|
Day One Tuesday 21 June 2005
|
| 08.00 | Registration and welcome refreshments
|
| |
|
| 08.30 | Chairperson’s opening remarks
Andrew Seldon
Editor
Network Times Magazine
|
| |
|
| GLOBAL INFORMATION SECURITY TRENDS
|
|
| 08.45 | International Keynote Speaker
IT Security: Global challenges and solutions
• Emerging trends and practices in the 21st century
• Information security as a successful business driver
• Updating your organisation with the latest security
developments
• Establish an information security management culture
Detlef Eckert
Chief Security Specialist
Microsoft EMEA, Belgium
|
| |
|
| 09.30 | Enterprise security architecture: Building the secure
enterprise architecture from the ground-up
Peter Oeschger
Head: Group IT
Sasfin
|
| |
|
| 10.00 | Morning refreshments
|
| |
|
| 10.30 | Aligning information technology with business
strategies
• Understanding technology’s strategic impact
• Managing supply and demand across applications
• Enforcing security and achieve ROI
• Proactive analysis on how technology can help business
compete more effectively
• Cost cutting vs. security innovation
• Key practices for achieving closer alignment with the
business
Senior Executive
Siemens
|
| |
|
| 11.15 | Panel discussion: The future of information security
• Implementation of proactive security measures
• Making your business more efficient and secure
• How does the market respond to consumer demands
• Information security challenges
Gary Middleton
General Manager Security Practices
Dimension Data
Detlef Eckert
Chief Security Specialist
Microsoft EMEA, Belgium
Peter Oeschger
Head: Group IT
Sasfin
|
| |
|
| BUSINESS CASE FOR SPENDING ON INFORMATION
SECURITY
|
|
| 12.15 | Dimension Data case study: Using information security to support business objectives and corporate strategy
• Spending smart – enforce security and achieve ROI
• How to decide how much security you need
• Identify the most cost effective techniques available to
enforce security
• When is the best time to validate security
Gary Middleton
General Manager Security Practices
Dimension Data
|
| |
|
| 12.45 | Networking luncheon
|
| |
|
| PEOPLE AND CHANGE |
|
| 14.00 | Banking on security – A wise investment
• The cost of compliance
• International legislative frameworks
• Record trends
Wayne Hendricks
Regional Security Manager
Goldman Sachs International
|
| |
|
| 14.30 | Successful security through awareness
Kgomotso Sekgaphane
Information Security Advisor
Eskom
|
| |
|
| 15.00 | Speed Networking – bring your
business cards
Speed Networking is an exciting, quick, non-pressured way
to meet fellow delegates and industry peers in one thirtyminute
session. These brief meeting are the starting point
for conversation and networking throughout the conference.
• Exciting, quick, no pressure
• Meet…move on…meet…move on
• Form long-lasting and profitable business relationships
• Exchange business cards with fellow conference
delegates and industry peers
• The best thirty minute networking session you have ever
experienced
|
| |
|
| 15.30 | Afternoon refreshments
|
| |
|
| PROTECTING CRITICAL INFORMATION |
|
| 16.00 | Strategies for Wireless LAN Security
• Strategies for wireless value creation in the enterprise –
what the CIO and CTO need to know
• Aligning wireless strategy with corporate goals and ICT
strategy
• Implementation strategies and identification of pros and
cons
• Separate wireless security facts from the myths
• Does wireless make cents?
Maiendra Moodley
Technical Security Advisor
Reserve Bank of South Africa
|
| |
|
| 16.30 | Panel discussion: Keeping ahead of e-crime
Maiendra Moodley
Technical Security Advisor
Reserve Bank of South Africa
Kgomotso Sekgaphane
Information Security Advisor
Eskom
Wayne Hendricks
Regional Security Manager
Goldman Sachs International
|
| |
|
| 17.15 | Chairperson’s closing remarks and close of day one
|
| |
|
| 17.30 | Networking cocktail function
|
| |
|
|
Day Two Wednesday 22 June 2005
|
| 08.30 | Chairperson’s opening remarks
Andrew Seldon
Editor
Network Times Magazine
|
| |
|
| REGULATIONS AND COMPLIANCE |
|
| 08.45 | Keynote speaker
21st Century CIO: What CIO’s need to succeed?
