Black Hat //Webcast 23
Expanding Compliance into Critical Infrastructure
// James Arlen, Mike Dahn
This month’s Black Hat webcast is Thursday, September 23 at 1300 PST/16:00 EST and will discuss the topic of expanding compliance into critical areas of infrastructure. For this webcast two security researchers will discuss the pros and cons of what seems to be the steady move of compliance into the SCADA world. The presentation will consist of a lively debate between the two experts followed by a Q&A discussion with the webcast audience.
James Arlen, CISA, is Principal at Push The Stack Consulting providing security consulting services to the utility and financial verticals. He has been involved with implementing a practical level of information security in Fortune 500, TSE 100, and major public-sector corporations for more than 15 years. James is also a contributing analyst with Securosis and has a recurring column on Liquidmatrix Security Digest. Best described as: "Infosec geek, hacker, social activist, author, speaker, and parent." His areas of interest include organizational change, social engineering, blinky lights and shiny things.
Michael Dahn is a globally recognised information security professional and PCI expert. Dahn has performed hundreds of PCI security assessments for merchants, service providers, acquirers, and payment application vendors. He works with Visa and MasterCard on the continued development of the PCI DSS and PA-DSS standards. He has trained all PCI qualified security assessors (QSA) globally. In addition to performing the first PABP assessment, he also delivers training on PCI DSS to merchants, acquirers, and payment application vendors globally. Prior to this work, he led the internal roll-out of the Discover Information Security Compliance (DISC) programme for Discover Network.
A.N. Ananth, co-founder and CEO Prism Microsystems, was one of the original architects of the EventTracker product offering, Prism’s enterprise log management solution. With an extensive background in product development and operations for telecom network management, he has consulted for many companies on their compliance strategy, audit policy and automated reporting processes. He is a leading expert in IT compliance with over 20 years experience in IT-control and operations and speaks frequently on these topics. He was involved in product development for various companies including Ciena, Westinghouse Wireless and Equatorial Communications. He holds a MSEE from the University of Texas and remains active in strategic product direction at Prism.
We would like to thank this month’s webcast sponsor Prism Microsystems for their continued support. Prism Microsystems delivers business critical solutions that transform high-volume cryptic log data into actionable, prioritized intelligence that will fundamentally change your perception of the utility, value and organizational potential inherent in log files. Prism’s leading solutions offer Security Information and Event Management (SIEM), real-time Log Management, and powerful Change and Configuration Management to optimize IT operations, detect and deter costly security breaches, and comply with multiple regulatory mandates. Visit: www.prismmicrosys.com for more information.