tackle how Identity 2.0 might improve the security environment.
Ken Silva
As VeriSign's CTO and vice president for networking and information security, Ken Silva oversees the mission-critical infrastructure for all network security and production IT services for VeriSign's three core business units: security services, registry services, and telecommunications services. Mr. Silva's responsibilities include oversight of the technical and network security for definitive database of more than 27 million Web addresses in .com and .net — the world's most recognizable top-level domains. He comes at identity management with both a real-world perspective and a view into truly gargantuan directory scaling issues.
Jennifer Bayuk
Jennifer Bayuk is an independent consultant on topics including information security policy, process, management and metrics. She was CISO at a major Wall Street investment firm. She's part of our tiger team of practitioners assembled to provide some friendly reality checks.
Tuesday, November 18
8:30am - 9:30am
Web 2.0, Trusted Computing
Jeremiah Grossman
An expert in Web security, Jeremiah Grossman founded WhiteHat Security in August 2001, where he serves as Chief Technology Offier. Prior to WhiteHat, Mr. Grossman was an information security officer at Yahoo! responsible for performing security reviews on the company's hundreds of websites. He's founder of the Web Application Security Consortium (WASC) and is a frequent speaker at industry events including the Black Hat Briefings, RSA Conference, ISACA, CSI, InfoSec World, OWASP, ISSA, and Defcon. He has authored dozens of articles and white papers, is credited with the discovery of many cutting-edge attack and defensive techniques and is a co-author of "XSS Attacks: Cross Site Scripting Exploits and Defense."
Steve Hanna
Steve Hanna is a Distinguished Engineer at Juniper Networks. He is co-chair of the Trusted Network Connect Work Group in the Trusted Computing Group and co-chair of the Network Endpoint Assessment Working Group in the Internet Engineering Task Force. Hanna is active in other networking and security standards groups such as the Open Group and OASIS. He is the author of several IETF RFCs and published papers, as well as an inventor or co-inventor on 30 issued U.S. patents. He's our lead on what Trusted Computing has to offer.
Wednesday, November 19
8:30am - 9:30am
Secure Design
David Lynas
David Lynas is a globally renowned enterprise security architect and security strategist. In 2006 he was appointed as a Fellow of the British Computer Society (FBCS CITP) for "Exceptional leadership, eminence and seniority in the field of information security." David is co-author and developer of SABSAŽ the leading Methodology for designing business-driven Security Architecture and resolving complex business security issues. He is also co-founder of the SABSA Institute (www.sabsa-institute.org) charged with world-wide development and governance of the method and the professionals who use it. He'll help with the big-picture, architecturally driven point of view.
Mary Ann Davidson
Mary Ann Davidson is the Chief Security Officer at Oracle Corporation, responsible for Oracle product security, as well as security evaluations, assessments and incident handling. She represents Oracle on the Board of Directors of the Information Technology Information Security Analysis Center (IT-ISAC). Davidson will speak on secure design.
