Reboot Communications Limited HOME Reboot Communications: 'Delivering end-to-end conference management solutions. The conferences key decision makers attend'
Call for Papers Agenda Sponsors Info Speakers

11th International West Coast Security Forum
"The Threat of Cyber Crime / Cyber Terrorism"

December 1 - 2, 2008

Hyatt Regency
Vancouver, British Columbia, Canada

Notional Agenda
Last updated: November 18, 2008

* Invited

Sunday, November 30, 2008
4:00 -
7:00pm
Registration
Monday, December 1, 2008
7:00 -
8:30am
Registration
7:30am Trade Show opens
8:50 -
9:00am
WELCOME Remarks: Conference Moderator
Hein Gerber, Director - IT Advisory Services, PricewaterhouseCoopers LLP
9:00 -
10:15am
SESSION 1
Keynote Address - Winn Schwartau, President of Interpact, Inc. author of "Information Warfare", "CyberShock", "Time Based Security" and "Internet and Computer Ethics for Kids". (Introduced by CA )
10:15 -
10:30am
Morning Break
10:30 -
11:45am
SESSION 2 - Concurrent Session
  1. Executive Track - Steve Adler, Program Director, IBM Data Governance Solutions - Trust & Identity in Virtual Worlds - 3D Internet Broadband to the Brain
    Are you a Target? What are the organization's responsibilities? This presentation will explore the business opportunities and risks posed by virtual worlds and make some concrete technology and governance recommendations to enable people, businesses, and governments to take advantage of this new medium and govern its evolution.
  2. Management Track - Carole Nap, President, TradeStrat Inc. - Terrorist Use of Cyber Space
    Cyber Terrorism is real and is happening every day around us. Terrorists are using the Internet and electronic medium to attack critical infrastructure, disrupt economies, steal data and create havoc. Cyber space is the new battleground. Controls on cyber space threaten our democracy and right to free speech. Restrictions pose ethical problems for politicians and society. The public, which is generally poorly informed about the capabilities and intent of terrorists, may thwart the endeavors of policy-makers to mitigate and quickly recover from damage. Most people are not aware of the potential dangers of cyber warfare, as they don't see the immediate impact on their personal or business lives. Most damage is hidden inside data. Terrorists using the Internet are able to maintain their anonymity in a way that cannot be accomplished during other forms of communication. The discussion will also include why and how terrorists use cyberspace, current trends in cyber warfare and cyber terrorism, and mitigation actions that can be taken.
  3. Technical Track - Radware, Speaker TBC
11:45 -
1:00pm
LUNCH
Keynote Address: Kalvin Falconar, Sr., Security Solution Strategist, CA

The Lucre of CyberCrime
Gaining access to digital property can lead significant monetary rewards. Beyond the purely disruptive nature of cyber threats, there are numerous commercial opportunities for criminals. What is motivating cyber criminals to steal valuable data? What data is in demand? What is the resale value of this data? Profiling several cases will help us understand the risks and whether we have properly secured our data servers.

1:00 -
2:05pm
SESSION 3 - Concurrent Sessions
    Executive Track - Mauricio Sanchez, Chief Network Security Architect, ProCurve Networking by HP - Secrets of Network Security
    The age of innocence is over. Technologies and those using them have become more savvy and, at times, more dangerous. This session offers direction for navigating these stormy conditions by dispelling myths about and revealing secrets to network security. Myth: shrink-wrapped products and patches provide sufficient infrastructure protection. Secret: you can actually spend less to ensure your network is more secure. These and more will be exposed, with practical guidance for designing and enhancing your network with utmost protection.
  1. Management Track - Michael Legary, Founder, Seccuris Inc. - Virtually Secure: Uncovering the Risks of Virtualization
    Organizations have been quickly leveraging the benefits of virtualized platforms in their datacenters, often unknowingly increasing the exposure of their most prized assets. Michael will highlight the key concerns around virtualization technologies including the answers to questions such as are virtualized servers PCI compliant and what minimum controls must exist to protect the hypervisor? He will walk the audience through the latest technical threats and shed light on the solutions and controls available to secure your virtual environments.
  2. Technical Track - Elan Winkler, Director of Solutions, Secure Computing Corporation - How to Secure Your Critical Infrastructure From Hackers, Saboteurs & Cyber Criminals
    As someone involved with securing critical applications networks, you are well aware of the threats created by hackers, saboteurs, and cyber criminals. And you also know of industry and government regulations mandating the use of security best practices. This is why you need to ensure use of strong security defenses that protect your critical networks without sacrificing availability and functionality. This session will cover what your peers and other industry experts think of today’s state of readiness against a major cyber attack, four design requirements that will help you protect your critical networks, and how to meet and exceed Critical Infrastructure Protection (CIP) Standards adopted by FERC.
2:10 -
3:15pm
SESSION 4 - Concurrent Sessions
  1. Executive Track - David McMahon, National Security Advisor, Bell Canada - The Perfect Storm
    The Perfect Storm is developing in cyberspace. The maelstrom has already hit landfall on the outermost reaches of the critical information infrastructures. Here, the phenomena represent a confluence of trends that cyclically reinforce the energy of the surge in the impending cyber-storm. The Canadian national information infrastructure is now decisively engaged in a cyber-war; the telecommunications and financial sectors are fighting on the front lines against trans-national crime and state-sponsored campaigns. The matrix sustains over one trillion inbound attacks a year.

