Вы находитесь на странице: 1из 80

Seminar Overview

Seminar Dates:

Monday–Thursday

September 19–22

Exhibit Dates:

Monday–Wednesday

September 19–21

Anticipate the unexpected

The security tools, techniques, and talent for tomorrow.

The security tools, techniques, and talent for tomorrow. AS I S I N T E R

AS I S

I N T E R N AT I O N A L

2 011

57Th ANNuAL SEmINAR ANd ExhIbITS

September 19–22, 2011 | OrlandO, Fl

www.asis2011.org

colocated with ASIS 2011

A L 2 011 57Th ANNuAL SEmINAR ANd ExhIbITS September 19–22, 2011 | OrlandO, Fl www.asis2011.org

Face the future—and the unknown— with confidence when you acquire the comprehensive knowledge and resources available only at ASIS 2011.

ASIS International welcomes (ISC) 2 ’s first Security Congress, colocating with ASIS 2011. This important partnership illustrates the rapidly converging roles of traditional security and information security. These two events will bring together the best and brightest minds in the profession. Join more than 20,000 of your colleagues for an unprecedented look at the total security landscape.

for an unprecedented look at the total security landscape. WhAt DoES thIS mEAn to you? •
for an unprecedented look at the total security landscape. WhAt DoES thIS mEAn to you? •
for an unprecedented look at the total security landscape. WhAt DoES thIS mEAn to you? •
for an unprecedented look at the total security landscape. WhAt DoES thIS mEAn to you? •
for an unprecedented look at the total security landscape. WhAt DoES thIS mEAn to you? •
for an unprecedented look at the total security landscape. WhAt DoES thIS mEAn to you? •

WhAt DoES thIS mEAn to you?

Gain new perspectives and expert insights into the latest trends impacting the protection of people, property, and information.

Connect with security counterparts from around the globe.

See thousands of the latest technologies, products, and services on the market.

Integrate proven best practices into your enterprise security plan.

Learn about ASIS board certification and (ISC) 2 certifications.

ASIS Debuts a Systems Integrator track. ASIS is expanding its educational program to include a new track of sessions designed for systems integrators. Practitioners in key vertical industries will share their biggest security challenges and insights that will help integrators provide the best solutions to their customers.

This track is endorsed by PSA Security Network.

customers. This track is endorsed by PSA Security Network. Who ShoulD AttEnD • Security directors and

Who ShoulD AttEnD

Security directors and managers

Homeland security professionals

CEOs, CSOs, CISOs, CTOs, CIOs

Managers charged with protecting their infrastructure

Government/military personnel with security responsibilities

Security consultants

Law enforcement professionals

Facility/plant/operations managers

Systems integrators and dealers

Architects/engineers

Other professionals with an interest in security

table of Contents

Register for ASIS 2011 or (ISC) 2 ’s Security Congress and gain access to all this and more.

’s Security Congress and gain access to all this and more. the Power Behind the ASIS
’s Security Congress and gain access to all this and more. the Power Behind the ASIS

the Power Behind the ASIS Annual Seminar and Exhibits

ASIS International (ASIS) is the preeminent organization for security professionals, with more than 37,000 members worldwide. Founded in 1955, ASIS is dedicated to increasing the effectiveness and productivity of security professionals by developing educational and networking opportunities that address broad security interests, such as the ASIS Annual Seminar and Exhibits, as well as specific security topics. ASIS also advocates the role and value of the security management profession to business, the media, government entities, and the public. By providing members and the security community with access to a full range of programs and services, and by publishing the industry’s number one magazine—Security Management—ASIS leads the way for advanced and improved security performance.

We’re pleased to welcome our new partner:

performance. We’re pleased to welcome our new partner: (ISC)² is the largest not-for-profit membership body of

(ISC)² is the largest not-for-profit membership body of certified information security professionals worldwide, with over 77,000 members in more than 135 countries. Globally recognized as the Gold Standard, (ISC)² issues the CISSP® and related concentrations, as well as the CSSLP®, CAP®, and SSCP® credentials to qualifying candidates. (ISC)²’s certifications are among the first information technology credentials to meet the stringent requirements of ANSI/ISO/ IEC Standard 17024, a global benchmark for assessing and certifying personnel. (ISC)² also offers education programs and services based on its CBK®, a compendium of information security topics. More information is available at

www.isc2.org.

