|
Does Defining Privacy Matter?
|
National Security Agency
|
|
The Six Most Dangerous New Attack Techniques and What's Coming Next
|
|
|
Embedded Insecurity: What Lies Beneath
|
|
|
Social Media in Marketing and the Workplace: Legal and Regulatory Compliance
|
|
|
What Happens in Vegas Goes on YouTube: Using Social Networks Securely
|
Nettitude
|
|
Making a Career Move, Developing Your Approach.
|
|
|
Stress and Burnout in the Information Security Community
|
|
|
How to Attack the Supply Chain (the Securing of)
|
|
|
Applying the NFC Secure Element in Mobile Identity Apps
|
|
|
Evil Through the Lens of Web Logs
|
Microsoft Corporation
|
|
Can Data Breaches Be Stopped, Really?
|
|
|
NSA's Secure Mobility Strategy
|
|
|
Vetting Mobile Apps for the Warfighter
|
|
|
CYA in a BYOD World
|
|
|
Combating Advanced Persistent Threats (APTs): No Enterprise is an Island
|
|
|
SSL and the Future of Authenticity
|
|
|
Government Workforce – We’re Moving Mobile
|
|
|
Software Security Goes Mobile
|
NetSuite
|
|
Behind Velvet Ropes: Access Government Services While Safeguarding Data
|
|
|
Zero Trust: Case Studies and Lessons Learned
|
Motorola Solutions
|
|
A Timeline of Disaster
|
|
|
Engineering Smart Grid Security
|
IOActive, Inc
|
|
Exploiting a PCI Compliant Network: A How-To Guide
|
|
|
Security Enters the Boardroom: How Does Security Articulate Business Value?
|
|
|
Live Forensics of a Malware Infection
|
F-Secure
|
|
Cutting the Cord: Enabling Smartphones & Tablets without Risking Security
|
|
|
Big Data and Security: The Rules Have Changed
|
Rich Mogull
|
|
Hacks, Flacks And Attacks: Collaborating on Communications During a Breach
|
|
|
How to Launch a Secure Cloud Initiative: NASA’s Jet Propulsion Laboratory
|
|
|
Secure Multiparty Computation
|
University of Maryland
|
|
Critical Infrastructure: The IPv6 Transition Challenge
|
|
|
Minding the App Store - Protecting Software and Device Features
|
|
|
Negotiating Privacy and Security Agreements: Potential Obligations Security Professionals Should Know About
|
|
|
Can We Reconstruct How Identity is Managed on the Internet?
|
|
|
Hacking Exposed: Mobile RAT Edition
|
George Kurtz
,
CrowdStrike, Inc.
|
|
Collective Defense: How the Defenders Can Play to Win
|
Microsoft Corporation
|
|
The Faces of Fraud: An Inside Look at the Fraudsters and Their Schemes
|
|
|
SCADA and ICS Security in a Post-Stuxnet World
|
|
|
Showcase Showdown: Browser Security Edition
|
Paul Mehta
,
Accuvant
|
|
The Dark Side of a Payment Card Breach
|
|
|
The Psychology of a Cyber Predator; Decoding the Deviate Mind
|
|
|
Lightning Round: Security Risk Management: Insurance and Legal Responsibilities
|
|
|
Cyber Battlefield: The Future of Conflict
|
|
|
BYOD(evice) without BYOI(nsecurity)
|
General Electric
|
|
Balancing Business Agility and its Risk in Today’s Evolving IT Environments
|
|
|
Elephant in the Room: Intellectual Property Hacking
|
RSA
|
|
Vulnerability Panel: Is it ZERO Day or ZERO Care?
|
MITRE
|
|
Making Sense of Software Security Advice: Best vs. Practiced Practices
|
Kyle Randolph
,
Adobe Systems, Inc.
|
|
Always-On SSL: A Necessity to Deal with an Inconvenient Truth
|
Symantec
|
|
The Vendor Management Challenge: Doing More with Less
|
|
|
CXO Perspective on Addressing Cyber Threats and Opportunities
|
USAA
|
|
eHealth: Securing Patient Records
|
|
|
Hacking the Vote?
|
University of Michigan
|
|
Terrorist Groups in the Online World
|
Mikko Hypponen
,
F-Secure
|
|
Remediation Statistics: What Does Fixing Application Vulnerabilities Cost?
|
|
|
Risk Management Smackdown II: The Wrath of Kuhn
|
|
|
3 "C" Words You Need to Know: Custody - Control - Cloud
|
|
|
Biometrics and Access Token Technology, 10 Years Later…
|
|
|
Mobile Device Security: Is the Enterprise Up for the Challenge?
