ISE® NORTH AMERICA 2012
Taking PDF Security to a New Level with
Adobe Reader® and Adobe Acrobat® > Download Whitepaper
Adobe Reader X and Adobe Acrobat X take the security of PDF documents-and your data-to a whole new level. Engineered with security in mind, Reader X and Acrobat X deliver better application security thanks to Protected Mode and new capabilities that allow more granular controls, tighter integration with the Microsoft® Windows® and Mac OS X operating system architectures, and improved deployment and administration tools.
Adobe® Flash® Player and Adobe AIR® security > Download Whitepaper
Both Adobe Flash Platform runtimes-Flash Player and AIR-include built-in security and privacy features to provide strong protection for your data and privacy, whether you use these Adobe products on your desktop system or mobile device. Adobe constantly advances these protections to incorporate the latest developments in the industry and stay ahead of the continually evolving threat landscape.
Adobe Incident Response and Management > Download Whitepaper
The Adobe Secure Software Engineering Team (ASSET) team proactively focuses on preventing security vulnerabilities in Adobe products before they ship, but Adobe knows that ensuring security doesn't end when a product is released. If external security researchers, partners, or customers discover a vulnerability after a product ships, the Adobe Product Security Incident Response Team (PSIRT) responds to resolve the security issue quickly, effectively, and thoroughly. PSIRT is your first line of defense for vulnerability resolution and threat mitigation. PSIRT coordinates with Adobe product engineering teams to identify the appropriate response plan and keeps you informed on mitigation procedures and release schedules.
Adobe Secure Product Lifecycle > Download Whitepaper
The Adobe Secure Product Lifecycle (SPLC) is a rigorous set of industry-leading best practices, processes, and tools designed to keep customers safe and more secure in the evolving threat landscape as they deploy and use Adobe software. The SPLC touches all aspects of the product lifecycle-from providing essential security training for software development teams and building security features into product design, to developing quick incident response plans postship.
Killing Data > Download Whitepaper
As cybercriminals have become more skillful and sophisticated, they have eroded the effectiveness of our traditional perimeter-based security controls. The constantly mutating threat landscape requires new defensive measures, one of which is the pervasive use of data encryption technologies. In the future, you will encrypt data - both in motion and at rest - by default. This data-centric approach to security is a much more effective way to keep up with determined cybercriminals. By encrypting, and thereby devaluing, your sensitive data, you can make cybercriminals bypass your networks and look for less robustly protected targets.
Solving data residency and privacy compliance challenges > Download Whitepaper
This business value solution brief examines information privacy and data residency solutions in the context of multinational business with a particular focus on European Union requirements as they apply both in the EU itself, and across other jurisdictions with potentially conflicting regulations such as the US Patriot II mandate. The case studies of Voltage Security customer’s explore not only using data-centric security to meet compliance requirements cost effectively, but also using existing applications, infrastructure, processes and administrative staff to grow new business in regulated markets.
Smart Devices, Smart Security > Download Whitepaper
Five tips to consider in a data security strategy for smart-phones and tablets.
Tackling the Mobile Device Challenge with Tenable > Download Whitepaper
For all intents and purposes, the underlying business drivers and technology trends are pretty much irrelevant. It’s not the rise of user mobility and expectation of increased productivity, the proliferation of mobile device types, or the consumerization of IT that really matters. All that really matters is that highly capable mobile devices – be they PDAs, smartphones, or tablets – are now an unavoidable part of the enterprise computing landscape. Even more to the point is this ever evolving and steadily growing population of devices is accompanied by a number of security and management challenges that are not only relatively unique, but also potentially quite damaging to organizations that fail to get a handle on them.
Measure the Immeasurable: Translating Risk to Executives > Download Presentation
What does "we stopped 24,476 malware attacks today" mean to an executive? Not much without context. The challenge with reporting metrics is that executive don't always understand "why" they should care, as most measurements only speak to what can be measured vs. what should be measured. As security executives we need to talk less about the bits and bytes and more about what is critical to the business. If you do, you'll find the path to true partnership with the C-suite is not as difficult as exploiting an OpenSSL De-allocation vulnerability. In this session you will learn concrete strategies that will help your organization "get there" and contextualize security - for executives and the business alike. Learn how to create a repeatable, successful strategy to communicate IT risk-to-business risk to build an open line of communication, prioritize issues, and possibly gain more resources to fix the problem right.
Founder & Principal Consultant
The Value of Predictive Security Intelligence > Download Presentation
Although security information is widespread, true "intelligence" is hard to establish because rapidly evolving technologies often create massive responsibility with little support or understanding of security implications. Security leaders must possess the knowledge and resources to predict and prevent threats and effectively communicate risks within an environment of constant change. Our lunch program will provide insights regarding the integration of full-scale attackplanning, threat simulation and attack replication for the purpose of garnering upper-management support, optimizing efficiency and investments in people and technology, and uniting security and business risks.
