Home Site Map Log In Contact
Hot Topics
Sponsored Webcasts
Microsoft Webcasts

Webcasts Archive

ISSA e-Symposium addressing PCI Compliance

  • December 6th

The next in our successful e-Symposia series will be focused on PCI Compliance and will be broadcast live and online on Thursday, December 6th at:

  • 9 a.m. Pacific Time
  • 10 a.m. Mountain Time
  • 11 a.m. Central Time
  • 12 noon Eastern Time
  • 5 p.m. UK Time
  • 6 p.m. Central European Time
  • 1 a.m. Singapore Time

Privacy - A Microsoft Perspective:

  • December 10th

Microsoft is pleased to invite ISSA Members to you to attend a free webcast, Privacy - A Microsoft Perspective: Monday, December 10th at:

  • 9 a.m. Pacific Time
  • 10 a.m. Mountain Time
  • 11 a.m. Central Time
  • 12 noon Eastern Time
  • 5 p.m. UK Time
  • 6 p.m. Central European Time
  • 1 a.m. Singapore Time

Privacy - A Microsoft Perspective

Microsoft is pleased to invite ISSA Members to you to attend a free webcast, Privacy - A Microsoft Perspective:

  • Monday, December 10, 2007
  • 9:00-10:00 AM (PT)

Thomas Gemmell, Director, Enterprise Privacy Solutions Strategy, Microsoft Corporation, will be coving privacy issues and answering your questions. Presentation will cover:

  • The Privacy Environment / Landscape
  • Microsoft’s Privacy operating context: TwC
  • Microsoft’s Privacy Governance
  • Microsoft’s Privacy in Software Development
  • A Technology Framework for Data Privacy and Governance
  • Data Governance Lifecycle
  • Principled Data Governance Guidance – reduce technology capability shortfalls from future requirements

Featured Speaker

Thomas P. Gemmell

Director, Enterprise Privacy Solutions Strategy, Microsoft Corporation

Tom Gemmell is Director of Enterprise Privacy Solutions Strategy in Microsoft’s Trustworthy Computing Group where he directs strategies to advance data privacy-centric policy enforcement capabilities shipped in Microsoft products. Having over 12 years with the company, he first joined Microsoft in 1988. His assignments have spanning product management, business planning, driving customer loyalty and global service quality improvement in online services to developing technology licensing strategy. Tom also spent several years as an independent corporate development advisor on the west coast. An economist by training, he holds a masters degree in business administration. Education curriculum advisor to the IT Compliance Institute (http://www.itcinstitute.com). He serves on the board of directors for CARES of Washington (http://www.caresofwa.org) a non-profit providing work-life services for the disabled.

Requirements for Attending this Event

We strongly suggest you test your computer’s configuration (https://events.livemeeting.com/LM2007test.htm) to ensure you are running the most current version of Microsoft Office Live Meeting.

When you enter the test event, you will be prompted to install and run the Office Live Meeting Client software if you have not downloaded it already. If you cancel the software installation, you will be given a link to attend the event using the Microsoft Web Access, a browser-based client.

Once entered, you should see the Office Live Meeting client with a slide that indicates your test is successful.
If you are not able to see the slides, please contact Event Support (see the section “Contact Office Live Meeting Event Support” below).

Login Details for Live Event Session

Ond December 10, perform the following actions no later than 15 minutes before the event begins.

View the Internet portion of the Event

Click the meeting URL: https://www.livemeeting.com/cc/eventsnew/join?id=msft121007td&role=attend&pw=att1034

If prompted, install and run the Office Live Meeting software (recommended) or launch the Microsoft Web Access client (for Attendees unable to install the software, as well as anyone joining using a Macintosh). It will take a few moments for the Office Live Meeting client to launch.

On the next page, please enter your e-mail and company name in their respective fields, if necessary, and click Continue.

Listen to the audio portion of the event

Once you log in to the Office Live Meeting client, you should hear the event’s streaming audio. If you do not hear the audio, please confirm that your PC speakers are on and that the volume is turned up. If you continue to experience difficulties, please contact Event Support (see “Contact Office Live Meeting Event Support” below).

Note: If you are using the Microsoft Web Access client, you will not hear the audio over your computer speakers. Please see “Back-up telephone audio” below or contact your meeting organizer to view the replay of the event.