|
|
|
The Hidden Risks: Managing Risks in Outsourcing Contract Relationships
|
|
|
Application Access Control - Taming the Wild West
|
|
|
CISO View: Top 4 Major Imperatives for Enterprise Defense
|
|
|
30 Years and 500 Trillion Messages Later – Fixing the Email Plague
|
The FIDO Alliance
|
|
(ISC)2’s SSO Program – Bringing Cybersecurity Experts to the Classroom
|
|
|
Blending Embedded Hardware OTP, SSO, and Out of Band Auth for Secure Cloud Access
|
Intel Corporation
|
|
Joining Forces: The Public-Private Imperative in Cybersecurity
|
|
|
Dormant Malware Attacks - What's Next?
|
|
|
Never Waste a Crisis --- Necessity Drives Software Security Improvements
|
Adobe Systems, Inc.
|
|
Earth vs. the Giant Spider: Amazingly True Stories of Real Pen-Tests
|
|
|
Public-Key Encryption II
|
|
|
Modern Cyber Gangs: Well-Organized, Well-Protected, and a Smart Adversary
|
SANS Institute
|
|
Security 2012: A Handbook for Cyber Security
|
FireEye, Inc.
|
|
Building a Security Operations Center (SOC)
|
Nettitude
|
|
Can DNS Protect Intellectual Property and Free Speech at the Same Time?
|
Paul Vixie
,
Farsight Security, Inc.
|
|
Partly Cloudy: Top Security Weathermen Forecast the Cloud
|
|
|
Advanced (Persistent) Binary Planting
|
Mitja Kolsek
,
ACROS Security
|
|
From Technology to Psychology: Understanding the Social Psychology of Hackers
|
|
|
Building Robust Security Solutions Using Layering and Independence
|
National Security Agency
|
|
Getting to “Like”: Real-world Enterprise Use Cases for Social Applications
|
|
|
Web Breaches in 2011-“This is Becoming Hourly News and Totally Ridiculous"
|
Jeremiah Grossman
,
SentinelOne
|
|
Security Best Practices: SSL Certificate Management at TD Bank and MoneyGram
|
|
|
The Social Web: Business vs. Security - How to Be a Winner
|
|
|
Message in a Bottle - Finding Hope in a Sea of Security Breach Data
|
Davi Ottenheimer
|
|
20 in 2012: The Top Privacy Issues to Watch
|
|
|
Collecting and Sharing Security Metrics - The End of "Security by Obscurity"
|
|
|
Automated Certificate Lifecycle Management and How it Improved Business Agility and Security: Case Studies at Citi and United Airlines
|
|
|
Innovation and Technology Transfer in Security: From the Lab to General Use
|
|
|
How Can a CIO Secure a Moving Target with Limited Resources?
|
Secunia
|
|
War Stories: The Good, Bad and the Ugly of Application Security Programs
|
|
|
Trust Framework Model: Origins, FICAM, NSTIC, Missing Link And Evolution
|
|
|
Large Scale Cloud Forensics
|
Cybereason
|
|
The Role of Security in Company 2.0
|
Endgame
|
|
Achieving Operational Excellence in Security
|
|
|
ChromeOS vs. iCloud - a New Frontier in Security Challenges
|
Kaspersky Lab
|
|
The CERT Top 10 List for Winning the Battle Against Insider Threats
|
|
|
Making World Class Cloud Security the Rule, not the Exception
|
|
|
Base64 - the Security Killer
|
|
|
Becoming a Change Agent in a World Where Change Never Ends
|
Markel Corporation
|
|
Lightning Round: Mobile Infrastructure Security: Licensed Spectrum Eavesdropping and GSM Threats
|
Arbor Networks
|
|
Side Channel Attacks I
|
|
|
Whose Fault is it that I Didn’t Know it Wasn’t You—an Update
|
|
|
Compliance, Audits and Fire Drills: In the Way of Real Security?
|
Microsoft Corporation
|
|
Lightning Round: SAP Application Security
|
Onapsis, Inc.
|
|
The US Cyber Challenge: National Competitions to Find New Cyber Experts
|
Alex Levinson
,
Rochester Institute of Technology
|
|
Deploying IPv6 Securely
|
|
|
Side Channel Attacks III
|
Radboud University Nijmegen
|
|
Enteprise Access Control Patterns for REST and Web API
|
|
|
Corporate Espionage for Dummies: The Hidden Threat of Embedded Web Servers
|
Michael Sutton
|
|
The First 24: Responding to an Attack within the Critical First Day
|
|
|
Defending Behind the Device: Mobile Application Risks
|
Chris Wysopal
,
Veracode
|
|
Secure the Smart Grid from Cyber Attacks to Avoid Putting Us Back 200 Years
|
Steptoe & Johnson LLP
|
|
Invited Talk II
|
|
|
The Three Myths of Cyberwar
|
Dave Aitel
,
Immunity, Inc.