Join professionals from around the globe in Orlando for the most comprehensive educational event of the year. Register today!

Program Highlights

.

.

.

.

.

.

.

.

.

.

.

.

.2

Special Interest Networking

72

Keynotes and General Sessions

Schedule of Events

.

Exhibits .

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.4

.5

.6

Spouse Welcome to Orlando .

. General Information/Housing

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

. 74

. 75

. 76

Certification .

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.9

. Thank You to our Partners and Sponsors

77

CSO

.

.

.

.

.

.

.

.

.

.

.

. 10

 

Pre-Seminar Programs and Events

.

.

. 11

Pre-Seminar Programs and Events . . . 11  
 

Focus on Homeland Security .

.

.

.

.

.

.

. 16

Education Sessions .

.

.

.

.

.

.

.

.

.

.

. 18

Education Sessions . . . . . . . . . . . . 18

Networking

.

.

.

.

.

.

.

.

.

.

. 70

Prepare to Learn

Unparalleled

General Sessions. Outstanding keynote presentations by renowned leaders and dynamic general sessions on key issues set the stage for this year’s event.

Education Sessions. More than 200 sessions address the full range of up-to-

the-minute security topics, critical issues,

and

security management best practices.

Mix

‘n match from 22 tracks and design

the

program that’s right for you. Refer to

the

daily Schedule-at-a-Glance—at the

beginning of each day’s listing.

homeland Security. A listing of 30

sessions provides a quick overview of

our offerings focused on protecting the

homeland, whether in the U.S. or abroad.

Pre-Seminar Programs and Professional tours. These in-depth ‘add-on’ programs

are

held immediately prior to the Seminar

and

focus on a variety of issues relevant

to today’s security practitioners.

CSo Roundtable. Members of the CSO Roundtable are invited to attend special programming relative to senior security leaders.

Accolades Competition. This program recognizes innovative new products and services and helps identify some of the hottest solutions that will be displayed in the exhibit hall. View entries online in advance and see entries ‘up close and personal’ on the show floor.

2 ASIS 2011 Anticipate the unexpected. The security tools, techniques, and talent for tomorrow.

edUcation

Solutions theaters. These in-depth vendor presentations—delivered right on the show floor—give you the scoop on new products, breaking news, and more. Schedule will be available in August.

ASIS tV. Learn about security initiatives throughout the world and see on-the-spot interviews from the Seminar. ASIS TV also will be viewable online during and after the Seminar.

Session handouts. All handout materials will be available for your online access. Or print them out onsite at print stations located in the convention center. The choice is yours.

Exhibit hall. Thousands of cutting-edge products and services will be on display on the show floor. From access control to cloud security to weapons disposal and everything in between, you’ll find the tools and partners you need to mitigate risk.

networking. Take advantage of unlimited opportunities to interact with top professionals from around the globe. This is the place to meet peers face-to-face, share ideas, and discover solutions.

peers face-to-face, share ideas, and discover solutions. September 19–22, 2011 | Orange County Convention Center |
peers face-to-face, share ideas, and discover solutions. September 19–22, 2011 | Orange County Convention Center |
peers face-to-face, share ideas, and discover solutions. September 19–22, 2011 | Orange County Convention Center |
peers face-to-face, share ideas, and discover solutions. September 19–22, 2011 | Orange County Convention Center |
peers face-to-face, share ideas, and discover solutions. September 19–22, 2011 | Orange County Convention Center |
peers face-to-face, share ideas, and discover solutions. September 19–22, 2011 | Orange County Convention Center |
peers face-to-face, share ideas, and discover solutions. September 19–22, 2011 | Orange County Convention Center |

“If you want to stay abreast of new technology and liaison with other colleagues in the security sector, you need to attend the ASIS show.”

James R. Matthews, CPP Chief of Police, Rincon Police Department

General Sessions

KEynotE

General Session

Jeb Bush

Workplace Violence:

Governor of Florida, 1999–2007

A Clear and Present Danger

Tuesday, September 20, 8:00 am–9:00 am

As the 43rd Governor of the state of Florida, Bush’s achievements include education reform, closing the achievement gap for Florida students; and yearly tax cuts which helped Florida lead the nation in job growth. Bush currently heads his own successful consulting business and also is chairman of the Foundation for Excellence in Education.

heads his own successful consulting business and also is chairman of the Foundation for Excellence in

KEynotE

Thursday, September 22, 10:00 am–12:00 noon

Violence in the workplace continues to make news headlines and is a vital concern to Security, Human Resources, and management across all industries. Threats, verbal abuse, physical assault, and homicide in the workplace affect two million workers annually in the U.S. alone. The use of the Internet as a means to promote violence through the delivery of threats, as well as the implications and impact of social media are evolving factors that also need to be understood. Join us as we examine the issues and the latest information on assessment, prevention, and

Vicente Fox

mitigation of this growing threat.

