T.E.N. Knowledge Base

Loading

ISE® SOUTHEAST 2012

Taking PDF Security to a New Level with Adobe Reader® and Adobe Acrobat® > Download Whitepaper
Adobe Reader X and Adobe Acrobat X take the security of PDF documents-and your data-to a whole new level. Engineered with security in mind, Reader X and Acrobat X deliver better application security thanks to Protected Mode and new capabilities that allow more granular controls, tighter integration with the Microsoft® Windows® and Mac OS X operating system architectures, and improved deployment and administration tools.

Adobe® Flash® Player and Adobe AIR® security > Download Whitepaper
Both Adobe Flash Platform runtimes-Flash Player and AIR-include built-in security and privacy features to provide strong protection for your data and privacy, whether you use these Adobe products on your desktop system or mobile device. Adobe constantly advances these protections to incorporate the latest developments in the industry and stay ahead of the continually evolving threat landscape.

Adobe Incident Response and Management > Download Whitepaper
The Adobe Secure Software Engineering Team (ASSET) team proactively focuses on preventing security vulnerabilities in Adobe products before they ship, but Adobe knows that ensuring security doesn't end when a product is released. If external security researchers, partners, or customers discover a vulnerability after a product ships, the Adobe Product Security Incident Response Team (PSIRT) responds to resolve the security issue quickly, effectively, and thoroughly. PSIRT is your first line of defense for vulnerability resolution and threat mitigation. PSIRT coordinates with Adobe product engineering teams to identify the appropriate response plan and keeps you informed on mitigation procedures and release schedules.

Adobe Secure Product Lifecycle > Download Whitepaper
The Adobe Secure Product Lifecycle (SPLC) is a rigorous set of industry-leading best practices, processes, and tools designed to keep customers safe and more secure in the evolving threat landscape as they deploy and use Adobe software. The SPLC touches all aspects of the product lifecycle-from providing essential security training for software development teams and building security features into product design, to developing quick incident response plans postship.

SECURING THE SOCIAL ENTERPRISE  > Download Whitepaper
This paper delves into the social networking security landscape — the good, the bad and the ugly — and offers practical guidance toward harnessing the power of the social Web to help businesses benefit from it.

A 3-STEP PLAN FOR MOBILE SECURITY  > Download Whitepaper
This paper identifies specific countermeasures and management controls that you can use to establish a mobile security strategy that encompasses both corporate and personal devices. It also covers the threat scenarios, risks, complications, and solutions that IT security professionals should use to guide their decisions in this critical area of enterprise vulnerability.

Killing Data  > Download Whitepaper
As cybercriminals have become more skillful and sophisticated, they have eroded the effectiveness of our traditional perimeter-based security controls. The constantly mutating threat landscape requires new defensive measures, one of which is the pervasive use of data encryption technologies. In the future, you will encrypt data - both in motion and at rest - by default. This data-centric approach to security is a much more effective way to keep up with determined cybercriminals. By encrypting, and thereby devaluing, your sensitive data, you can make cybercriminals bypass your networks and look for less robustly protected targets.

Establishing a Data-Centric Approach to Encryption  > Download Whitepaper
This paper will provide an overview of the evolving approaches hackers use to steal private data and describe the key requirements for protecting corporate data assets with a data-centric encryption strategy.

Executive Viewpoint  > Download Whitepaper
Sathvik Krishnamurthy, President and CEO of Voltage discusses Data-Centric Security Against Tomorrow's Threats.

IBM

Are you ready for BYOD?  > Download Whitepaper
Mobility is moving fast. To stay in control, you have to prepare for change. Are you ready for BYOD-bring your own device? This whitepaper includes seven questions you should answer as you roll out new mobile capabilities.

Securing Access to the IT Infrastructure: Predictions for 2012 that Every IT Security Pro Needs to Know  > Download Whitepaper
The growing use of mobile devices and movement of resources to the Cloud are adding further complexity to access management administration, enforcement, and auditing. However, there are still some basic access management challenges that need to be addressed. Here is how we see it all playing out in 2012.

2012 Global Security Report  > Download Whitepaper
Organizations, regardless of industry and size, continue to face similar information security risks. Old systems with known flaws can take time to decommission and new systems are implemented with little or no thought to security. In its third year, the Trustwave 2012 Global Security Report will help you understand today’s information security threat landscape, as well as how to better protect your organization from cyber attacks in the years ahead.

Veracode

State of Software Security Report  > Download Whitepaper
The Intractable Problem of Insecure Software, Executive Summary.

Protecting Against WikiLeaks Type Events and the Insider Threat  > Download Whitepaper
The current news blitz regarding the massive breach of secret State Department cables to the WikiLeaks website overlooks some important questions about its root causes: Where did the leaked data come from? What are the motivations behind the individual or individuals leaking the data? And, finally, is there any way to prevent sensitive government and company data from showing up on sites like WikiLeaks?

Chris Ray

Chris Ray
Chief Information Security Officer
Epsilon
ISE® Southeast Executive Award Winner 2011

Prioritizing Risks in a Corporation  > Download Presentation
Companies are introducing more and more technologies into their organization every day.  As the person in charge of protecting the company and ensuring that those technologies do not introduce excessive risk to your company, CISOs are faced with the daunting task of trying to “keep up” with the requests while also being challenged with supporting the business and (in general) making life more convenient.  This discussion provides some fundamental steps that CISOs can take to prioritize risk and be successful within their organization – while also keeping their sanity!