Back-up telephone audio

If you are unable to connect to the audio through the Computer Audio, you can dial in to the audio over a traditional telephony line:

US/Canada: 1-877-505-9609
International: 503-295-8000
PIN: 9620

Contact Office Live Meeting Event Support

For technical assistance, contact Event Support at:

US/Canada toll free: (1) (800) 893-8779
International: (1) (971) 544-3222
Online: http://www.livemeeting.com/ask (Please reference “Privacy - A Microsoft Perspective” in the Subject line of the e-mail.)

Additional Information

Note: Your event experience when using the Microsoft Web Access client will be very similar to using the Windows-based Office Live Meeting Client software, but the functionality and layout of the Microsoft Web Access client is slightly different. If using the Microsoft Web Access client, you will be unable to listen to streaming audio or watch the active presenter video during the Live Meeting presentation. Contact your meeting organizer to view a replay of the event.

Thank you and enjoy the Event!

Configuring and Using the Microsoft’s Malware Removal Starter Kit

This webcast will feature an introduction and a demo using the Malware Removal Starter Kit.

A short presentation will provide an understanding of the main use scenario of the Malware Removal Starter Kit followed by a quick tutorial showing the basic steps a user will experience in creating the Malware removal CD-Rom. This Solution Accelerator from Microsoft, provides IT professionals with free, tested guidance and tool recommendations to help combat malware attacks and restore infected systems.  For complete guidance, see the Malware Removal Starter Kit page at http://go.microsoft.com/?linkId=7065527.

Presenter Frank Simorjay, CISSP, CET, is a technical program manager and security subject matter expert for Microsoft’s Solution Accelerator – Security and Compliance group. Frank is responsible for designing security solutions for Microsoft customers, which include organizations of all sizes. Formerly Frank was a senior engineer for NetIQ and for NFR Security, where he designed security solutions for enterprise networks in banking and telecommunication for more than 10 years.

Frank is an actively engaged speaker as well as a contributor to several local events such as the Puget Sound ISSA, and Secure World Exposition, of which he is a founder. He has provided security education and training to the community including teaching at the University of Washington and Seattle University. Frank has also contributed to papers and books on security. His most recent work is the Malware Removal Starter Kit on Microsoft TechNet. Frank also works to promote home and personal security and has presented a talk called “Secure your home PC for $100” to small and mid-sized non-profit organizations.

Live Meeting Webcast Link »

NOTE: you must visit the page linked above no later than 15 minutes prior to 8:00 AM Pacific Time, Tuesday, October 23, 2007, to join the Live Meeting. You must be running the latest version if Microsoft Office Live Meeting. Find out if you are, at Microsoft's Live Meeting test page.

For technical assistance with audio or other matters, please contact Event Support at:

  • US/Canada toll free: (1) (800) 893-8779
  • International: (1) (971) 544-3222

Protecting Software: 7 Key Factors in Effectively Hardening Software Applications

Software piracy is a rampant and chronic problem facing every leading software vendor today. This webinar provides a comprehensive view of the problem - and of solutions and best practices - from both business and engineering perspectives.

The Business of Software Piracy: Siphoning Billions

IDC estimates that over $40B dollars was lost to software piracy in 2006 alone, with $180B dollars in loss expected over the next five years. Many users knowingly download pirated software from a variety of sources including underground websites and peer to peer networks. Many more, however, unknowingly purchase counterfeit software. In a world made small and flat by the internet, professional pirates and pirated software marketplaces are thriving at the expense of software vendors and their extensive investments in research and development.

The Nuts and Bolts of Software Anti-Piracy

This webinar will discuss major areas of vulnerability with software today. As hacking technology expands, security technology evolves to keep pace. In the past, engineers have leveraged mechanisms like serial numbers, node-locking devices and electronic license management to help curb illegitimate use and replication of their software. However, in today’s sophisticated threatosphere, such measures alone are inadequate to safeguard software and the IP it contains. Zero day hacks, where counterfeit software is released within hours of a new software release, are rampant. How is software being hacked today?

This webinar will address 7 key factors that application hardening solutions must provide

Even as demands on the strength of application security are rising, competitive demands on application performance and seamless user experience have never been higher. How can software developers effectively and durably protect their software without negatively impacting application performance and paying customers’ satisfaction? And without impacting aggressive feature delivery schedules?

Featured Speaker:

  • Vince Arneja, Director of Product Management, Arxan Technologies Inc.

