.

RSI 2009

<<

don

User avatar

Administrator
Administrator

Posts: 4226

Joined: Sun Aug 28, 2005 10:47 pm

Location: Chicago

Post Wed May 13, 2009 2:31 pm

RSI 2009

RSI 2009
May 14, 2009
Centre Mont-Royal in Montréal


The Information Security Association of Greater Montreal (ASIMM), in partnership with the Information Systems Audit and Control Association (ISACA), is pleased to announce the third Rendez-vous de la Sécurité de l’information (RSI 2009). This annual seminar, which is devoted entirely to the field of security, will be held at the Centre Mont-Royal in Montréal on May 14. Building on the success of the previous years, the theme of the event remains “The faces of Security – Beyond Appearances”. The focus will be on three major areas: Governance, Best Practices and Technical Issues. Eighteen expert speakers, including keynote speakers Roger Sullivan, Chairman of the Liberty Alliance Coalition, and Graham Whitehead, a well-known speaker on the European scene, will address trends and major issues in the field of Information Security.

Two new topics are being added to this year’s program: “Governance Issues”, which will address some of the challenges facing our technology and our Information Security leaders; and “Technical Issues”, which should be of interest to operations personnel, technical specialists, and solution developers

In addition to the regular conference program, participants will also have access to the exhibitors’ hall, where they will be able to meet and interact with the main suppliers of technologies and services. They will also have an opportunity to interact with various experts through the Express Rendez-vous service. A special room will be provided for these exchanges, which will last 15 minutes each. The event will end with a cocktail reception.

To register, or to obtain additional information concerning RSI 2009, please visit the event website: www.colloque-rsi.com

We look forward to seeing you all at RSI 2009!

http://www.colloque-rsi.com/launch-rsi2009.html

Don
CISSP, MCSE, CSTA, Security+ SME
<<

CentVingt

Newbie
Newbie

Posts: 5

Joined: Thu Jun 26, 2008 2:29 pm

Post Fri May 15, 2009 10:27 am

RSI 2009 - my though

I must confess that this year RSI show was one of the greatest to date. I send my felicitations to the organization team that, once again, did a great job.

I just wanted to present my though about the presentations I was able to attend. Please note that most, if not all, presentation should be released on the Tube shortly.

There was two (2) keynotes that's worth mentioning, the first presented by Roger Sullivan from Oracle about the Liberty Alliance (http://www.projectliberty.org) , concern about developing standards for secure inter-systems identity transfer. SAML 2.0 should prove to be an important standard that will help allot reaching SSO through a multi-level identity assurance. Although the technical part of the problem space seems to be real strong, the issues concerning the adoption of "inter-business" SSO are now relayed in at the business process level. There's a long way to go before we start seeing business trusting authentication from other business, or even seeing eGov identity... But interesting stuff never the less.

The other keynote was from Graham Whitehead, a magnificent orator, preaching before an already sold audience about the issues of the modern information age. I did learn a lot from his oratory skills. An interesting question that he threw at this audience was: Do you know your information footprint? How much information about you, your family, your habits, and your jobs did you throw into the cloud?

I attended Harold Côté’s, from Loto-Québec, presentation on daily risks management. It was really valuable experience he shared with the attendees. Developing a risk management service is hard work. And even with the best method of assessing risks (MEHARI, OCTAVE) you have to build maturity and credibility by starting small. Start with incidents and change requests risks assessments and control information you release to avoid unnecessary challenges from, for example, project management and such. Your audience should want to challenge the content of the analysis, not the method. If you do not control the method they will jump to the opportunity to invalidate your reports.

I then attended, Alexandre Major’s, from the famed Ubisoft Montreal studio, presentation on “target production, without being the target”. I’m a long time fan of Ubisoft, even worked there for some time. It’s really interesting to see that they are still so different from the rest of the planet. Their challenges are so different from the banking, retails or pharmaceutical industries I worked for. There’s a couple quote I’ve noted in my book that’s worth mentioning… First, security must be part of the team. If no one’s there, they do not exist. If the security guy is in the field of view of a person, the later would be less likely to breach security rules :P I might have a scoop, Ubisoft is now looking for staffing their anti-piracy department in Montreal, and are looking for another security analyst to assist production operations.

There was a set of vendor presentation that I must say I skipped. Well, mostly because I did already saw most of them, but I wanted to take some time to check the kiosk and meet some of the new comers there. As usual the main value to go to those events is really about networking. Meet people and chat with old friends…

I attended then a session on industrial spying. The speaker, Michel Juneau-Katsuya (ex-director of SCRS – Canadian’s secret services – don’t laugh) did a nice job at telling us there was issues about corporate industrial and government economic espionage. I must say I was left on my appetite as no avenue of resolution or ways to get intel on the impact for my current industry was presented. Well, it’s not his fault our government doesn’t produce or release metrics on the impact of such events… Was still an overall interesting session.

I’m sure the other presentations was quite interesting, if some EH reader did attends those not mentioned here, please give me your though…

Farewell,
Marc-André Bélanger, CISSP, C|EH

Return to Calendar Of Events

Who is online

Users browsing this forum: No registered users and 1 guest

.
Powered by phpBB® Forum Software © phpBB Group.
Designed by ST Software