| The Venue: All-Suite Hotel & Casino |
When you need to know, ask the experts…
CyberSecurity: Where Are We?
The world is online. There is an increasing demand for systems and software to provide data access from any location with wireless access or a phone line. This trend is exposing systems to a growing number of security risks. If you are responsible for developing or supporting software or systems that can be accessed from outside, you need to know how to protect yourself and your customers from digital attacks. This exciting track will focus on providing a condensed state-of-affairs overview about current digital security. | Track Organizer: |
TOPICS OF DISCUSSION: | |||
◊ | New Technologies and Innovations | ◊ | Latest Attack Vectors |
◊ | Paradigms and Best Practices | ◊ | Trust and Assurance |
◊ | Law Enforcement Update | ◊ | The Problem-Solution Vicious Circle |
◊ | CyberSecurity and the Courts | ◊ | Industry Report: CIO Roundtable |
| BENEFITS: | |||
| |||
Tentative Program as of 3/6/08: |
7:30 am Registration |
9:00 am Session I |
10:00am Session II |
11:00am Session III |
12:00pm Keynote |
1:30pm Session IV |
2:30pm Session V |
3:30pm Session VI |
| 4:30pm Session VII - Roundtable Discussion |
RELATED FILES The Common Law and its Impact on the Internet |
BIOGRAPHIES and ABSTRACTS of PARTICIPANTS |
| ROBERT AALBERTS Title of Talk: “Recent Developments in Cyberlaw” Name/Position: Robert J. Aalberts, J.D., M.A. Lied Professor of Legal Studies College of Business University of Nevada, Las Vegas Short Biography: Robert J. Aalberts is the Lied Professor of Legal Studies at the University of Nevada, Las Vegas. He received his Juris Doctor from Loyola University and an M.A. from the University of Missouri-Columbia. Professor Aalberts’ primary research interests include cyberlaw, real estate law and employment law. He has also published over 105 articles in legal and business journals, including the Communications of the ACM, Information Systems Management, Information Systems Security, and a chapter in the book Information Security Management: Global Challenges in the Next Millennium. Professor Aalberts is currently the Editor-in-Chief of the Real Estate Law Journal where he has served for the past 16 years. Professor Aalberts is co-author of the textbook, Law and Business: The Regulatory Environment, 1994, published by the McGraw-Hill Book Company and Real Estate Law, 6th ed., 2006, published by Thomson/West. Short Description: Internet law has been constantly growing and changing since the inception of the World Wide Web. Today, the legal environment is becoming more predicable as state and federal legislatures and the courts continue the process of regulating it. Professor Aalberts’ presentation will speak to some of the recent legal developments in cyberlaw, including those pertaining to jurisdictional issues, intellectual property, civil and criminal liability and security. |
|
| HAL BERGHEL Title of Talk: "PASIFOR: Live Network Hacking for the Risk-Averse” Name/Position: Hal Berghel, PhD Associate Dean of the UNLV College of Engineering Director of the UNLV School of Informatics Short Biography: Hal Berghel is the Founder and Director of the Cybersecurity Research Center and co-Director of the Identity Theft and Financial Fraud Research and Operations Center. He has published research in several areas of IT security including digital credentialing, cybercrime and cyberfraud, internet forensics, phishing, network anonymizing, data hiding, WiFi attack vectors, and credit card forensics. His research has been funded by the Department of Justice, Department of Defense, Department of Health and Human Services, the Food and Drug Administration, the Department of Energy, and a few other unnamed government agencies. Berghel is both an ACM and IEEE Fellow, an inventor, the author of several popular columns, and appears regularly on talk radio. Hal is the CyberSecurity Track Chair of the 2008 IEEE CS Technology Summit. Short Description: Networks are under attack from all sides. The bad guys are innovating faster than our defenses. How do we deal with this problem? Through education and training of IT personnel. But turning over aggressive hacking tools to students is fraught with danger. Enter Passive Forensics and our new toolset that allows instructors to safely teach, and students to safely experiment with, hacking tools without Internet access. Using virtualization, we have solved the problem of risky use of dangerous tools in an experimental or educational setting. The first release of this toolset that allows the student to explore the appearance of effects of network based reconnaissance and attacks will be demonstrated live. Documentation and software will be provided free to all CyberSecurity Track registrants. |
|
