- Training
- Training Live Events
- Training Without Travel
- Security Courses
- Security Curricula
- Certified Instructors
- Training Calendars
- SANS vLive!
- SANS OnDemand
- Community SANS
- Cyber Guardian
- SANS Mentor Program
- Coins
- SANS Onsite
- SANS SelfStudy
- SANS Summit Series
- SANS Partnership Series
- Webcasts
- Work Study
- Events Archive
- DoD 8570
- Voucher Credit Program
- group discounts
- Certification
- Resources
- List of Resources
- Top Security Risks
- Top 25 Software Errors
- 20 Coolest Jobs
- Application Security Procurement Language
- Top 10 Security Trends
- Top 5 Essential Log Reports
- Reading Room
- Webcasts
- AudioCasts
- WhatWorks
- Newsletters
- RSS Feeds
- Calendar Feeds
- Security Thought Leaders
- Security Policy Project
- Security+ Study Guide
- SANS Buyers Guide
- Security Tool Demos
- 2008 Salary Survey
- Vendor
- Portal
- Storm Center
- College
- Developer
- About
The most trusted source for computer security training, certification and research.
select a course
Las Vegas, NV - May 24 - 26, 2010
- Event Location & Info
- Faculty
- Vendor Expo
- Vendor Events
- Special Events
- SANS @Night
- Brochure (PDF)
Excellent conference! Allows you to hit the ground running with effective skills and tools! Best security training in IT!
-Russell Morrison, AXYS
About
SANS WhatWorks Summit Series
The SANS WhatWorks Summit Series brings together the thought leaders of the industry...
>> Read More
SANS WhatWorks in Security Architecture Summit 2010
- Dates:
- Summit: May 24-26, 2010
- Summit Venue:
-
Paris Hotel
3655 Las Vegas Blvd So.
Las Vegas, Nevada 89109
Phone: 877-603-4386
Website: Paris Las Vegas Hotel Site
Table of Contents
- Summit Overview
- Tools Exclusively For Attendees
- Top Questions That Will Be Answered At The Summitt
- Summit Agenda: UPDATED with Pre-Event Activities!
- Who Should Attend
- The Organizing Committee
- Register Today
Just Added: Two Bonus Sessions May 24th
6:30pm - 7:15pm
Expert Talk: So You Want to Be an Information Security Architect?
Today, in any given organization you might find intrusion Detection Analysts, Forensic Analysts, Network Security Engineers, Pen Testers, Auditors, Security Operations Center Analysts and Incident Handlers among a few others. These fields are fairly well understood and much needed. People working in these specialty areas are often referred to as security engineers. However, there is a growing specialty that is slowly becoming a necessity, but has yet to gain a common definition and recognition in the industry in general - that is the Information Security Architect. This talk will examine the role of and skill sets needed for the Information Security Architect specialty.
Speakers: Michele Guel, Senior Security Architect/Advisor/Advocate HRIT Cisco; Brook Schoenfield, Senior Security Architect, Webex-Cisco
7:15pm - 8:30pm
Panel Debate: What in the World Is "Enterprise Information Security Architecture?"
There does not seem to be an industry standard of Enterprise Information Security Architecture. For some organizations it is a "blue print" of all the security technologies that must be included. For some, it is the TOGAF model or the SABSA model. Still others think it is the BSISM model. This panel will provide a lively discuss and debate about true merits of what constitutes an "Enterprise Information Security Architecture".
Moderator: Alan Paller' Christopher Carter, U.S. Department of State
Summit Overview
This summit provides proven ways to create a pervasive enterprise security architecture culture where information and network security are a central part of the organization's DNA. Two key components of that culture are the security architecture analysis process and the security design review process.
Creating a pervasive enterprise security architecture is not vendor-driven or product-driven. It is driven by the processes that support the mission and the business objectives. Technologies, in turn, support those processes. The challenge in many organizations is to enable security consultants and architects to be engaged in IT projects at the right time and ask the right questions, and know what to do with the answers. It's not a checklist approach, it's not I am compliant, so I must also be secure. It's not I have two employees with a certification, so that is all I need.
For most organizations, making the needed changes requires knowledge, effort, commitment and culture change. At this summit, you will gain relevant, actionable information and learn techniques to help you up-level the security posture of your enterprise, embed security into your IT initiatives and begin to formulate your enterprise security architecture.
The Summit Format Will Consist Of:
- Industry Experts sharing techniques and secrets to help you do your job better.
- User Panels featuring enterprise users from Fortune 500 companies. sharing the tough challenges they are facing and the lessons on they've learned about what works in the real world.
- Vendor Panels offering information on current offerings relevant to the security architecture process.
- Discussion and Debates in which Summit participants help drive change in the industry and help define future needs and direction.
- Networking opportunities where you can connect with other security professionals at sponsored receptions, breakfasts, Lunch & Learns, and hospitality suites.
Tools Exclusively For Attendees
- The First Edition of the SANS Enterprise Security Architecture Roadmap Poster
- The Security Consultant/Advisor/Architect's Toolbox CD containing
- Quick Risk Assessment Tool
- Example Security Guiding Principles
- Drill-down Security Engagement Questionnaire
- Conceptual Architecture Template Document
- Physical/Logical Architecture Template Document
Top Questions That Will Be Answered At The Summit
- What are the 5 most critical questions that will trigger engagement with right security architects and the right time in the project
- What are the 25 most critical security architecture questions to be asked and answered on any IT Project?
- What are 20 easy questions that can provide an accurate security risk rating on any project?
- What are foundational security architecture imperatives that every organization needs?
- How can the C-level executives be influenced to implement programs geared towards creating a pervasive security culture where security is truly part of the DNA of the organization?
- What are the vendor products that help you to create pervasive enterprise security architecture?
Who Should Attend?
This event is geared toward IT and security professionals with at least 2 years experience with a focus on security. Prospective attendees should have a basic understanding of security technologies, common security risks and common attack vectors. A basic understanding of common project development lifecycle processes and architecture analysis/review are also needed. With that focus in mind, we believe the following people would benefit most from this summit:
- Chief Security Officers, Security Managers and Business Leaders responsible for ensuring their organization's business direction and architecture are aligned with security architecture.
- Technical leaders responsible for providing security consulting, architecture analysis, design review and advisory services on IT Projects.
- Project Managers who are responsible for ensuring their IT projects pass through all security touch points in the SDLC process.
- Consultants and technical leaders tasked with helping organizations make information and network security part of the culture and DNA.
The Organizing Committee
- Michele Guel, Cisco
- Michele Iverson, NSA
- Alan Paller, SANS
- Adrian Seccombe, Eli Lilly
- John Strand, Black Hills Information Security
- John Streufert, US Department of State
- © 2000-2010 The SANS™ Institute
- Web Privacy Policy | Web Contact |
- Press Room | Trademark Usage Policy