Prior Monthly Meeting Programs - 2005 , 2004, 2003, 2002                         

These are Programs which have been held since 2002 by  ISSA South Texas Chapter .If you plan to attend a future meeting please send an email RSVP to communications@southtexas.issa.org  and include your name, ISSA membership status, and the date for the  program you wish to attend.

Time:               11:30am - 1:00 pm
Location:          Houston Engineering & Scientific Society (HESS) Club
                        5430 Westheimer at Yorktown. (Free Parking).        

Please RSVP prior to noon on the Monday before the monthly meeting in order  to help us plan for enough meals and seating. Advanced reservations also qualify for a discount on the meeting charge. Monthly meeting rates are:

                        With Reservations                Without Reservations

Members                $20.00                                    $22.00

Non-Members       $25.00                                    $27.00   

 

2005 Meeting Programs

Jan 13, 2005 - RSVP to: communications@southtexas.issa.org  

Topic: Application Security:  What does it take to build and test a “trusted” app?

Speaker: John B. Dickson. CISSP, Partner, Denim Group

Feb 10, 2005 -  

Topic: Wireless Security

Speaker: Mark Adams
Mark Adams is a Senior Security Consultant with Deloitte and Touche in Houston, Texas, and is a frequent speaker on topics related to wireless security, and information security in general.  He has performed extensive work in the area of wireless security for many clients, including Apple Computer, Inc. and Compaq Computer Corp. His other principal areas of expertise are attack and penetration methodologies, network security assessments, firewall reviews, and security architecture design.

.

Mar 10, 2005 -

Topic: Vulnerability Management, Audit & Compliance of Desktops and Servers.

Speaker: Steve Artick from Pedestal Software

April 14, 2005 -

Topic: The Myths of Endpoint Security.

Speaker: Scott Lewis, Senior Product Manager,  ENDFORCE, Inc

Scott Lewis serves as Senior Product Manager at Dublin, Ohio-based ENDFORCE, Inc., the first software-only, vendor-neutral solution for the definition and enforcement of network endpoint security policies. Scott is responsible for leading the company's efforts to define, plan, deliver and support ENDFORCE product offerings.
Scott joined ENDFORCE in 2000 and has over 20 years of experience in a variety of product management, engineering, marketing and account management positions at UUNET, CompuServe Network Services, Chemical Abstracts Services, and EDS.  Prior to ENDFORCE, Scott lead the Product Management group at UUNET and CompuServe Network Services responsible for dial Internet access including CompuServe Network Services’ PAL dialer software.  Scott can be reached directly at slewis@endforce.com.

May 12, 2005 - RSVP to: communications@southtexas.issa.org  

Topic: Effective Incident Response

This topic is aimed at those  who are planning to form an incident response team or  who are looking for ways to improve the one they have. The presentation is base on 8 years experience building and managing an incident response team. Will cover: Incentives for forming an efficient Incident Response Team, Describe why it is critical, Ingredients that are needed, Moving from reactive to proactive, capturing and measuring results.

Speaker: Mario Chiock

Mario Chiock is a Certified Information Systems Security Professional (CISSP), Certified Information Systems Auditor (CISA) and Certified Information Security Manager (CISM).  Employed full time by Schlumberger Limited as Senior Information Security Advisor and was previously Manager of Incident Response and a member of Schlumberger Incident Response Team since 1997. He is an active  trainer for  System Administrators, Network Engineers and Application developers on IT Security on different parts of the world in a effort to improve IT Security Awareness and minimize incidents and  be prepared. Mario been with Schlumberger for 24 years and has hold many positions from Field engineer in several countries in South America, Technical Manger in Venezuela and Curacao, Corporate IT manager in New York and Paris. He was responsible for the deployment of TCP/IP network in South America for Schlumberger in 1992

June 9 , 2005 -

Topic: "Network Security - Criminal Techniques and Corporate Defense"

As more users and commerce moves to the Internet, so do those with criminal intent.
This presentation describes attacks that are used to decei ve people and steal their data.
Live demonstrations of attacks and a discussion of protective measures are included.

Speaker: Marc Bayerkohler , Security Professional, Jefferson Wells

Marc Bayerkohler has been analyzing network attacks for over a decade.
As part of an Emergency Response Team (ERT) for a nationwide ISP, he has investigated compromised servers and ended Denial of Service (DoS) attacks.His certifications include the SANS GIAC Certified Intrusion Analyst (GCIA),SANS GIAC Systems and Network Auditor (GSNA), the Checkpoint Certified Security Administrator (CCSA), and the Cisco Certified Network Associate (CCNA).

