Do you know of a colleague who may be interested in this conference? Enter their email address below to send them an email.

Feedback from
Attendees

Upcoming
Events:

Sep 21, 2010

Enterprise DR/BC -

HA/Resilient Infrastructure

Info

 

Sep 30, 2010

Project and Portfolio

Mgmt

Info

 

Oct 7, 2010

VDI / Desktop Virtualization

Strategies - Implementation

and Management

Info

 

Oct 21, 2010

e-Mail Archiving

Info

 

Nov 4, 2010

The CIO Agenda -

2011 and Beyond

Info

 

Nov 18, 2010

DR/BC
Data Protection

Strategies

Info

 

Dec 9, 2010

Business Intelligence/

Performance Mgmt

Strategies

Info

 

2011 Events

 

Feb 3, 2011

Ent Risk/Security Mgmt

Info

 

Feb 17, 2011

Project and Portfolio Mgmt

Info

 

March 3, 2011

Cloud Computing

Info

 

March 17, 2011

IT Architecture

Info

 

April 7, 2011

Ent DR/BC / Resiliency

Info

 

April 28, 2011

Desktop Virtualization

Strategies

Info

 

May 5, 2011

Business Intelligence and

Analytics

Info

 

May 19, 2011

e-Mail Archiving

Info

 

June 9, 2011

Ent Risk/Security Mgmt-LLM

Info

 

July 14, 2011

IT Leadership Strategies

Info

 

Sep 9, 2011

Enterprise DR/BC / HA

Info

 

Oct 6, 2011

Cloud Computing

Info

 

Oct 20, 2011

Desktop Virtualization

Info

 

Nov 3, 2011

CIO: IT Leadership

Strategies

Info

 

Nov 17, 2011

Ent DR/BC / Data

Protection

Info

 

Dec 8, 2011

Business Intelligence/MDM

Info

 

 

Home  |  Attending   |  Speaking  |  Sponsoring  |  About   |  Contact 

Conferences that solve current IT challenges

Patch and Vulnerability Management
 Delivering the levels of security, compliance and confidence needed for your extended enterprise

February 2, 2006
9:00 a.m. to 5:00 p.m.

Stephens Convention Center
Rosemont (O'Hare) Illinois
Overview

The number of vulnerabilities is growing. The timeframe between when a vulnerability is found and when it is exploited has shortened.  The urgency to mitigate network vulnerabilities has become more crucial than ever.

Conference Program

8:00 am - 9:00 am - Registration and Continental Breakfast

9:00 am-10:00 am
Developing an Efficient and Effective Patch Management Process
that Aligns to the Needs of the Business
 Muneer Mubashir, Senior Systems Engineer, BMC Software


 Mubashir

The complex nature of today’s IT environments and the ever increasing need for IT to prove its value necessitates IT to operate in a framework conducive to overall strategic business initiatives. A value driven IT organization can only be established when People, Process and Technology are designed to work together in concert. For most companies, automated patch management is no longer the primary concern. Many have implemented some form of an automated patch management solution that automates the download, sorting and distribution of patches. However, for organizations to gain confidence in the patching outcomes a careful analysis of the patch process itself is needed.

This session will discuss the key elements of a robust, repeatable and an efficient Patch Management process based on the ITIL framework by highlighting the following:

·         Aligning patch risk with business requirements

·         Transforming an organization to a value creation mode, instead of the reactive, fire fighting modus operandi

·         Establishing a continuous review and improvement process

·         Alignment with regulatory requirements such as Sarbanes-Oxley

10:00 am - 10:30 am - Refreshment Break

10:30 am-11:30 am
 An Overview of Patching Strategies and Their Alternatives
 Matt Rodgers, Director, Product Management, Blue Lane Technologies


 Rodgers

Patching servers represents a unique challenge. The cost to install a patch on a server is high, interoperability concerns are great, and an incident on a single server can impact untold numbers of users. Despite the challenges, patching servers remains a priority because they represent some of the highest value assets in the infrastructure and typically house the most sensitive and valuable data.

