HTCIA Silicon Valley / ASIS Training Expo
HTCIA Silicon Valley Chapter is proud to announce that we will be joining ASIS for a combined training and exhibition day on May 21st, 2014 at the South San Francisco Convention Center.
This is an all day training. Registration starts @715 am and classes continue until 5 pm.
This year, we are once again partnering up with ASIS; the last time we did so was in 2008 which was a highly successful event so we are excited to be teaming up once again. They are a tremendous help to us in creating an exciting and informative curriculum for those attending classes.
Additionally, we are reaching out to other organizations that are Investigations related or have members who have security functions including IAHSS, SFSDA, IFMA, ACFE and BOMA.
The Annual Seminar and Exhibits is a long time tradition of the Silicon Valley Chapter and we are striving to make this year’s event one of the best ever. However, it can only be as good as the support that you are willing to give it. So, please set aside some time on the 21st to stop in and visit with the Exhibitors who are giving up both time and money for an opportunity to share their products and services with you.
Current Investigations classes include: Bitcoin Investigations, Social Media investigations, IP Theft by Social Engineering, Recent High Profile Security Breach Analysis, Investigations in China, Secure ID, Credit Card security and 12 more classes.
Learn something new, support your local chapter and earn some certification credits.
Registration is being done through Eventbrite: Visa, MC, Discover and Amex accepted.
Security Technology Revolution – Are we there yet?
This panel session will offer the attendee an opportunity to hear from both end-users and technologist how the assimilation of PACS and video technologies into the mainstream consumer markets will impact our current standard models. The emergence of these technologies has been somewhat slow by some measures, we will discuss if this will remain the case. We will gain insight and present information during this discussion that will indicate if we are on the verge of a revolution that will impact radically how we utilize and deploy these into our ever expanding multistakeholder governance models. The push to utilize phones tablets and other devices to provide additional functionality into a more standardized common infrastructure is increasing every day. Balancing the risks and benefits, as well as providing guidance for strategies to better adopt and apply these technologies will be our challenge. We will ask our panelist to provide their experience and opinions on how this revolution may impact, organizational structures, traditional service providers, VAR relationships and cost structures. This discussion will benefit anyone who’s professional responsibilities or interests are in planning for the future.
Is your EOC/SOC program ready for the Future- Exploring the technologies and programs should you be investing in?
The SOC/UOC operation has the potential to act as real-time monitoring site that providesfeedback and data for multiple systems and networks. We now have the ability to monitorfor proactive situational intervention for multiple stakeholders, across multiple geos. Most companies and organizations have inherited “Limited” functionality within their security operations that routinely perform basic alarm monitoring and security dispatching services. In order for these operations to realise their full potential they will need to have all the tools and foundational program elements in place. Overall strategic planning policies and procedures in place to properly manage and respond to various situations and conditions, proper metrics and training to measure overall performance. The SOC/UOC has the potential to be the focal point for troubleshooting, software distribution and updating, Access Control Systems and Video Management Systems, performance monitoring, and coordination with the various major corporate entities worldwide. It is fast becoming a hub for a more unified and enhanced security, safety, communications, compliance,
business continuity, disaster recovery, and facility information management platform. The ability to enhance security operations is obvious, however, we will also explore prospects for business intelligence and facility enablement tactics that will yield tangible opportunities for your organization to financially justify the investment in enhancing or expanding these programs.
Breaking Physical Access: Fertile Ground for Exploitation
This session will help attendees understand how physical access environments are being used by hackers to execute their goals of stealing information, assets and intellectual property from targeted organizations. Hackers are generally thought to only target IT systems, but the reality, is that they conform to no rules or conventional thought – only to accomplish their mission and not get caught in the process. Unfortunately, physical access has been focused on preventing people from causing safety issues or accessing certain areas, but not built around people that fit the hacker profile. The result is that most physical access environments are not prepared to effectively address the increased targeting of organizations while most are vulnerable and go undetected. The impact is that physical access is a weak link in the overall organizational chain, from this perspective. This session will go through the threat ecosystem of hacker supply and demand economics, methods that are used for hacking into physical access, what is accomplished in the process and ultimately how to assess and remediate your organization from these approaches.
A Day at the Breach: The Credit Card Fraud Ecosystem
We keep hearing about it in the news, breach after breach. While the outcome is generally understood, the method and measures for remediation is confusing to many. This presentation will provide insight into the type of attacks that are used to exploit credit card fraud, why they are done, by who, and the dark side of the black market economy that fuels this activity. During the presentation, technology will be explained that both on the credit card and systems side, to understand how attacks are not only executed but leveraged for personal gain afterward. The United States has become a haven for credit card hackers due to its legacy infrastructure in combination with borderless black market economy and other counties becoming harder to attack. Also learn what other counties are doing to discourage fraud and when the United States might catch up.
Espionage and Spying; What you don’t know – you don’t know, and can hurt you.
Is someone spying on your organization? Unfortunately, bugging and surveillance is more common and easier than ever. Offices or places of business are often targeted and bugged to steal valuable information or trade secrets. This session will go over in detail the various vulnerabilities that exist and can be detected through Technical Surveillance Countermeasures (TSCM). This session will take you through the process of conducting visual, electronic, and physical investigations of company systems that may be monitored and affected by technical surveillance measures.
To keep pace with the different forms of spying, this session will go through some high level risk and detection techniques such as:
1. Vulnerability audits
2. TSCM surveys
3. Eavesdropping detection
4. SCIF Inspections
5. Bug sweeps
6. Wiretap detection
7. In Place Monitoring (IPM)
8. TSCM sweeps
Digital Brand Security – Protecting your assets from the evolving landscape
A sprint through the evolution of cybercrime focusing on increasing threats to brand owners such as DDoS, malware, email fraud, mobile commerce theft, domain hijacking and social engineering. Join Jonathan Elkin of CSC for a little education, role playing, recommended best practices and a chance to network with your peers.
Additional scheduled courses Include: Chinese Politics and Investigations, Social Engineering: Circumventing Security Measures to steal your IP, Establishing Trust in a Digital World, Bitcoin: Why it Matters and How to Investigate It, Protecting Digital Assets from Attack, The Intersection of Digital and Physical Investigations