This webcast is available On Demand starting October 16th at 9:00 AM Eastern Time.

Database Auditing for Security, Compliance, and Reputation Management

Compliance with regulatory obligations such as Sarbanes Oxley, HIPAA, PCI and GLBA are forcing companies to implement segregation of duties and adopt increasingly onerous database monitoring, security, and reporting policies. Sensitive and valuable information assets and privileged users in particular, must be monitored to demonstrate the existence of detective controls while proving the efficacy of preventative controls. Database Auditing, or Activity Monitoring for Security purposes, provides a deterrent to security threats as well as reporting for detection of data privilege abuses, data breaches, and evidence for holding privileged users accountable.

This presentation discusses how "Big 4" audit firms and interpretations of compliance obligations are being translated into specific directives for database security and auditing.

Additionally, participants will learn the most common database auditing, monitoring, and reporting requirements for security and compliance - from the field. The importance of auditing Privileged User’s (Administrators, Developers, and Outsourced Teams) activity will be explored, as well as a robust discussion of security vulnerabilities in Oracle, DB2, and other databases. Discover how to detect anomalous and inappropriate behaviors. This session provides stories from the trenches and five methods for auditing data activity in a tutorial designed for security audiences. The session ends with ten important questions that security and audit professionals should be asking IT departments.

Participants may also appreciate that this presentation is not a product sales pitch, but rather 98% educational material covering database security and regulatory compliance issues, and best practices related thereto. DBI believes that a well educated professional is our best customer - people don’t know what they need to buy until they know what they need to know. If, after attending this session, a participant has further interest in learning more about DBI’s Brother-WatchDog® database auditing solution, we would be pleased to discuss this solution with you further via conference call or Webex demonstration. Learn more now at www.Database-Auditing.info.

Featured speaker:

  • Scott Hayes, President/CEO/Founder, Database-Brothers Inc.

This webcast is available On Demand starting June 14th at 9:00 AM Eastern Time.

Compliance in the Mobile Enterprise

There’s no question that workforce mobility proves its value every day. But it does have a down side: handhelds and laptops can easily be lost or stolen and security controls are inconsistent and often unenforceable. This can result in the leakage of sensitive information. Virtually every company that uses mobile devices is vulnerable.

With government regulations such as Sarbanes-Oxley, California SB1386 and HIPAA, it is imperative that organizations protect sensitive information at all times, in all places. Due to the dynamic nature of mobile environments, information outside the data center is particularly at risk to the threat of security breaches. In this session, we'll provide an overview of how the mobile enterprise is affected by current government regulations, and discuss technical controls and other considerations for becoming compliant.

This session will include detailed information about:

  • Security considerations for mobile devices, including laptops and handhelds
  • An overview of key government regulations and how they apply to mobile deployments
  • Strategies to achieve mobile compliance

Featured speaker:

  • James Wilcox, Sybase iAnywhere

This webcast is available On Demand starting April 24th at 9:00 AM Eastern Time.

Visualization Tools for Insider Threat Management

Risk managers and security professionals need to monitor a wide range and potentially threatening behaviors to identify risk-prone situations and malicious acts which might put an organization's shareholder values at risk. To manage this risk they need the means to visualize behavior and respond with appropriate policies or practices that address the threat.

Data leakage caused by careless or malicious insider acts is a growing and costly problem. To achieve behavior visibility that might indicate a data leakage situation, organizations need to analyze both network traffic and user actions at the endpoint. Organizations planning insider threats and data leakage initiatives should ask a few key questions about the solutions they may be evaluating, such as:

  • If an incident occurs, can you tell what the user is doing immediately before and after the actual incident for context?
  • Can you easily search for all of that user's other activities and easily analyze them for related behaviors or trends?
  • Can you detect users "covering their tracks" – such as changing a file name or type, or cutting and pasting data?
  • Can you detect "multi-vector" behaviors, such as screen-capturing from a custom application, dropping the result into a Word file, and sending over IM?
  • Can you view encrypted transmissions before they are encrypted?
  • Can you view incidents in a replay manner that easily differentiates legitimate activity from malicious activity?

This presentation will introduce new technologies which provide a video-like replay of suspected incidents. Through this recording, investigators gain insights and actionable information for remediation. Join this webcast, and understand how this technology works and will help you to address the insider threats that lead to data leakage in your organization.