| GEORGE CYBENKO Title of Talk: “How Much is Security Worth?” Name/Position: George Cybenko, Gram Professor of Engineering, Dartmouth Short Biography: George Cybenko has worked in the area of distributed computing, signal processing and security for 30 years. He was the founding Editor-in-Chief of IEEE Computing in Science and Engineering and IEEE Security & Privacy and has served on the IEEE Computer Society Board of Governors and is currently the First Vice-President. Cybenko earned his BS from the University of Toronto and his PhD from Princeton. He is a Fellow of the IEEE. Dennis serves on the Nevada State Interoperability Executive Committee and is a member of U.S. Department of Homeland Security SAFECOM Emergency Response Council. Since 1998, Dennis has worked extensively with information technologies and public safety communications systems, including the design, construction and operation of the Las Vegas Metropolitan Police Department 9-1-1 Emergency Telecommunications. He is a founding co-Director in UNLV/LVMPD Identity Theft and Financial Fraud Research & Operations Center, and has consulted with the Department of Justice and the National Institute of Justice. He is a graduate of the FBI National Academy, served as a Fulbright Fellow for Police Studies in England in 1992, and as a White House Fellow in 1994-95 assigned as a special assistant to the Vice Chair of the Joint Chiefs of Staff. He is a FEMA certified ICS instructor, and started his public safety career as a firefighter with the Clark County Fire Department in Nevada. Short Description: It has been very difficult to quantify the value of computer security technology. Actuarial-type data which is the basis for much of the insurance business has been hard to obtain and what is available might not be relevant to new technology deployments. This void has caused operational problems because systems operators cannot argue effectively for the budgets they need while financial decision makers have no idea what investment in computer security is appropriate and what that investment buys in the way of protection. This talk will present a new methodology for quantifying security risks in computing and other infrastructure systems. |
|
| DAVID HOELZER Title of Talk: "PASIFOR: Live Network Hacking for the Risk-Averse” Name/Position: David Hoelzer, CISO and Principle Examiner, CCE, Enclave Forensics Short Biography: David Hoelzer David has been in the IT field for more than twenty years and has specialized in Information Security and Forensics for more than a decade. He is a SANS Institute Fellow, a Research Fellow with the Internet Forensics Center and an adjunct research associate of the UNLV Center for CyberSecurity Research. Short Description: Networks are under attack from all sides. The bad guys are innovating faster than our defenses. How do we deal with this problem? Through education and training of IT personnel. But turning over aggressive hacking tools to students is fraught with danger. Enter Passive Forensics and our new toolset that allows instructors to safely teach, and students to safely experiment with, hacking tools without Internet access. Using virtualization, we have solved the problem of risky use of dangerous tools in an experimental or educational setting. The first release of this toolset that allows the student to explore the appearance of effects of network based reconnaissance and attacks will be demonstrated live. Documentation and software will be provided free to all CyberSecurity Track registrants. |
|
JOSEPH LOMBARDO Title of Panel: “An Enterprise View of Cyber-Security” Name/Position: Joseph Lombardo, Director, National Supercomputing Center for Energy and the Environment Short Biography: Joseph Lombardo is a consultant to numerous industries, academia and government laboratories with an expertise in 3-D modeling codes, massively parallel computing, data management and data visualization. He has served as principal investigator on numerous grants totally more than 10 million dollars. Recently, he served as a witness for the U.S. Senate Committee on Commerce, Science and Transportation's Subcommittee on Technology, Innovation, and Competitiveness in Washington DC. The hearing offered an opportunity to inform the committee first hand about some of the more important policy issues affecting High-Performance Computing as it relates to computational research and education. Short Description: Information security impacts business and industry now more than ever. Sometimes the modern CIO feels sandwiched between Sarbanes-Oxley, Gramm-Leach-Bliley, and HIPAA on one side, and hackers and cyber-terrorists on the other. This panel brings together leading CIOs to discuss how current security vulnerabilities affect their organizations. |
|