    In this age, the mouse has proved mightier then the inter-continental missile to deliver multiple nuclear payloads, launched from Russia and China, as incarnated by robot networks (botnets). The strikes rain onto Canada relentlessly, inflicting 1.5 million casualties daily and the laying waste to portions of our infrastructures. Decontaminating the fall-out after one of these cyber bombs has gone off inside your organization is a costly affair. The repercussions of foreign cyber attacks against Canada are estimated at $100 Billion each year, or about six-times more costly than our entire defence budget. The only defence is a proactive one. Proactive Cyber Defence doctrine compels an enterprise to act in anticipation to oppose an attack against their computer infrastructure by interdicting and disrupting an attack pre-emptively or in self-defence. Canada is currently decisively engaged in a cyber war, and the only national defence strategy is a proactive one.

  2. Management Track - Jeff Crume, Executive IT Security Architect, IBM - More of What Hackers Don't Want You to Know
    Hacker techniques continue to evolve. Are the "good guys" keeping up? This sequel to the book entitled "What Hackers Don't Want You to Know" updates some of the more recent myths and misconceptions which pervade the IT industry and create vulnerabilities in critical infrastructures. Bluetooth hacking, Web 2.0 vulnerabilities, weaknesses in biometric technology RFID exposures and other issues will be discussed along with ways to avoid some of the pitfalls.
  3. Technical Track - Dr. Nate Kube, Co-Founder & CTO, Wurldtech Security Technologies - Technical Network Security Assessments: Understanding Your Industrial Vulnerabilities
    How can asset owners make sense of the veritable flood of security solutions and solution providers available today? There really is no question, process control environments are at risk today, and nearly every asset owner has realized the need to implement solid security solutions in their own environment. But with such a wide array of solutions available, confusing risk data, and dealing with challenging problems such an integration and protection of legacy systems, it is easy to not see the forest for the trees, leaving significant gaps in overall risk protection strategies. This presentation begins with a case study of a recent security evaluation where previous assessors missed significant technical risk to the process control environment, why they missed it, and why the latest team was successful in uncovering previously unrealized risks. It then tours through techniques used by today's competent assessors to properly enumerate, document, and then reduce risk in process control environments. Asset owners, integrators, vendors, or other service providers can all potentially benefit from this presentation that exposes why so many of today's assessment practices fail, and how to prevent this in your own environment or customer base.
3:15 -
3:30pm
AFTERNOON Break
3:30 -
4:30pm
SESSION 5 - Keynote Address
Brian Phillips, Director, Public Safety, Bell - Critical Infrastucture - An Integrated Communications System Supporting IT
The ability to integrate IT systems and emerging technologies with traditional critical infrastructure safeguards is the way forward in building critical public safety and infrastructure solutions. Both physical and logical security approaches are needed to prevent incidents and to meet changing compliance requirements. What does the industry need to do to prevent attacks on its critical infrastructure? The emphasis of this presentation is prevention and protection - NOT consequence management and response.

During this session, Brian Phillips, Director Public Safety with Bell will discuss critical infrastructure protection. Using Vancouver 2010 Olympics Games as an example, he will highlight some of the vulnerable components and threats to communications and IT infrastructures. He'll also discuss the lessons and innovations that continually emerge from the planning process and their potential value for executives in your organizations.