Featured speaker:

  • Tom Bennett, Vice President of Marketing for Oakley Networks

This webcast is available On Demand starting March 14th at 9:00 AM Eastern Time.

Identity Life-Cycle Management: Automating Procedures to Mitigate Security Incidents

With ever growing population of users and the need to access a myriad of applications, organizations are constantly under pressure not only to provide user satisfaction but more importantly to comply with security regulations such as the Sarbanes-Oxley Act. Organizations are finding that identity management solutions demystify the complexity associated with appropriately tracking and accounting for user authentication across systems. Furthermore, they are finding that these same solutions enable them to realize cost savings, improve user experience, and increase overall operational efficiency of corporate policies.

This webcast will discuss why organizations are shifting towards automated user privilege processes for their employees, partners and customers, and how such solutions can secure the corporate assets and comply with regulatory standards. Additionally, when faced with such challenges, case studies will show how organizations have deployed and benefited from solutions offered by identity management platforms.

You will leave this webcast understanding:

  • How operational efficiency can be achieved by automating the user privileges
  • How enterprises can benefit from successful deployment of IAM technologies and solutions
  • How ROI can be realized while improving user satisfaction and conforming to regulatory standards
  • How security can be increased through the standardization of user roles

Featured speaker:

  • Marc Potter, Area Director for the CA eTrust Security Business Unit

This webcast is available On Demand starting February 15 at 9:00 AM Eastern Time.

Security Controls to Ensure Compliance - The Next Phase: Controls Automation & Monitoring

Regulatory compliance seems to fall on Security and IT executives. But, if documenting processes, implementing controls, auditing and reporting are the only things that come to mind when you think of regulatory compliance, you're missing the ultimate benefit of compliance: Improved Business Performance.

How can your organization turn its security compliance environment into a cost-effective, sustainable program that improves business performance?

This session will explain how to leverage your technology investments to achieve sustainable compliance processes and controls. It will discuss the ways Identity and Access Management drives regulatory compliance by managing and automating the business procedures supporting a myriad of capabilities, including user / role provisioning, password management, and access management to proprietary and confidential data / resources.

In this session, you will learn:

  • The top 10 IT-related design control deficiencies
  • Key security tools and solutions that drive compliance
  • The evolution of compliance controls
  • The key to successful compliance automation
  • A company that achieved the ultimate goal of compliance: Improved Business Performance

Featured speakers:

  • Deborah Golden, Principal, Deloitte & Touche LLP, Security & Privacy Services
  • Sumner Blount, Director, CA Security Management Solutions

This webcast is available On Demand starting January 23at 9:00 AM Eastern Time.

What is Deep Network Forensics?

There are many tools in the arsenal of security investigators that provide well-known and established practices. Such tools tend to provide analyses that are limited to static points in time and crafty attackers know methods for hiding their tracks to hinder investigations. In this talk we present the case for deep network forensics (DNF) – the process of capturing all network activity for post-event analysis. DNF provides a complementary technology in the arsenal of incident handlers that may prove indispensible for tracking network based attacks and crimes. With DNF the dynamic nature of incidents can be tracked and analyzed. In this presentation the need for DNF is established and the basic and advanced requirements for DNF are laid out. We also present some case studies where the application of DNF proved essential to resolving the investigations.

Featured speakers:

  • Darryle Merlette, NIKSUN, Inc.
  • Meryl Robin, NIKSUN, Inc.

This webcast is available on demand starting January 18th at 9:00 AM Eastern Time.

Stopping Data Leakage in a Networked Environment

Organizations today are completely dependent on their digital assets—customer lists, product designs, source code, and other proprietary information are the essence of producing and providing goods and services in today’s economy. While today’s networked environment has enhanced productivity and flexibility it has also contributed to a loss of control, putting valuable intellectual property and personally identifiable information (PII) at risk.

Unfortunately, data leakage, or extrusions, of proprietary information by an accidental disclosure, a malicious insider or external hacker, can have intensely negative market, brand, legal, operational, and financial consequences to an organization. As the number of extrusions continues to rise, pressure from customers and regulators is mounting to mitigate these risks and to protect digital assets.

In this webinar, David Kim, President and Chief Security officer, Security Evolutions, Inc. and David Etue, Senior Security Strategist & VP of Product Management, Fidelis Security Systems, will discuss industry trends and present an overview of how to protect your digital assets in a way that fits within your enterprise architecture and business processes.

