- Log In
- Renew Online
- Discount Programs
- Membership Card
- Webcasts
- Member Search
- Your Profile
- Support Materials
- ISSA Journal
- E-News
- Volunteer Committees
Upcoming Live Webcasts
May 20th - 9:00AM - 10:00 AM PST
Microsoft's Security Intelligence Report - How to keep up with Security trends and futures.
Sponsor: Microsoft
Current On-demand Webcasts
April 29th, 2008
What Hackers Know about Critical Infrastructure Systems that You Don't
Sponsored by: Secure Computing
Learn how our critical infrastructure systems are in jeopardy from both inside and outside attacks. We will discuss how a trusted security model can protect critical systems from interconnections to IT systems and the rest of the world.
Elan Winkler
Director of Solutions, Secure Computing Corporation
Elan Winkler is director of Solutions for Secure Computing Corporation. In this role, she is responsible for multi-product initiatives across a broad spectrum of security-related topics.
Winkler is a security veteran, with extensive (19 years) experience in desktop, gateway, email, encryption and Web security. She has held senior positions at several security technology companies, including MCI Telecommunications, Entrust, Sigaba, Finjan and GreenBorder. Elan was responsible for product launches and vertical industry marketing for the finance, retail/grocery, healthcare, and oil/gas sectors.
Elan is a member of Women in Telecommunications and the Silicon Valley Product Management Association. She is a frequent speaker at industry and technical conferences worldwide.
Click here to view: http://www.talkpoint.com/viewer/starthere.asp?Pres=121477
April 22nd, 2008
Information Security and Privacy Convergence
Sponsored By: SAI Global
Webcast Description:
The worlds of compliance, risk management, information security and privacy seem to be coming closer together. In fact, conversation about the convergence of Information Security and Privacy, in particular, has dominated Web sites, trade shows, conferences and journal articles over the last year. Does this convergence truly exist, and, if so, what kind of overlap have we already seen in the workplace? If convergence is happening, is collaboration between the two areas really necessary, or is it simply a trend unto itself? And just as importantly, what are the implications for information security and privacy professionals during and after the convergence?
The role of governance is influencing the convergence discussion since, similar to other risk management discussions, governance has moved from the back to the front burner. Managers at top and middle levels frequently recognize that collaboration between the two areas is required to improve business process and organizational efficiency as well as reduce business risk. Yet the collaboration tools and techniques are often not in place to allow organizations to most effectively enable the cooperation they desire.
This Webcast will highlight the latest trends in information security and privacy and talk about the general area of convergence as well as the role that legislation plays in the convergence discussion. Specific examples where the areas come together in legislation will be discussed and recent cases highlighted.
Learn how information security and privacy collaboration can improve your business and the types of overlap that should be considered.
Speaker: Rebecca Herold, CIPP, CISSP, CISM, CISA, FLMI
"The Privacy Professor ™ "
Rebecca Herold is an information privacy, security and compliance consultant, author and instructor who has provided information security, privacy and compliance services to organizations in a wide range of industries throughout the world for over 17 years.
In October, 2007, Rebecca was named one of the "Best Privacy Advisers" in two of three categories by Computerworld magazine. Rebecca was also named one of the "Top 59 Influencers in IT Security" for 2007 by IT Security magazine.
Rebecca assists organizations of all sizes and industries, including those in the Fortune 100, with their information privacy, security and regulatory compliance programs, content development, and strategy development and implementation. She offers a range of standard and customized one and two-day workshops including one addressing how individuals across disciplines can work together to most effectively assure privacy and regulatory compliance while efficiently implementing security controls.
Rebecca is working on her 11th book, writes multiple monthly columns and also creates the quarterly "Protecting Information" multi-media information security and privacy awareness subscription news source (http://www.informationshield.com/protectinginformation.html). She also serves as an Adjunct Professor for the Norwich University Master of Science in Information Assurance (MSIA) program.
To join this webcast please click here:
http://www.talkpoint.com/viewer/starthere.asp?Pres=121404
April 3rd, 2008
ISSA eSymposium on Identity Management - User Provisioning
Please join ISSA for this recorded version of the popular eSymposium series, first broadcasted on April 3rd.
Listen to industry experts such as Dan Geer, Merritt Maxim, Diana Kelley, and Avinash Rajeev. For more details and to register for this FREE online conference, click here: http://issa.brighttalk.com
March 25th, 2008
PCI DSS - Your Stepping Stone to a Trusted Security Model
Date & Time of Event: March 25th, 2008
Sponsor: Secure Computing www.securecomputing.com
In this informative session, listeners will be provided with a status of the current adoption of the PCI standard.
In addition, Ms. Winkler will discuss how to use PCI as a stepping stone to create a culture of compliance - one that's built on a trusted security model. This trusted security model enables enterprises to protect their data, their people and their infrastructure with easy to deploy and manage technology.
