ISSA NE January 17th Meeting Announcement

The next New England ISSA Chapter meeting will take place Tuesday, January 17 a...
2:00-2:45       Sponsor Industry presentation, Cisco - Ken Kaminski
2:45-3:15       Break
3:15-4:15       VoIP Security - ...
business processes and cutting costs. There are three principal characteristics of the Cisco Self-
Defending Network: The ...
Core Security Technologies www.coresecurity.com <http://www.coresecurity.com>
nCircle - <www.ncircle.com>
Open Service - w...
Upcoming SlideShare
Loading in …5
×

ISSA_2006-01-17_Agenda.doc

246 views

Published on

0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
246
On SlideShare
0
From Embeds
0
Number of Embeds
2
Actions
Shares
0
Downloads
2
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

ISSA_2006-01-17_Agenda.doc

  1. 1. ISSA NE January 17th Meeting Announcement The next New England ISSA Chapter meeting will take place Tuesday, January 17 at 12:45pm, with registration starting at 12:00. The meeting will be at Building 500 of the Cisco Facility in Boxborough, MA. Please check below for directions. Note: Please register at the ISSA NE web site today if you will be attending: http://www.issa-ne.org Directions to Cisco, Boxborough, MA Can be found at http://www.cisco.com/web/about/ac156/about_cisco_vis_new_england_campus_directions.html BOXBOROUGH, MASSACHUSETTS, SITE II 200, 300 & 500 Beaver Brook Road Boxborough, MA 01719 From Logan Airport (Boston, MA) Option 1: 1. Exit left out of the airport, following the signs to I-93/Mass Pike via the Sumner Tunnel. 2. Pay toll at Sumner Tunnel. (Please note that you may be detoured from the tunnel due to a traffic surge and/or construction. If this happens, please follow the detour signs closely to the tunnel.) 3. Get in your left lane and at the end of the tunnel veer right to get onto I-93 North. 4. Stay on I-93 North approximately 20-25 miles to I-495 South. 5. Take I-495 South to Exit 28 (Route 111) Boxborough. 6. Take a left at the end of the off ramp and merge onto Route 111. 7. Take a right onto Swanson Road at the first set of lights. 8. Take a left onto Beaver Brook Road (look for Cisco sign). 9. Building 200 and 300 are on the left, Building 500 is on the right. 10. The main lobby is in Building 500. From Logan Airport (Boston, MA) Option 2: 1. From Logan Airport, follow flow of traffic through the Ted Williams Tunnel to the Massachusetts Turnpike West (I-90, referred to as Mass Pike and toll is required). 2. Stay on Mass Pike to I-495 North. 3. Take I-495 North to Exit 28 (Route 111) Boxborough. 4. Upon exiting, turn right at the light. 5. At the second set of lights take a right onto Swanson Road. 6. Take a left onto Beaver Brook Road (look for Cisco sign). 7. Building 200 and 300 are on the left, Building 500 is on the right. 8. The main lobby is in Building 500. Agenda Please note that our typical sequence of presenters has changed just for this meeting in order to accommodate our speakers' schedules. 12:00-12:45 Registration 12:45-1:00 Chapter Open and Business Recognition of Gerry Issacson – Founding member of the chapter on his retirement 1:00-2:00 ISO 17799 Security Code of Practice and How it Will Fit with Other ISO Standards and Technical Reports - Don Holden, Concordant
  2. 2. 2:00-2:45 Sponsor Industry presentation, Cisco - Ken Kaminski 2:45-3:15 Break 3:15-4:15 VoIP Security - Stu Jacobs, Verizon 4:15-4:30 Meeting concludes Member Cost is free. Non-member or guest cost is $40. Become a member at http://www.issa.org/ Detailed Agenda Chapter Business We will recognize the contribution of one of the chapter’s founding members, Gerry Issacson, on the occasion of his retirement from the Information Systems Security industry. Management Presentation Donald Holden, CISSP-ISSMP, Concordant, Inc. Don Holden is a technology executive with Concordant who specializes in information security. He has more than 20 years of management experience in information systems, security, encryption, business continuity and disaster recovery planning in both industry and government. Previously he was a technology leader for RedSiren Technologies (formerly SRI Consulting) and Digital Equipment. Holden has participated in security standards since 1981 when he represented Digital on the ASC X9 Financial Industry Standards which developed the first standard for message authentication and key management. Currently he is a representative on the InterNational Committee for Information Technology Standards (INCITS) and a member of the IEEE Standards Association. Additionally Holden is an adjunct professor at Norwich University in the Masters of Science in Information Assurance department. ISO 17799 Security Code of Practice and How it Will Fit with Other ISO Standards and Technical Reports ISO 17799 began as the Information Security 'Code of Practice' from the UK's Department of Trade and Industry (DTI 7799) in the early nineties. Despite opposition from the US and several other large countries who argued that this was a guideline and not a standard, it became an ISO Standard in 2000. Now ISO/IEC JTC 1/SC27 is organizing a series (2700x) of security