| |
DATA MANAGEMENT |
| |
What are best practices around log interpretation to bolster security? |
|
| What should you report to Management? How? |
When is it time to deploy Security Information Management (SIM)? What are
the technical and business drivers for this purchase? |
|
What is the SIM technology capable of now? What is vendor hype?
What is vapor? |
|
| |
VULNERABILITY MANAGEMENT |
| |
Where are the potholes to avoid when implementing a vulnerability management solution? |
|
| What are the best vulnerability assessment tools/services today? |
What are best practices for patching prioritization? |
|
What do you do with an "unpatchable" legacy system? |
|
| |
AUTHENTICATION & ACCESS CONTROL |
| |
What do you need to know prior to launching an authentication and access control initiative? |
|
| Should you try to solve identity management and access control problems simultaneously? Sequentially? |
Lessons Learned: How implementing authentication & Access Control will assist your
regulatory compliance efforts. |
|
What vendors should you consider and why? Whom will get bought? By whom? |
|
| |
MANAGING A SECURITY OPERATION |
| |
What metrics should you employ to measure your security organization? |
|
| How do you map security needs to organizational objectives? |
Can security really be sold to the CFO using "Return on Investment"? |
|
How are other organizations managing S-OX (and other regulations) compliance? |
|
How do you manage the risk associated with third parties? Outsourcing? |
|
What are the elements of a successful organization-wide security awareness program? |
|
| |
WIRELESS SECURITY |
| |
What should your wireless security policy look like? |
|
| What are the "real" wireless security threats today? |
How important are industry standards in purchasing devious? Which standards matter? |
|
Wireless deployment, considering alternative architecture to maximize security. |
|