The webinar will cover important considerations when choosing a solution including:

  • Drivers for Protecting Enterprise Data
  • Regulatory
  • Best practices
  • Trends in content security
  • Detection and prevention deployment scenarios
  • Business cases for prevention today

Featured speakers:

  • David Kim, President and Chief Security officer, Security Evolutions, Inc.
  • David Etue, Vice President of Product Management, Fidelis Security Systems

This webcast is available On Demand starting December 5th at 9:00 AM Eastern Time.

Best Practices for Deploying Information Protection Solutions & Managing Risks to Privacy Data & IP Assets

Protecting information assets, including privacy data and intellectual property (IP) assets, is a critical challenge facing every organization today, including large F1000 enterprises, educational institutions and government agencies.

Industry analyst Gartner estimates that nearly 70% of all security incidents that result in financial loss come from within. And with over 10 million individuals the victims of identity theft each year according to the U.S. Federal Trade Commission, the consequences of privacy data leaks can be enormous. Furthermore, industry regulations, such as Health Insurance Portability & Accountability Act (HIPAA), Gramm-Leach Bliley Act (GLBA) and Payment Card Industry (PCI), outline specific procedures for the handling of sensitive records which can impose serious financial penalties (or even the risk of jail time) on organizations that fail to be in compliance.

This educational webinar will focus on the growing challenges around protecting critical information assets ranging from privacy data such as Social Security numbers and credit card info to more complex IP assets such a confidential research, secret recipes and engineering designs. With a guest speaker from The George Washington University, this webinar will cover the specific requirements and technical approaches customers are using today, as well as provide recommendations for organizations considering adding information protection solutions to their IT infrastructure in the future.

Featured speakers:

  • Gary Golomb, Computer Security & Forensics Engineer at The George Washington University
  • Jeff Brainard, Director of Marketing at Reconnex

This webcast is available On Demand starting November 16th at 9:00 AM Eastern Time.

ESSO and Strong Authentication for Secure Access

How secure are your applications and networks? For many organizations, the answer to that question is, “Not nearly enough.” That’s why more and more organizations of all types and sizes have begun deploying single sign-on (SSO) solutions. SSO has emerged as an easy, smart and affordable way for organizations of all types and sizes to strengthen IT security while improving user productivity. With SSO solutions, users need only one password or form of strong authentication to access their applications, allowing administrators to easily implement more secure password policies.

And with the advent of more stringent government regulations, organizations are seeking ways to further strengthen IT security by incorporating stronger passwords and adding another form of authentication, such as a security card, token or biometrics. The idea behind implementing an additional security factor beyond a password is that it provides strong authentication, so that each computer in an organization has stronger protection against entry by unauthorized users.

Attend this presentation to learn about implementing SSO and additional security factors that go beyond a password to provide strong authentication.

Featured speaker is Gregg LaRoche, of Imprivata, Inc.

This webcast is available On Demand starting October 26th at 9:00 AM (ET).

Outsource Labor, Not Sensitive Data: Best Practices for Securing Your Network while Offshoring and Outsourcing

Several high profile incidents have called attention to the risk of opening your network to offshore workers or outsourced teams. Recently, in a “sting” operation conducted by a British television station, several agents were offered customer data by employees of outsourcing companies. Can an enterprise safely outsource IT, development, or business process projects without the risk of compromising critical data? While offshore companies offers highly efficient labor pools, the turnover and anonymity of outsourced and offshore teams can leave the parent company unsure of who is accessing what on their network. And in this age of increased enterprise collaboration, companies have a business need to open up their networks to suppliers, partners, and customers. This free webinar will explore the risks associated with extending access to outsourced/offshore teams and other 3rd parties, and the best practices for tightly controlling who can access sensitive corporate data.

Attendees will learn how real world enterprises are taking steps today to lock down critical assets while enjoying the economic benefits of a global labor marketplace.

  • Best practices covered include:
  • How to use identity to define, enforce and monitor access policy
  • How to protect critical assets from all unauthorized access
  • How to check, quarantine, and remediate suspicious devices before they gain access
  • How to control behavior of users once they are admitted to the corporate network
  • How to log and audit the activity of each user, and the activity on each resource

Featured speaker: Sanjay Uppal, CEO Caymas Systems

This webcast is available On Demand starting October 24, 2006 11:00 AM (Pacific Time).

