RSA Conference Brochure 2008

casE studiEs tuEsday, april 8 1:30 p.m. – 2:40 p.m. CASE-105 WEdnEsday, april 9 8:00 a.m. – 8:50 a.m. CASE-201 (L2) running With Scissors: Security vs. Compliance in the Electric industry (S) Architecting and Deploying an Entitlement Management Solution at Wachovia Ryan Bagnulo | Vice President, Head of Architecture & Innovation, Wachovia Corporate & Investment Banking Technology, CTO Group MODERATOR: Patrick Miller | Sr. Information Security Consultant, PacifiCorp PANELISTS: Stacy Bresler | Manager, Corporate Security, PacifiCorp Jeff Bryner | IT Security, Portland General Electric Jon Stanford | Senior Information Security Officer, Bonneville Power Administration Alex Tatistcheff | Information Security Manager, Idaho Power Company In today’s post-9/11 climate, electric utilities struggle to deal with rapidly approaching compliance deadlines. Couple this with legacy control systems designed for reliability but not security, and you get long hours and competing priorities. Join us as an industry panel discusses lessons learned and strategies used to meet the elusive goals of keeping our infrastructure compliant and secure. 3:00 p.m. – 3:50 p.m. CASE-106 Wachovia, the nation’s fourth-largest bank, faces the same challenges that confront many large organizations as it relates to enforcing appropriate access to its applications and data. To meet its rigorous security and compliance requirements, Wachovia architected and deployed an enterprise entitlement management. Learn what drove Wachovia to deploy the solution, how the company implemented its vision and how you can leverage these experiences. 9:10 a.m. – 10:20 a.m. CASE-202 (S) Deploying layered Enterprise Security at Expedia Jason Robinett | Director, Enterprise Information Security, Expedia Eric Skinner | CTO, Entrust (S) The Electronic Mortgage industry: XMl, Digital Signatures and More Eric Lengvenis | Information Security Architect, Wells Fargo & Co. Expedia’s IT infrastructure supports several large-scale user constituencies including customers, employees at various subsidiaries and travel product suppliers. Security drivers include personal information protection and global regulatory compliance. Learn from Expedia’s deployment of secure remote access, identity and access management, information leak prevention and its plans for PKI. 4:10 p.m. – 5:20 p.m. CASE-107 70% of Americans own their own homes. XML digital signatures, web services and B2B are the future of the mortgage industry. Security and service-oriented architecture make the transition from paper efficient, secure and manageable. The ins and outs of the new mortgage industry will be discussed with a focus on eNotaries, eClosing, eRealEstateRecording, smart cards, HSMs, digital signatures and more. 10:40 a.m. – 11:50 a.m. CASE-203 (T2) real-World iSMS lessons Scott Erkonen | Vice President of Information Systems, Home Federal Bank Juan Martinez | Information Security, Pacific Life Insurance Co. (S) A Detailed Analysis of a Control System Cyber Event Marshall Abrams | Principal Scientist, The MITRE Corporation Joe Weiss | Managing Partner, Applied Control Solutions, LLC This session will address how to practically deal with implementation issues around ISMS (ISO 27001). The co-speakers are both experienced professionals with implementation experience and will discuss where the primary challenges arise among management system components. Practical experience from successful program buildout and certification will be shared. 5:40 p.m. – 6:30 p.m. CASE-108 This session examines an actual control system cyber event that resulted in significant damage and deaths. Timelines, control system response and control system policies will be examined. The NIST 800-53 controls will be examined to show how, if implemented, they could have prevented the event. (S) State of Michigan Secures and Saves Daniel Lohrmann | Michigan Chief Information Security Officer, State of Michigan Protecting the infrastructure and information for more than 55,000 systems and 2,000 data centers could easily put fear and loathing into the hearts and minds of many CISOs. But not Daniel Lohrmann, CISO for the State of Michigan. This session will demonstrate how he led a formidable group of seasoned experts to create a security infrastructure that has saved millions of dollars in increased productivity. 18 sEssion classification (L2) Intermediate Legal/Compliance (L3) Basic Legal/Compliance (S) Strategic (T2) Intermediate Technical See page 5 for complete level descriptions.

Table of Contents Feed for the Digital Edition of RSA Conference Brochure 2008

Table of Contents Who Should Attend & Why Keynote Speakers Agenda At-A-Glance Session Classification Special Events & Activities Connect & Network Highlights 1-Day Pre-Conference Tutorials 2-Day Pre-Conference Tutorials Tracks & Sessions Authentication Consumer Protection Business Trends & Impact Case Studies Cryptographers Deployment Strategies Developing with Security Enterprise Defense Hackers & Threats 1 Hackers & Threats 2 Identity & Access Management Industry Experts Law & Liability Policy & Government Professional Development Security-Oriented Architecture Standards Wireless Sponsor Sessions List of Exhibitors Registration Information Sponsors

For optimal viewing of this digital publication, please enable JavaScript and then refresh the page. If you would like to try to load the digital publication without using Flash Player detection, please click here.