CONFERENCE SESSIONS 12 CPE Credits Includes Two Day Conference Pass, Conference Sessions, Keynotes, Vendor Presentations, and Lunch February 11, 2009 February 12, 2009

e-Discovery for the Court System Bill Waites, CEO, Compupak Advanced Technology, Inc The Process to Achieve Business Alignment with Security Lorna Koppel, Director-IT Security, Kohler Company Botnets and the Army of Darkness Craig Schiller, CISO, Portland State University e-Discovery; Developing an IT Strategy to Support a Legal Requirement Randy Guin, IT Security Officer, Dallas County Your Business Contingency Plan Needs To Incorporate Alternative Fuels Charles Cresson Wood, Independent Information Security Consultant, President, InfoSecurity Infrastructure, Inc. Stealing the Airlines Online Data Quincy Jackson, IT Security Manager, Universal Weather and Aviation Waging the Application Security Battle Mark Adams, Application Security Lead, Halliburton Co-Presenters: Mark Feferman - Lead, Application Security, Halliburton Paul Dial - Manager, Application Security, Halliburton Web Application Security Assessments At a Glance Robert Hansen, CEO, SecTheory LLC. Rob MacDougall, Account Executive, SecTheory LLC. Wriggling Out of the Worm's Stranglehold: How One Large Company Became Infected and then Eliminated the Confliker Worm Vaughn Hazen, Chief Operations Security Officer ISACA Panel Discussion: Implementing Security in a Multi-National Environment  Antonio Marin, CIO, Petrobras America Inc. Panelists: Paul Yust, CIO, BJ Services Mike Pavlich, IT Manager, Repsol USA Stuart Catlin, IT Security Consultant and Expert Panel Discussion: Hurricane Ike-Lessons Learned Mike Thomson, President, South Texas ACP Panelists: Ed Schlichtenmyer, Business Continuity Manager, Devon Energy Corporation John Manelos, Regional Security Manager, BP America, Inc. Eric Eckels, Senior Security Manager, KBR How to Not Be a Network Ostrich Mark Stingley, Senior Network Security Analyst, The University of Texas Health Science Center at Houston

Not Another “Castle/Moat” Security Architecture Presentation Michael Lewis, Manager, External Requirements, Chevron Who’s Rules Apply? (Standards vs. Regulations) Mike Thomson, President, South Texas ACP Continuous Auditing and Risk Management: Human Action Metrics Santos Monroy, President, Houston Institute of Internal Auditors Mass Communication, the Internet and Disasters Arthur Conklin, Assistant Professor, University of Houston, College of Technology Same Face—Different Name: Integrating Document Authentication and Facial Recognition to Find Criminals—Not Crimes Gary Reynolds, CSO, Dragnet Solutions LA Traffic: Minor Internal Incident; Major External Possibilities John G. O’Leary, President O’Leary Management Education Mapping Compliance to Risk: Why it is worth it and why it is not Jeffrey N. Reich, Principal, FUDless, LLC Collective Information Security Chris Bronk, Fellow - Technology, Society & Public Policy, Baker Institute - Rice University Panel Discussion: Security Leadership-The Evolution from Securing Technology to Securing Information Lorna Koppel, Director-IT Security, Kohler Company Panelists: Thomas Madden, CISO, University of Texas Health Science Center-Houston Tim Stanley, CISO, Continental Airlines Carl Conrad, Manager, Enterprise Information Risk, Chevron Recovering From the "Death Spiral": Resurrecting a Project That Plummets From a Good Idea Into Disaster George F. "Chip" Meadows, Jr., Sr. IT Security Tech Lead, Center for Infrastructure Assurance and Security (CIAS) Building a Compliance Incident Response Program Aaron Hughes, Vidoc Razor An FBI Cyber Crime Briefing  Samuel Sutton, FBI – Houston Division

EXECUTIVE STEERING COUNCIL KICKOFF BREAKFAST (Invitation only) Benchmarking Your Security Program Peter Lindstrom, Research Director, Spire Security Sponsored by:

February 11, 2009

February 12, 2009

OPEN VENDOR SESSIONS
(Complementary Vendor Presentations and Industry Panels)

Industry Expert Panels

February 11, 2009

February 12, 2009

Saving the Endpoint by Keeping the User in Mind Moderated by: Craig Schiller, CISO, Portland State University	Network Access Controls—Is it time to jump on the Bandwagon? Moderated by: William Arthur Conklin, Assistant Professor, University of Houston, College of Technology
PCI DSS—More than Just Compliance Moderated by: John G. O’Leary, President, O’Leary Management Education	Data Protection—Standing Your Ground to Protect Your Information Moderated by: Jeffrey N. Reich, Principal, FUDless, LLC

Presentation Theater
February 11, 2009	February 12, 2009

A User-centric Approach to Enterprise-wide Data Protection Presented By:Cliff Grossner	Five Reasons Why You Should and Should Not Deploy 802.1X Right Now Presented By: Steve Pettit, President/CTO
Motorola AirDefense Presentation