MARC MCDERMOTT Title of Panel: “Protection at the Overlap: Virtual & Physical Security Convergence” Name/Position: Marc McDermott, Technical Director, Gaming Standards Association Short Biography: Marc McDermotty is currently employed as the Technical Director for the Gaming Standards Association (GSA). Marc joined the GSA in February of 2006 to assist GSA committee chairpersons and GSA senior management in developing standard communication protocols for the gaming industry. Marc brought more than 8 years of gaming experience to the GSA from the Nevada Gaming Control Board’s Electronic Services Division where he functioned as the Chief of that Division for almost 7 years. While at the “Board,” Marc developed and participated in the development, of Regulations and Technical Standards for the State of Nevada including the System Based and System Supported Technical Standards. Prior to becoming involved with gaming, Marc worked as a Section Manager and a Design Engineer in the field of counter terrorism and nuclear weapons testing. Short Description: Physical and virtual security measures must be complimentary and mutually supporting to be successful in the modern enterprise. This panel discussion includes presentations regarding the implications of this convergence in a major resort casino and that properties five primary areas of focus. Additional discussion will consider requisite operational practices to support security operations across both virtual and physical domains - practices and procedures necessary to secure information in across a converged information environment. |
|
ALAN PALLER Title of Talk: “Recognizing the Heroes of Cyber Security” (Keynote) Name/Position: Alan Paller, Director of Research, SANS Institute Short Biography: Alan Paller Alan founded SANS in 1989 to provide graduate level education to cybersecurity professionals. In the intervening years, more than 80,000 people have learned their technical security skills - from forensics to penetration testing to intrusion detection, in SANS courses. Today Alan focuses on identifying the tipping points that can turn the tide against the growing wave of cyber crime and cyber espionage. He has testified several times before the US House and Senate, and the President named him to the National Infrastructure Assurance Council. His degrees are from Cornell and MIT. Short Description: We are losing the war against cyber crime. Attack techniques are gaining in sophistication and effectiveness far more rapidly than defensive techniques are responding. Every major corporation an d government agency, and a surprisingly large number of smaller organizations have been deeply penetrated, their data lost to nation states bent on economic or military espionage, and their computers left with back doors through which the attackers can return at will. But all is not lost. A few heroes -- primarily in government -- have planted seeds that can grow into major new defensive capabilities -- perhaps enough to begin to turn the tide. This talk is about those people and the innovations in cyber security they are creating. You don't have to be a security expert to enjoy this talk. It problem statement may scare you, but the models of success are heartening. |
|
ROBERT SEBBY Title of Panel: “Protection at the Overlap: Virtual & Physical Security Convergence” Name/Position: Robert Sebby, Supervisor, Financial Crimes Section, Las Vegas Metropolitan Police Department Short Biography: Bob Sebby is currently the Lieutenant supervising the Financial Crimes Section for LVMPD. This includes the Fraud, Forgery and Electronic Crimes Unit for the agency. His police experience has consisted of numerous specialized assignments including Narcotics, Intelligence, Patrol, Forgery and the Communication sections. Bob has spoken at several national conventions on Identity Theft and continues to speak on this topic. Bob has been involved with numerous high profile investigations involving the FBI, IRS and the Secret Service involving white collar crime. Bob was the co-author of the Identity Theft draft for legislation that was passed into law by the Nevada Legislature. Bob stays active within the community with presentations on white collar crime for the prevention of victimization to our citizens. Short Description: Physical and virtual security measures must be complimentary and mutually supporting to be successful in the modern enterprise. This panel discussion includes presentations regarding the implications of this convergence in a major resort casino and that properties five primary areas of focus. Additional discussion will consider requisite operational practices to support security operations across both virtual and physical domains - practices and procedures necessary to secure information in across a converged information environment. |
|
NEIL G. SIEGEL Title of Panel: “An Enterprise View of Cybersecurity” Name/Position: Neil G. Siegel, Sector Vice President, Northrop Grumman Mission Systems Short Biography: Neil Siegel is Sector Vice-President of Advanced Systems / Technology (e.g., Chief Technology Officer) for the 17,000-person Mission Systems sector within Northrop Grumman. Prior to taking that assignment, he was the Vice-President and General Manager of the company’s Tactical Systems Division. During the seven years that he led this division, its sales increased by more than a factor of five. Before that, he held increasingly-responsible positions in engineering, business development, and program management. He has supervised the creation and fielding of successful systems in many domains, including air / missile defense, battle command, Blue-Force Tracking, network-centric warfare, tactical operations centers, integrated security / force protection, commercial information technology, simulation and training, radar, intelligence, unmanned air vehicles, and logistics automation. He was elected to the U.S. National Academy of Engineering in 2005, and has received a variety of other awards and honors. Short Description: Information security impacts business and industry now more than ever. Sometimes the modern CIO feels sandwiched between Sarbanes-Oxley, Gramm-Leach-Bliley, and HIPAA on one side, and hackers and cyberterrorists on the other. This panel brings together leading CIOs to discuss how current security vulnerabilities affect their organizations. |
