3rd Annual MISA IT Security Conference - Schedule November 21-22, 2005 Delta Meadowvale Resort & Conference Centre Below is a partial list of speakers who are attending the conference. This list will be updated as our program is finalized. Peter Firstbrook, Research Analyst, Gartner Inc. "A Time of Reckoning for Information Security" New technologies, business plans and technical architectures create constant change for CIOs. How do new technologies and business processes disrupt existing security structures? How are information security solutions evolving? Which security technologies are ready for the plateau of productivity? Speaker Bio: As a Gartner research director Mr. Firstbrook is responsible for all topics related to endpoint including: Antivirus/spyware and antiSpam, personal firewalls, data encryption, Web gateways, wireless and mobile security and security policy.  He helps companies develop security best practices, select strategic technology vendors and negotiate.   Peter Hillier, IT Security Specialis, Electronic Warfare Associates - Canada "The Role of Ethics in IT Security" The presentation will concentrate on the issues we face, inappropriate use of resources, teaching ethical behaviour and our roles as system owners, parents and educators. Speaker Bio: Peter Hillier is an IT Security Specialist with Electronic Warfare Associates-Canada in Ottawa and is a CISSP. He is also the founding member and past president of HTCIA Ottawa..   Patrick Hoger, Director - Information Protection Centre, Province of Manitoba "Developing an effective Information Security Awareness Program" This presentation will focus on developing an effective information security awareness program. Topics will include developing the business case for an awareness program and selling it to management. The presentation will also focus on what materials work and what doesn't in developing an effective program. Speaker Bio: As Director of the Information Protection Centre for the Province of Manitoba, Patrick sets the direction for corporate security standards for information technology security. Manitoba’s IPC is considered to be a model for information protection for public sector organizations in Canada. Patrick is the past Chairman of the National CIO Subcommittee on Information Protection and a board member of the Information Protection Association of Manitoba (IPAM).   Al Langille , S/Sgt. NCO in Charge "Computer Forensics - Tools to Investigation" This session will discuss the role of computer forensic utilities used in the investigation of criminal offenses. These utilities are used by many companies, corporations, and consultants during internal investigation to retrieve essential information. Speaker Bio: S/Sgt. Langille has been conducting technology crime investigations for the past 8 years and heads up a 10 person unit responsible for the four Atlantic Provinces. He has recieved computer training from Saint Francis Xavier and Dalhousie University. In addition he has recieved extensive training from the Canadian Police College, FBI Academy and industry.   Peter Macaulay , Head, Corporate Security, Office of the Corporate Chief Information Officer, Ministry of Government Services, Ontario Government "The Ontario Government's Information & Information Technology Security Strategy " Review of the new 3 year strategy building on the success of the first three year strategy. Highlights include: Information Security and Privacy Classification - applying appropriate security based on sensitivity of information; forensics; intrusion monitoring and rapid response teams; contingency services in a resilient organization. Speaker Bio: Peter Macaulay is the Head of the Ontario government Corporate Security Branch with the mandate to establish Information Technology security Ontario government Corporate Security Branch with the mandate to establish Information Technology security policy, programs and procedures to protect the Ontario government's electronic environment. Prior to this, Peter was the Officer In Charge of the Technological Crime Branch with the RCMP.   Peter MacNeil, Manager, Network & Client Support, City of Hamilton "Vulnerability Management" A few topics of concern in managing vulnerabilities on a municipal network: 1. defense-in-depth, 2. security in a converged voice & data network, 3. patch & pray in a Windows environment, 4. low-tech, hidden vulnerabilities Speaker Bio: Peter MacNeil is a engineer with a background in industrial computer systems and many years implementing and supporting networks within the City of Hamilton.   Victor Ralevich , Professor and Program Coordinator, Sheridan Institute of Technology and Advanced Learning "Information Systems Security Education and Certification" An overview of IS security related education and certification options available in Ontario and, generally, North America. His emphasis is on a bachelor degree and masters degree programs with strong IS security content in their curriculum, and specialized certification preparation programs and courses. Speaker Bio: Dr.Victor Ralevich has more than ten years experience in IS security research, development and consulting. His primary interest is in applied cryptography, and PKI development and implementation. He is creator and program coordinator of the Bachelor degree program in Applied Information Sciences (Information Systems Security) at Sheridan Institute.   