6:00 -
9:00pm
DINNER - Keynote Speaker: The Honourable Iain Black, Minister of Labour and Citizens' Services
Tuesday, December 2, 2008
8:30 -
9:15am
SESSION 6 - Keynote Speaker - Cornelius Tate, Director, National Cyber Security Division, U.S. Department of Homeland Security
9:20 -
10:20am
SESSION 7 - Concurrent Sessions
  1. Executive Track - Andre Brisson, VP Business Development - Founder Whitenoise Laboratories (Canada) Inc. - In Denial:Code Red
    Our lifeblood is safeguarded by the security of the networks running our critical infrastructures. The consequence of failure is Digital Winter. Dynamic Identity Verification and Authentication [DIVA] provides point-to-point secure communications through a server. 100% accurate continuous authentication, inherent intrusion detection, and automatic revocation address the deficiencies of asymmetric networks in the simplest manner. Man-in-the-Middle attacks like Silent Banker are neutralized!

    It is in the national security interest to have a ready solution for securing digital grids in a time of deepening recession, plunging Information Technology budgets, and exploding computer crime. Remote, inexpensive, electronic provisioning scales secure networks to any devices with memory and connectivity in one step.

  2. Management Track - Susan Bedwell, Assistant Director, Investigations and Response Planning, Office of the Chief Information Officer, B.C. Government - Cyber Security Incidents - WHAT'S YOUR PLAN?
    In a recent IBM survey of healthcare, financial, retail and manufacturing industries, nearly 60% of businesses believe that cyber crime is more costly to them than physical crime. 2007 research from the U.S. Cyber Consequences Unit shows that the destruction from a single wave of cyber attacks on critic Infrastructures could exceed $700 billion, the equivalent of 50 major hurricanes hitting U.S. soil at once. Canada has dedicated cyber crime centres where law enforcement, government, the private sector and academia can co-ordinate the fight against cyber crime. By having a Cyber Security Incident Response Plan in place, the B.C. government has reduced the opportunities for information security vulnerabilities to be exploited. In the event of a wide spread breach of the Government's electronic information systems, the Cyber Security Incident Response Plan is launched, ensuring that IM/IT Infrastructure services continue, and minimizing any negative operational impact. This presentation will provide an overview of the plans developmental process, challenges, lessons learned and future directions of the Cyber Security Incident Response Program.
  3. Technical Track - Carl Herberger, President & Co-Founder, Allied InfoSecurity - Top 10 To-Dos & Don't-Dos of Social Engineering
    This presentation details the dos and don'ts of social engineering testing. The presentation will provide background lineage of how new exploits from peripheral devices is causing tremendous concern and further eroding the deployed network security perimeters we have assembled over the last five-to-ten years and how to go about testing and avoiding costly mistakes in acquiring qualified testers. Most organizations are ignorant, cautiously approaching or paralyzed by these new threats and struggling with robust and fairly quick solutions. The presentation will clearly articulate these issues, detail how they can be resolved and adeptly handled if thought out in the early stages of architecture deployment, and how the judicious use of new tools can help.
10:20 -
10:45am
Morning Break
10:45 -
12:00pm
SESSION 8 - Concurrent Sessions
  1. Executive Track - Dean Turner, Director, Symantec Global Intelligence Network
  2. Management Track - Mark E.S. Bernard, CGEIT, CISM, CISA, CISSP, ISO27K Lead Auditor, PM, COBiT/ITIL Foundation, Manager, Compliance Assessment and Reporting, Information Security Branch, Province of British Columbia - Building a sustainable privacy / data protection program to prevent Cyber-Crime
    It seems like each week we read in the paper how a company has lost customer information and/or how somebody's identity was stolen and money taken from their account. BC Phone Busters has recorded a constant increase in ID theft incidents since 2002. As business leaders we hear about some of these stories and it just drives home the need to become even more diligent so that our organization do not become the next front page headliner. During this presentation we will review some of the measures that CUCBC is taking to protecting its members, partners, and other third-party clients. Participants will leave this session with a more in-depth understanding of the requirement for privacy / data protection frameworks including some of the assumptions that were made and subsequent activities that were facilitated during this program implementation. By walking through the overall strategy and details pertaining to various activities along this path, Mark will unveil some of the mysteries surrounding the implementation of the Information Security Management System including the potential benefits of achieving this level of information security within your organization.
  3. Technical Track - Victor Tavares, Sr. Manager, Systems Engineering, Juniper Networks - Technologies and Open Standards for Network Access Control
    Network Access Control (NAC) is one of the critical challenges in securing today's enterprise. How do you accommodate a variety of users, such as guests, partners, contractors, and employees, with disparate resource access requirements, privileges, & levels of trust, in a single enterprise network? And how do you build a security framework that works with your existing infrastructure, allows integration of multiple vendors' products to ensure best-of-breed technology, and creates a solid foundation for future growth - both what we expect to come and what we can't even imagine yet?

