Mid-Atlantic CIO Forum - Meeting Announcement
Topic- Security: Moving from Monitoring Toward Prevention
Date: November 21, 2013
Location: Towson University
Please join CIO members and invited guests at the November roundtable plus!
Right now, intruders are infiltrating government and private sector computer networks. Defenders, policy makers, business managers, and scholars continue to debate countermeasures. To begin this roundtable plus meeting of the Forum, Mandiant CSO Richard Bejtlich will share his perspectives and recommendations. In 1997 Mr. Bejtlich transitioned from the policy and military intelligence worlds into hands-on technical work defending military, government, academic, and business networks. As he moves back to the policy and intelligence communities, Mr. Bejtlich is developing ways to link policy, strategy, campaigns, tactics, and technology to defend digital resources. Mr. Bejtlich will discuss the threats facing network owners, the tools used by threat actors, how defenders counter those actors and tools, and his own Network Security Monitoring strategy, most recently expanded upon in his fourth book, “The Practice of Network Security Monitoring”.
Next, Ira R Greenstein, Chief Information Systems Officer, Maryland State Retirement Agency will present ““Internal Information Security Risk: Its Mitigation and Challenges”. In this presentation Mr. Greenstein will delineate different components of internal security risks, including data breaches, loss of intellectual property, fraud, and sabotage. These risks emanate from, or vector through, the people who work for an organization, and addressing them is best accomplished through a combination of technology, policy, educational and other programs. That stated, getting ahead of these risks can often entails actions that conflict directly with human resource management policies, or in some cases can violate laws and regulations. In addition, there are practical considerations that force management to weigh the respective threats, the organization’s susceptibility, and the potential dollar impacts of individual risks. This presentation will explore the issues associated with internal threats (e.g., morale, intervention, IT’s organizational role, BYOD, contractors, etc.), identifying managerial dilemmas along with some approaches to risk mitigation.
This meeting is a Roundtable Plus meeting. Only CIO members, guest CIOs and guests invited by CIO members for this roundtable will be attending. The roundtable format will be used and all participants will have signed a non-disclosure agreement. (NDA).
Please join our members at the meeting! The meeting starts at 8:00 AM and ends by 1PM. Brunch and lunch are provided. Pre-registration is required. Meeting logistics including agenda, directions to the meeting place and parking information will be emailed to you after you register. For registration for this meeting, please contact: Bonnie Lawson at firstname.lastname@example.org or 410-704-4252.