Core Security Overview  > Download Presentation


Dave Shackleford

Dave Shackleford
Founder & Principal Consultant
VooDoo Security
Biography

Effective Cyber Risk Mitigation  > Download Presentation
As enterprises expand globally and the infrastructure supporting this growth expands, how can you keep pace with the security requirements?  A variety of solutions provide “silohed” points of security, but without the ability to synthesize these disparate technologies and the data they produce, it’s hard to understand your overall security status.  A new way of looking at this problem includes proactively identifying critical risks and matching them to unique business objectives, operational best practices, and regulatory mandates. It is now possible through real-time analytics to transform disparate security data into concise, actionable information, so your security organizations can get ahead and stay ahead of enterprise threats - for the first time.


John Graham

John Graham
VP Global Information Assurance and Risk
First Data Corporation

Global Information Assurance and Risk: Empowering Customers to Move Beyond Electronic Payments to Embrace Data Driven and Intelligent Commerce > Download Presentation
John Graham will share how over the last twelve months how his leadership and vision has reinvented and repositioned  the main core of First Data's Information Assurance organization into a "services" based organization that is a revenue generating business serving global customers via a mobile payment product.  Further, John will elaborate and share the best practices on how this alignment change added value to the business and product teams as well as aligned with the business to achieve enterprise-wide gains in efficiency.


Steve Mead Steve Mead
Technical Director of Information Security and Disaster Recovery
CSX
Biography

CSX Solves IAM Mainframe Challenges, Lays Foundation for Future > Download Presentation
CSX, a mature organization with a heavy reliance on mainframe, wanted to address challenges with the “silo” structure of their enterprise environment and provide a flexible, scalable identity management foundation to support the organization for the future. The existing solution required manual processes to accommodate identity management tasks such as provisioning, servicing system access requests, user password self-service, and synchronization of user data from their source of identity authority.  Steve Mead will share how CSX engaged Logic Trends, a FishNet Security company, to develop the strategic plan and execute the integration of Identity Forge for mainframe integration and Microsoft Forefront Identity Manager (FIM) 2010 to solve for these challenges while ensuring long-term sustainability, enabling growth and improving operational efficiency.

Brad Sanford

Brad Sanford
Chief Information Security Officer
Emory University
ISE® North America Healthcare Executive Award Winner 2011

Threat Intelligence: Knowledge is Power  > Read Roundtable Discussion Summary
Today’s cyber threat actors are unwaveringly focused on the theft of intellectual property, mission-critical details, and other sensitive information, continually evolving their methods and routinely defeating traditional approaches to defense. As organizations work to thwart the attackers, they find themselves in an escalating arms race with unseen attackers. To combat the advanced, persistent and constantly morphing threats, organizations need the very best security intelligence delivered immediately. However, conventional security technologies typically lack the innate intelligence to deal with rapidly emerging threats and web innovation. As a result, current approaches to threat management often fail due to limited threat intelligence, a lack of event context and gaps associated with this lack of visibility. Further, conducting threat intelligence is tedious and time-consuming. Most security teams are already overburdened with other initiatives. Without ongoing threat vigilance, most organizations stand to find themselves in a constant, reactive state,  trying to limit damage after outbreaks occur.


Jerry Archer

Jerry Archer
Senior Vice President, Chief Security Officer
Sallie Mae
ISE® North America Commercial Executive Award Winner 2011

Building Trust in the Cloud: Managing the Risk  > Read Roundtable Discussion Summary
Cloud computing has accelerated the rapid adoption of digital business models and given rise to a breed of sophisticated business user who can choose which services to use and combine them at will. Cloud computing clearly delivers value in terms of flexibility, scalability, cost savings and the ability to focus on the core business. But in exchange for speed and efficiencies, organizations are increasing their dependency on third parties and making business trade-offs that may be risky due to a lack of expertise by the person making the outsourcing decisions. Further, as organizations become locked in to a cloud provider, they face compliance, contracting, legal and integration risks.


Mark Leary

Mark Leary
Chief Information Security Officer
TASC
ISE® Southeast Executive Award Winner 2010

Mobile Device Management: Balancing Business Agility and its Risk  > Read Roundtable Discussion Summary
With the astonishing influx of smartphones, mobile devices and tablets into enterprises, mobile data has become a foundation of the daily operations of businesses around the world. Not only has data itself become more mobile, but the users holding that data have as well. It is the job of the IT organization to make this ‘mobile user experience’ no different than if the user was inside the office and connected to the network, and just as secure. While employees relish the anywhere, anytime power of smartphones and tablets, IT executives shudder at the security risks associated with the advent of free-roaming, employee-owned devices that have direct access to the corporate data. With inadequate mobile security solutions and a lack of understanding or disregard of company security policies by employees, mobile users routinely put sensitive data at risk and are often completely unaware of the inherent risks.


Tim Callahan

Tim Callahan
Senior Vice President, Enterprise Business Continuity and Information Assurance
SunTrust
ISE® Northeast People's Choice Award Winner 2009, ISE® North America Executive Award Finalist 2009, ISE® Northeast Executive Award Finalist 2009, ISE® Northeast Executive Award Finalist 2007, ISE® Southeast People's Choice Award Winner 2006, ISE® Southeast Executive Award Finalist 2006

Practical Security Management: Getting Back to Basics  > Read Roundtable Discussion Summary
With the media continuing to report on the latest security incidents and malware du jour, it’s tempting to view the constant stream of high-profile data breaches as proof of the advanced capability of the faceless adversary. Driven by the seemingly endless stream of news-making exploits, organizations increasingly are relying on the latest technology as a silver bullet in defending against attacks.