    Open standards, designed to ensure multi-vendor interoperability across a wide variety of endpoints, network technologies, and policies, enable technology that helps ensure endpoint compliance with integrity policies at and after network connection. The Trusted Computing Group (TCG), an industry standards body formed to develop, define, and promote open standards for trusted computing and security technologies, has developed an open architecture and standards for Network Access Control called Trusted Network Connect (TNC). TNC is designed to encompass a wide variety of products and technologies, and is the foundation for new NAC standards being developed in the IETF, enabling NAC solutions that will protect your network today and grow with you into the future.

12:00 -
1:15pm
LUNCH - Keynote Address - Perry A. Pederson, Vice-President, Wurldtech Labs, former Director, Control Systems Security Program, U.S. Department of Homeland Security - National Cyber Security Division

Who Turned Out the Lights? Applying Risk Management in the Age of Critical Infrastructure Protection - A Bottom-Up Approach
In today's digitally connected world, there is little doubt that cyber threats against the industrial networks that operate our global critical infrastructures have grown more prevalent and sophisticated. This disturbing trend poses both a criminal and national security threat and has raised the need for governments, industry regulators and private sector organizations to implement more effective cyber risk management strategies to protect the SCADA and Industrial Control Systems (ICS) that operate mission-critical infrastructures such as power, nuclear, oil and gas, water and sewage treatment.

Without an effective risk management strategy in place, operators of critical infrastructures know that their systems are facing a hostile and dynamic environment and they are less than perfectly prepared to meet the onslaught. If you can't quantify the risk to your systems and your organization then you're forced to put in place a myriad of ineffective and redundant defense mechanisms (sometimes referred to as "defense-in-depth" or layered defense) that typically lead to increased cost and complexity and add little to no quantifiable reduction in risk.

By introducing a bottom-up approach to managing the cyber risk to industrial control systems, this presentation focuses on the latest methods to assess, mitigate and manage risk. Insight into quantifying risk, understanding failure modes, how to develop resilience profiles and how to use them, intelligence gathering and effective mitigation strategies to successfully manage risk in real-time industrial systems are outlined to help meet the evolving challenges faced by operators of global critical infrastructure organizations.

1:15 -
2:15pm
SESSION 9 - Concurrent Sessions
  1. Executive Track - Nick Galletto, Partner, Deloitte & Touche LLP - Active Threat Management
    Active Threat Management includes the development of a balanced framework that deploys people, process, technology and environment in various areas of the network, and includes Security Event and Information Management (SEIM) as an overall management core. The key benefit of this architecture is to reduce risk and exposure through the use of an optimized process and automated response controls to: detect security violations, comply with regulatory process, reduce the potential for systems disruptions, improve investigations, provide increased flexibility, and reduce cost. Organizations that have Active Threat Management are able to strategize, implement and optimize their defense capabilities in order to reduce an organization's business, financial, security and regulatory risk more efficiently and effectively.

    During this session Nick will discuss:

    • SEIM and key business, risk and operational benefits;
    • SEIM as part of a Security Management Program;
    • Overview of Enterprise Risk Event Management (eREM) strategies; and
    • Establishing an enterprise wide information security-reporting framework.
  2. Management Track - Geoff Webb, Senior Manager, Product Marketing, NetlQ Corporation - Rapid Cyber Attack Detection and Response Through Security Process Automation
    As IT Process Automation (ITPA) - the ability to model, automate, measure and improve operational IT processes - continues to gain momentum within enterprise environments, companies are quickly realizing the tangible benefits behind the automation of process-based activities. But, with the growing sophistication of cyber attacks, where does security fit into the picture? How can organizations incorporate security measures into their ITPA schematic to best protect their assets? And how should enterprises go about bridging the gap between two conventionally distinct disciplines within the organization - security and IT operations - to bulletproof their operations against internal and external threats? During this discussion, we will illustrate the benefits of incorporating traditional security processes using ITPA and how, over time, leveraging this platform gives companies the ability to better manage their security processes by automating the mundane, repetitive security tasks that take time away from higher value activities that better support the greater business objectives. We will describe the processes that enterprises must define and automate to achieve "security success," including laying the proper groundwork for IT administrators and managing the integration between security and IT management functions to operationalize security. These steps are necessary to thwart internal and external security threats, minimize operational disruption and effectively meet audit and compliance demands. Through the use of real-life examples, we will outline ways in which companies can integrate security processes into the overarching IT framework, capitalize on existing technology investments and align IT objectives with broader business goals.
  3. Technical Track - Robert Slade, Senior Instructor, ISC2 - Software Forensics
    Computer forensics is primarily seen in terms of the recovery, and preservation for presentation as evidence, of data from computers that may have been used in the commission of some criminal activity. Occasionally this definition is extended to include analysis of data from network logs. Forensic programming is a little known field. It involves the analysis of program code, generally object or machine language code, in order to make a determination of, or provide evidence for, the Intent or authorship of a program. The objective is to impart the concepts involved in determination of characteristics of or in object code which might provide evidence of identity, cultural background, or intent.
2:20 -
3:20pm
SESSION 10 - Concurrent Sessions
  1. Executive Track - Rohit Sethi, Manager, Security Compass & Jamie Gamble, Security Consultant, Security Compass - Achieving 6.6: PCI and Source Code Review
    Organizations involved with processing payment card data are no doubt very familiar with Requirement 6.6 of the Payment Card Industry Data Security Standard (PCI DSS): Web applications that deal with PCI data must protect themselves by either installing a web application firewall or completing a source code review. While many are familiar with firewalls, how does one set out to meet 6.6 with a source code review? Moreover, how is a source code review conducted in the context of application security?

