"The Business Boundary, WHERE IS IT NOW?"
Tuesday 30th November, 2010
Ernst & Young, Majestic Centre, Willis Street, Wellington
An interactive day that gives you the knowledge to increase protection of your critical assets in a seemingly boundaryless world
NOTE: Registrations close Friday 29th November. Register now to secure your place!
ISACA, IIA, First Tuesday or ITSMF Members NZ$95 +GST,
Non-members NZ$155 +GST
- Lunch and Refreshments provided—Spot Prizes, Resource CD for all delegates
- Post event social gathering with drinks and nibbles
- Discount for Members of ISACA, IIA and ITSMF
Email enquiries to email@example.com
Programme and Schedule
08:15 a.m. Registration + Coffee
08:45 a.m. OPENING REMARKS – Paul Blowers
09:00 a.m. Law and security:
Speaker: - Michael Wigley
The law of the land when it comes to ‘Cloud Computing’ remains vague. With companies, staff, clients and information possibly all being in different countries – how do you manage the complexities of complying with local law?
09:50 a.m. Then and Now’ Input into Electronically Stored Information
Speaker: -. Jon Pearse
10:40 a.m. Break
11:10 a.m. Should Infosec people learn to love their users?
Speaker: - Richard Beach
How do people treat security in their 'personal' online interactions vs. how they think about it at work. Is there a difference? If so why? How is this evolving as boundaries shift.
Should security people treat their users more like those who run online sites such as Facebook do? Do Infosec people need to learn to love their users...?
12:00 p.m. Sponsor speaker slot – M86 – Andy Crail
01:00 p.m. KeyNote – What about Cyber crooks?
Speaker: - Paul Ducklin
The corporate cyberthreats we were worried about a few years ago are still with us. Happily, we've become better and better -- if not perfect -- at dealing with them. But as we've improved, so the crooks have moved on.
What's our best way forward if we want to do some real long-term damage to the cybercriminal economy?
Do we stick to tactical response? This has the handy side-effect of costing very little if nothing much happens, and fits nicely with popular models of "IT as a cost centre".
Or do we could take a more holistic approach in which security is part of the value of our business? This means continuous investment even when the Bad Guys aren't doing anything new.
This talk will try as hard as the presenter knows how to answer these questions once and for all.
02:00 p.m. Ensuring Confidentiality in the Cloud
Speaker: - Graeme Neilson
Confidentiality of data is a fundamental requirement for business. With the growth of 'cloud' services it is important to understand how to maintain the confidentiality and integrity of data. This talk provides a brief introduction to cryptographic concepts, discusses some approaches to maintaining data confidentiality and highlights the weaknesses of some common tools. The aim is to educate on how to assess and select the appropriate cryptographic tools to keep your data confidential.
02:50 p.m. Break
03:20 p.m. Unforgettable Hacks
Speaker: - Scott Bell
In this presentation, Scott will illustrate some of the key threats that businesses face today by sharing our experiences from some real world customer engagements. We will talk about how we have managed to gain access to systems, premises, networks and applications using a variety of techniques, across a number of organisational boundaries. These demonstrate the very real threats confronting organisations today including in the government, financial sector, insurance and utilities sectors.
04:10 p.m. CLOSING
04:30 p.m. A word from our sponsor – Check Point – Hamish Soper
04:30 ish Social Event
CPE’s – today’s education qualifies for seven (7) CPE points.
About our speakers
Paul is a computer scientist with a passionate focus on security. He has been with Sophos since 1995, and is currently Head of Technology, Asia Pacific.
Ducklin (or you can call him "Duck", since it is shorter and easier to say) is a regular and popular presenter at AusCERT and Questnet conferences.
In 2009 he received the inaugural AusCERT Director's Award for Individual Excellence in Information Security, something he doesn't mention much, except on-line, in press releases (photographs on request) and whenever he's asked to write a biography for a seminar or conference. Paul can often be spotted with half a glass of something alcoholic in his hand.
Michael is the principal of Wigley Law. He has over 25 years experience and is admitted as a solicitor both in New Zealand and in England.
His work focuses on dispute resolution, ICT, regulation/competition, sales, marketing and media. Michael is one of the few New Zealand lawyers who specialises in IT and has an extensive commercial litigation background.
He has a particular involvement in public sector procurement. Michael is president of the Technology Law Society, a member of the New Zealand Law Society's e-Commerce Law Committee, the Institute of Directors, the New Zealand Software Association, and the English Society for Computers & the Law. He frequently presents at seminars and conferences.
Jon Pearse manages the forensic technology support to the Deloitte NZ insolvency and liquidation practices. Jon’s current work involves investigation of fraud, intellectual property and trade secret theft, employee misconduct, unacceptable use of business systems and other business related disputes. With a law enforcement background in electronic forensics with the New Zealand Police as a Digital Forensic Analyst in the Electronic Crime Laboratory, Jon has also been an expert witness in both the High and District Courts. During this time he worked on hundreds of criminal cases involving, homicides, kidnapping, identity theft, frauds and many cyber crime cases.
Richard is a Security Consultant now with ANZ. Prior to this he was at NZ Inland Revenue & previously Senior Consultant at NetSafe focussing on cybersafety education.
Richard is an experienced presenter who uses humour and enthusiasm to engage his audience. His blog is at www.8thlayersecurity.com
Graeme Neilson is lead security researcher at Aura Software Security based in Wellington, New Zealand. Originally from Scotland he has 10 years of security experience. Graeme specialises in secure networks, network infrastructure, reverse engineering and cryptography. Graeme is a regular presenter at international security conferences and has spoken at conferences in Australia, Europe and the US including Black Hat.
Scott Bell is a Security Consultant at Security-Assessment. com. His specialities include Application testing, social engineering, network testing, Wi-fi and physical intrusion. Over the years, Scott has been a penetration tester for Yahoo, and in his time with Security-Assessment.com has tested majority of New Zealand’s top Financial, Government, Telecommunications and Utility companies and has a breadth of knowledge on the IT security industry. Scott has previously presented at a number of events, including the Brightstar Information and IT Security Conference in Auckland earlier this year with his presentation (and demonstration) “Client Side Security: Where to from Here”