#StartwithSecurity. Welcome Todd Kossow Acting Regional Director, Midwest Region Federal Trade Commission.

Slides:



Advertisements
Similar presentations
Gramm-Leach-Bliley Act for Financial Aid Val Meyers Associate Director Michigan State University.
Advertisements

Smart Grid - Cyber Security Small Rural Electric George Gamble Black & Veatch
Security Controls – What Works
August 9, 2005 UCCSC IT Security at the University of California A New Initiative Jacqueline Craig. Director of Policy Information Resources and.
Cybersecurity Summit 2004 Andrea Norris Deputy Chief Information Officer/ Director of Division of Information Systems.
Controls for Information Security
Affiliated Information Security Collaborative An Affiliated Enterprise Approach to Information Security Deans and Vice Presidents Meeting April 17, 2014.
Data Protection in Higher Education: Recent Experiences in Privacy and Security Institute for Computer Law and Policy Cornell University June 29, 2005.
By: Dr. Mohammed Alojail College of Computer Sciences & Information Technology 1.
Franca R. Jones Senior Policy Analyst Chemical and Biological Countermeasures National Security and International Affairs Remarks for the Interagency Board.
Social Media Jeevan Kaur, Michael Mai, Jing Jiang.
Information Security Issues at Casinos and eGaming
How STERIS is using Cloud Technology to Protect Web Access Presented By: Ed Pollock, CISSP-ISSMP, CISM CISO STERIS Corporation “Enabling Business”
Credit unions use social media in a variety of ways, including marketing, providing incentives, facilitating applications for new accounts, inviting feedback.
Lecture 6: Cloud Computing By D. Najla Al-Nabhan 1.
Self-Assessment and Formulation of a National Cyber security/ciip Strategy: culture of security.
Managing the Privacy Function at a Large Company Kimberly S. Gray, Esq., CIPP Chief Privacy Officer Highmark Inc.
Establishing A Compliance Program: It Makes Sense
Welcome Frank H. Wu Chancellor and Dean, UC Hastings College of Law.
Risk Management & Legal Issues in Cloud Practice Christopher Dodorico Director, PricewaterhouseCoopers Wednesday, October 10, 2012.
Security Professional Services. Security Assessments Vulnerability Assessment IT Security Assessment Firewall Migration Custom Professional Security Services.
Purpose: These slides are for use with customers by the Microsoft Dynamics NAV sales force and partners. How to use: Add these slides to the core customer.
Chapter 6 of the Executive Guide manual Technology.
© 2014 PayPal Inc. All rights reserved. Confidential and proprietary. Leveraging Information to Detect and Prevent Insider Attacks Phoram Mehta Senior.
Sample Security Model. Security Model Secure: Identity management & Authentication Filtering and Stateful Inspection Encryption and VPN’s Monitor: Intrusion.
Data Security: Steps to Improved Information Security September 22, 2015 Presented by: Alex Henderson General Counsel and Chief Administrative Officer.
April 14, A Watershed Date in HIPAA Privacy Compliance: Where Should You Be in HIPAA Security Compliance and How to Get There… John Parmigiani National.
Managing Data Against Insider Threats Dr. John D. Johnson, CISSP.
2005 ANSI Annual Conference From A to Veeck: Standardization and the Law October 6, 2005 Washington, DC.
© Dr. John T. Whiting All Rights Reserved Slide 1 Achieving Compliance with GBLA & Other Laws and Regulations Impacting.
FleetBoston Financial HIPAA Privacy Compliance Agnes Bundy Scanlan Managing Director and Chief Privacy Officer FleetBoston Financial.
Office of Audit Services Risk Assessment California Public Employees’ Retirement System A.
Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.
Converting Policy to Reality Designing an IT Security Program for Your Campus 2 nd Annual Conference on Technology and Standards May 3, 2005 Jacqueline.
DATA IT Senate Data Governance Membership IT Senate Data Governance Committee Membership Annie Burgad, Senior Programmer, Central IT Julie Cannon, Director.
Agency Name Security Program FY 2009 John Q. Public Agency Director/CIO/ISO.
Federal Energy Regulatory Commission Role of Market Monitoring at the NYISO John P. Buechler VP – Market Structures FERC Open Session Washington, D.C.
Data Security & Privacy: Fundamental Risk Mitigation Tactics 360° of IT Compliance Anthony Perkins, Shareholder Business Law Practice Group Data Security.
Visibility. Intelligence. response Information Security: Risk Management or Business Enablement? Mike Childs Vice President Rook Security.
1 CREATING AND MANAGING CERT. 2 Internet Wonderful and Terrible “The wonderful thing about the Internet is that you’re connected to everyone else. The.
1 Crisis Management and Communication Dr. Joy Smith and Ms. Robin Denny.
Chapter 3 Pre-Incident Preparation Spring Incident Response & Computer Forensics.
Legal Jeopardy: Whose Risk Is It?. SPEAKERS Jason Straight Chief Privacy Officer and Senior Vice President Cyber Risk Solutions at UnitedLex Patrick Manzo.
Compliance, Defensibility & Usability of Information on a Global Stage Monday, October 19, :00 – 10:30 AM Global Legal Issues 1.
1 AFCOM Data Center World March 15, 2016 Moderator: Donna Jacobs, MBA Panel: Greg Hartley Bill Kiss Adam Ringle, MBA ITM 9.2 The New Security Challenge:
HOW TO AVOID COMMON DATA BREACH PITFALLS IAPP Privacy Academy 2014.
INFORMATION ASSURANCE POLICY. Information Assurance Information operations that protect and defend information and information systems by ensuring their.
CompTIA Security+ Certification Exam SY COMPTIA SECURITY+SY0-401 Q&A is a straight forward,efficient,and effective method of preparing for the new.
1© Copyright 2012 EMC Corporation. All rights reserved. Next Generation Authentication Bring Your Own security impact Tim Dumas – Technology Consultant.
EAST AFRICAN DATA HANDLERS DATA SECURITY/MOBILITY
Information Security Program
Data Minimization Framework
BUILDING A PRIVACY AND SECURITY PROGRAM FOR YOUR NON-PROFIT
Privacy and Security in the Employment Relationship
The Impact of Cloud Computing to Technology-Based Companies
Chapter 3: IRS and FTC Data Security Rules
BOMGAR REMOTE SUPPORT Karl Lankford
Information Security: Risk Management or Business Enablement?
General Counsel and Chief Privacy Officer
#IASACFO.
The State of Cybersecurity and
Cybersecurity Special Public Meeting/Commission Workshop for Natural Gas Utilities September 27, 2018.
Michael J. Bridwell John F. Kuckelman
2005 ANSI Annual Conference Standardization and the Law
Capitalize on Your Business’s Technology
CMGT/431 INFORMATION SYSTEMS SECURITY The Latest Version // uopcourse.com
CMGT 431 CMGT431 cmgt 431 cmgt431 Entire Course // uopstudy.com
Anatomy of a Common Cyber Attack
Protecting Knowledge Assets – Case & Method for New CISO Portfolio
Presentation transcript:

#StartwithSecurity

Welcome Todd Kossow Acting Regional Director, Midwest Region Federal Trade Commission

#StartwithSecurity Introductory Remarks James B. Speta Senior Associate Dean for Academic Affairs & International Initiatives Northwestern Pritzker School of Law

#StartwithSecurity Opening Remarks Maureen Ohlhausen Commissioner, Federal Trade Commission

#StartwithSecurity Panel 1 Building a Security Culture

#StartwithSecurity Featuring Aaron Bedra, Chief Security Officer, Eligible John Downey, Security Lead, Braintree Arlan McMillan, Chief Information Security Officer, United Airlines Marc Varner, Corporate Vice President & Global Chief Information Security Officer, McDonald’s Corp. Moderator: Cora Han, Division of Privacy & Identity Protection, FTC

#StartwithSecurity Building a Security Culture

#StartwithSecurity Building a Security Culture Security as Core Value  Founders, executives, and employees Building Security Expertise  It’s not “us” versus “them” Risk Assessments and Threat Modeling  Critical tools for establishing priorities Leveraging the Security Community  Don’t reinvent the wheel

#StartwithSecurity

Panel 2 Integrating Security into the Development Pipeline

#StartwithSecurity Featuring Michael Allen, Chief Information Security Officer, Morningstar Matt Konda, Founder & Chief Executive Officer, Jemurai; Chair, OWASP Global Board of Directors Alex Lock, Senior Software Engineer, Application Security, Groupon Lyle Sudin, Manager, Mandiant Consulting Services Moderator: Jim Trilling, Division of Privacy & Identity Protection, FTC

#StartwithSecurity Integrating Security into the Development Pipeline

#StartwithSecurity Integrating Security into the Development Pipeline Integrate security into development to achieve efficiencies and cost savings Employ different security-related tools in different phases of development Use tools you already use for other purposes Automate testing and feedback where possible Speak to developers in their language

#StartwithSecurity

Panel 3 Considering Security When Working with Third Parties

#StartwithSecurity Featuring Erin Jacobs, Founding Partner, Urbane Security Jeff Jarmoc, Lead Product Security Engineer, Salesforce Nathan Leong, Corporate Counsel, Microsoft Jon Oberheide, Co-Founder & Chief Technology Officer, Duo Security Moderator: Steve Wernikoff, Office of Technology Research & Investigation, & Midwest Region, FTC

#StartwithSecurity Considering Security When Working with Third Parties

#StartwithSecurity Considering Security When Working with Third Parties Conduct due diligence on security impact before selecting a 3 rd party service provider or vendor Companies cannot simply rely on a service provider to handle all of their security issues Formulate an authentication strategy that appropriately limits access to cloud services used by your company

#StartwithSecurity

Panel 4 Recognizing and Addressing Network Security Challenges

#StartwithSecurity Featuring Jibran Ilyas, Director, Incident Response, Stroz Friedberg Nick Percoco, Chief Information Security Officer, Uptake Sunil Sekhri, Director, Forensic Technology Solutions, PwC Moderator: Andrea Arias, Division of Privacy & Identity Protection, FTC

#StartwithSecurity Recognizing and Addressing Network Security Challenges

#StartwithSecurity Recognizing and Addressing Network Security Challenges Require secure passwords and authentication Secure remote access to your network Restrict access to sensitive data and limit administrative access Segment your network and monitor who’s trying to get in and out Put procedures in place to keep your security current and address vulnerabilities that may arise

#StartwithSecurity Closing Remarks

Subscribe to the FTC Business Blog business.ftc.gov/blog

#StartwithSecurity

Start with Security videos ftc.gov/videos

#StartwithSecurity Learn More Start with Security: A Guide for Business – ftc.gov/startwithsecurity ftc.gov/startwithsecurity Protecting Personal Information – personal-information-guide-business personal-information-guide-business Slides & Videos from Start with Security events – security-chicago security-chicago – ftc.gov/startwithsecurityseattle ftc.gov/startwithsecurityseattle – ftc.gov/startwithsecurityaustin ftc.gov/startwithsecurityaustin – san-francisco san-francisco

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.