Speakers
Elan Winkler
Director of Solutions, Secure Computing Corporation
In this role, she is responsible for multi-product initiatives across a broad spectrum of security-related topics.
Winkler is a security veteran, with extensive (19 years) experience in desktop, gateway, email, encryption and Web security. She has held senior positions at several security technology companies, including MCI Telecommunications, Entrust, Sigaba, Finjan and GreenBorder. Elan was responsible for product launches and vertical industry marketing for the finance, retail/grocery, healthcare, and oil/gas sectors.
Elan is a member of Women in Telecommunications and the Silicon Valley Product Management Association. She is a frequent speaker at industry and technical conferences worldwide.
March 18th, 2008
Security Threats to Mobile Deployments
Date & Time of Event: Tuesday, March 18th, 2008
Sponsor: Sybase iAnywhere
Companies and public sector bodies alike are at risk from unauthorized access and the loss of valuable corporate and personal data. Recent events in the news have highlighted just how real this risk is. Achieving confidentiality of data through encryption is straightforward. The challenge that organizations face is how to strike the right balance between confidentiality, integrity and availability, particularly when data is exchanged between partner organizations, and data is stored on mobile devices that reside outside the glass house of security. Technology is available to secure data, but processes also need to be in place to ensure compliance and enable access to the encrypted information. In this session, you'll learn what strategies to use to protect your organization against the repercussions of lost or stolen devices.
Speakers:
Mark Wright
Senior Systems Consultant
Sybase iAnywhere
Mark Wright offers more than a decade of experience in mobile communications and technology. In his current role as a Senior Systems Consultant at Sybase iAnywhere, Mark evangelizes the importance of mobile management and security, and assists customers with product evaluations and technical questions. Mark is a subject matter expert in security, application enablement and device management. Mark came into the organization through the acquisition of Extended Systems where he held positions as Lead Support Engineer and Professional Services Developer for Mobile Groupware and Embedded Bluetooth Development. Mark holds a Bachelor degree in Computer Science from Boise State University where he specialized in Beowulf Clustering. Mark is a member of the Boise ISSA chapter.
February 12, 2008
Data Breaches and the Insider Threat: What to Do?
Sponsor: Code Green Networks
Organizations today have multi-layered defenses to defend against threats originating from outside the corporate network. Unfortunately, the majority of security breaches making headlines today involve information assets, customer data or personal information that has been leaked as a result of an insider's actions – either accidental or malicious. After all, within most organizations lie computer and social networks of surprising complexities and inefficiencies. The challenge of securing the dynamic environment within an enterprise is at the heart of the prevalence of insider threats. This Webcast surveys recent publicly-announced data breaches tied to malicious or inadvertent actions of a person within the company. It identifies the key weaknesses in the security controls that have allowed the incident to occur, and presents a high-level framework for mitigating the risk of such breaches.
Featured Speakers
- Lenny Zeltser, Senior Security Consultant and Author
- Brian Czarny, Vice President Marketing, Code Green Networks
A distinguished figure in the security industry, Lenny Zeltser leads the New York security consulting team at SAVVIS, a premier provider of IT infrastructure services. He is also a member of the Board of Directors at SANS Technology Institute, a senior faculty member at SANS, and an incident handler at the Internet Storm Center. Lenny co-authored a number of books, including Inside Network Perimeter Security and Malware: Fighting Malicious Code. He also contributed articles to publications such as the Information Security magazine, and presented to IT executives at conferences and private summits. In addition to holding the CISSP certification, Lenny is one of the few individuals in the world who have earned the highly-regarded GIAC Security Expert (GSE) designation.
Brian Czarny, the Vice President of Marketing at Code Green Networks, has more than 12 years experience building technology brands and has been regularly quoted as an industry expert on a range of security and messaging topics in media and broadcast outlets around the world including The New York Times, Wall Street Journal, Business Week, Information Week, eWeek, CNN, ABC 20/20, and CNBC.
January 15, 2008
Security for a Web 2.0 World
Sponsor: Blue Coat http://www.bluecoat.com
Web 2.0 opens the door for small scale, short duration attacks aimed at specific organizations. Learn how these attacks function and mitigation steps to protect your organization. IT organizations are facing increased complexity in the Web 2.0 world where employees expect collaborative information sharing and just in time delivery of content. A new set of criteria for web gateway security is required, and solutions must scale to enterprise levels, deliver zero-hour protection with dynamic ratings, and allow blended threat protection upon a high performance architecture, often with hardware acceleration.
Learn how to protect your organization from emerging Web 2.0 threats hidden in collaborative content, here-and-gone phishing sites, and unproductive web surfing. Every employee click in a client browser can open a doorway into your enterprise network, and backdoor activities often fly below network radar monitoring tools. Yesterday's static tools of URL filter lists, anti-virus signature files, and overt blocking methods no longer provide complete web security, and often impact network performance.
