SANS Institute

SANS WhatWorks in Stopping Data Leakage and Insider Threat 2007

No other security conference focuses on implementers, on real experience improving security.
Peter Kobal, The Vanguard Group

The knowledge that was massed together in the Summit was fascinating and inspirational. You could speak to experts and they were willing to discuss with you issues, problem and the daily events. Wonderful information, cutting edge and brilliant people.
Kimberly Price, Kent State University

If you are implementing data leakage protection or plan to, you won't find a better source of information that SANS What Works in Data Leakage Summit. That's where you'll learn what works and what doesn't.

Gord Taylor from the Royal Bank of Canada says, It's all about making peer contacts, and learning from them about real problems, real obstacles, and real solutions.

Dates:

Welcome Reception and Early Registration: December 2, 2007

Summit: December 3 - 4, 2007

- Data Leakage Summit: WhatWorks in Stopping Data Leakage and Insider Threat?

Post Summit Courses: December 5 - 6, 2007

- SANS Security Essentials :: Day 4 :: SEC-401

- IP Packet Analysis :: SEC-452

- Introduction to Bots and Worms :: SEC-453

- Next Evolution in Digital Forensics - Hands On :: SEC-526

- What's New for Security in Windows Vista? :: SEC-530

- Power Search with Google (formerly Google Hacking & Defense) :: SEC-550

Summit Venue:

Walt Disney World Dolphin Resort

NOTE: Mention that you are attending the SANS Institute conference to get the discounted rate.

Table of Contents

• Summit Overview
• The Organizing Committee
• Register today
• Summit Agenda

Summit Overview

Laptops are not the only way that data leaks out of corporations and government agencies. Email, IMs, thumb drives, CDs, and other vehicles carry sensitive data that can lead to the same types of embarrassment caused by lost laptops. The data leakage problem has become so acute that the White House is forcing all federal agencies to implement monitoring and control systems for all extracts of sensitive data. The SANS Data Leakage Summit brings together users who have implemented data leakage prevention/content monitoring and filtering programs to share the lessons they have learned about what tools work, what problems arise, and how to overcome them. The Summit also highlights the most important software and hardware solutions available to deal with data leakage prevention. In highly interactive sessions users will present their approaches and the tools and processes they chose to defeat the data leakage problem. Nearly half the time in each session is Q&A where you can dig deeper into the users stories to make them valuable to you. Vendor shootouts provide additional opportunity to listen and ask hard questions in the context of the user case studiesa unique opportunity for more than 20 live reference accounts to help sort through the sales lingo.

What Will You Learn at the Data Leakage Prevention/CMF Summit?

1. The extent of the data leakage problem.
2. The legal foundation for monitoring data passing out of your organization.
3. Managing data leakage in all phases including email, data in motion, data at rest and blocking channels at the end point.
4. Lessons learned when other companies and agencies deployed data leakage prevention programs.
5. Which vendors should be on your short list of tools to help solve the data leakage problem.
6. What the pioneers have learned about how to meet the White House mandate on protection and deletion of sensitive data moved to client systems.


Questions to Be Answered at the Summit

1. How can organizations use content monitoring and filtering tools to find information leakage and to reduce data theft?
2. How have organizations found rogue data copies?
3. What are the legal considerations for implementing DLP/CMF programs?
4. What are the key criteria for choosing data leakage prevention products and services, which are the leading programs, and how do they measure up?
5. What policies and processes work best for rolling out data leakage protection across large enterprises?
6. What are the biggest mistakes made by the pioneering users?
7. What are the PCI, HIPAA, GLBA, SB1386, breach disclosure and other regulatory requirements?
8. Which products can scale for large enterprises?
9. How have organizations justified data leakage protection?
10. How does DLP fit and integrate into the overall organization security infrastructure?
11. What is the relationship of the general malicious activities to data leakage incidents?
12. How can DLP infrastructure be utilized in criminal and corporate investigations?
13. How do you evaluate which DLP solution fits best your environment and business needs?


Who Should Attend?

• Security and operations managers should attend as a team. Organizations that care about protecting sensitive information need managers who can reliably work together to deploy the right technologies and process to secure that information. Joint attendance at the Summit will go a long way toward getting everyone reading off the same page.
• Security auditors and incident handlers who need to know the key problems that may arise in a data loss incident.
• Security architects and CTOs who are trying to determine what technologies and processes are most critical for protecting sensitive information stored in their organizations.
• Consultants tasked with helping organizations design the right defenses to protect their sensitive information on laptops and desktops.


How Good Are SANS Summits?

Here's more from people who attended the last Summit:

• This Summit provides an excellent means to stay informed on what is available today; and what the current and emerging issues are.- Yong Choe, SAIC
• Excellent presentations of practical experiences.- Rich Lansing, Bloomberg

The Organizing Committee

• John Bordwine, McAfee
• Mike Siegel, McAfee
• Dr. Eric Cole, SANS
• David Meizlik, Websense, Inc.
• Alan Paller, SANS
• Dyana Klein, Secure Computing
• Jim Nisbet, Tablus
• Amol Kabe, Tablus
• Cathy Hastings, Code Green Networks
• Sharon Taniguchi, Reconnex
• Brian Hedquist, Cyveillance
• David Etue, Fidelis Security
• Jerry Mancini, Fidelis Security
• Robert Mannal, Vericept