Senior Vice President, Chief Security Officer
Major Financial Organization
ISE® North America Commercial Executive Award Winner 2011
Shaping the Future: Information Security 2020 > Download Presentation
As the volume of information grows and continues to be increasingly stored and communicated in electronic form, Information Security is rapidly becoming intertwined with technology, and more specifically, the Internet. The question looms as to what the Internet will be in ten years, and whether one size will fit all. Trends such as greater censorship, closed social networks, political motivations driving regional internets and growth in paid content are emerging that will dramatically shape the Internet and could lead to segmentation of the web. While the future of the Internet is undetermined, one thing is certain: Information Security and the CISO will play a pivotal role in shaping the direction and outcome.
Vice President, Chief Security Officer
ISE® Northeast Executive Award Winner 2012
ISE® Northeast People's Choice Award Winner 2012
Trusted Platform Security Initiative (TPSI)
> Download Presentation
In order to enable ADP’s worldwide business protection efforts, the Global Security Organization (GSO) sponsored the company’s largest and most significant security program named Trusted Platform Security Infrastructure (TPSI) to create a world-class ecosystem of advanced operational capabilities, security technologies and controls. In this presentation, Roland and his team will share how the TPSI program provides advanced detection and intelligence capabilities in all ADP operating units globally. The entire TPSI architecture utilizes holistic business intelligence technologies that are managed through a converged Enterprise Risk Platform.
Chief Operating Officer
Research Collaboration in the Cloud > Download Presentation
In this presentation, Peter will share how the SAFE-BioPharma project is a pilot study involving government (National Cancer Institute’s Cancer Therapy Evaluation Program) and industry (Bristol-Myers Squibb) cancer researchers showing how use of interoperable digital identities, digital signatures and cloud computing accelerates study start up while lowering costs. Researchers were provisioned with interoperable US Government and SAFE-BioPharma digital identity credentials which were used to access, amend, sign, and exchange electronic documents placed in the cloud. Prior to the study, the process was delayed by use of courier, fax, travel, etc.
Information Security Officer
ISE® West Executive Award Winner 2012
Factory Application Control/Whitelisting Project > Download Presentation
Join Curtis Coleman as he discusses the Factory Application Control/Whitelisting Project that Seagate undertook to protect both legacy factory testing systems with embedded computers and high-risk, high-value knowledge worker systems. The project addressed the need to 1) Replace the resource-intensive antivirus system that impacted throughput capacity within the factory environment and 2) Augment the signature-based antivirus system with strong defense that would prevent malware from executing on the knowledge worker computers. Throughout the effort it was critical to maintain factory production capacity while protecting the testing systems from malware and other threats.
Chief Information Security Officer
Children's Hospital of Philadelphia
> Download Presentation
Cathy Beech will discuss how the eDiscovery project included the implementation of a technology solution to support CHOP's litigation needs with regards to eDiscovery. The technology solution was designed with reference to the industry standard Electronic Discovery Reference Model (EDRM). Learn how this project also established eDiscovery processes that comply with CHOP's document retention policy, the Federal Rules of Evidence, and facilitated compliance with the Federal Rules of Civil Procedure and relevant case law.
Director of Enterprise Data Security
ISE® North America Executive Award Finalist 2009
Paychex Phish Market
> Download Presentation Video: Death by Stinger Video: Intro to Tsukiji
Confronted with increasing campaigns of fraudulent emails, the Paychex Phish Market provides employee’s with an automated, graphically engaging and easily navigable web interface to aid in the recognition of “phish.” In this presentation Todd Colvin will share how through the Paychex Phish Market, employees can readily see what their peers across the company are reporting through the “phish watch” and “fresh catch” board. They can also review “Phish Recipes” to receive training on common phishing tactics. More importantly, they can forward a suspected phishing email where an automated analysis is performed and a risk score is assigned to each submission. Finally, and when in doubt, employee’s can rely on Phish Monger Phil for a professional assessment.
JP Morgan Chase & Co.
The JPMorgan Chase Trusted Email Registry > Download Presentation
Mark Risoldi will present the The JPMorgan Chase (JPMC) Mail Registry Project which was created to implement emerging industry practices to dramatically improve the customer experience of email, by significantly reducing incidents of phishing and fraud impacting JPMC customers, and eliminating a source of brand erosion in the marketplace. The objective of this project is to protect JPMorgan Chase’s brand and customers from malicious email attacks including phishing, spam and malware that have been increasing in frequency and sophistication. This project will result in the elimination of over 600 million fraudulent emails sent to customers a year and will significantly reduce brand infringement.