Information Security Philippines

September 11, 2006 (Day 1)

8:30

Registration and Opening Ceremonies

9:15

The Philippine ICT and Security Scene: Where are we now?

How secure are our cyber-borders from attacks? What’s it like in the local scene? Who’s secured and who’s not? And who is a threat to everybody else in cyber-Philippines? Is there a national effort to safeguard the country against attacks from cyberspace?

10:00

COFFEE BREAK

10:15

Mobile Security for the Mobile Workforce
Increasingly, companies are allowing employees to work remotely via VPNs, Web-based collaboration tools and other remote connections but these innovations have also brought new windows of exposures to the Enterprise.

11:00

New Trends in Spam, Spyware and other Malware
In the past few months, we’ve seen the rapid pace of these threats’ evolution. Companies of all sizes even technology companies are struggling to contain them. Learn the technologies and practices to minimize their impact. Last year, a study in the US showed that 4% of URLs contained spywares - this is just the tip of the iceberg.

12:00

LUNCH

1:00

Web Application Security: Why you should be concern

This is an endless discussion facing eBusiness for many years. You’ve heard of buffer overflow, cross-site scripting, SQL injection and other web-based attack vectors. Here’s the low-down on the best practices for building secure web applications.

1:45

Information Management for Today’s Enterprise
For many companies, big and small, asset or information management has been one of the most ignored first steps in establishing a more secure enterprise. In this session, you will learn how to manage assets - tangible and intangible and who should own it.

2:30

Information Security on a Shoe-String Budget For Small and Mid-size Companies
CIOs and CISOs have struggled with the management in many fronts. One in particular is securing “IT Security” expenditures. It’s an uphill battle for many IT executives but there’s always another option. Open-Source tools and all-in-one appliances have matured and they’re ready for primetime.

3:15

COFFEE BREAK

3:30

Encryption: Files, Folders, Hard Drives, Backup Media, Database and Data Transmission
Your laptop got stolen. Your MyDocuments folder is shared. Your tapes lost its way to the storage site. Sending emails with confidential files attached. The company’s database server is on the network’s backbone. Do you need crypto?

4:15

Why do we need Security Regulations? The Benefits and why are we lagging.
The Philippines has been lagging in this area. American, European and even some Asian countries have been setting up laws and regulations to protect confidential corporate and personal information from leakage, tampering and downtime. We’ve heard of SOX, GLB, FFIEC, DPA, EC Directive and the 8th Directive, FISMA, DITSCAP, HIPAA, PCI, SAS/70, PIP, CFR Part 11, EU Annex 11, Freedom of Information Act, Patriot Act, Au Privacy Act, MLR, California SB1386/1950, etc

5:00

Information Technology Forum – Ask the Experts:
One solid hour of questions and answers from people who eat, drink and never sleep, when it comes to securing and protecting your privacy

6:00

RAFFLES AND PRIZES

September 12, 2006 (Day 2)

7:30

CEO/CIO Breakfast Forum

9:00

The New ISO27001:

The new International Standard for an Information Security Management System.
It’s the first in a family of international security standard designed to protect IT worldwide in the next decade. Just off the press and ready for your protection.

9:45

Implementing “Real” Holistic Security: What does it take?
Diverse network and security technologies in an enterprise is a challenge to consolidate: log correlation, alert integration, proprietary protocols and skill set issues to any executive. This is a quick look on what technologies and practices can address these hurdles.

10:30

COFFEE BREAK

11:00

IT Theft: from the inside
Your IT staff may have protected you from external attacks. But what about from your own “loyal” staff. Find out what every CEO and business executive can do to protect valuable data from unauthorized use and access by even those “trusted” IT professionals, in your organization.

12:00

LUNCH

1:00

Managing the security issues: start with policies from the top
Security is no longer a peripheral issue. It is a management concern and responsibility. And that means setting up your information systems security policies… from the top.

1:45

Disaster recovery and business continuity planning
This is what you don’t need today. But getting it ready today is important if we want to make sure we can still have our business tomorrow… just in case.

2:30

Securing your applications: what you can’t afford to lose
You’ve spent a lot developing and maintaining your systems so far. But have you invested enough to ensure that your systems remain secured against all forms of attacks? Known, unknown and yet to be made known?

3:15

COFFEE BREAK

3:30

Information Security Best Practices of the World’s Largest Companies
Many small companies and even large companies’ executives have wondered how Fortune 100 companies are struggling with Information Security Management. Just picture this: 60+ routers, 300+ servers, 25 locations, all types of Windows/Unix/Midrange and Mainframe. 40,000 users, 165 applications, Oracle/SQL/ DB2/Other DBs, 42 firewalls, 300 IDS sensors…..How?

4:15

Forensics: Its practicable practice in the Philippines
We have forensic experts in the country. Sure! But who says they can catch a thief or a cyber crawler in the dark cover of the night? Who knows how?

5:00

Information Technology Forum – Ask the Experts:
One last hour for your questions to find the answers that can turn you and your business into either a secured beauty of success or an un-secured beast of burden.

6:00

MORE RAFFLES and BIGGER PRIZES

All information and schedules shown are accurate at time of printing. ISSSP reserves the right to change topics, schedules, and other details, as needed. Please check with ISSSP for updated information.