standards, guidelines, and Technical Reports. Existing ISO standards such as 17799 and reports are being “harmonized” and renumbered. New standards will be added to address certification of information security management systems (ISMS) as well as guidelines for implementing security techniques. An ISO standard for certification of security management systems should have a major impact on all medium to large companies. Industry Presentation Ken Kaminski Ken Kaminski is the Senior Consulting Systems Engineer for the Northeast specializing in Security Products and Technologies. He supports large enterprise accounts in the Northeast and Upstate New York covering Cisco’s entire security-related product lines and teaches and speaks often on security- related topics. Prior positions include Consulting Systems Engineer for Voice Technologies at Cisco Systems and Senior Systems Engineer for a start-up company in the carrier ATM switching market. He was also a Telecommunications Officer in the US Army. Ken has his CISSP along with a BA and MA from Boston University. Securing the Intelligent Information Network The Self-Defending Network is Cisco's long-term strategy to protect an organization's business processes by identifying, preventing, and adapting to threats from both internal and external sources. This protection helps organizations take better advantage of the intelligence in their network resources, thus improving
  3. 3. business processes and cutting costs. There are three principal characteristics of the Cisco Self- Defending Network: The integration of security throughout all aspects of the network; Collaborative processes between the various security and network elements; the ability of the network to adapt to new threats as they arise. The Cisco networked-based strategy allows you to use your existing investment to solve your most pressing security concerns today, while providing an architectural platform that can evolve to proactive, automated, real-time management of threats. Technical Presentation Stuart Jacobs Mr. Stuart Jacobs received his MS in Applied Statistics and Educational Research from Southern Connecticut State University, New Haven, Connecticut, in June 1973, and a Bachelor's in Computer Science from University of Wisconsin Madison, awarded in 1972. His research interests are in network design and security, in particular, wireless networks, public key infrastructures, network authentication schemes, and distributed computing security mechanisms, including autonomous agent systems. Since 1996, Mr. Jacobs has been employed at GTE Laboratories Inc., Waltham, MA. His responsibilities include research on authentication mechanisms for Mobile IP, Mobile Ad-Hoc Networks (MANET), and Intelligent Agents, as well as security consulting on wireless and wired networks, vulnerability analysis and intrusion detection. Previously Mr. Jacobs served as a Systems Engineer and Network Architect at GTE Government Systems Inc. where he was responsible for research and development on numerous strategic and tactical US military communications systems ranging from submarine-deployed high data rate satellite base stations to NORAD early warning communication systems. Stuart is the lead security architect for Verizon's commercial phone, data, and video networks and has been very involved in Verizon's roll-out of VoIP. VoIP Security Securing VoIP relies on many of the same security techniques as securing any other IP-based infrastructure. Providing a security architecture that covers Confidentiality, Integrity, Authentication, Authorization, and Non-Repudiation are all necessary. Devices are necessary to mitigate the exposures that IP-based networks have to deal with daily: Application layer firewalls, firewall pin-holing, application layer gateways, session border controllers, peering with other networks, SIP/H248 protocols for signaling, RTP/SRTP bearer traffic inspection, IPSec, etc. All of this traffic must be wrapped around Quality of Service (QoS) so that the filtering can be done efficiently with little latency on the phone call. This talk will expand on these topics and provide a framework for how to roll out carrier-class VoIP. Richard Gibson President - New England ISSA, http://www.issa-ne.org Nixon Peabody LLP 889 Elm Street Manchester, NH 03101 Email: rcgibson@nixonpeabody.com Phone: (603) 628-4006 FAX: (646) 792-3883 The following are New England ISSA Chapter sponsors: Note: Sponsors may bring materials to the meetings for members to receive at the registration desk. Sponsors Application Security Inc - <www.appsecinc.com> Arbor Networks - <www.arbornetworks.com> Citadel Security - www.citadel.com Cisco Systems, Inc. - www.cisco.com <http://www.cisco.com> Computer Associates - <www.ca.com>
  4. 4. Core Security Technologies www.coresecurity.com <http://www.coresecurity.com> nCircle - <www.ncircle.com> Open Service - www.openservice.com <http://www.openservice.com> Secure Computing Corp - www.securecomputing.com <http://www.securecomputing.com> Symantec, Inc. - www.symantec.com TopLayer - <www.toplayer.com> Verdasys. - www.verdasys.com Vericept Corp. - <www.vericept.com>

×