Sponsor:        

 July 14, 2005

Topic: A Model Corporate Information Security Program
 
  With 52,000 employees representing 140 nationalities and operating in 80 countries, Schlumberger's Information Security team has a big challenge implementing a corporate policy and awareness program.  The program includes standards based standards and best practices, a series of technical enforcement tools, and a robust and automated employee awareness program. 
 
Speaker:  Don Keller, Global Operations Manager, Enterprise Security, Schlumberger.
Don Keller  has worked in the information technology fields for more than 25 years in a variety of roles.  He holds a Bachelor of Science degree from Brigham Young University in Provo, Utah and a Masters in Business Administration from Phillips University of Enid, Oklahoma.  Keller served a telecommunications officer in the U.S. Army and has held a number of information security positions with major multinational companies.  Currently he is Global Operations Manager for Schlumberger Enterprise Security Solutions and holds both the CISSP and CISM certifications. 

August 11, 2005

Topic: "The War Against Worms: A Study of Network Behavioral Anomaly Detection Techniques" by 

Worms continue to strike fast and furious. Their aggressive nature in exploiting unknown vulnerabilities combined with their rapid propagation only strengthen their ferocity and increase the damage they can inflict upon the network. Past experience and current technology limitations force today’s security administrators to look to behavioral anomaly systems that provide visualization tools, alarming technology, and mitigation techniques specifically designed to help recover from fast spreading network worms. These behavioral anomaly systems analyze traffic patterns called "flows" (not signatures) in order to automatically detect and alert on statistical deviations from the normal "hum" of a healthy network. Using flow-analysis technologies to "profile" network behavior on a host or per "zone" basis, they enable early detection of network anomalies, which may indicate worm activity. Join this speaker as he explores multiple methods for worm detection, including analysis of traffic patterns, protocol usage, inter-zone communications, OS fingerprinting, and statistical and flow-based anomalies

Speaker: Aaron Torres, Security Engineer, Lancope.
 As Security Engineer for Lancope, Aaron Torres is a significant driver of the direction of the industry of Network Behavior Anomaly Detection in the Texas Market. Aaron spends lots of his time consulting and training local clients in the Southwest; the use and importance of Network Behavior Anomaly Detection. With a decade of operational and engineering experience in enterprise IP security technologies, Aaron commands considerable expertise in datacenter network design, IP flow analysis techniques, network management, and enterprise network security planning and management. During his tenure as a Netscout Systems and Kentdata Com aka Avnet, Aaron managed security solutions and IP networks across the Southwest of the United States.

September 8th 2005 - RSVP to: communications@southtexas.issa.org  by September 6th.

Topic: "eDiscovery: What it is About and How to Deal with It "
A new term in our vocabulary is rapidly taking hold in the security function of corporate America – “eDiscovery”. 
Not many of us know:
     What it is and what it is not…
     What not do when an incident takes place…
     What to do when presented with a request for eDiscovery or electronic evidence. 
     What forms does it take based on the source of the request…
     How to prevent your digital evidence from being thrown out of court and your client or employer from being accused of spoliation…This area of information security is still evolving in many different spheres of influence: the courts, corporate associations, public interest groups and government both at the State and Federal levels.
     What direction is eDiscovery taking and why.

Speaker: Ernesto F. Rojas, CISSP,  is a Principal of InterCONNECT Solutions Inc. and specializes in consulting in the litigation support, computer forensics and security consulting fields. In his 20 years of consulting and corporate experience he has encountered many of the leading edge issues that have transformed the information systems security arena from a black art to a science. He is an active member of HTCIA, ISSA, ISACA and Infragard. He received his BS degrees in Accounting and Mechanical Engineering from Loyola University and an MBA from Pepperdine University and has numerous certifications in the information security field.

October 13, 2005 --- Special Guest Speaker:  Phil Zimmermann

Topic: "Public Policy and Encryption: From secure email to secure VoIP"  

In this Lunch Session (11:30am-1:00pm) and afternoon Seminar (1:30pm-4:00pm),
Phil Zimmermann will speak on the public policy issues involving encryption, including legislative and regulatory trends around encryption, the history of PGP, and the future of secure VoIP. Don't miss this chance to hear from and speak with the pioneer who brought strong encryption to the people.