Best Practices for Building a Security Operations Center: Untangling the Mess Created by Multiple Security Solutions

It's tough to keep your corporate infrastructure safe and secure when you're flooded with an ever-changing onslaught of daily threats and warnings from your security and enterprise systems. Every morning brings new alarms from various security sources. What's important and what's not? How do you categorize and prioritize threats? Many organizations have created Security Operations Centers to handle these challenges.

Attend this free and interactive eSeminar, and explore the requirements and best practices for a Security Operations Center (SOC). During this event, you'll be able to ask questions and get prompt replies. You'll have access to reference material and more information you can use. You will leave this eSeminar understanding:

  • What a Security Operations Center does, and its relationship to the Network Operations Center
  • The top seven business and technical requirements for a successful Security Operations Center
  • The power of consolidating and correlating security information across the enterprise
  • How a Security Operations Center untangles the mess created by multiple security point solutions
  • How a Security Operations Center reduces security compliance costs

Featured Speakers

Michael Nickle, Solution Manager, CA Technology Services, Security Information Management - CA
Sam Curry, Vice President, Product Management, Security Management - CA

This webcast is available On Demand starting September 27, 2006 8:00 AM (ET).

The Future of Integrated Threat Management

The top 2 security concerns cited by enterprises in a recent IDC survey were malicious code (trojans, viruses, worms) and spyware. Not only do these increase the risk of data theft and business interruption, but they dramatically increase help desk and other operational costs.

The potential for copious ill-gotten monetary gains has driven a convergence of the bad guys to develop increasingly sophisticated attacks. To effectively combat these growing threats, IT security professionals are demanding integrated multi-layered solutions with strong management capabilities that will simplify their IT management. In this webcast you will:

  • Understand the baseline of the threat management environment
  • Learn the challenges with managing multiple solutions in an increasingly complex threat environment
  • Hear about integrated threat management solutions and benefits

This webcast is available On Demand starting September 13, 2006 8:00 AM (ET).

Building an Identity and Access Management Program that Protects Core Business Assets

You don't have to lock down your business in order to prevent unauthorized access. Identity and Access Management (IAM) solutions allow you to identify and manage risk enterprise-wide while remaining productive and secure.

Join this live, interactive eSeminar sponsored by CA. During this 45-minute event, leading strategists and industry analysts from The Strategic Council and CA will provide key insights into asset protection in today's ever-changing business environment. Specifically, you'll hear:

  • An overview of identity and access management business drivers and best practices from a Vice President, Principal Architect of CA's Worldwide Security Practice to help you map out your own IAM approach
  • A view into your peers' experiences with top-line results from The Strategic Counsel's recently conducted survey, including Security Challenges and Costs, Critical Factors in IAM Solution Choice, Most Important Area for Security Spending and more
  • A preview of CA's IAM solutions for asset protection

Register today to see how CA security solutions can help unify and simplify your security risk management.

This webcast is available On Demand starting Aug 28, 2006 10:00 AM (ET).

Automating Firewall Audit

Sponsored by Skybox Security Presented by Jason Yuan, Director of Product Marketing, Skybox Security

The manual process of auditing your firewalls is a very subjective and laborious process which is dependent on the user's skill set and experience. In this session you will hear how Skybox Assure can automatically and non-intrusively audit your firewall controls and rules and compare them to your internal policies or industry best practice standards such as NIST 800-41. Within minutes you can uncover rules that cause security holes and digest guidance as to how to close them.

Skybox Assure flags rule errors that would otherwise go unnoticed and exposes risks hidden deep within the corporate firewall policy.

Jason Yuan

Speaker: Jason Yuan, Director, Product Marketing. Jason Yuan has over twelve years of experience in networking and security. Prior to join Skybox, Mr. Yuan spent six years at Check Point managing product marketing for VPN-1 and Firewall-1. For a few years, he ran a security team to protect the largest temporary tradeshow production network during Networld Interop, using layers of firewalls and IDS. His experience also includes product management for a VPN company and a systems engineering position for Intel. Mr. Yuan holds an MBA from Santa Clara University, and Electrical Engineering from UCLA.

This Webcast is available On Demand (Starting 9am EDT, July 27, 2006)

The Intelligent Enterprise – Closing the Zero-Hour Gap on Inbound and Outbound Attacks

Sponsored by Proofpoint Inc.
Presented by Rami Habal, Proofpoint

Zero-day vulnerabilities have traditionally been about virus and computer worm exploits. However, in this age of more sophisticated threats, the zero-hour gap includes a range of inbound and outbound threats that can cost your enterprise money and cause severe damage to your networks. The intelligent enterprise can protect itself by anticipating and eliminating these threats before they cause damage.