|
|
Top Strategies for Detecting and Combating Advanced Persistent Threats
|
McAfee
|
|
Adversary ROI: Why Spend $40B Developing It, When You Can Steal It for $1M?
|
|
|
Security Data Deluge- Zions Bank’s Hadoop Based Security Data Warehouse
|
|
|
Update Your Software or Die
|
Qualys
|
|
Looking Ahead - The Path to Moving Security into the Cloud
|
Google Inc.
|
|
The Metric System: Why Meaningful Metrics Matter
|
|
|
Rising to the Challenge of Vulnerability Management in an IPv6 World
|
|
|
The Security Professional as Data Steward: Understanding Privacy
|
|
|
Cryptographic Protocols I
|
|
|
Separation and Isolation: Towards a Proactive Approach for Information Security
|
|
|
Midmarket Application Security—Defend like a Fortune 500…or Better
|
|
|
Doing More with Less: Detailed, Highly Efficient Network Security Policies
|
|
|
Deconstructing the Breach – Miscreants, Their Malware, Our Response
|
Palo Alto Networks
|
|
Give Me My Cloud Back: Panel Discussion of Data Privacy Concerns
|
|
|
International Cyber Crime Arrests through Private/Public Collaboration
|
|
|
The Art of Breaking and Designing CAPTCHAS
|
Elie Bursztein
,
Google Inc.
|
|
Lightning Round: Data Confidentiality and Integrity in the Cloud
|
|
|
Smart Investments: Workforce Development Programs Working for You
|
|
|
Friending Your Life Away: How Social Networks Cause Long Term Damage to Individuals and Organizations
|
|
|
New Threats to the Internet Infrastructure
|
Bruce Schneier
,
IBM Security
|
|
Attacks 2011: How Complexity Evaded Defenses and Strategies for Prevention
|
Tomer Teller
|
|
Firewall Fail: Live Test of Top Next-Gen Firewall to Expose Its Breaking Points
|
|
|
Service Organization Controls (SOC) Reports - The 'New' SAS-70s
|
|
|
SSL Identifiers - Keeping Your Lines of Communication Open and Secure
|
|
|
PenTesting People: Social Engineering Integration
|
IOActive, Inc
|
|
Secure Implementation Methods
|
|
|
Revocation Checking for Digital Certificates: Why Won’t It Work?
|
Sid Stamm
,
Mozilla
|
|
Invited Talk I
|
|
|
Legal & Ethical Considerations of Offensive Cyber-Operations?
|
|
|
Why is Search Engine Poisoning Still the #1 Web Malware Vector?
|
Symantec
|
|
Security is Dead. Long Live Rugged DevOps: IT at Ludicrous Speed
|
|
|
Strategies for the Eroding Network Perimeter: Defend the Perimeter or Retreat to Higher Ground
|
TELUS
|
|
SSL and Browsers: The Pillars of Broken Security
|
Qualys
|
|
Worm: The First Digital World War
|
|
|
Zero Day: A Non-Fiction View
|
|
|
Mobile Devices: A Privacy & Security Check-In
|
|
|
Digital Policy Management: Be Part of the Solution, Not the Problem
|
|
|
Data Breaches and Web Servers: The Giant Sucking Sound
|
|
|
Surviving Lulz: Behind the Scenes of LulzSec
|
Matthew Prince
,
CloudFlare
|
|
Staying Secure in an Agile World
|
|
|
Identifying and Exploiting Cryptographic Padding Oracles
|
Gotham Digital Science
|
|
Good Security on a Government Budget? Government CISOs Do More with Less
|
|
|
Cloud and Control: Any Program on 2000 or 2 Machines
|
|
|
Evolution of IT Security – Why the Status Quo is Already Extinct
|
The FIDO Alliance
|
|
What Motivated My Company to Invest in a Secure Development Program?
|
SAFECode
|
|
How to Create a Software Security Practice
|
Alert Logic
|
|
The Virtualization Security Landscape: What's Changed?