Speaker:  Philip R. Zimmermann, creator of Pretty Good Privacy (PGP) Originally designed as a human rights tool, PGP was published for free on the Internet in 1991. This made Zimmermann the target of a three-year criminal investigation, because the government held that US export restrictions for cryptographic software were violated when PGP spread worldwide. Despite the lack of funding, the lack of any paid staff, the lack of a company to stand behind it, and despite government persecution, PGP nonetheless became the most widely used email encryption software in the world. After the government dropped its case in early 1996, Zimmermann founded PGP Inc. When that company was acquired by Network Associates Inc (NAI) in December 1997, Phil stayed on for three years as Senior Fellow. In August 2002 PGP was acquired from NAI by a new company called PGP Corporation. Phil now serves as special advisor and consultant for PGP Corporation. He is also consulting for a number of companies and industry organizations on matters cryptographic, and is a Fellow at the Stanford Law School's Center for Internet and Society.  

Before founding PGP Inc, Zimmermann was a software engineer with more than 20 years of experience, specializing in cryptography and data security, data communications, and real-time embedded systems. His interest in the political side of cryptography grew out of his background in military policy issues.  

Zimmermann has received numerous technical and humanitarian awards for his pioneering work in cryptography. In 2003 he was included on the Heinz Nixdorf Museums Forum Wall of Fame, and in 2001 
he was inducted into the CRN Industry Hall of Fame. In 2000 InfoWorld named him one of the Top 10 Innovators in E-business. In 1999 he received the Louis Brandeis Award from Privacy International, in 1998 a Lifetime Achievement Award from Secure Computing Magazine, and in 1996 the Norbert Wiener Award from Computer Professionals for Social Responsibility for promoting the responsible use of technology. He also received the 1995 Chrysler Award for Innovation in Design, the 1995 Pioneer Award from the Electronic Frontier Foundation, the 1996 PC Week IT Excellence Award, and the 1996 Network Computing Well-Connected Award for "Best Security Product." PGP was selected by Information Week as one of the Top 10 Most Important Products of 1994. In 1995 Newsweek named Zimmermann one of the "Net 50", the 50 most influential people on the Internet.  
Awards:  In addition to the awards for versions of PGP developed before Zimmermann started his company, subsequent versions of PGP (refined by the company's engineering team) continue to win recognition each year with many more industry awards.  

Zimmermann received his bachelor's degree in computer science from Florida Atlantic University in 1978. He is a member of the International Association of Cryptologic Research, the Association for Computing Machinery, and the League for Programming Freedom. He serves on the Roundtable on Scientific Communication and National Security, a collaborative project of The National Academies and The Center for Strategic and International Studies. He is Chairman of the OpenPGP Alliance, serves on the Board of Directors for Computer Professionals for Social Responsibility, and is on the Advisory Boards for Santa Clara University's Computer Engineering Department, Anonymizer.com, Hush Communications, Encentuate, and Qualys

Sponsor: 

 November 10, 2005

Topic:  CIO - CISO Roundtable on "Current Topics in Security"

- Sam Pierre-Louie, CISO, MD Anderson Cancer Center 
- Jeff Gorton, CISO, Aegis Mortgage Company

            Location: HESS Club

Sponsor:

December 8, 2005 -    RSVP to communications@southtexas.issa.org  

Note: Special Meeting Location:  411 Lovett,  Houston, TX

We will hold our December meeting in this beautifully renovated old Houston Mansion at the invitation of PointSecure who is graciously sponsoring our lunch meeting and afternoon seminar on SQL security and tools. 
The December meeting will include our annual Chapter Officers elections as well as final wrap-up of 2005 Chapter Business.
**  December Meeting, Meal, and Seminar are free for all ISSA members.
Lunch meeting time: 11:30am - 1:00 pm
Afternoon Seminar: 1:00pm - 4:00pm   SQLServer Security

If you plan to attend please send an email RSVP to communications@southtexas.issa.org   
Include your name, ISSA membership status, and the date for the particular program you wish to attend
(Lunch meeting, Seminar, or both)
.
Sponsor:

Please note: Monthly meetings Dress Code:  Appropriate Business Casual Attire

2004 Meeting Programs

2003 Meeting Programs

2002 Meeting Programs

Up ] Prior Meeting Programs ]

Send mail to webmaster@southtexas.issa.org with questions or comments about this web site. Last modified: December 11, 2005