[

conf 14K ]
                        TISC '96 Conference Information                                RISK MANAGEMENT ...                           InterNET Gains and Losses                   J.W. Marriott, Galleria - Houston, Texas                            May 13th - 16th, 1996 WELCOME TO HOUSTON May 13 - 16, 1996, those involved with computer security, will convene at the Galleria J.W. Marriott Hotel and Convention Center in Houston, Texas, next to world-famous Gallerias I, II and III. The Mission Operations Directorate's AIS Security Engineering Team, with sponsorship by NASA, provides a Computer Security Conference every 12 to 18 months.  These conferences are held within the Houston area, and are provided with the express purpose of infusing new technology into the aerospace community which services Mission Operations Directorate's computing resources. TISC '96 REGISTRATION INFORMATION Pre-registration must be received by April 30th, 1996 to take advantage of early registration discounts.  On-site registration will be from 7:00 a.m. on Monday, May 13th, 1996 and from 7:00 a.m. to 5:00 p.m. on Tuesday, May 14th, 1996.  If you have any questions concerning conference registrations, please contact College of the Mainland at (409) 938-1211 ext. 280 or via email by: This e-mail address is being protected from spam bots, you need JavaScript enabled to view it Latest information is always available at http://aset.rsoc.rockwell.com. DAY ONE - TUESDAY, MAY 14th, 1996 - 9:00 - KEYNOTE SPEAKER: PLENARY - Winn Schwartau Winn Schwartau, one of the country's leading experts on information security and electronic privacy is often referred to as the civilian architect of information warfare . His writings and research have brought a previously classified subject into the commercial open source arena. With hundreds of credits to his name, his articles and often controversial editorial pieces appear in such magazines as, Information Week, Network World, ComputerWorld, Network Security, Internet World, Virus Bulletin, Security Management, Infoworld, PC Week, etc.  Mr. Schwartau also wrote a _script_ for TV's Law and Order called, The Hacker.   Abstract: Information Warfare Winn Schwartau will present his eye-opening and occasionally controversial views in Information Warfare - a conflict fought without bombs or bullets. He will examine the culture of the Post Cold War world, and discuss why Info-War has to occur, effectively bypassing governments and the military. He will examine all three classes of InfoWar: Class I   - Personal Privacy: In Cyberspace you Are Guilty Until Proven             Innocent Class II  - Industrial Espionage: Current US policies actually encourage             espionage. Class III - Global conflict, terrorism and the military. Be prepared for a highly illuminating session with the Civilian Architect of Information Warfare. SCHEDULE - WORKSHOPS =========================================================================== === Monday, MAY 13th - 1996 7:30 WORKSHOP / CONFERENCE REGISTRATION 9:00 WORKSHOPS BEGIN WORKSHOP 1 - Investigative Techniques Thomas Welch, Welch & Welch Investigations This course covers options and responsibilities after an attack, and primary issues of computer crime investigations, including:  - Legal Constraints  - Privacy Concerns  - Investigative Techniques  - Computer Forensics A look at what to do before and after an alleged attack. WORKSHOP 2 - Secure Internet Commerce Steve Cobb, NCSA The three main categories of Internet Commerce are discussed:  - Secure Transactions  - Digital Cash  - Virtual Private Networks Security Technologies, peripheral risk and exposure; suggestions for policy and procedures that reduce risks and exposures are presented. WORKSHOP 3 - Windows NT Security Dr. Eugene Schultz, SRI Fundamentals of Windows NT Server security exposures and features.  - NTAS Security Model  - Security Exposures and Incidents  - Account and Group Management  - Rights and Privileges  - Control Measures for Remote Access Servers  - Control Exposures from Internet Connectivity  - Configuration and Auditing to Detect Incidents WORKSHOP 4 - Client Server Security Doug Conorich, AXENT Technologies, Inc. A de_script_ion of a new architecture for managing security in today's multi-platform enterprise network is presented, along with tools to manage it.   Also, information that provides the advantages for taking measurements regularly, even daily over traditional methods. WORKSHOP 5 - UNIX Security Tools Hughes STX, NASIRC For Systems Administrators. Security of UNIX systems in a network environment.  Includes the following:  - Overview of increasing risks.  - Hacker Attack Methods  - On-Line Information Resources  - Automated Tools for System Administration  - Automated Tools for System Security  - Installation of Public Domain Software  - Penetration Testing  - Hacker Traces (Looking at Logs)  - Sniffers WORKSHOP 6 - Firewalls Harris Computer Corporation The following is included in this course:  - Building Internet Firewalls  - Which Services to Set Up  - How to Set Up Proxy Services to Protected Networks WORKSHOP 7 - Corporate Information Protection Lee Sutterfield, Wheel Group The Corporate Information Protection Workshop describes a concept of operations for cost-effectively managing the corporate information systems security posture.  The concept is _base_d on the application of Statistical Process Control theory and methods to the problem of large-scale information protection management.   The workshop will address the following:  - The role of Statistical Process Control  - Metrics Development  - Experiment Design  - Risk Management  - Real-Time Intrusion Detection  - Security Posture Assessment  - Incident Response  - Intrusion Control and Recovery  - Threat Analysis  - Countermeasure Engineering For example, the workshop will provide technical insight into the future of information protection technologies and the practical use of those technologies in the workplace.  Most importantly, it will provide a _frame_work around which a pro-active, robust, cost-effective corporate information protection program can be built. WORKSHOP 8 - Disaster Recovery Bill Langendorfer, DRI This workshop will be a learning process for everyone interested in the development of Business Continuity / Disaster Recovery Plans.  This workshop will cover the major phases of Plan development; pre-planning, planning and post-planning efforts.   It will cover the industry accepted Common Body of Knowledge and will involve everyone in practical steps in recovery plan development.  Anyone involved in the development of recovery plans or who manages or directs recovery plan development should attend.   In addition, this session will help attendees prepare for the professional certification examination.  Work in groups of six or less participants will finish the work shop and will include exercises in management decisions and illustrate the impacts of interruptions and planning on business. 4:30  -  REGISTRATION and VENDOR RECEPTION SCHEDULE- CONFERENCE DAY ONE =========================================================================== === Tuesday, MAY 14th - 1996 7:30  REGISTRATION OPENS 8:45   - WELCOME - 9:00   - PLENARY SESSION - Winn Schwartau Author of the book, Information Warfare Winn Schwartau is an internationally recognized authority in this field.  He describes the Internet: It's like having the combined information wealth of the planet ... at your fingertips. With over 100 million computers tying our communications, finance, transportation, and power system together, we face a potential electronic Pearl Harbor. TRACK-1 Security Engineering TRACK-2 Law and Policy for Managing Risk TRACK-3 Risk Management Security Concepts TRACK-4 Security Technology TRACK-5 Emerging Technology 11:00 TRACK-1: Commerce on the Net - Steve Cobb, NCSA TRACK-2: Net Crimes - Dr. Raymond Nimmer, Univ. of Houston TRACK-3: How to Design an effective Disaster Recovery Plan - DRI TRACK-4: MacAfee Anti-Virus Technology Track-5: MOSCOM Voice Verification Gateways for Secure Access - Joe Baranauskas 1:30 TRACK-1: The Electronic Underground Dr. Peter Tippet, NCSA TRACK-2: How to Investigate a Computer Incident - Thomas Welch, Welch & Welch TRACK-3: Security Posture Assessment - Lee Sutterfield, Wheel Group TRACK-4: CyberGuard - Harris Computer Corporation TRACK-5: Introduction to JAVA - Sun MicroSystems - Dun Dublin 3:30   TRACK-1: WWW Security Challenges - Lynda McGhee TRACK-2: Net Crimes - Scott Charney, U.S. Justice Dept. TRACK-3: Risk Accountability - Will Ozier TRACK-4: New Technolog from IBM - Internet Products & Suite of Services TRACK-5: IRIS Scan - Don Richards 4:30   PANEL DISCUSSION: BUSINESS: IS THE INTERNET READY FOR IT? PARTICIPANTS: - Dr. Peter Tippet - Dr. Vijay Ahuja - Dr. Raymond Nimmer - Scott Charney - Dr. Gerald Kovacich - Dr. Eugene Schultz - Moderator BOOK SIGNING AND BUYING EVENT SCHEDULE - CONFERENCE DAY TWO Wednesday, MAY 15th - 1996 8:00  REGISTRATION OPENS 8:45  - ADMINISTRIVIA - ANNOUNCEMENTS - 9:00  - PLENARY SESSION - Dr. Peter Tippet, NCSA Dr. Tippet is a recognized expert in the area of computer viruses.  The insidious self-replicating malicious programs are infecting virtually every business and organization using computers, often on a continuing basis.  Dr. Tippet has conducted studies of the costs and consequences of computer virus infections to those infected. 