When we consider the growing number of risks and threats to business and people from terrorist organizations and other groups, it is time for security, threat and vulnerability assessments and crisis management to become strategic governance issues. The benefits of establishing a comprehensive risk management strategy have been shown to more than offset the costs. As part of this strategy it is also essential to achieve compliance with the growing number of industry standards that address these issues. By adopting a strong risk/crisis management posture, your firm can ensure customer trust, your brand reputation and your bottom line. By attending this seminar you will learn the value of implementing risk management solutions versus the risks of not doing so.

Media Coverage
by Alex Goldman
ISP-Planet Managing Editor
http://www.isp-planet.com/business/2008/wsta_threat_overview.html
http://www.isp-planet.com/business/2008/wsta_cybercrime.html
http://www.isp-planet.com/business/2008/wsta_insider_threat.html
Sponsors: Archer Technologies, ArcSight, Avaya, AT&T, Intellitactics, LANDesk, Neocleus, , SecureWorks, Secure Computing and VoIPShield Systems

7:30AM - 8:00AM
Registration, Breakfast and WSTA Introductions -
Breakfast sponsored by Secure Computing

8:00AM - 8:45AM Keynote Presentation -
The Future of Information Security: What’s Next?
John P. Pironti, Chief Information Risk Strategist, Getronics
Information security has evolved from a technical specialty into a core business function. The people, processes, procedures, and technologies that are utilized to protect information infrastructure are changing and maturing at a rapid pace. So too are the capabilities of the adversaries from whom you need to protect your information infrastructure. This session will discuss how your adversaries and threats they pose are evolving, and the emerging trends in information security designed to protect your information infrastructure from them. The areas which will be addressed include governance and organizational models, threat and vulnerability management concepts, compliance frameworks, and technological advances.

8:45AM - 9:00AM
Guest Speaker-Jim Routh, Depository Trust & Clearing Corp -
This presentation will provide a case example of a practical approach to enterprise wide security risk assessment used at DTCC. This will include a risk scoring model that provides a daily risk score at multiple levels that can be used to quantify a security risk profile and prioritize remediation priorities for adjusting the risk posture based on changes to threat trend data.

9:00AM - 9:25AM
Premier Sponsor Presentation -Archer Technologies -
Jon Darbyshire, Founder and CEO – Archer Technologies
The growing volume of threat data poses a significant challenge to identifying threats that impact your business. Companies that effectively implement a threat management solution and integrate it with asset data, policy management processes and other core enterprise risk and compliance mega processes can proactively prevent attacks before they negatively affect their enterprise. During this session, Jon Darbyshire will discuss how Fortune 1000 companies are implementing an effective threat management program to capture and consolidate threat data, filter and prioritize threats that could affect their critical technologies, notify responsible personnel who can respond proactively, and report on current state and remediation. The ultimate result of such a program is the preservation of business continuity.

9:25AM - 9:40AM
Break and demo area visits - Ballroom C

9:45AM - 11:40AM
Breakout Sessions-Two concurrent sessions of four presentations each.

11:45AM-12:15PM
Demo Area Open - Ballroom C

12:00PM-1:30PM
VoIP Engineers Interactive Roundtable and Luncheon-WSTA Financial Firm Members Only
Sponsored by VoIPShield Systems

The Radisson Martinique on Broadway
49 West 32nd Street, NYC

John P. Pironti, Chief Information Risk Strategist, Getronics
John P. Pironti is the Chief Information Risk Strategist for Getronics. He has designed and implemented enterprise wide electronic business solutions, information security programs, and threat and vulnerability management solutions for key customers in a range of industries, including financial services, government, hospitality, aerospace and information technology on a global scale. Mr. Pironti has a number of industry certifications including Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM), Certified Information Systems Security Professional (CISSP), Information Systems Security Architecture Professional and (ISSAP) and a Information Systems Security Management Professional (ISSMP). He is also a published author and writer, and a frequent speaker on electronic business and security topics at domestic and international industry conferences.

Rick Dalmazzi, President and CEO, VoIPshield Systems
A security industry veteran, Dalmazzi brings nearly 30 years of technology industry experience to the VoIPshield team. As President and CEO of Certicom Corp, a developer of Internet wireless and wireless security technology, Dalmazzi oversaw a 25x growth in revenue and valuation. He has spoken at numerous industry conferences, including keynotes at the Wireless World Conference and Smart Card Forum. He is a frequent guest lecturer, having spoken at leading North American business schools, including MIT and Stanford. Additionally, Dalmazzi has published articles on emerging security issues in leading trade publications and acted as a trusted source to business press.

Stewart Christensen, Corporate Strategist, LANDesk Software
As a Corporate Strategist for LANDesk Software, Stewart Christensen interfaces directly with partners and customers world-wide to define and refine company solutions to meet customer needs. Interfacing with internal Product Marketing and Software Engineering teams to drive strategic direction is one of Stewart’s key goals. Delivering that strategic message to our customers and partners is his primary focus.
With over 18 years of computer industry experience, Stewart has been with LANDesk for over three years as a Corporate Strategist. Before that he held various positions at Novell such as Systems Engineering Manager, Sr. Systems Engineer and Sr. Consultant. Prior to that Stewart served as Vice President Director of IT for a large advertising agency.

Thomas Porter, Ph.D. - Chief Security Architect, Avaya Inc
Thomas Porter has spent over eleven years in the networking and security industry as a well-respected consultant, speaker and developer of security tools. He has hacked into networks belonging to banks, credit unions, credit card companies, U.S. government and military institutions, and spammers’ computers. He possesses expert knowledge of routing, switching, network and host exploitation methodologies, ISO17799, SOX, GLBA, and HIPAA security assessments. Prior to joining Avaya in 2002, he worked at Alteon WebSystems, Nortel Networks and Praxair. In the past year, Porter completed a highly successful term as the director of IT Security for the 2006 FIFA Men’s Soccer World Cup and as the chief security architect for Avaya’s Global Services Consulting & Systems Integration practice.

