5th annual oklahoma cyber security seminar · security audits, seminar center room a girard...
TRANSCRIPT
5th Annual Oklahoma Cyber Security Seminar
Page 1 of 10NOVEMBER 30 - DECEMBER 1, 2009
Seminar-at-a-Glance
DAY ONE: November 30 - Monday 07:30 a.m. – 08:00 a.m. Registration, Check-In, and Networking
08:00 a.m. – 08:30 a.m. Opening Remarks and Introductions, Seminar Center Rooms A-B-C-D-E KenOntko,InformationSecurityOfficer,OfficeofStateFinance JoeFleckinger,DeputyDirector,InformationServicesDivision, OfficeofStateFinance SherylHale,OklahomaDepartmentofCareerandTechnology Education,OklahomaCyberSecurityEducationConsortium 08:30 a.m. - 09:00 a.m. Briefing: Executive Order 2009-11—Continuity of Government, Seminar Center Rooms A-B-C-D-E KerryPettingill,Director,OklahomaOfficeofHomelandSecurity
09:00 a.m. – 09:15 a.m. Break
09:15 a.m. – 10:15 a.m. Keynote: Cybercrime Update, Seminar Center Rooms A-B-C-D-E MattHarper,SpecialAgent,FederalBureauofInvestigation • Member,CyberSquad • Founder,OklahomaInfraGardChapter • Bachelor’sandMaster’sdegrees,UniversityofMissouri • CISSP • GSEC,GCIH,GCFA,GCIAcertifications,SANS
10:15 a.m. – 10:30 a.m. Break
Moore Norman Technology CenterSouth Penn Campus13301 South Pennsylvania AvenueOklahoma City, OK 73170
NOVEMBER 30 - DECEMBER 1, 2009
10:30 a.m. –12:30 p.m. Exercise Track: Security Incident Management, Seminar Center Room C PaulHauck,OfficeofStateFinance • Oklahoma’sIncidentResponsePhases • Oklahoma’sIncidentManagementProcess • IncidentResponseTeams • ComponentsofIncidentResponse • NationalCyberIncidentResponsePlan(NCIRP)
Management Track 1: Security Administration, Seminar Center Room A AlHeitkamper,OklahomaCityCommunityCollege • WhataSecurityProgramIs • WhyaSecurityProgramIsNeeded •WhataSecurityProgramNeedstoEnsureCompliance
Management Track 2: Security Audits, Seminar Center Room B GirardJergensen,OfficeoftheOklahomaStateAuditorandInspector • InformationSecurity • KeyStandardsandBestPractices • EvaluatingSecurityUsingStandards • Logs,DarnLogs,andStatistics • CaseStudy
Management Track 3: Security Risk Management, Seminar Center Room D DavidCrandell,OklahomaStateUniversityInstituteofTechnology • WhatIsRiskManagement? •WhatIsaRiskAssessment? •WhyIsItImportant? • HowIsItDone?
Management Track 4: Security Training Programs, Seminar Center Room E CharlesKnight,OklahomaEthicsCommission • WhatIsComputerSecurityTraining? • TrainingPackagesAvailabletoUs • OtherResourcesAvailabletoYou • ImplementingYourTrainingProgram
NOVEMBER 30 - DECEMBER 1, 2009
12:30 p.m. – 01:50 p.m. Box Lunch—Panel Discussion: Risk Assessments, Seminar Center Rooms A-B-C-D-E CoalfireSystems,Inc.,Louisville,Colorado TrueDigital,TulsaOklahoma 01:50 p.m. – 02:00 p.m. Break 02:00 p.m. – 04:00 p.m. Exercise Track: Encryption and Data Protection, Seminar Center Room C SunitaRajanala,OklahomaStateUniversityInstituteofTechnology RandyRitchey,OklahomaStateUniversityInstituteofTechnology • UnderstandingEncryption(Algorithms,Keys,andTechniques) • UsingEncryptiontoProtectInformation • AvailableFormsofEncryption(Commercial,OpenSourceand Built-In) • VirtualPrivateNetworks(VPNs)andSecureSocketLayer(SSL) • DataSanitizationandDestruction
Management Track 1: Security Audits, Seminar Center Room A GirardJergensen,OfficeoftheOklahomaStateAuditorand Inspector • InformationSecurity • KeyStandardsandBestPractices • EvaluatingSecurityUsingStandards • Logs,DarnLogs,andStatistics • CaseStudy
Management Track 2: Security Risk Management, Seminar Center Room B DavidCrandell,OklahomaStateUniversityInstituteofTechnology • WhatIsRiskManagement? •WhatIsaRiskAssessment? •WhyIsItImportant? • HowIsItDone?
