The IANS group just posted their fall forum announcement. It states I will be leading a session on the APT at their event in Boston on 20 September 2011.
Kicking off the morning will be Richard’s session on “Mitigating the Advanced Persistent Threat.” IANS continually hears from our clients that APT and cyber crime is a constant, nagging concern (if not for their own company… yet, then because of headline news read by company executives), and it is the CISO’s job to deal with real, perceived, and impending APT issues.
Thus, during his session Richard will provide advice and real-life use cases on what he’s seen, what’s worked, what doesn’t, and what CISOs can do to deal with APTs at their own organizations.
Following the short presentation portion of the session, CISOs will collectively discuss 1) How to keep up with industry-specific threats; 2) Tactics and techniques to detect and mitigate the APT; and 3) The real implications of APT incidents
This should be a great event, because the afternoon session also features Grady Summers, my old boss from GE (who was the CISO there). Grady will:
lead CISO participants through a follow-on discussion on managing cyber security at a board level. With today's threats consistently making front-page news, even the most traditional boards are starting to ask about cyber security.
To be prepared for such an event, Grady will walk participants through varying scenarios on handling: 1) What works and what’s not effective with regard to board communication on information security; 2) What audit committee chairs at some of the world's biggest companies are saying about security; and 3) Why you might not be doing your job if you're trying to "speak the language of the business" to your board.
I think this will be a great event, without death by PowerPoint. Please visit the announcement for registration information. Thank you.