President of Mexico, 2000–2006

Wednesday, September 21, 8:00 am–9:00 am

2000–2006 Wednesday, September 21, 8:00 am–9:00 am A visionary leader with a deep understanding of the

A visionary leader with a deep

understanding of the economic

and social challenges facing Latin America, President Fox

is one of the world’s most

important voices on the contemporary geo-political landscape and the role of business in the developing world.

General Session the Security leader in 2020 and Beyond

Thursday, September 22, 8:00 am–9:30 am

Explore the industry 10+ years into the future with experts from across the security community engaging on key topics. Understand the key technology and security trends driving business and the industry that are likely to have an effect on the leaders of the future. Hear from a panel including chief security officers and representa- tives of the information security and technology communities as they discuss the trends and impacts of what professionals will face in the next decade.

Closing luncheon with Burt Rutan

Thursday, September 22,

12:00 noon–2:00 pm

Named “Entrepreneur of the Year” by Inc. Magazine and described by Newsweek as “the man responsible for more innovations in modern aviation than any living engineer,” Mr. Rutan is a bold entrepreneur and designer with the vision and passion for the advancement of technology. Recent projects include the White Knight and SpaceShipOne, the world’s first privately funded manned spacecraft.

the world’s first privately funded manned spacecraft. “If you are going to attend one security event

“If you are going to attend one security event this year…ASIS should be the one.”

Bret Rowe Corporate Security Manager J.R. Simplot Company

4 ASIS 2011 Anticipate the unexpected. The security tools, techniques, and talent for tomorrow.

Schedule of Events

All programs and events are open to ASIS and (ISC) 2 attendees unless otherwise noted.

Friday, September 16

8:00 am–5:30 pm CPP, PCI, and PSP Certification Reviews, Peabody Hotel

Saturday, September 17

8:00 am–2:00 pm CPP, PCI, and PSP Certification Reviews, Peabody Hotel

8:00 am–5:00 pm

CISSP and CSSLP Official Review Seminars

8:00 am–5:00 pm Pre-Seminar Programs

Sunday, September 18

8:00 am–12:00 noon CISSP and SSCP Clinics

8:00 am–1:30 pm

ASIS Foundation 15 th Annual Golf Tournament

8:00 am–2:00 pm

(ISC) 2 Exams

8:00 am–5:00 pm

CISSP and CSSLP Official Review Seminars (continued)

8:00 am–5:00 pm

Pre-Seminar Programs

1:00 pm–5:00 pm

CAP and CSSLP Clinics

4:00 pm–6:00 pm

(ISC) 2 Town Hall Meeting for Members Only

5:00 pm–6:00 pm

Young Professionals Reception

6:00 pm–7:00 pm

ASIS First-Time Attendee/ASIS New Member Reception

7:00 pm–9:00 pm Welcome Reception

monday, September 19

7:45 am–9:00 am Opening Ceremony

9:00 am–11:00 am

Exhibit Hall Grand Opening

9:00 am–4:30 pm

Exhibit Hall Open

11:00 am–12:00 noon

Education Sessions

12:00 noon–1:30 pm

Networking Luncheon

1:45 pm–3:00 pm

Education Sessions

4:30 pm–5:30 pm

Education Sessions

5:30 pm–7:00 pm

(ISC) 2 Member Reception, Peabody Hotel

7:00 pm–10:00 pm President’s Reception at Universal’s Islands of Adventure ®

tuesday, September 20

8:00 am–9:00 am Keynote: Jeb Bush

9:00 am–4:30 pm

Exhibit Hall Open

10:00 am–11:00 am

(ISC) 2 Safe and Secure Online Volunteer Orientation

11:00 am–12:00 noon

Education Sessions

12:00 noon–1:30 pm

Networking Luncheon

1:45 pm–3:00 pm

Education Sessions

REGIStRAtIon houRS

4:30 pm–5:30 pm Education Sessions

Wednesday, September 21

Sunday, September 18 12:00 noon–6:30 pm

8:00 am–9:00 am Keynote: Vicente Fox

Monday–Wednesday,

9:00 am–3:30 pm

Exhibit Hall Open (Final Day for Exhibits)