The Web 2.0 environment consists of two-way content, making the web an application platform. These rich interactive applications increase the chance of malware infection. And given that most organizations are using URL filtering lists as their primary web filter, they stand unprepared for malware threats, outbound data loss, and unmonitored areas that include SSL, IM, P2P and streaming media. Make your organization's migration into the Web 2.0 world a secure and scalable solution by attending this ISSA webinar.
Featured Speaker
Tom Clare, Senior Product Marketing Manager
Tom has driven marketing projects at Blue Coat since its entry into the Secure Web Gateway (SWG) market and is currently responsible for ProxySG related marketing projects. Prior to Blue Coat, Tom held product marketing and product management positions with Check Point Software Technologies, Qualys and McAfee. His security career began with a federal firewall project in the mid-90s and has since encompassed firewall, VPN, encryption, intrusion detection, risk-assessment, anti-virus and proxy solutions. He enjoys speaking and educating on new technologies and trends, often with a sense of humor. Tom holds a BS in Computer Science from Central Michigan University and an MBA from the University of Texas.
December 6, 2007
Now available: Archived reversions of all the 2007 ISSA e-Symposia .
These sessions take an in-depth look at issues such as: IT Governance, PCI Compliance, and Emerging Threats. Link to http://www.issa.e-symposium.com your access to these events.
November 6, 2007
Seven Requirements for Web 2.0 Threat Prevention
Attendees to this webinar will be presented with the results of new independent research on enterprise use of Web 2.0 applications. We will describe the new security threats use of Web 2.0 exposes the enterprise to and we will review the adequacy of security protections in place within the enterprise. Finally we will propose a set of seven requirements that enterprises should design their security infrastructures around that will provide them proper network security in today's rapidly evolving Web 2.0 world.
Tim Roddy, Director of Web Gateway Security, Secure Computing As director of product marketing, Mr. Roddy is responsible for Secure Computing's Web Gateway Security product line. He is a frequent expert speaker at numerous industry events on topics of web security and risks related to Web 2.0 adoption, malware, encrypted web use and data leakage. Prior to joining Secure Computing, Tim was director of product marketing for Stellent, an enterprise content management software vendor, Tim has over 19 years of product and engineering experience at firms such as Stellent, Alliance Data, CyberCash and General Dynamics. Mr. Roddy earned an MBA from the Anderson School at UCLA and BS and MS degrees in Mechanical Engineering from the University of California, Berkeley.
Past On-demand Webcasts
October 23, 2007
Configuring and Using the Microsoft's Malware Removal Starter Kit
October 16, 2007
Protecting Software: 7 Key Factors in Effectively Hardening Software Applications
June 14, 2007
Database Auditing for Security, Compliance, and Reputation Management
April 24, 2007
Compliance in the Mobile Enterprise
Sponsored By: Sybase iAnywhere.
March 14, 2007
Visualization Tools for Insider Threat Management
Sponsored By: Oakley Networks.
February 15, 2007
Identity Life-Cycle Management: Automating Procedures to Mitigate Security Incidents
Sponsored By: CA Security Management Solutions.
Jan 23, 2007
Security Controls to Ensure Compliance - The Next Phase: Controls Automation & Monitoring
Sponsored By: CA Security Management Solutions.
Jan 18, 2007
What is Deep Network Forensics?
Sponsored By: NIKSUN, Inc.
Dec 5, 2006
Stopping Data Leakage in a Networked Environment
Sponsored By: Fidelis Security Systems
Nov 16, 2006
Best Practices for Deploying Information Protection Solutions &
Managing Risks to Privacy Data & IP Assets
Sponsored By: Reconnex
Oct 26, 2006
ESSO and Strong Authentication for Secure Access
Sponsored By: Imprivata, Inc.
Oct 24, 2006
Outsource Labor, Not Sensitive Data: Best Practices for Securing
Your Network while Offshoring and Outsourcing
Sponsored By: Caymas Systems, Inc.
Sep 27, 2006
Best Practices for Building a Security Operations Center: Untangling
the Mess Created by Multiple Security Solutions
Sponsored By: CA, Inc.
Sep 13, 2006
The Future of Integrated Threat Management
Sponsored By: CA, Inc.
August 28, 2006
Building an Identity and Access Management Program that
Protects Core Business Assets
Sponsored By: CA, Inc.
July 27, 2006
Automating Firewall Audit
Presented By: Jason Yuan, Skybox Security
Sponsored By: Skybox Security
June 22, 2006
No Phishing Allowed - Best practices to safeguard your organization
Presented By: Bethany Mayer - Mirapoint, & Peter Firstbrook,
Research Director, Gartner
Sponsored By: Mirapoint
April 20, 2006
The Intelligent Enterprise: Closing the Zero-Hour Gap on Inbound
and Outbound Attacks
Presented By: Rami Habal, Proofpoint
Sponsored By: Proofpoint Inc.
