The next meeting of the Irish Information Security Forum will be held on the 30th of September at 14:00 in Buswells Hotel on Molesworth St. Dublin 2. The topic for the meeting will be “An Overview of Data Loss Prevention”. This will then be followed by a case study of a real-life implementation of Data Loss Prevention technology.
- Leonard McCauliffe from Deloitte will give us an overview of Data Loss Prevention, setting the scene for DLP, and talk about development of DLP technology
- David Cahill from EBS will then give us his experience of a real-life implementation of DLP technology
It promises to be an interesting event and hopefully I will see some of you there.
The Irish Information Security Forum is holding its next meeting on November 12th in Buswells Hotel at 2pm. The meeting will include a presentation from Noel Comerford of the ESB on the area of “Information Security Metrics- What to Measure and How to Measure it.” This promises to be an interest session given that Information Security Metrics is an area hotly debated within the information security field as to what metrics are useful and provide feedback to better improve your overall security.
There will also be a session on specific security problems being faced by members will be discussed to enable others in the group to learn and improve their own information security posture.
Venue: The Morgan Hotel, Temple Bar.
Date & Time: Wednesday April 9th 2008 at 6.30pm
The next IISF meeting is scheduled for Wednesday April the 9th at 18:30. The topic for this event is “Preventing and Detecting Employees and Contractors from Stealing Corporate Data” and will be presented by Dr. Eric Cole from the SANS Institute.
The meeting is an open meeting and is open to new members, guests and interested parties. If you are interested in attending please register your interest by sending an email to Valerie.firstname.lastname@example.org.
The agenda is as follows;
- 6.30pm Tea/Coffee
- 7.00pm Welcome and introduction by IISF chairman Jim Smith
- 7.05pm Presentation by Dr. Eric Cole on Preventing and Detecting Employees and Contractors from Stealing Corporate Data
I hope to see you there.
Organisations tend to think that once they hire an employee or a contractor, that person is now part of a trusted group. Although an organisation might give an employee additional access that an ordinary person would not have, why should it trust that person? If competitors or similar entities want to cause damage to an organisation, steal critical secrets, or put the organisation out of business, they just have to find a job opportunity, prep someone to ‘ace’ the interview, and have that person get hired. Depending on your adversary’s objectives and patience, you may never know you’ve been compromised until it is too late.
So how do we detect that an organisations ‘trusted’ personnel are not acting in the best interests of the organisation? – Dr. Eric Cole outlines the various mechanisms that are available to an organisation to prevent and detect such ‘insider’ incidents.
ABOUT THE SPEAKER
Dr. Eric Cole is currently chief scientist for Lockheed Martin Information Technology (LMIT), specializing in advanced technology research. Eric is a highly sought-after network security consultant and speaker. Eric has consulted for international banks and Fortune 500 companies. He also has advised Venture Capitalist Firms on what start-ups should be funded. He has in-depth knowledge of network security and has come up with creative ways to secure his clients’ assets. He is the author of several books, including Hackers Beware: Defending Your Network from the Wiley Hacker, Hiding in Plain Sight, and the Network Security Bible. Eric holds several patents and has written numerous magazine and journal articles. Eric worked for the CIA for more than seven years and has created several successful network security practices. Eric is an invited keynote speaker at government and international conferences and has appeared in interviews on CBS News, “60 Minutes,” and CNN. Dr. Cole’s most recent book Insider Threat reminds us that insiders – trusted employees and contractors – can do more damage more quickly to an organization than any outside hacker.