In this web seminar “The Intelligent Enterprise – Closing the Zero-Hour Gap on Inbound and Outbound Attacks”, Proofpoint product expert Rami Habal will discuss zero-hour threats as they relate to an organization’s messaging security infrastructure including viruses, spam and content security.

In this webinar you will learn about:

  • The emergence and range of inbound and outbound threats that exploit the zero-hour gap.
  • Today’s tools for attackers and negligent employees.
  • How to anticipate threats and minimize your exposure during the zero-hour gap.
  • Actual, recent outbreaks and how zero-hour protection eliminated these threats.
  • How to complement your existing multi-layer defense and your lockdown policies.

Speaker Bio

Rami Habal is Senior Product Manager at Proofpoint, where he is responsible for Proofpoint’s flagship messaging security solution, the Proofpoint Protection Server and works closely with the Proofpoint Anti-Spam Research Lab. Prior to Proofpoint, Rami worked at Mohr Davidow Ventures, Cisco Systems, Hughes Electronics, and several startups. He holds a BSEE from UVa. He also holds master’s degrees in Business and Public Administration from MIT and Harvard, respectively.

This Webcast is available On Demand (Starting 9AM EDT, April 20, 2006).

Controlling the Cost of IT Compliance: Best Practices in Multi-Regulatory Compliance Management

Sponsored By: Scalable Software, LLC
Presented By: Patrick McBride, Vice President of Compliance Solutions, Scaleable Systems & Colleen Murphy, Director of Compliance Solutions Delivery, Scaleable Systems

The cost of complying with SOX is sapping millions from the typical IT budget, with no relief in sight. And for IT organizations in sectors facing multiple regulatory mandates and standards such as financial services (SOX / GLBA / HIPAA), energy and utilities (SOX / NERC) and health care (SOX / HIPAA), IT organizations and security teams are rapidly becoming overwhelmed. Learn how forward thinking companies are 'killing two birds with one stone' by creating rationalized control frameworks and automating the IT compliance life cycle, enabling them to eliminate the cost and effort associated with redundant and duplicative IT compliance projects.

Learn best practices and approaches for developing a comprehensive compliance and security management program that will help ensure IT compliance eliminate unnecessary and redundant efforts. Learn how to:

  • Create and document a rationalized control framework applicable across multiple regulatory mandates and standards
  • Document the policy and control environment while ensuring awareness
  • Automate key compliance management and testing processes
  • Cost-effectively manage the complete IT compliance lifecycle from understanding mandates to documenting audit evidence

This Webcast is available On Demand (Starting 9AM EDT, April 6, 2006).

Building a Secure LAN

Sponsored by ConSentry Networks
Presented by Lloyd Hession, BT Radianz&Michelle McLean, ConSentry Networks

This webcast features Lloyd Hession, CISO of BT Radianz, discussing his LAN security issues and his recommendations for best practices. He’ll discuss his tips for deploying NAC (Network Admission Control), gaining LAN visibility, applying access controls to users, and protecting the business from threats such as worms. He’ll also discuss a LAN security platform that he’s successfully deployed.

Lloyd Hession

Lloyd Hession is BT Radianz’s chief security officer, responsible for the security of the company’s network. Prior to joining Radianz, he worked as a managing director at Giga Information Group and as chief architect of Internet Security at IBM. He is an internationally recognized security expert whose pragmatic advice and industry insight is often sought by government agencies, investors and the media.

Michelle McLean

Michelle McLean brings 15 years of networking market experience to ConSentry Networks, where she is senior director of product marketing for ConSentry Networks. Prior to ConSentry she held director of product marketing positions at Peribit Networks and Trapeze Networks, and prior to that, she was director of strategic marketing at Pluris. She previously served as program director at the research firm META Group, providing technology and strategy direction to global 2000 enterprise clients. Before that, she tracked technical developments, networking trends, and vendor strategies for two leading networking publications, LAN Times and LAN Magazine, now IT Architect. Michelle holds a BA in English from the University of California at Berkeley.

This Webcast is available On Demand (Starting 9am EDT, March 9, 2006) .