    In this presentation, Rohit Sethi and Krishna Raja of Security Compass discuss how secure source code review fits into a complete application security program. The presentation will cover how to approach and prioritize source code reviews, compare and contrast source code reviews and web application firewalls, and demonstrate how to uncover the logic errors buried deep in code that slip by the eyes of automated scanners, using actual case studies. With an organized, informed approach to code review, you'll be one step closer to achieving 6.6!

  2. Management Track - Gurusamy Sarathy, Chief Technologist, Sophos - Subverting Web Reputations: How Criminals Cut Through
    As email security defenses have matured, criminals have flocked to the web as their most favored attack-vector. They have discovered that the pull model of threat propagation over the web offers them many advantages and degrees of freedom compared to the push model that is needed over email. However, the other major reason--the lesser known dirty secret of the web security industry--is that prevailing first generation web defenses are incapable of stopping attacks that take over the reputation of popular web sites. Such attacks cleanly sidestep both the domain-based security model that is built into web browsers and the site or page level reputation databases that are the most common form of defense against web threats today. These factors combined with the fact that web security is only weakly deployed at most organizations make the web a gold-mine of opportunity for cyber criminals. This talk will provide a brief overview of the status quo in web security, and go on to describe the details of specific attacks that usurp web reputations, highlighting the strategic weaknesses in defenses that are exploited. Alternative security regimes that are increasingly necessary for successful defense will be covered.
  3. Technical Track - Nicholas Fong, P.Eng., Industrial Technology Advisor, National Research Council Canada - Countermeasures Against a Massive Botnet Attack
    This presentation details how a network administrator can quickly counter a massive, distributed DoS attack by creating and applying firewall rules that block thousands or millions of IP that are country-specific. DDoS attacks can original from zombies in multiple countries, but the centre of gravity tend to originate from one or two countries. By having this tool on hand, a network administrator can quickly apply a set of firewall rules to contain the massive DDoS attack thereby keeping the critical application servers alive. This semi shot gun approach does block legitimate users from specific country; these legitimate users would have to be dealt with by adding "allow" rules based on their IP address. A short discussion reflects on how cyber criminals are taking advantage of the jurisdictional boundaries to commit these crimes.

    The Internet Registry IP allocation data structure will be examined, followed by some post-processing (clean up) techniques, then the use of simple Perl codes to parse and reassemble the data into practical firewall rules on a per-country basis. The firewall rules are built for a popular packet filter (iptables) which is integrated in Linux 2.4 and 2.6 kernels.

3:20 -
3:40pm
AFTERNOON Break
3:45 -
4:30pm
SESSION 11 - Keynote Address: Speaker TBC
4:30pm CLOSING Remarks
Conference Moderator: Hein Gerber, Director - IT Advisory Services, PricewaterhouseCoopers LLP

Register Now
Contact Us
Reboot Communications Ltd.
Suite 814, 21 Dallas Road
Victoria, BC, Canada, V8V 4Z9

Phone: 1.250.388.6060
Fax: 1.250.595.1793
Toll Free: 1.866.388.6060

Marketing & sponsorship information
Click Here or call
1.866.388.6060

Registration, logistics & general inquiries
Click Here or call
1.604.530.0872

Corporate Partners