THEME: Security Vital Signs

Pulse, blood pressure, and temperature: These are the critical factors for measuring human health; not something arbitrary like hair growth. Yet in the realm of information security, enterprises are often measuring the wrong things—not the appropriate enterprise “security vital signs”—or they aren’t measuring anything at all. This has to change.

In addition, the vitality of a patient is driven by healthful practices. The same is true for IT. Not only must we define and assess proper metrics, we have to apply right protection in the first place. The correct balance of vitamins and minerals includes doses of data security, endpoint protection, good decisions about perimeters, and controls that encompass the increasingly global organization. Only this broad view of the patient—and the security program—will bring vitality to information protection.

Attendees will learn:

• Managing with meaningful security metrics
• Healthful controls for the expanding global enterprise
• Realistic automation around governance, risk-management, and compliance
• How to balance competing data protection mechanisms
• The role of the (de)volving security perimeter

TOPICS:

Super-Crunching Your Way through Security Metrics
To manage, we must measure. And information protection is no exception. But what are the correct security metrics for the enterprise? These sessions will help codify how and when to address security metrics in your environment.
Topic Details

Realistic Governance, Risk, and Compliance Management in the Enterprise
Governance, Risk, and Compliance management (GRC) is a broad, ill-defined term and drives a large amount of market messaging. These sessions will bring clarity to the processes of GRC, how to reflect business value, and where automation makes sense.
Topic Details

Going Global: Controlling the Extended Organization
The vital organization is increasingly spread across the globe, either directly, or via outsourcing/off-shoring. And both healthful controls and security vital signs must respond to that reality. These sessions address controlling the extended enterprise, through technology and process.
Topic Details

Data Security: More than the Reach of the Breach
Preventing data leakage and avoiding information breaches are important concerns. But data security must also involve e-discovery, information availability, and appropriate management of encryption to ensure the vitality of a secure enterprise.
Topic Details

Conducting Secure Business over Open Networks
Enterprise customers are struggling to make sense of industry hype promoting “self-defending” networks and myriad network access control (NAC) products. Burton Group believes attempts to lock down networks will fail and that an overlay architecture approach is the solution to conducting secure business over untrusted networks.
Topic Details

Featured Speakers

Rogue Securities Trader Nick Leeson

Rogue securities trader Nick Leeson will be presenting the limitations of governance, risk and compliance (GRC) with enterprise IT organizations. Leeson will draw from his role in bringing down the Barings Bank in 1995 to demonstrate the inadequacies of GRC regulations.

TOP