Which Peer-2-Peer Session at RSAC 2015 Interests You?


Posted on by Fahmida Y. Rashid

Have you checked out a Peer-2-Peer session yet? In a Peer2Peer session, you explore a specific security topic with other like-minded peers and a facilitator. There are quite a few sessions, covering enterprise defense, incident response, and privacy, just to name a few. We asked each session facilitator to provide a short summary to help you decide which session will be the most relevant to your interests and job role. 

This post highlights seven P2P sessions (Scroll down for answers). Links to other session summaries are at the bottom of the page. 

  • Can we satisfy the ACLU and still share Suspicious Activity Reports (SARs)? 
  • How can we use classified information to make our companies more secure, without going to prison? 
  • Misconceptions of Risk in the Payments World 
  • How to Motivate Security and Compliance Performance & Get People to Love It 
  • Effective Management of Key Storage Files Including Java Keystores and Oracle Wallets

We also included some questions to get you started thinking so that you come to the session prepared with some thoughts. 

Can we satisfy the ACLU and still share Suspicious Activity Reports (SARs)? (P2P-W01D)
Who should attend?
We are seeking attendees from Law Enforcement/First Responder missions, Analysts from the systems side, privacy advocates, policy developers, and members of the research community interested in information sharing, data structure, and digital policy.  

Why is this topic important?
Operations often see cybersecurity as an obstruction as it prevents jobs, actions, and procedures from continuing seamlessly.  “We are pursuing industry and communities to develop information security tools that allow missions to not only implement security but to do so in such a way that we are implementing automation of policies, usable, and efficient tools,” says Karyn Higa-Smith, program manager from the Department of Homeland Security, Science & Technology, and the facilitator for this session. “We seek community collaboration to improve data collaboration and situational awareness in near real-time, while minimizing privacy risk in a well-defined, predictable, consistent, and auditable manner,” Higa-Smith says. This significantly increases trust and confidence that information is being controlled and protected appropriately in accordance with local, state, tribal, and federal privacy laws.

What should attendees think about?
The Data Privacy projects seek to enable Law Enforcement missions by providing tools and workflows that provide automation, proof, and auditing capabilities that empower them against law suits. The National Information Exchange Model is a common-based approach for communities (law enforcement or emergency response) to share data effectively. It is a way to facilitate sharing using data standards but it does not concern itself with privacy laws and ACLU. What is your take on NIEM? Come prepared to discuss issues regarding the violation of privacy laws in information sharing environments. 

What will attendees walk away with after the session?
“From our perspective, the purpose of the Peer-to-Peer session is to seek feedback from the community and help steer our research and development efforts around issues of privacy violations in information sharing environments, especially Law Enforcement and fusion center mission partners as we think about developing technology and interoperability,” Higa-Smith says.  Through the CSD Data Privacy research program, we are searching for the balance between privacy/civil liberties and the homeland security missions by developing tools to protect personal information and other sensitive data, while enabling law enforcement to continue their missions.  Attendees will have a better understanding of some of the homeland security missions and potential collaboration between our technologies and other existing tools and technologies.

How can we use classified information to make our companies more secure, without going to prison? (P2P-W02A)
Who should attend?
Individuals who currently hold, or have held government issued security clearances should attend this session. The purpose of the session is to discuss how to best use the classified information provided to people who hold those clearances to defend their corporate networks and data. CISOs, SOC Managers, Hunter Team leads, Threat Intelligence leads are likely roles or job titles.  Current federal employees from intelligence or law enforcement would also benefit from this discussion. 

Why is this topic important?
“The financial services industry has embraced this as a key topic to explore this year. I believe other industries feel the same way,” says Jenny Menna, the cybersecurity partnership executive at US Bank and facilitator of this session. The government has massive intelligence gathering capabilities and has built programs to share classified cyber threat information with industry. The question is how to use the classified intelligence information - within very strict legal constraints, to make the companies more secure. Both efficiency in the sharing process and effective use are important questions to discuss.

What should attendees think about?
Attendees should think about questions such as, “How do you receive classified threat information (or how would you prefer to) from government partners?” and “How do you use that information, or how could you to better secure your company?" 

What will attendees walk away with after the session?
Attendees will leave the session with recommendations to share with government to improve processes and information. They will also be prepared with recommendations of best practices to share within industry for potential training materials and other similar topics.

Misconceptions of Risk in the Payments World (P2P-W02C)
Who should attend?
Payments, risk and information security professionals, as well as those in financial services, would benefit from this session. Mike Vergara, vice-president of consumer risk management at PayPal, says he is not worried so much about attendees’ specific job titles, but rather the skills and mindsets they bring to the session. “Those who would most benefit from this session would be problem solvers who want to take on hard challenges in the workplace. This session will also be helpful if they have or are looking to build strong industry connections and partnerships. They should come willing to put forth some creative and disruptive ideas,” Vergara says. 