Brian T. Contos, CISSP - Chief Security Officer, ArcSight Inc.
Mr. Contos has over a decade of real-world security engineering and management expertise developed in some of the most sensitive and mission-critical environments in the world. As ArcSight's CSO he advises government organizations and Global 1,000s on security strategy related to Security Information and Event Management (SIEM) solutions while being an evangelist for the security space. He has written several security books including Enemy at the Water Cooler – Real Life Stories of Insider Threats as well as Physical and Logical Security Convergence. He has delivered countless speeches, webcasts, podcasts, and magazine articles for Forbes, Computerworld, Sarbanes-Oxley Compliance Journal, SC Magazine and many others. Mr. Contos has held management and engineering positions at Riptech, Lucent Bell Labs, Compaq Computers and the Defense Information Systems Agency (DISA). He has worked throughout North and South America, Europe, and Asia and holds a B.S. from the University of Arizona in addition to a number of industry and vendor certifications.

Jon R. Ramsey, Chief Technology Officer, SecureWorks
Jon Ramsey is an information security expert with policy-making responsibility at SecureWorks in Atlanta, GA. Ramsey has over 12 years of hands-on experience at every level: system administrator, software engineer, analyst, security penetration specialist and senior engineer. Prior to joining SecureWorks, Ramsey worked for the Computer Emergency Response Team (CERT), Siemens, and the University of Pittsburgh. Ramsey earned a Master’s degree in software engineering from Carnegie Mellon University and a BS in computer science from the University of Pittsburgh. He is a member of IEEE and the Association for Computing Machinery (ACM).

Jon M. Darbyshire, President and Chief Executive Officer, Archer Technologies
Jon Darbyshire founded Archer Technologies and has been the company's CEO and visionary since its inception in 2000. Jon leads the overall plan, market and product development strategies for Archer. A pioneer in the information security market, Jon has held senior executive positions within the Security and Risk Management practices of Ernst & Young and Price Waterhouse. His efforts over recent years have focused on developing product solutions that enable enterprises to effectively organize and distribute the critical knowledge employees require to be more successful in performing their daily functions. The evolution of Jon’s dream has led to the development of the Archer Technologies suite of targeted solutions, which assist businesses in effectively identifying and managing risks associated with their critical business processes and in demonstrating regulatory compliance.

Etay Bogner, Co-Founder and CTO, Neocleus
Mr. Etay Bogner, Co-Founder and Chief Technology Officer, drives the company’s product vision and technical direction. As a networking and security industry veteran, Etay brings extensive expertise and market understanding to his role at Neocleus. This is also Etay’s second entrepreneurial venture. His first venture, Sofaware Technologies Ltd., was sold to Check Point Software Technologies Ltd. (Nasdaq: CHKP). Etay founded and was managing director of Sofaware Technologies. In addition to starting Sofaware, Etay has held technical positions at BackWeb and other internet, networking and security companies. He holds a B.Sc in Mathematics and Computer Sciences from Tel Aviv University.

Jim Routh, CISM, Chief Information Security Officer,
The Depository Trust & Clearing Corporation
Jim Routh has over 20 years of experience in information technology and information security as a practitioner, management consultant and leader of technology functions and information security functions for global financial service firms. Jim designed and implemented an enterprise wide information security program for the Depository Trust and Clearing Corporation (DTCC) based on risk management best practice, COBIT and ISO 27001 standards. He implemented an information security risk assessment process and a security program for application development. Prior to joining DTCC he was the first CISO for American Express and responsible for the implementation of an enterprise wide implementation of GLBA specific controls and practices within two different banking entities in North America. Prior to that, he led a customer information management function within Risk Management for the US card businesses for American Express. Prior to that he led the information technology function for the Institutional Services and Investment Management businesses for American Express Financial Advisors. Mr. Routh was a management consultant in information technology for dozens of leading financial service firms for over 12 years.

Sunil Bhargava, Chief Technology Officer, Intellitactics
Sunil Bhargava brings more than 20 years of industry experience in enterprise technology, security practices, and product and business management to Intellitactics. Extensive experience gained from consulting to leading-edge organizations in the US, Asia, and Europe solidified his focus on assisting clients in crafting solutions to meet their requirements and implementing needed change. As chief technology officer for Intellitactics, Bhargava draws on this experience as he works with Fortune 500 companies and major government agencies to identify trends and requirements for leveraging information security best practices, technology, and processes to manage enterprise risk. Prior to joining Intellitactics, Bhargava co-founded INTECH, a technology consulting firm. Previously, he provided management consulting to numerous technology firms, including WisdomWare as chief technology officer, OneSoft as vice president of technology, and Clip Genius as co-founder and chief technology officer. He holds a Bachelor of Science degree in Computer Engineering and a Master of Science degree in Software and Systems from George Washington University.

Stan J. Quintana, Vice President, AT&T Security Services
Stan Quintana is responsible for AT&T’s Managed Security Services. These specific security services offer best-in-class solutions for AT&T customers. In addition, he has been responsible for planning, managing and implementing AT&T’s own business continuity and recovery program, as well as developing business continuity solutions for commercial clients. Stan has held positions in finance and business operations, managing various information management and information technology programs at AT&T. He was AT&T Global Financial CIO, responsible for developing AT&T’s global financial systems architecture that supported systems in 38 countries, and built the company’s first billing and operations center in Denver, CO. Stan earned a bachelor’s degreein mathematics and physics from Regis University in Denver and a masters of science degree in computer science and electrical engineering from the University of New Mexico.