NOVEMBER 30 - DECEMBER 1, 2009
Management Track 3: Security Training Programs, Seminar Center Room D CharlesKnight,OklahomaEthicsCommission • WhatIsComputerSecurityTraining? • TrainingPackagesAvailabletoUs • OtherResourcesAvailabletoYou • ImplementingYourTrainingProgram
Management Track 4: Security Administration, Seminar Center Room E AlHeitkamper,OklahomaCityCommunityCollege • WhataSecurityProgramIs • WhyaSecurityProgramIsNeeded •WhataSecurityProgramNeedstoEnsureCompliance
DAY TWO: December 1 - Tuesday
07:30 a.m. – 08:00 a.m. Registration, Check-In, and Networking
08:00 a.m. – 08:30 a.m. Opening Remarks and Introductions, Seminar Center Rooms A-B-C-D-E KenOntko,InformationSecurityOfficer,OfficeofStateFinance JoeFleckinger,DeputyDirector,InformationServicesDivision, OfficeofStateFinance 08:30 a.m. - 09:00 a.m. Briefing: House Bill 1170—Information Services Act, Seminar Center Rooms A-B-C-D-E JoeFleckinger,DeputyDirector,InformationServicesDivision, OfficeofStateFinance
09:00 a.m. – 09:15 a.m. Break
NOVEMBER 30 - DECEMBER 1, 2009
NOVEMBER 30 - DECEMBER 1, 2009
09:15 a.m. – 10:15 a.m. Keynote: Cryptography and Electronic Analysis, Seminar Center Rooms A-B-C-D-E JasonJarnigan,SupervisorySpecialAgent,FederalBureauof Investigation,UnitChief
10:15 a.m. – 10:30 a.m. Break
10:30 a.m. –12:30 p.m. Exercise Track: Tabletop Exercise (TTX): Bad News, Seminar Center Room C PaulHauck,OfficeofStateFinance • TTXsareacomponentoftheU.S.DepartmentofHomeland Security(DHS)HomelandSecurityExerciseandEvaluation Program(HSEEP). • Thegoalistopresentawell-organized,building-blockapproach fortraining. • Exerciseparticipantswillworktogetherasateam,identifyingand respondingtohypotheticalcybersecurityincidents. • Emphasiswillbeplacedonbuildingconceptualandfunctional knowledgeofOklahomacyberincidentmanagementprocedures.
Management Track 1: Security Risk Management, Seminar Center Room A DavidCrandell,OklahomaStateUniversityInstituteofTechnology • WhatIsRiskManagement? •WhatIsaRiskAssessment? •WhyIsItImportant? • HowIsItDone?
Management Track 2: Security Training Programs, Seminar Center Room B CharlesKnight,OklahomaEthicsCommission • WhatIsComputerSecurityTraining? • TrainingPackagesAvailabletoUs • OtherResourcesAvailabletoYou • ImplementingYourTrainingProgram
NOVEMBER 30 - DECEMBER 1, 2009
Management Track 3: Security Administration, Seminar Center Room D AlHeitkamper,OklahomaCityCommunityCollege • WhataSecurityProgramIs • WhyaSecurityProgramIsNeeded •WhataSecurityProgramNeedstoEnsureCompliance
Management Track 4: Security Audits, Seminar Center Room E GirardJergensen,OfficeoftheOklahomaStateAuditorandInspector • InformationSecurity • KeyStandardsandBestPractices • EvaluatingSecurityUsingStandards • Logs,DarnLogs,andStatistics • CaseStudy
12:30 p.m. – 01:50 p.m. Box Lunch—Panel Discussion: Whole Disk Encryption, Seminar Center Rooms A-B-C-D-E McAfee Symantec WinMagic
01:50 p.m. – 02:00 p.m. Break 02:00 p.m. – 04:00 p.m. Exercise Track: Hands-On Exercise: Bad News, Seminar Center Room C RobertHamilton,OklahomaDepartmentofCareerandTechnology Education,OklahomaCyberSecurityEducationConsortium • Thisexerciseconcludesandbuildsuponthediscussion-based TTXinasimulatedlabenvironment. • Participantswillworktogetherinpairs,initiatingandrespondingto simulatedcyberattacks. • InsightsintoOklahoma’sincidentmonitoringcapabilitieswillbe providedusingaQRadardemonstration. • Participantswillcompleteashortsurveytoassesstheirunder- standingofOklahoma’sincidentmanagementproceduresanda DHSParticipantFeedbackFormtoproviderecommendations andcorrectiveactionsfortheirrespectivestateentitieswith respecttoOklahoma’sincidentmanagementprocedures.
NOVEMBER 30 - DECEMBER 1, 2009
Management Track 1: Security Training Programs, Seminar Center Room A CharlesKnight,OklahomaEthicsCommission • WhatIsComputerSecurityTraining? • TrainingPackagesAvailabletoUs • OtherResourcesAvailabletoYou • ImplementingYourTrainingProgram
Management Track 2: Security Administration, Seminar Center Room B AlHeitkamper,OklahomaCityCommunityCollege • WhataSecurityProgramIs • WhyaSecurityProgramIsNeeded •WhataSecurityProgramNeedstoEnsureCompliance Management Track 3: Security Audits, Seminar Center Room D GirardJergensen,OfficeoftheOklahomaStateAuditorandInspector • InformationSecurity • KeyStandardsandBestPractices • EvaluatingSecurityUsingStandards • Logs,DarnLogs,andStatistics • CaseStudy
Management Track 4: Security Risk Management, Seminar Center Room E DavidCrandell,OklahomaStateUniversityInstituteofTechnology • WhatIsRiskManagement? •WhatIsaRiskAssessment? •WhyIsItImportant? • HowIsItDone?
04:00 p.m. – 04:30 p.m. Exercise Track: Hot Wash, Seminar Center Room C • Theexerciseteamwillmeettodiscusstheexerciseresultsand developpreliminaryassessmentstosupportthependingDHS HSEEPAfterActionReportandImprovementPlanMatrix (AAR/IP).
NOVEMBER 30 - DECEMBER 1, 2009
Notes