Track Descriptions

Application Security
Application Security focuses on topics related to the secure design, development, implementation and operation of packaged and custom-developed applications. Given the increasing use of applications outside the enterprise via the web and cloud computing infrastructures, this track will cover current threats and preventive measures. This track also includes sessions on the management of application security programs, the economics of application security, and case studies of application program implementations. Related sessions include applied cryptography.

Association Special Topics - NEW for 2012!
Navigate the association landscape and learn about opportunities in training, best practices, credentialing, special programs and career development from leaders in the field.

Cloud Security
Cloud Security includes security architecture in the cloud, cloud security governance, issues involved in migrating to the cloud, cloud security risks, vendor Service Level Agreements (SLAs), cloud security related case studies and related topics. This track also includes sessions on the security aspects of virtualization such as deployment models, VM integrity, virtualization security architecture, and other related topics.

Cryptography
Cryptography is ever-changing and this academically focused and refereed track for mathematicians and computer scientists offers presentations of the very latest papers about the science of cryptography.

Data Security
Data Security covers strategies, practices, and technologies to classify, track, and protect sensitive data. Sessions include developments in Data Leakage Prevention (DLP), database security, data classification, new threats to sensitive data, and managing data strategically across the enterprise, with partners, with outsourcers and with users.

Governance, Risk & Compliance
This track includes talks on enterprise risk management, compliance and governance. It covers the creation and implementation of risk management frameworks and includes sessions on how to better quantify and manage risk. You will also find compliance-related sessions on standards such as PCI, Sarbanes Oxley, HIPAA, GLBA and others. Sessions on governance cover how to effectively communicate and enforce policies and standards in the enterprise.

Hackers & Threats
Hackers and Threats sessions are technically advanced and include discussions about threats, social engineering (spam, phishing, pharming, etc.) and vulnerabilities and/or exploits that are in the wild. These two tracks also cover security research that is pushing the boundaries of IT Security. You will find sessions on the underground economy, new classes of vulnerabilities, exploitation techniques, reverse engineering and how to combat these problems.

Hot Topics
Hot Topics sessions cover late breaking news, events, and/or revelations just prior to the Conference to ensure that information presented is as current as possible.

Industry Experts
Listen to leading information security professionals talk about today's most pressing matters.

Law
Security and the battle for justice go hand-in-hand. Topics in Law range from unintended consequences due to legislation and legal rulings, to liability from negligence claims by private litigants.

Mobile Security - NEW
This track tackles the security of mobile devices in the enterprise. Sessions focus on managing employee-owned devices, smartphone/tablet security, and mobile security policies. In this track you'll find information on, mobile malware, handling eDiscovery on employee-owned devices, mobile application threats, managing consumerization, and emerging threats to mobile devices and mobile workers.

Policy & Government
Cyber security has become a major national and economic security issue. Governments around the globe are developing and implementing strategies, policies, mandates and risk management processes that affect security professionals in both the public and private sectors.  Topics in this track will include legislation, military and law enforcement initiatives and coordination, APTs, active defense, critical infrastructure protection and the role of government, cloud security, and government procurement issues.

Professional Development
Professional Development covers individuals’ technical and business/management training and career development, as well as staff and personnel management.  This track is scheduled for Monday afternoon.

Security Trends - NEW for 2012!
Security Trends covers emerging technology/business trends and market maneuvers, with strong emphasis on new developments and how the business environment will be impacted. This track will be of special interest to senior business and information security executives as well as tech industry executives responsible for strategic planning. Sessions include non-implementation issues about the security industry, such as strategic trends, financing (e.g., VC investment in security start-ups) and broad service offerings such as auditing and systems integration. This track also contains forward-looking sessions that help organizations prepare for coming changes in the IT security ecosystem.

Sponsor Case Studies
Learn innovative best practices from case studies based on successful strategies, delivered and discussed by leading edge companies.

Strategy & Architecture
Strategy and Architecture covers the policy, planning, and emerging areas of enterprise security architecture and strategy. This track includes advanced sessions on the current trends in identity and access management. Topics covered are AAA, security policies, privacy, security awareness, security assessment, social networking risks, forensics and insider threat management.

Technology Infrastructure
Technology Infrastructure covers network and endpoint security, IDS/IPS and physical security. You can consider this track as focusing on the core elements of security architecture. Many sessions in this track are highly technical and dive deep into a particular area. These sessions will cover the latest trends and experiences in building systems that are resilient to attack.