Consumer Information Security Workshop
May 20 - 21, 2002
WORKSHOP SCHEDULE
SESSION 1
Monday, May 20, 2002
Moderator: Mark Eichorn8:30 a.m.
Doors open: Federal Trade Commission, Room 4329:00 a.m.
Announcements
Welcoming Remarks: Chairman Timothy J. Muris9:15 a.m.
Keynote
Richard Clarke, Special Advisor to the President for CybersecurityWhy is consumer information security important?
9:45 a.m. (this session will include a 15 minute break)
Panel I: The Current State of Consumer Information SecurityWhat are the risks? How are they changing, e.g., how do the increasing popularity of broadband and the availability of scripts change the threat level? What are the harms to consumers? What data is available regarding these risks?
- Lawrence Dietz, Director of Market Intelligence Communications, Symantec Corp.
- Mary J. Culnan, PhD, Slade Professor of Management and Information Technology, Bentley College
- Jeff Fox, Senior Projects Editor, Consumer Reports
- Bruce Heiman, Executive Director, Americans for Computer Privacy
- Rob Leathern, Analyst, Jupiter Media Metrix
- Rich Pethia, Director, CERT Centers
Moderator: Laura Berger11:45 a.m.
Lunch1:00 p.m.
Panel II: What steps can consumers take now to secure their information? What are businesses doing to educate consumers about these steps?What can consumers do to secure their information systems? What resources are available to consumers? What can businesses do to increase security awareness and educate consumers?
- Tatiana Gau, Senior Vice President, Integrity Assurance, America Online Inc.
- Stephen C. Jordan, Vice President and Executive Director, Center for Corporate Citizenship, U.S. Chamber of Commerce
- Shannon Kellogg, Vice President, Information Security Program, Information Technology Association of America
- Chengi Jimmy Kuo, Network Associates Inc.
- Bernhard Meister, Systems Architect, Security Architecture, Development and Implementation, Verizon Communications
Moderator: Laura Berger1:45 p.m.
Panel III: What existing business models help consumers maintain security?What business models reduce or eliminate security concerns, or make it easier for consumers to safeguard their own security?
- Scott Charney, Chief Security Officer, Microsoft Corp.
- Simson Garfinkel, Chief Technology Officer, Sandstorm Enterprises; President, Vineyard.NET, Inc.; Author, Web Security, Privacy, and Commerce
- Austin Hill, Co-Founder and Chief Strategy Officer, Zero-Knowledge Systems
- Stephen Cobb, Senior Vice President, Research & Education, ePrivacy Group
- James C. Plummer, Jr., Coordinator, National Consumer Coalition Privacy Group, Consumer Alert
2:45 p.m. Break
3:00 p.m.
Panel IV: What steps can businesses that maintain consumer information take to improve their own security?What security challenges do businesses face in protecting stored information? Do they manage their own security or contract out? How do they protect consumer information while allowing access to that information as needed? Where do they go for resources on security issues? How do they deal with security issues on a daily basis?
Moderator: Dr. Alicia Clay, Program Manager, Information Security, Computer Security Division, NIST
- Martin E. Abrams, Center for Information Policy Leadership, Hunton & Williams
- Lynn Goodendorf, Six Continents Hotels
- Franklin S. Reeder, Center for Internet Security
- Vince Sollitto, Vice President, External Affairs & Corporate Communications, PayPal Inc.
- Vic Winkler, Sun Microsystems Inc.
- Marc Zwillinger, Kirkland and Ellis
5:00 p.m.
Closing Remarks: J. Howard Beales, III, Director, Bureau of Consumer Protection
SESSION 2
Tuesday, May 21, 2002
Moderator: Maureen Cooney, Legal Advisor for International Consumer Protection9:00 a.m.
Panel V: The OECD Security ReviewWhat is the OECD security review? What is the end product of the process? What impact will the revised OECD guidelines have in changing the ways that businesses, government, and individuals think about their roles in enhancing information systems and network security?
- Joe Alhadeff, Chief Privacy Officer; Vice President, Global Public Policy, Oracle Corp.
- Sarah Andrews, Research Director, Electronic Privacy Information Center
- Orson Swindle, Commissioner, Federal Trade Commission
Panel VI: Emerging Standards for Business Security
Moderator: Ellen FinnWhat impact might standards have in changing consumer security? What types of initiatives might drive the adoption of security standards?
- Kimberly Kiefer, ABA Committee on Information Security
- Peggy Lipps, Senior Director, Security and Risk Assessment, Banking Industry Technology Secretariat (BITS)
- Mark MacCarthy, Senior Vice President, Public Policy, VISA U.S.A.
- Dr. Larry Ponemon, Chief Executive Officer, Privacy Council
- Fran Meier, Executive Director, TrustE
Moderator: Mark Eichorn11:15 a.m.
Break11:30 a.m.
Panel VII: Alternative ApproachesWhat new approaches might change the ways that consumer security is currently managed?
- Paul Collier, Executive Director, Biometrics Foundation
- Jeff Fox, Senior Projects Editor, Consumer Reports
- Peter Harter, Senior Vice President, Business Development and Public Policy, Securify, Inc.
- Scott Hatfield, Sr., Vice President and Chief Information Officer, Cox Communications, Inc.
- Alan Paller, Director of Research, The SANS Institute
- Rich Pethia, Director, CERT Centers; Internet Security Alliance
- Richard Smith, Internet Security Consultant
1:00 p.m.
Closing Remarks
Commissioner Orson Swindle