Why is this topic important?
There are three topics you should be thinking about for this session. First, payments are critical for the economy and commerce so they’re not going away. Also, there’s a macro-economic perspective that we can dive into in the session. And lastly, there’s heavy investment going into the future of payments aided by emerging technology competition. 

What should attendees think about?
The main thing that attendees can think about prior to the discussion is challenges they are facing. But further than just the challenges, it would be ideal for them to come with some creative ideas to overcome those challenges. “I would encourage attendees to ‘Put your black hat on, and ask yourself how would YOU exploit the new challenges,’” Vergara says. 

What will attendees walk away with after the session?
Attendees will walk away with new ideas that start industry conversations. They will have been in an environment where they shared their own best practices and also learned things that did and didn’t work from their peers. “Hopefully, my attendees will walk away knowing that even though a problem is hard, it can be solved,” Vergara says.

How to Motivate Security and Compliance Performance & Get People to Love It (P2P-W04A)
Who should attend?
The session is for experienced security leaders who wish to discuss their most successful methods for gaining higher levels of both Security (Information and Physical), and Regulatory Compliance performance from the various departments in their company or agency. Attendees should preferably be experienced Security and/or Compliance leadership, however all those interested in improving their company or agency’s levels of security and compliance are welcome. And attendees with significant experience and expertise will benefit from the conversation, but all those interested in improving their company or agency’s levels of security and compliance are welcome, says Mike McAlpen, executive director of security, compliance, and data privacy at 8x8 and the facilitator of this session. 

Why is this topic important?
This is an area that most people feel can be improved upon.  Most agree that 90 percent of the problem is with the people, McAlpen says.

What should attendees think about?
Things to consider include what have been their most successful efforts in this area and what they think was the root cause of this success. 

What will attendees walk away with after the session?
“Many of us have found specific ways to implement methods for developing a culture of security and compliance, starting at the top with Senior management and the board, specifically how we leveraging the latest Behavioral Psychology to motivate everyone from Senior management to developers (using everything from recognition and gamification to dashboards with ‘metrics that matter’ to that group and/or senior management to motivate them),” McAlpen says. It is the specific methods of implementing these (involving at times both art and science) to change corporate culture and make it relevant to each group in our organizations that make the difference.  Discussing these specifics from each of us will provide value that we can all use when we return to our day jobs the following week.

Effective Management of Key Storage Files Including Java Keystores and Oracle Wallets (P2P-R01C)
Who should attend?
IT security professionals responsible for application level security or database security will benefit from attending this session. A typical attendee would be IT Security personnel who deals with database encryption using various Transparent Data Encryption (TDE) technologies at the database tier or application encryption using various Java-based encryption technologies at the application tier. Database administrators who are involved in managing database encryption will also benefit. 

Why is this topic important?
Organizations are deploying various encryption technologies to safeguard data from either the application tier or database tier. As encrypted servers multiply, so do their encryption keys and associated security containers such as Wallet and Java Keystore files. IT security professionals and database administrators have to deal with various management and operational challenges including proliferation of security containers such as Oracle Wallet and Java Keystore, manual backup, and distribution. Sharing and distribution of these security artifacts often becomes challenging in complex clustered server configurations.  These security containers are password protected, hence IT security professionals also need to manage passwords as well as perform periodic password rotations. Effective management of security containers such as Wallet and Java Keystore files is important. 

What should attendees think about?
In order to prepare for the discussion, attendees should think about database encryption and application encryption deployments in their respective organizations, how many servers have been deployed with such encryption technologies, how to manage the constant proliferation of security containers such as Wallet and Java Keystore files, how to seamlessly back these files up for long-term retention, how often they rotate passwords, how to recover if password is forgotten or the file is lost.  

What will attendees walk away with after the session?
“I am looking forward to first hearing about the operational and management challenges that IT security and database administrators face in managing these files, and understand what they do to address these challenges in various organizations,” says Saikat Saha, senior principal product manager at Oracle and facilitator of this session. Attendees will walk away with an awareness of such issues, some of the best practices to address such issues such as a centralized approach to effective management of security containers. 

Check out P2P sessions in parts one, two, three, four, five, and six. We look forward to seeing you in San Francisco!

Contributors
Fahmida Y. Rashid

Managing Editor, Features, Dark Reading

Privacy

risk management threat intelligence privacy

Blogs posted to the RSAConference.com website are intended for educational purposes only and do not replace independent professional judgment. Statements of fact and opinions expressed are those of the blog author individually and, unless expressly stated to the contrary, are not the opinion or position of RSAC™ Conference, or any other co-sponsors. RSAC™ Conference does not endorse or approve, and assumes no responsibility for, the content, accuracy or completeness of the information presented in this blog.


Share With Your Community

Related Blogs