11:00 TRACK-1: Design Considerations of a Firewall - Jim Livermore TRACK-2: Reinventing National Security Policy - Vicki Labarre TRACK-3: Medical Security Issues - Laura Brown TRACK-4: ISS - Internet Security Systems - Chris Klaus TRACK-5: HACKER 101 - Network Systems - Randy Terpestra 1:30 TRACK-1: Selecting a FIREWALL - Garrison & Associates TRACK-2: So, you're the new ISSO - Dr. Gerald Kovacich TRACK-3: Oil and Gas Security Issues - Paul Styrvoki TRACK-4: RISK WATCH TRACK-5: NetRISK - TRIDENT - Jeffery Z. Johnson 3:30 TRACK-1: Implementing a Firewall - DR. Vijay Ahuja TRACK-2: Software Piracy Issues - Shevon Desai TRACK-3: Banking Security Issues - TBA TRACK-4: DEC Virtual Private Network - DEC - Part I TRACK-5: Secure Electronic Transation, SET - MasterCard International          - John Wankenmueller 4:40 TRACK-1: Testing a FIREWALL - Garrison & Associates TRACK-2: Flexible Response to System Intrusion - J. Stephen Ryan TRACK-3: Telephone Security Issues - Bernie Milligan TRACK-4: Virtual Private Networks - DEC TRACK-5: Norman Defense Systems - Buddy Jenkins Birds of a Feather SCHEDULE - CONFERENCE DAY THREE =========================================================================== === 7:30   REGISTRATION OPENS 8:45   - ADMINISTRIVIA - ANNOUNCEMENTS - 9:00   - PLENARY SESSION - Raymond Semko, Department of Energy Mr. Semko has over 20 years of experience as a counterintelligence Special Agent.  He was responsible for all U.S. Army Intelligence investigations from September 1986 to September 1988.  Now with the Office of Counterintelligence, Department of Energy (DOE), Washington, D.C., he has restructured the presentation of security / counterintelligence awareness and education.  His presentations, which he _style_s infotainment, are unforgettable events. 10:00 TRACK-1: New Trends in Risk Assessment - Carol Hamilton TRACK-2: Secure Implementation of Windows NT - Ernest Hernandez TRACK-3: A Comparative Analysis of Intrusion Detection Technologies          - James Cannady & Jay Harrell TRACK-4: Network Solutions - McAfee TRACK-5: PadLock/PowerCerv - Dan Griazle 11:00   TRACK-1: SECURING EDI - Alex Woda TRACK-2: CISSP - (Two Parts) Hal Tipton TRACK-3: Intrusion Detection using Control-Loop Measurement          - Dr. Myron L. Cramer, James Cannady & Jay Harrell TRACK-4: Raptor Systems TRACK-5: MilkyWay TISC'96 ENDS VIDEOS OF OUR LAST CONFERENCE AVAILABLE: A set of 14 video tapes covering 30 expert presentations, plenary speakers, and panels  is on sale for $150 per set.  Proceedings in notebook form featuring a compilation of presentations from our 1994 conference is available at $85.00 per copy. These videos plus the Proceedings are a compendium of key information from the 1994 conference and comprise a compact home course in computer security. For more information call 713-282-3336. REGISTRATION FORM - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -                                    TISC'96                             Date: May 13-16, 1996                  Location: J.W. Marriott Galleria, Houston, TX                              Registration Form Event                     Pre-Registration            After April 30, 1996 Workshop Only:               [ ]   $200                        [ ]   $200 Conference Only:             [ ]   $395     Please check one   [ ]   $445 Workshop and Conference:     [ ]   $545         box only       [ ]   $645 Space is limited and available on a first-come first-served basis. Cancellations: Failure to attend does not constitute a withdrawal. College of the Mainland must be notified ofintent ot withdraw by phone or in writing by April 30, 1996. Refunds will be issued, less a $50.00 cancellation fee, for all requests received by April 30, 1996. After this date, registration fees are non-refundable. Participant substitutions may be made up to the first day of the conference.          Mail or Fax this registration form to:          Ed Socha                      Voice: (713) 280-3991 ext. 280 or          The College of the Mainland          (409) 938-3184          1200 Amburn Road              Fax:   (409) 938-3184          Texas City, TX 77591 (Please Print or Type)        Name:__________________________________________________        _title_:_________________________________________________        Company:_______________________________________________        Address:_______________________________________________        City:___________________________ State:________ Zip:_______________        Phone:________________ Fax:__________________        E-Mail Address:________________________________________ Method of Payment: _____ MasterCard     Number:__________________________                      Expiration Date:_________________                      Signature:_______________________ _____ Visa Card      Number: _________________________                      Expiration Date: ________________                      Signature: ______________________ _____ Check/Money Orderpayable to: The College of the Mainland) _____ Purchase Order Number:__________________________________ If you have any special needs (dietary, physical, etc.) please describe so efforts can be made to accomodate everyone: ___________________________________________________________________________ _   ___________________________________________________________________________ _   This e-mail address is being protected from spam bots, you need JavaScript enabled to view it This e-mail address is being protected from spam bots, you need JavaScript enabled to view it