|
SANS Institute
|
|
Offensive Countermeasures: Making Attackers' Lives Miserable
|
|
|
Cracking Open the Phone: An Android Malware Automated Analysis Primer
|
|
|
Three Ways to Lose Data and One Way to Stop It
|
|
|
Exploring Converged Access of IT Security and Building Access - Today, Tomorrow and the Future
|
|
|
Data Loss Prevention: The Evolving Landscape of Mobile Enterprise Threats
|
|
|
Fraud and Data Exfiltration: Defending Against the Mobile Explosion
|
|
|
Convergence of BCM and Information Security at Direct Energy
|
|
|
Breaking News! Up to the Minute Hacking Threats
|
Kaspersky Lab
|
|
Hot Topics in Information Security Law 2012
|
|
|
Modern Cyberthreats: The Changing Face Behind the Keyboard
|
|
|
Firewalls: Security, Access, The Cloud - Past, Present and Future
|
|
|
Side Channel Attacks II
|
|
|
BYOD: Securing Mobile Devices You Don’t Own
|
Microsoft Corporation
|
|
Information Protection in Today's Changing Mobile and Cloud Environments
|
|
|
Data Breach Laws: Will They Save or Sink You in a Massive Attack?
|
|
|
Updating the Law on Government Access to User Data in the Cloud
|
Google Inc.
|
|
Estimating the Likelihood of Cyber Attacks When There’s “Insufficient Data”
|
|
|
Cyber War: You’re Doing it Wrong!
|
|
|
Getting Your Session Proposal Accepted
|
|
|
CISOs Check the Weather: Beyond the Hype of Cloud Security
|
|
|
Human Hacking Exposed: 6 Preventative Tips That Can Save Your Company
|
|
|
Job Performance Model for Advanced Threat Responders
|
iSIGHT Partners
|
|
Public-Key Encryption I
|
|
|
Grilling Cloudicorns- Mythical Cloudsec Tech You Can Consume Today
|
Rich Mogull
|
|
Cyber Incidents Centers: Information Sharing
|
Federal Bureau of Investigation
|
|
The Keys to the Cloud: How Aetna Addresses Certificate and Key Management
|
|
|
Continuous Monitoring for Federal Agencies: Challenges and Opportunities
|
|
|
Smartphones: Placing Enterprise Security into the Hands of the Users
|
|
|
Managing Advanced Security Problems Using Big Data Analytics
|
|
|
That Doesn't Actually Work: Hard Truths About Cryptographic Innovations
|
|
|
Crowdsourcing Access Control in the Cloud
|
|
|
Just Because They’re Authenticated Doesn’t Mean You Should Trust Them
|
|
|
Tackling the Identity Management Liability Problem
|
|
|
Adding a Security Assurance Dimension to Supply Chain Practices
|
|
|
Optimizing Security for Situational Awareness
|
McAfee
|
|
Is Your Mobile Device Radiating Keys?
|
|
|
When the Cloud Goes Bust: Data Breaches in the Cloud
|
|
|
Digital Signatures II
|
|
|
Code Red to Zbot: 10 Years of Tech, Researchers and Threat Evolution
|
WW Cybersecurity & Data Protection, Microsoft
|
|
Hacking Exposed: Embedded - The Dark World of Tiny Systems and Big Hacks
|
Cylance
|
|
eDiscovery and Forensics: Working Together for the Winning Solution
|
|
|
Stop the Maelstrom: Using Endpoint Sensor Data in a SIEM to Isolate Threats
|
|
|
iOS Security Internals
|
Dino Dai Zovi
|
|
From the Bottom to the Top: The Evolution of Application Monitoring
|
|
|
Symmetric Key Primitives
|
Georgia Institute of Technology
|
|
Garage Sale Forensics: Data Discovery Through Discarded Devices
|
|
|
Victimless Malware - How Blackhats Make a Killing Targeting Companies
|
|
|
Privacy by Design: Baking Privacy into Business and Product Development
|
|
|
Targeted Exploits & Spear Phishing – Will it be the Demise of Trusted Email?
|
|
|
Compliance Fatigue: How to Stop Chasing Compliance and Move on to Business
|
|
|
Hacking’s Gilded Age: How APIs Will Increase Risk and Foment IT Chaos
|
|
|
Taking Information Security Risk Management Beyond Smoke & Mirrors
|
|
|
Should I Sue? The Perils of Litigation in the Age of Anonymous
|
|
|
Cryptographic Protocols II
|
|
|
Digital Signatures I
|
|
|
Taking to the Skies: IT Flight Plan for Cloud Security
|
|
|
PCI Security as a Lifecycle: How to Plan for PCI in 2012 and Beyond
|
|
|
Cyber Security School Challenge: Information Security Professionals Needed
|
|