Speaking opportunities: Infosecurity Magazine virtual conference, June 2013
May 15, 2013 Leave a comment
I am looking for speakers for the following sessions, for Infosecurity Magazine’s upcoming virtual conference.
They are recorded remotely – the target audiences are indicated.
For speakers, we prefer CISOs, independent security practitioners or consultants, and analysts. as well as members of the security professional bodies.
Please email if you’re interested in taking part, with details of credentials, and which session is of interest.
Responsible Disclosure: When Does Your Organization Need to Admit it has a Problem?
UK, live, 18 6 13, 12noon
Currently, the UK has no legal requirement for the private sector to disclose data losses. And the proposed EU Data Protection Regulation, which is set to introduce breach disclosure, is unlikely to come into force before 2014.
But there is a practical, as well as a moral, case for disclosing data and breaches voluntarily.
This session will examine the case for voluntary disclosure, how to prepare for a possible breach notification law, and the best practices for handle disclosure if there is a breach.
Cyber-Espionage: An Information-Age Cold War
UK and US, pre-recorded on May 31, transmits on 18 and 19 June
For forty years, Western and Eastern Bloc intelligence agencies traded blows in the shadows, as the combination of nuclear and conventional forces held the Cold War back from turning hot.
Given the potentially enormous damage – to both sides — that could be wreaked by all-out cyber war, have we reached a similar balance in the information sphere?
This session will ask whether we have reached an uneasy balance reminiscent of the Mutually Assured Destruction of the 1960s, or whether the activities of cyber spies on all sides could spill over into open electronic, or even physical, warfare.
Vulnerabilities for Ransom: Should you Pay for this Information? The Ethical & Legal Considerations
Live, US, 19 06 13, 12noon Eastern
Should a responsible business ever pay off a hacker? And can a responsible security officer ever give in to electronic blackmail? And are bug bounty programmes an intelligent or risky/dangerous move by the companies offering them?
A growing number of businesses are finding that hackers and cybercriminals are turning to extortion, either infecting systems or locking up data, and asking for cash to put it right. Equally, bug bounty initiatives are being offered to those who successfully find holes in software and operating systems/
Is it possible to protect systems against such attacks, and if not, how should companies deal with the attackers? Is there ever a case for giving in to the demands and if so, what are the legal implications? This session sets out to find some of the answers.