10 Cannot Miss RSA Conference Sessions

Heading to the 2008 RSA Security Conference in San Francisco? Baseline has some advice for you. Here are some of the best sessions that you might want to get an early seat at as they are sure to be crowded. 

1. The Cryptographers' Panel

Time: Tuesday, April 8, 10:25 AM

Speakers: Burt Kaliski Founding Scientist, RSA Laboratories and Director, EMC Innovation Network, EMC Corporation; Ronald Rivest, Viterbi Professor of Electrical Engineering and Computer Science, MIT; Martin Hellman, Professor Emeritus of Electrical Engineering, Stanford University; Adi Shamir, Professor, Computer Science Department, Weizmann Institute of Science, Israel; Whitfield Diffie, Vice President and Fellow Chief Security Officer, Sun Microsystems

The Cryptographers’ Panel is an annual favorite at RSA, and usually the scions of cryptography that convene for this panel have some new or interesting breakthrough to drop on attendees during the lively discussion.

2. The Seven Most Dangerous New Attack Techniques, and What's Coming Next

Time: Tuesday, April 8, 1:30 PM

Speakers: Alan Paller, Director of Research, SANS Institute; Ed Skoudis, Fellow, SANS Institute; Rohit Dhamankar, Senior Manager of Security Research, TippingPoint; Johannes Ullrich, Chief Technology Officer, SANS Institute

The SANS Institute and its partners have their fingers to the pulse of security trends, which is why Baseline chooses this session as the best bet for learning about new attack techniques.

 
3. Solving the Transitive Access Problem for SOA

Time: Tuesday, April 8, 5:40 PM
Speaker: Alan Karp, Principal Scientist, Hewlett-Packard

As deployments of service-oriented architecture rise, enterprises are learning that this flexible architecture is leaving a passel of security woes in its wake. Chief among the concerns are access rights issues. Check out this session to learn about how researchers are finding ways to work around these problems.

{mospagebreak title=Sex, Drugs and Cybercrime: Go Flux Yourself}
 

4. Sex, Drugs and Cybercrime: Go Flux Yourself

Time: Wednesday, April 9, 8:00 AM
Speaker: Matthew Ziemniak, Program Director of Cyber Operations, National Cyber-Forensics and Training Alliance; Kim Grillo, Technical Analyst, United States Postal Inspection Service

This session has the coolest title ever and by the looks of it, it should deliver with some solid content as well. The speakers will provide case studies and demos that will hopefully shed light on how criminals are using fast-flux networks to attack organizations and what security practitioners can do to fight them.

5. Open Security Initiatives at Bank of America

Time: Wednesday, April 9, 9:10 AM
Speakers: Todd Inskeep, VP Innovation & R&D, Bank of America; Scott Huie

SVP - E-Commerce, Bank of America; David Shroyer, Vice President, E-Commerce

Bank of America; Steven Jones, Sr Architect Manager, Bank of America

Everyone can appreciate a track session completely devoid of vendor spin. This one looks like it will deliver the goods, with an in-depth case study of Bank of America security practices straight from the BoA executives’ mouths, with not a single vendor rep among them.

6. Effectively Presenting to the Board of Directors

Time: Wednesday, April 9, 10:40 AM
Speakers: Joyce Brocaglia CEO and President, Alta Associates, Inc; Renee Guttmann

ISO, Time Warner; Suzanne Hall, CIO, Washington Nationals Baseball Club; Denise Hucke, Director, Information Security, Merck & Company; Lynn Terwoerds, Global Head of Security Standards and Architecture, Barclays Bank

Looking for real-world advice on how to handle the Board of Directors when they’re screaming for information about company security practices: Listen up during this session and learn how a number of security practitioners at top organizations do it.

{mospagebreak title=Cyber Storm II—The Most Comprehensive Cyber Exercise in U.S. History } 

7. Cyber Storm II—The Most Comprehensive Cyber Exercise in U.S. History

Time: Wednesday, April 9, 12:00 PM

Speaker: Greg Garcia, Assistant Secretary for Cyber Security and Communications, Department of Homeland Security

This session will feature DHS bigwig Greg Garcia, who will offer up results from the March 2008 Cyber Storm exercise and provide advice on how organizations can improve their cyber-response capabilities.

8. Avoiding the Security "Groundhog Day"

Time: Thursday, April 10, 9:10 AM

Speakers: Mike Rothman, President, Security Incite; Richard Mogull, Founder

Securosis, L.L.C., Ronald Woerner, Security Engineering Consultant, Information Security, TD Ameritrade ThinkTech; Martin McKeay, Blogger/Podcaster, Network Security Blog; David Mortman, CSO-in-Residence, Echelon One

Picking a conference session is kind of like choosing college courses; you always want to pick based on the “professor,” not the session topic. We think this session will be great because the panel includes some of the more outspoken characters in the security world. They’ll discuss how to avoid wasting time making the same mistakes to solve the same old security problems.

9. Case Study: Implementing Open Source in a Corporate Environment

Time: Thursday, April 10, 10:40 AM

Speakers: Richard Maathey, Information Security Manager, Experian CheetahMail;  Barbara Fennell, BISO, Experian

Two of Experian’s security experts will discuss their successes in changing the attitude in their organization to make colleagues comfortable bringing the power and flexibility of open source software to its security practice.

10. Understanding Sensitive Enterprise Data Flows

Time: Friday, April 11, 9:00 AM
Speakers: Dan Manley, Senior Manager, KPMG LLP; Earl Porter , Director Information Security, Transamerica; Ted Claypoole, Member, Womble Carlyle; Renee Guttmann, ISO, Time Warner; Nancy Wilson, Senior Director Enterprise Information Security, Time Warner Cable

This panel will examine how to best develop methods to discover, analyze and categorize customer data in order to strike a secure balance of document maintenance, access control, confidentiality and cost.