April 6, 2006
Controlling the Cost of IT Compliance: Best Practices in Multi-Regulatory
Compliance Management
Presented By: Patrick McBride, Vice President of Compliance Solutions,
Colleen Murphy, Director of Compliance Solutions Delivery,
Scaleable Systems
Sponsored By: Scaleable Systems, LLC
March 9, 2006
Building A Secure LAN
Presented By: Lloyd Hession, BT Radianz & Michelle McLean, ConSentry
Networks
Sponsored By: ConSentry Networks
February 16, 2006
Managing Multiple Regulations: Take the Fast Track from
Complexity to Compliance
Presented By: David E. Smith, Symantec Corporation
Sponsored By: Symantec Corporation
January 7, 2006
Email Security Strategies - What to Plan for in 2006
Presented By: Arabella Hallawell, Gartner Research & Bethany
Mayer, Mirapoint
Sponsored By: Mirapoint
December 15, 2005
Security Convergence: Current Corporate Practices &
Future Trends
Presented By: Various
Sponsored By: ISSA, ASIS, ISACA
December 15, 2005
Look Before You Change – Eliminating Human Error
in Firewall Changes with Modeling and Access Simulation Presentation
Presented By: Ed Cooper, Skybox Security
Sponsored By: Skybox Security
December 1, 2005
Selling Log Management to Management
Presented By: Sandy Hawke, CISSP and Senior Technical Product Marketing
Manager
Sponsored By: SenSage
November 17, 2005
How to Write an Effective RFP for Data Loss Prevention
and Secure Messaging
Presented By: Maureen Kelly of Vontu and Doug McLean of PGP Corporation
Sponsored By: Vontu
October 20th, 2005
Mitigating Risk: Effective Solutions for Data Security
and Compliance
Presented By: Arun Gowda of LogLogic, Inc. & Raj Dhingra of PortAuthority
Technologies
Sponsored By: LogLogic, Inc. & PortAuthority Technologies
October 4, 2005
Emerging Threats: Stop Spam, Virus, and Phishing Outbreaks
through End-to-End Attack Monitoring
Presented By: Andy Klein of MailFrontier
Sponsored By: MailFrontier
September 29, 2005
Network Change Management Assurance - Eliminating the
Trial and Error Process
Presented By: Ed Cooper, Skybox Security
Sponsored By: Skybox Security
September 27, 2005
HIPAA Demystified – Everything you need to know
to build a secure messaging infrastructure
Presented By: Maurene Caplan Grey, Grey Consulting and Craig Carpenter,
Mirapoint
Sponsored By: Mirapoint
September 27, 2005
You Don't Need PKI to Secure Email: The Promise of Identity
Based Encryption
Presented By: Guido Appenzeller, Co-founder and CTO, Voltage Security,
Inc.
Sponsored By: Voltage security, Inc.
September 15, 2005
Solving the Password Problem: An Overview of USB Authentication
Presented By: Dan Pfeifle, Sr. Director, Aladdin eToken – Aladdin North
America
Sponsored by: Aladdin Knowledge Systems
September 6, 2005
Compliance: The Event Log Analysis and Retention Dilemma
Presented By: Scott Gordon, CISSP, ISMP, Vice President, Marketing
Sponsored by: SenSage, Inc.
August 18, 2005
Penetration Testing: Taking the Guesswork Out of Vulnerability
Management
Sponsored by: Core Security Technologies
August 16, 2005
Fixing Email
Sponsored by: IronPort Systems
August 16, 2005
ISSA Webcast “Security War Games for Business
- Automating the Risk Assessment and Mitigation Planning Process”
Presented by Ed Cooper, Skybox Security
Sponsored by Skybox Security
August 11, 2005
Request For Success: How To Write An Effective RFP For Secure
Messaging
Sponsored by: PGP Corporation
Presented by: ISSA VP Jim Reavis, Doug McLean of PGP Corporation & John
Ore of Sendmail Inc.
August 4, 2005
True Intrusion Prevention - Protecting Against All Threats,
From All Vectors, At All Times
Sponsored by: Sourcefire
Presented by: Martin Roesch, Founder, Sourcefire
July 21, 2005
The Spyware Epidemic: Dealing with “Legal”
Malicious Code
Sponsored by: Aladdin Knowledge Systems
Ofer Elzam, CISSP, eSafe Product Manager, Aladdin Knowledge Systems
July 7, 2005
Vulnerability Audit - Why a Vulnerability Scan is Not
Enough
Sponsored by: Pedestal Software - An Altiris Company