Security Congress Showcases ‘Solutions Theater’
- By Ronnie Rittenberry
- Sep 11, 2012
The ASIS International 58th Annual Seminar and Exhibits underway here this week at the Pennsylvania Convention Center is also the place and time for the second annual (ISC)2 Security Congress. The two collocated, concurrent events are, according to the hosting organizations themselves, collaborating on" ways to optimize expertise and leverage resources to present two events in the same location with one focus: to provide traditional and information security professionals with the knowledge, technology and networking opportunities they need to excel in their careers and secure their organizations' people, property and data."
One way (ISC)2 is holding up its end of that lofty goal is by presenting three live shows each day this week, Monday through Wednesday, in a cordoned area right in the middle of the expo activity.
Located in the 650s booth area on the expo floor, the 30-minute (ISC)2 "Solutions Theater" shows are drawing attention and applause. Monday's lineup included a 9:30 a.m.-10 a.m. presentation from a company called Phisme in which speaker Scott Greaux discussed strategies for "Achieving Success and Growing a Security Awareness Program for Continuous Improvement."
From 10:15 a.m.-10:45 a.m., Baird McNaught from DHS Inc. presented "The State of Cybersecurity in Control Systems." The three most important takeaways from the presentation were, according to McNaught: "Number one: detection; number two: detection; and number three: detection.
"Security is a process you're never done with," McNaught said. "What we are seeing in 2012 is that, without question, nation-state attacks are increasing, with the bad guys attacking critical infrastructure. Regarding data about control systems, we're finding organizations that are lacking sufficient network controls. Spear phishing is still popular because it's easy to use, and bad guys continue to use it. The laziness factor comes into play. They're using existing malware and trying to make improvements on it."
Also on Monday, from 3:30 p.m.-4 p.m., (ISC)2, represented by Vehbi Tasar and Bhaskar Dawadi, presented "The Value of the CSSLP Certification."
Tuesday's programs include the following:
9:30 a.m.-10 a.m.—CISCO's Tony Vargas presents "Security Management in Your Organization and Beyond Through the Use of Social Networks."
10:15 a.m.-10:45 a.m.—SecureAuth's Garret Grajek presents "How to Become Your Own Identity Provider."
3:30 p.m.-4 p.m.—Phishme's Jim Hansen presents "Spear Phishing: Attack Methods and How to Fight Back."
The lineup on Wednesday will include Fortinet's Ryan Potter presenting "Preventing Creative Malware from Entering Critical Infrastructure" (9:30 a.m.-10 a.m.); Mobile Active Defense's Eric Green presenting "MDM is NOT Security! How to Implement Real Security for Your Mobile Enterprise" (10:15 a.m.-10:45 a.m.); and (ISC)2's James McQuiggan presenting "(ISC)2 Safe & Secure Online Training" (3 p.m.-3:30 p.m.).
About the Author
Ronnie Rittenberry is print managing editor for Security Products and Occupational Health and Safety magazines.