There is a huge botnet out there that no one seems to know about or even care when they are alerted to. It is commonly called the Storm Bot. This remote control program has infected millions of computers in our workplaces, homes and schools. It has even penetrated DoD and our supporting infrastructure. It is extremely difficult to detect. It alone is responsible for nearly half of the immense volume of SPAM that we receive every day. In this brief seminar, you will learn what Storm is, how it works, the extent of the global infection, and how to detect and remove it from your network. Actual case study material will be used for our lecture.

Vulnerability management has been defined as a simple process of just running vulnerability scans to a set of arcane practices to systematically protect an organization's IT environment against external attack and internal threats. This presentation will introduce a simplified yet effective vulnerability management practice that can be immediately established within any organization. Participants will become familiar with the vulnerability discovery, how to verify vulnerability findings, how to evaluate the full impact of a vulnerability, vulnerability prioritization for mitigation, vulnerability tracking, and how to continually monitor an environment for new vulnerabilities.

Topics: *Challenges faced by first responders *Terrorist attack planning process *Active shooter comparison to terrorist event *Phases in terrorist siege tactics *Prevention and response to an attack *Cyber Security Implications There are many lessons to be learned. These represent attacks against soft targets that mandate a response requiring a high level of training and coordination. In addition.

What is network access control, a.k.a. NAC? The definition is clouded by the variety of solutions in the market claiming to do NAC. Some are purpose-built NAC solutions, others are repurposed vulnerability scanners, and yet others are failed intrusion prevention systems. Then there are the frameworks -- Trusted Computing Group TNC, Cisco NAC, and Microsoft NAP -- which have added confusion to the current landscape while aiming to provide a standard for the future. In his presentation, Alan Shimel, Chief Strategy Officer at StillSecure, will outline what makes or breaks a NAC deployment. In addition, Alan will help attendees learn best practices for deploying a NAC solution depending on their network environment and specific security needs. Attendees will leave the presentation with a firm understanding of the benefits and drawbacks to NAC, and how to best deploy NAC in the real world.

This session will push back the advance of security-as-art and supplant it with a structured methodology that functions independent of technology evolution. It outlines a simple, yet thorough process to guide security practitioners, policy makers, information technologists, and auditors in the analysis and mitigation of risks in IT systems. There are numerous significant advantages to this approach. Government policy makers can stop wrestling with out-dated, inaccurate compliance-based security models that are obsolete by the time the system is designed and deployed. This technology-independent approach will allow these senior decision makers to specify their security and privacy needs long before systems are built. Conversely, the same approach will allow systems developers, integrators, and security specialists to design and evaluate their compliance with these demands. IT systems designers and developers will be able to address security requirements in a structured, consistent manner. They can also use this approach as a basis for demonstrating compliance and working out tradeoffs with those who establish requirements. The session will be based on the new Auerbach publication "Assessing and Managing Security Risk in IT Systems: a Structured Methodology." The book provides a structured, comprehensive how-to guide for defining and implementing IT security that applies irrespective of the specific information technologies employed.

When hackers started working full time for cyber criminals the security challenges became serious. The Cyber Warrior briefing will cover the attacker mentality, methods, and risk management that takes cost into account and trends in both attacks and defense.

One of the most frequently overlooked aspects of data security is how confidential data is dealt with when computers and office equipment becomes obsolete and is replaced. In this session we will discuss the different alternatives to safeguarding sensitive information and how to protect yourself.

Current information security infrastructures deployed by organizations provide a layered defense against known problems and casual adversaries, but have not thwarted numerous catastrophic security failures, such as those seen within some government agencies or organizations such as TJX. In the current threat environment, well-funded organized crime groups, foreign intelligence agencies and terrorists have deep offensive capabilities requiring a higher level of situational awareness, forensics analysis and incident management. This session will describe the significant gaps in current approaches to incident response, and will present a technology and process-based framework for dramatically improving the performance of incident response teams, particularly with respect to complex unknown threats. The session will provide details regarding operational requirements and critical success factors, and will demonstrate specific techniques used by adversaries to penetrate networks. It will address how network forensic techniques can be integrated into the incident response life cycle, permitting organizations to quickly track down the root causes of difficult problems and exploits and reduce the time to resolution and commensurate organizational impact. The participant will learn more about: * The relationship and limitations of existing technologies in dealing with current threats, such as unknown anomalies or zero-day attacks * How to build a more responsive and higher performance incident response team using network forensics techniques * How to leverage the information provided by network forensics tools that provide context to hard-to-solve problems * What to look for in network data captures, session analysis and session reconstruction Prerequisites: The participant should have an understanding of information security technology, concepts, terminology, policies, procedures and techniques.

The Microsoft Security Best Practices session will review Microsoft recommended best practices for securing Windows desktop and server environments. The goal of the session will be to arm attendees with the information and resources they need to secure Windows environments leveraging technologies that are already in place. Attendees from all agencies and skill levels will benefit from the review of best practices, review of latest guidance and no cost utilities, and security resources. Content not finalized.

The need to maintain effective cyber security programs has been established with high profile system compromises at government organizations like the Veterans Administration, Denver International Airport and several local institutions of higher learning. However, many controls fail to protect the most sensitive data due to a failure to conduct a comprehensive review of sensitive data flows and identification of the systems that collect, process, store or transfer that data. This session will provide an overview on how to organize an effective data governance program. The program will include the following critical program elements: 1. What sensitive data has to be protected and to what level of criticality? 2. Where is it collected, processed and stored? 3. What inherent risks are associated with this data? 4. What controls are justified to protect the data?

Numerous regulations such as SOX, BASEL II and PCI are beginning to top the agendas for IT Security professionals. Which regulations have the biggest impact? What are the penalties for noncompliance? This session will detail PCI as well as some other current regulations. The session will also discuss relevant IT best practices and technologies required to achieve compliance.