Bryan Hattingh
Chief Executive Officer
Cycan
|
| |
|
| 09.15 | Regulatory compliance in the real world
• National and regional regulatory requirements vs. global
security standards
• Intrinsic legal issues in IT security
• Impact of regulatory compliance to IS
• Can security be self-regulatory?
Lance Michaelson
Legal Specialist
ICT
|
| |
|
| 09.45 | Integrated IT governance from a security perspective
Johan Marnewick
Group IT Architecture
Sanlam
|
| |
|
| 10.15 | Morning refreshments
|
| |
|
| 10.30 | International Keynote Speaker
The weakest link: Securing Passwords
For all of the technologies that have been assembled for virus
protection, information on repudiation, DMZ proxying, etc,
you might be lulled into a sense of calm about security
threats. It is easy to perceive security as an arms race, with
good guys and bad guys throwing more technology at each
other to defend and defeat protective measures. Truth be
told, in most organisations, one of the most vulnerable points
in security armor remains the simplest: user passwords. In
this session, Jon William Toigo will discuss the vulnerability of
password-based authentication systems and what can be
done to address them. Specifically, he will cover:
• Common password attacks
• Methods for password auditing
• Common-sense methods for password protection
• The new (old) case for biometrics
• And why, even with protection in place, you still need to
prepare for the inevitable: a security breach
Jon William Toigo
Chief Executive Officer
Toigo Partners International, USA
|
| |
|
| BEST PRACTICE |
|
| 11.15 | Merging of logical and physical access control using biometrics
Nick van der Merwe
Biometric expert
Ideco
|
| |
|
| PROJECT IMPLEMENTATION AND RISK MANAGEMENT |
|
| 11.45 | An integrated approach to information risk
management
• Define information security vs. information risk management
• Compliance and risk management
• DRP and BCP as components of risk management
• Integrating with enterprise risk management
Les Stevens
Security and Risk Strategies
META Group
|
| |
|
| 12.15 | Panel discussion: Balancing risk and cost
• What does an effective security strategy cost?
• Is security perceived as a line item expense or an integral
part of systems design?
• Can security discipline also deliver other business value?
• Are there rules of thumb or best practices to suggest
what should be spent on security as a percentage of IT
budget or corporate revenues?
Danie Scutte
Director
Msinga Holdings & Erlang Financial Systems
Bryan Hattingh
Chief Executive Officer
Cycan
Les Stevens
Security and Risk Strategies
META Group
Jon William Toigo
Chief Executive Officer
Toigo Partners International, USA
|
| |
|
| 13.00 | Networking luncheon
|
| |
|
| 14.00 | Business case for spending on information security
The results of the ISF’s study into information security
investment and staffing provide illuminating insights into how
top management’s commitment to security can directly impact
the frequency and magnitude of incidents suffered by the
organisation. Simon will share some of these insights and
explain how strong information security management initiatives
can have a real impact on the security of arrangements “on the
ground”. When the average cost of the most serious incident
across 84 surveyed enterprises cost US$1 million, the business
case for security investment becomes a compelling one!
Simon Rycroft
Operations Manager
Information Security Forum, UK
|
| |
|
| 14.30 | Steps towards implementing a strategic security model
Danie Scutte
Director
Msinga Holdings & Erlang Financial Systems
|
| |
|
| SECURITY MANAGEMENT |
|
| 15.00 | Case Study: Identity management
• What is identity management?
• Migration from an inward-facing to an e-business model
• Description of the activities and threats that comprise
identity management
• Current environment: Identity management today
David Lello
Managing Director
Global Security Solution
|
| |
|
| 15.30 | Afternoon refreshments
|
| |
|
| ROUND TABLE MEETINGS |
|
| 16.00 | Discussions
• What’s in store for IT spending – 2005 projections
See how executives rank their spending priorities; where
will organisations direct their budget increases?
• Corporate compliance: What’s missing?
Establishment of standards and best practices for
enterprise governance, risk and compliance technology,
which will help organisations to manage growth into the
new regulations.
• Introduction to network security: Intrusion detection
Discuss different types of IDS – network based and host
based. Methods used to detect intrusion.
• Controlling of internal abuse through the process of
security
Types of attack companies experience.
• Phishing Attack
Security measures that financial service providers can
take to prevent and manage phishing attacks.
|
| |
|
| 16.30 | Report back session
|
| |
|
| 17.00 | Chairman’s closing remarks and close of conference
|
| |
|
