SANS WhatWorks in Data Leakage Prevention & Encryption Summit 2010

Dates:

January 11 & 12, 2010

Summit Venue:

Sheraton New Orleans
500 Canal Street
New Orleans, LA 70130 US
Phone: 504-525-2500
Web site: www.starwoodhotels.com/sheraton

Table of Contents

• Summit Overview
• What You Will Learn
• Questions To Be Answered at the Summit
• Who Should Attend and Why
• Register Today
• Agenda

Summit Overview

Are you confident that the personal information of your customers will not leak to the Internet? What safeguards do you have in place to prevent the theft or loss of your confidential documents, source code, marketing data, trade secrets or other intellectual property? These are the problems of Data Loss Prevention (DLP).

Every year, many companies must confess the disclosure of their customers' credit card and Social Security numbers in the media, which is not only enormously embarrassing and harmful in itself but invites lawsuits and FTC crackdown for lax security. And in a recession when cash-strapped companies are going out of business every day, a severe intellectual property theft can lead to lost sales or the covert transfer of valuable trade secrets to one's competitors.

At the SANS Data Leakage Summit, you'll hear from managers who have actually implemented data leakage prevention tools and strategies in their own organizations. They will talk about what works, what isn't worth the money, unexpected problems, and hard-won advice on how to make your own DLP projects a success. Lessons learned include whole drive encryption products and content monitoring/filtering (CMF) applications to detect/stop confidential data leakage. Throughout the presentations, you can ask questions of the managers to follow up.

At the Summit you will also hear from some of the most respected software and hardware DLP vendors as they answer questions and debate the merits of each other's products. During these panel shootouts, attendees can ask questions of the vendors to get them to explain exactly why their solution is best (and if the other vendors agree).

Summit speakers also include industry experts on general topics such as legal liability, regulatory compliance, and technical analysis of DLP vulnerabilities and solutions. So you'll hear from all three types of participants: implementers, vendors and neutral experts.

You will leave the Summit with concrete, actionable information which you can deploy as soon as you return to work.

What Will You Learn at the Data Leakage Prevention Summit?

• Advice and lessons learned from IT managers who have deployed DLP solutions in the real world themselves.
• Which products or technologies are most relevant to your environment.
• Which vendors will most likely be able to help satisfy your needs.
• How to manage data leakage, whether it's through e-mail, hard drive theft, flash drive loss, or network file-transfer applications.
• Legal liability and regulatory compliance issues, especially regarding mandatory disclosure of breeches and the secret monitoring of user activities.

Questions to Be Answered at the Summit

• How can organizations use content monitoring and filtering tools to find information leakage and to reduce data theft?
• How have other organizations found rogue data copies?
• What are the legal considerations for implementing DLP/CMF programs?
• What are the key criteria for choosing DLP products and services, which are the leading programs, and how do they measure up?
• What policies and processes work best for rolling out data leakage protection across large enterprises?
• What have been the biggest mistakes made by other IT managers?
• What are the PCI, HIPAA, GLBA, SB1386, breach disclosure, and other regulatory requirements?
• Which products can scale up for large enterprises?
• How have other organizations justified their investments in DLP programs?
• How does DLP integrate into an organization's overall security infrastructure?
• How can DLP infrastructure be utilized in criminal and corporate investigations?
• How do you evaluate which DLP solution fits best your environment and business needs?

Who Should Attend?

Security managers, operations staff and help desk personnel should all attend together as a team. Organizations which care about protecting sensitive information need team members who can reliably work together to deploy the right technologies and processes to secure that information. Joint attendance at the Summit will go a long way toward getting everyone on the same page.

Security auditors and incident handlers who need to know the key problems that may arise in using data encryption products.

Security architects and CTOs who are trying to determine what technologies and processes are most critical for protecting sensitive information stored in their organizations.

Consultants tasked with helping organizations design the right defenses to protect against the loss of sensitive information through e-mail, stolen laptops, lost flash drives, and covert file-transfer programs.

What Previous Summit Attendees have to say....

Great Summit! It gave the Who, the What, the Hows and the Nots from real-life experiences.
Rolo Guzman, Hess Corporation

One of the best conferences I've attended. Technical, timely, informative and fun.
Phillip Hoffman, Technology Planning & Architecture LLC

This summit has been integral to our current project for selecting an Encryption solution.
Chris Kelly, Bristol Myers Squibb

SANS Summits provide the multiple perspectives - user, vendor, industry, expert - that organizations need to have access to in order to make sound IT decisions. Eric Hay, Credant Technologies

Very valuable information. Really benefited from implementation panels - having lessons learned, etc. Wish I would have attended a year ago before our global deployment. Christine Payton, Eli Lilly & Company