ITSA Day 2006

November 8, 2006

Speaker Schedule

Time Topic Speaker Speaker Title Company Audience
8:30-
8:40 AM
Welcoming Remarks Dr. Marc Hoit Interim Chief Information Officer University of Florida All
8:40-
8:50 AM
Welcoming Remarks Susan Blair Privacy Officer University of Florida All
8:50-
9:00 AM
Welcoming Remarks Kathy Bergsma IT Security Manager University of Florida All
9:00-
9:50 AM
Anatomy of the Hack John Rezabek Enterprise Security Specialist Cisco IT Professional
10:00-
10:50 AM
Computer Forensics: Error in Judgment Scott Moulton CCFS / Certified Forensic Specialist Forensics Strategy Services, LLC IT Professional
11:00-
11:50 AM
Cover Your Apps: Top Five Things You Can Do Ambarish Malpani VP of Engineering Cenzic IT Professional
11:45 AM-
1:30 PM
LUNCH
1:30-
2:20 PM
The Tweety Project: Prevent the Spread of Malware Using Canary Hosts Kevin Johnson Founder Secure Ideas IT Professional
2:30-
3:20 PM
Information Security Negligence Andrea Matwyshyn Executive Director UF Center for Information Research IT Professional
3:30-
4:20 PM
Microbiological Impact: The Effect of Windows on Threat Evolution Joe Wells Chief Scientist of Security Sunbelt Software IT Professional

Definitions:

IT Professional
An individual hired by a unit to manage or maintain IT resources in that unit.
General Public
One using the computer. Most likely not with advanced technical skills.

Abstracts:

Welcoming Remarks

Dr. Marc Hoit, Interim Chief Information Officer, University of Florida

Welcoming Remarks

Susan Blair, Privacy Officer, University of Florida

Presentation

Welcoming Remarks

Kathy Bergsma, IT Security Manager, University of Florida

Presentation

Session 1: Anatomy of the Hack

John Rezabek, Enterprise Security Specialist, Cisco

John has presented several times at past ITSA days on the “Anatomy of a Hack”. This year he will share how the Threats and Security challenges have continued to evolve and shares today’s new security landscape. He will discuss how the older attacks and exploits that were that had a common focus and theme have drastically changed and this helps explain why things have appeared to get much quieter than in the days of an new exploit or worm hitting every two weeks.

Session 2: Computer Forensics: Error in Judgment

Scott Moulton, Certified Forensic Specialist, Forensics Strategy Services

Presentation

In years of doing computer forensics and working on criminal cases, there are many problems and errors with handling and processing evidence. I will discuss some of the errors I have seen, the types of problems and how they can be improved.

Session 3: Cover Your Apps: Top Five Things You Can Do

Ambarish Malpani, VP of Engineering, Cenzic

Presentation

Securing data and applications that run on the web is one of the most pressing information technology challenges for large companies today. Attacks made through common hacking techniques can lead to financial loss, compliance headaches and disastrous issues with customer privacy and overall satisfaction. While business applications are going online at a record pace, security solutions today are not keeping up. The lack of a proper protocol to test for application vulnerabilities can quickly result in large-scale security breakdowns. This session will address the top 5 things you can do to protect your applications and prevent such security breaches from happening in the first place, including:

  1. Watch out for open redirects: Open redirects are a big cause of phishing scams. If an open redirect is left accessible and can be used to redirect data to an arbitrary location, a clever attacker can redirect users from a legitimate-looking site to their spoofed version.
  2. Don’t rely on client-side input validation: A menacing problem with client-side input validation is that end users can bypass this validation. Doing so can break the security on Web applications and lead to unauthorized access to data, entry of counterfeit information and system failures. It’s therefore easy for attackers to circumvent client-side input validation, using a man-in-the-middle proxy, and attack an application.
  3. Expect the unexpected: Use an automated means to check for input validation and parameter tampering. This simple form of attack takes advantage of the fact that many programmers rely on hidden or fixed fields. Attackers can easily modify these parameters to bypass the security mechanisms that rely on them.
  4. Bounds check all your application inputs.
  5. Check for SQL injection vulnerabilities throughout your whole application.

Session 4: The Tweety Project: Prevent the Spread of Malware Using Canary Hosts

Kevin Johnson, Founder, Secure Ideas

Presentation

The usage of specialized IDS installs to detect and prevent the spreading of malware and spyware.

Session 5: Information Security Negligence

Andrea Matwyshyn, Executive Director, UF Center for Information Research

Presentation

Negligence is a body of civil law that addresses harms resulting from lack of due care in business conduct. Recent trends in caselaw show a rise in information security negligence lawsuits being brought by private litigants following instances of corporate data security breaches. This talk introduces the law of negligence and discusses the application of existing negligence law to the information security context.

Session 6: Microbiological Impact: The Effect of Windows on Threat Evolution

Joe Wells, Chief Scientist, Security Group, Sunbelt Software

Presentation

Biological life forms depend on their environment to survive. In a friendly environment they flourish, but if their environment suddenly becomes hostile, they must either adapt or die. This model applies to computer viruses. In the mid-1990’s Mr. Wells developed a theory about the effect of Microsoft Windows 3.1 on various types of computer viruses. The theory was intended to explain an observed phenomenon. In the early 1990’s there was a decrease in the number of file viruses being reported in actual incidents. At the same time there was an increase of boot virus incidents.

This presentation will explain to users how change in the computing environment – specifically change introduced by versions of Microsoft Windows has had a direct impact on the nature and evolution of virus threats.

Vendor List: