Vanguard Security 2010 Track Information
 |
Audit, Compliance and Regulations
Information security professionals face numerous and diverse challenges. The Audit, Compliance and Regulations track focuses on education to assist in evaluating and adjusting your information security management system (ISMS) to respond to current business, customer, technology, legal, and regulatory challenges.
How to Secure Mainframe FTP
Stu Henderson, The Henderson Group
This session will explain why mainframe FTP (File Transport Protocol) is “the most secure FTP you’ll find on any platform anywhere.”
Securing Information through Encryption with MVS and RACF®
Stu Henderson, The Henderson Group and Jan Quach, KPMG
The basics of encryption and how you, as a security administrator, can take advantage of the cryptographic facilities present on the z990 (and newer versions).
SMF - An Overview
Mark Wilson, RSM Partners
This session will cover SMF data in detail from system parameters to reports, and use of the system logger to store SMF data.
Auditing RACF and CICS®
Mark Wilson, RSM Partners
How to audit a CICS implementation when secured using RACF and issues found that could be exploited to compromise security controls and privileged access.
PCI Compliance - Privacy Protection and the Minimum Standards of Due Care
Anne M. Rogers, PMP, CISSP, CCE, Waste Management
Key issues of privacy protection (identity theft, credit card fraud, etc.), and the “minimum standards of due care”.
URSA: An Application for User Security Management
Douglas Winings, Hewitt Associates
The Unit/Role Security Application, “URSA,” using RACF groups and a feed from the personnel system to manage user access, and how to apply it to your own shop for user security management.
Compliance and Risk Management in Cloud Computing - Stormy Weather Ahead?
Scott Blackmer, InformationLawGroup
Security, liability, and compliance issues that tend to make some enterprises keep their own data centers, and how enterprises are managing them in their operations, contracts, compliance programs, and insurance.
Getting In Front of an Audit
Marne Gordan, IBM Corporation
Learn about an audit from the auditor’s perspective and identify ways to easily facilitate the process.
Auditing and Controlling z/OS® UNIX® System Services (USS)
John Connors, Vanguard Integrity Professionals
This is session is an introduction to USS security and how to get started on the right foot. Some basic knowledge of System z® security is assumed. Requires some knowledge of System z® security.
IT Governance: The Impact of Information Security and Breach Notice Laws and Lawsuits
Scott Blackmer, InformationLawGroup
How new data security and breach notice laws and regulations, and lawsuits over security breaches are affecting IT governance in the enterprise.
Cryptography on the zSeries Mainframe
Ernie Nachtigall, IBM
The facilities and capabilities of the rich set of cryptographic functions in the zSeries, their purpose and some best practices.
Who Do You Think You’re Fooling?
Marne Gordan, IBM Corporation
Motivations for insider attacks and hard and soft costs associated with successful exploits through three real life cases. A recommended strategy for monitoring insiders to mitigate the risk of successful attacks.
Don’t Let SOX Scare the Socks Off You
Dale Webster, CISSP, Hewlett Packard
Insight as to how to achieve role-based permissions and access level controls. Creation of ownership and approvals, and accountability and periodic review of these permissions.