|
C. DAVID SHEPHERD Title of Panel: “Protection at the Overlap: Virtual & Physical Security Convergence” Name/Position: C. David Shepherd, CEO, Readiness Resource Group Short Biography: C. David Shepherd is the CEO of Readiness Resource Group, a small veteran owned business that provides readiness consulting and training services to governmental, commercial and international entities through assessments of all critical components affecting the client's ability to conduct business. Prior to RRG Mr. Shepherd retired from the Federal Bureau of Investigation as a Supervisory Special Agent. He was responsible for such areas as SWAT, Firearms, Counter-terrorism, Evidence Response Team and special operations during his tenure with the FBI. After Mr. Shepherd's retirement from the FBI he spent seven years as the Executive Director of Security for the Venetian Resort Hotel Casino, the fourth largest hotel in the world. As a direct result of the terrorist attacks on 9/11 over 100 changes were made to the Venetian in the face of thirteen different fields of terrorism. These preventive measures were closely aligned and coordinated between physical security and IT departments to ensure a seamless protection arena for the property, guests and team members. Mr. Shepherd is the Co-Chairman for the Resorts Sub-council under the Commercial Facilities Sector Coordinating Council (CFSCC), one of the seventeen critical Infrastructue/key resources (CI/KR) sectors identified by the Department of Homeland Security. Mr. Shepherd has participated on the Partnership of Critical Infrastructure Security (PCIS) a White House working group and on the Expert Panel for the Critical Infrastructure, representing the commercial sector. Mr. Shepherd has authored a book entitled, "Preventive Measures: Is your company ready? Are You? Short Description: Physical and virtual security measures must be complimentary and mutually supporting to be successful in the modern enterprise. This panel discussion includes presentations regarding the implications of this convergence in a major resort casino and that properties five primary areas of focus. Additional discussion will consider requisite operational practices to support security operations across both virtual and physical domains - practices and procedures necessary to secure information in and across a converged information environment. |
|
ERIC VANDERSTELT Title of Talk: “Protection at the Overlap: Virtual & Physical Security Convergence” Name/Position: Eric Vanderstelt, SSA, Federal Bureau of Investigation Short Biography: Eric Vanderstelt is a Supervisory Special Agent (SSA) Vanderstelt is a graduate of Michigan State University with a degree in Electrical Engineering. He has been a Special Agent in the Federal Bureau of Investigation (FBI) for twelve years, and has conducted investigations involving computer intrusion and economic espionage. He currently directs the FBI's cyber crimes investigative mission within the District of Nevada. This investigative mission includes potential violations of federal statutes related to computer intrusions, online child predators, intellectual property rights, and Internet fraud. Short Description: Physical and virtual security measures must be complimentary and mutually supporting to be successful in the modern enterprise. This panel discussion includes presentations regarding the implications of this convergence in a major resort casino and that properties five primary areas of focus. Additional discussion will consider requisite operational practices to support security operations across both virtual and physical domains - practices and procedures necessary to secure information in and across a converged information environment. |
|
PAUL ZAVIDNIAK |
| ** Don't wait to register! Seating will be limited to maximize the quality of your experience. | |
The Technology Summit series is designed to provide development & strategy executives, CTOs, CIOs, senior-level managers and leaders in technology with an opportunity to come together in small groups to learn about the very latest issues, information, strategies and advances impacting today's high-technology business. If you have any questions, please contact us: TechSummit@computer.org | Series Organizer: |
This IEEE Computer Society Technology Summit series event is being held
in conjunction with the Computer Society's 'Board of Governors' meetings week.