Dr. Srinivas Sampalli , Professor, Faculty of Computer Science, Dalhousie University "How Safe is your Wireless Network? - Current Challenges in Wireless Security" This presentation will focus on the risks and vulnerabilities that exist in wireless networks, with emphasis on 802.11 wireless LANs and broadband wireless. Lessons learned from past security protocols and shortcomings in emerging security standards will be discussed. Recommendations for best practice for security in wireless networks under various levels of security mechanisms will be examined. Speaker Bio: Dr. Srinivas ("Srini") Sampalli is Professor and 3M Teaching Fellow in the Faculty of Computer Science at Dalhousie University. He has been actively researching in security and quality of service in wireless and wireline networks. He is the principal investigator for the wireless security project sponsored by Industry Canada.   Dave Tyson , Senior Manager, IT & Physical Security, City of Vancouver Information Officer "Security Convergence" Security Convergence is the newest and hottest topic in the security arena, and within 5-10 years will likely become the standard for Corporate Security groups wishing to effectively manage enterprise wide IT & Physical security risks. Security Convergence can be defined as bringing together in a formal, collaborative and strategic manner, the cumulative security resources of an organization to deliver organizational benefits through enhanced risk mitigation, increased operational effectiveness and efficiency, and cost savings. This session will highlight the motivation, strategy and techniques by which, through working together, IT and Physical Security departments can greatly enhance risk mitigation for their enterprise. Hear from someone who has converged the security groups of a large Canadian City and understand what opportunities are available to save money, reduce risk, and increase security effectiveness. Attendees will hear real world solutions to utilize in their municipalities that can improve security effectiveness of security policy, investigations and forensics, constrained budgets, and more. Speaker Bio: Dave Tyson is the Senior Manager, IT & Physical Security for the City of Vancouver. He has been working in the IT and Physical Security Industry for 22 Years. His focus has been on security management & training, audits, risk analysis, security architectures and administration, business and management consulting. Mr. Tyson has Master’s Degree in Business Administration (MBA) specializing in Digital Technology Management, is a Certified Protection Professional (CPP) is Board Certified in Security Management, and is a Certified Information Systems Security Professional (CISSP). Andrew Tang, Constable - Frauds Bureau, Organized Crime Unit, Peel Regional Police "Identity Theft 101" The presentation will cover: 1. What is Identity Theft. 2. Methods of how ID is stolen 3. Preventative steps Speaker Bio: Constable Tang has been employed by Peel Police for the past 6 years; He has spent the last two years in the Fraud Bureau assigned to the organized crime unit.   John Weigelt , National Technology Officer, Microsoft Canada "Assuring trusted Municipal Service Delivery" Citizens may not realize that they rely upon an average of five municipal services daily until these services are unavailable. While some services provided by municipalites may be deemed convenient recent events have demonstrated that others are life critical John will discuss how municipalities can provide assured services and explore the key elements that support trusted service delivery. Speaker Bio: John Weigelt is the National Technology Officer for Microsoft Canada. In his role, John is the lead public advocate on all aspects of Microsoft Canada's technology strategy as it relatesto the development of national technology policy and the implementation and use of technology across the public and private sectors.   Rod Wallace , Director of Network Security, Nortel "Infastructure Convergence" Today’s critical infrastructure is based on a foundation of convergence – mobile users, mobile devices, wireless and wired communications. This session will look at the security implications that convergence has on the critical infrastructure, and what must be done to ensure security is a significant part of a converged critical infrastructure. Speaker Bio: Rod Wallace is a fourteen year veteran of Nortel’s networking business, providing solutions to Service Providers and Enterprises across all verticals. He has been responsible for defining corporate-wide strategies for, and ensuring adoption of, key end-to-end functional capabilities in ipv6, ip Quality of Service, voice quality and network reliability. Currently, as Director of Network Security within the Chief Technology Office, Rod is responsible for Nortel's corporate security strategy. His team includes operations for handling security advisories, vulnerability assessments, customer security services, and security standards development. Particularly involved in activities involving the critical infrastructure, Rod is a key contributor to the Network Security Telecommunications Advisory Council (NSTAC), the Cybersecurity Workgroup within the FCC’s National Reliability & Interoperability Council, and is a Board Member of the Internet Security Alliance.