Attendees will be exposed to some useful frameworks to consider when dealing with server patch deployments and will be presented with an overview of the current alternatives to patching.

11:30 am - 12:30 pm
Business Rationale for Patching Computer Systems
Daniel M. Harris, Manager of Information Security Policy and Strategic Development / The Americas, The Aon Corporation


 Harris

This session will focus on the rationale for patching computer systems, with an emphasis on improving security and reliability. We will discuss how the security threatscape has dramatically changed by examining a number of real-world attacks and the implications for business. In addition, other factors such as regulatory requirements, due care, and good business practices need to be considered among the criteria for patching systems. 

Danny will provide the audience with an astonishing series of security statistics as to how businesses have suffered losses as a result of not patching early and often.

12:30 pm - 1:30 pm - Luncheon

1:30 pm-2:30 pm
 Strategies for Balancing IT & Security with Regulatory Compliance
Paulette Hradnansky, Director, Information Security Operations, Motorola


 Hradnansky

Corporations are now being held to much stricter standards with respect to information security.   This presents the challenge of making security much too restrictive and cumbersome to manage.  As a security and IT practitioner, how do you find a balance between security and usability?  How do you make sure you are adhering to regulatory compliance and at the same time managing your organization’s internal needs of effective risk management, operational integrity and service management?

2:30 pm - 3:00 pm Refreshment Break

3:00 pm-4:00 pm
 Designing a Security Management Framework to Reduce Risk for IT Vulnerabilities in Real-Time
Jim Resch, Director of Security Management Solutions, BigFix, Inc.


 Resch

Lacking an effective vulnerability and security configuration management framework, many organizations discover their current systems management and applications management IT infrastructure is inadequate in protecting critical assets, data, and intellectual property only after suffering the costly and embarrassing consequences of a security breach. 

In this session, you will learn that the key to developing a robust vulnerability management framework lies in three core competencies – real-time asset discovery and visibility, holistic software and security life-cycle management approach, and continuous policy-based enforcement for compliance across your entire IT infrastructure.

4:00pm-5:00pm
Implementing Enterprise Patch/Vulnerability Management Frameworks & Processes
Derek Milroy, Security Architect, The Corp-Sec Project



Milroy

Derek is a frequent speaker at CAMP known for his "hands-on approach". The first part of his presentation will outline a framework for assessing patches relative to your environment and how to implement an effective patch management process for your network. The second part of this presentation will outline a framework for implementing a vulnerability management process that ensures remediation takes place and is tracked. The third part of this presentation will explore topics related to integrating your vulnerability management process with your NSM (Network Security Monitoring) infrastructure.

The frameworks to be presented have proven to be effective in environments varying in size from dozens to tens of thousands of hosts. These frameworks are not theoretical.

Each attendee will receive a certificate awarding 7 CPE credits for CISSP continuing education,
 in addition to 0.7 CEUs and 7 PDUs.
CISSP is a registered certification mark of (ISC)˛, Inc.

 Register

What You Will Learn

This one day conference will provide IT departments with an understanding of the following:

  • How to develop an efficient and effective patch management process
  • How to update your current patch management framework
  • How to align vulnerability management with incident resolution
  • How to implement an effective patch management solution
  • How to develop a vulnerability management framework
  • How to convert volumes of IT vulnerabilities into business risk exposure analysis
  • How to insure compliance with industry regulations
  • How other IT departments have worked through their patch management challenges
     

Exhibits

As is always the case at CAMP IT Conferences events, the talks will not include product presentations. During the continental breakfast, coffee breaks, and the luncheon break you will have the opportunity to informally meet representatives from the following sponsoring companies, who have solutions in the area of the conference.

  

 
 

CAMP Conferences, Inc., 540 W. Frontage Rd., Ste. 2205, Northfield, IL  60093
Tel: (312) 527-2800  Fax: (847) 881-0747

Copyright © 2010 CAMP Conferences, Inc. All Rights Reserved.
CAMP IT is a registered trademark of
CAMP Conferences, Inc.