September 19–21

11:00 am–12:00 noon

Education Sessions

12:00 noon1:30 pm

Law Enforcement/Military Appreciation Luncheon

1:45 pm–2:45 pm

Education Sessions

3:30 pm–5:00 pm

Education Sessions

6:30 pm–10:00 pm

Americas ISLA Gala Dinner, Peabody Hotel

7:00 am–5:30 pm daily

Thursday, September 22 7:30 am–12:00 noon

7:00 pm–9:00 pm ASIS Foundation Event at BB King’s Blues Club

thursday, September 22

8:00 am–9:30 am General Session: The Security Leader in 2020 and Beyond

9:30 am–10:00 am

Coffee Break

10:00 am–12:00 noon

General Session: Workplace Violence: A Clear and Present Danger

12:00 noon–2:00 pm

Closing Luncheon with Burt Rutan

All events are held at the Orange County Convention Center unless noted otherwise. Schedule subject to change.

Exhibits

Knock out a year’s worth of product and supplier research in just three days. Get face-to-face with product experts and discover what’s possible in today’s high-tech security market.

Exhibit hall hours: Monday–Tuesday, September 19–20, 9:00 am–4:30 pm Wednesday, September 21, 9:00 am–3:30 pm

Exhibitor List

as of aPriL 28, 2011

3M Cogent, Inc. 3M Optical Systems Division 3S Pocketnet Technology, Inc. 3SI Security Systems 3VR Security, Inc. 5.11 Tactical A&S International A-T Solutions Aaxeon Technologies ABM Data Systems, Inc. Access Specialties International, LLC Accessgate.net, Inc. (AGS) ACCU-TECH CORPORATION AccuWeather, Inc. ACTi Corporation Action Bullet Resistant ADS, Inc. ADT Security Services AFI and IMAC AFL Telecommunications Aigis (Now Part of Linear) Aimetis Corp. Aiphone Corporation Airborne Biometrics Group, Inc. AlarmSaf Alert Enterprise Alertus Technologies Alion Science and Technology – CounterMeasures All Traffic Solutions Allied Tube & Conduit AlliedBarton Security Services Allsafe Technologies, Inc. Alpha Technologies ALTRONIX CORP. ALUTIIQ, LLC ALVARADO TURNSTILES AMAG Technology, Inc. American K9 Detection Services, Inc. American Military University American School & University American Physical Security Group

American Science & Engineering, Inc. American Security Products Co. American Video Equipment Ameristar Fence Products AMICO Andrews International Anixter, Inc. The Anvil Group, Ltd. Aon Fire Protection Engineering (Formerly Schirmer Engineering) APOLLO Arecont Vision, LLC Ares Corporation ARH, Inc. ARMORTEX AS Solution A/S ASI Technologies – Marathon Doors ASIS International ASSA ABLOY Americas ASTIC Signals Defenses, LLC Astrophysics, Inc. Austin Mohawk and Company AUTOCLEAR/Scintex AutoGate, Inc. Automatic Systems AVANTE Aventura Technologies AVIGILON AVUE AWID, Inc. AXIS COMMUNICATIONS, INC. Baran Access Solutions Barco Barcode Automation, Inc. Barrier 1 Systems, Inc. Basler Vision Technologies Bellevue University Blackline GPS, Inc. Boeing Company Boon Edam, Inc. Brady People ID BRICKCOM CORPORATION BrickHouse Security BriefCam, Ltd. Brijot Imaging Systems, Inc.

Brivo Systems, LLC Brownyard Group Brownyard Programs, Ltd. BRS Labs Bryce Fastener, Inc. BSI Group America, Inc. Building Reports C.R. Laurence Co., Inc. California University of PA CALL24 Wireless Callbox Systems Cambridge Security Seals Campus Safety Magazine CAP Index, Inc. Card Scanning Solutions CCTVSTAR, Inc. CEIA USA Celayix, Inc. CI Centre CIAS CIC Technology – CORiT Cisco Systems, Inc. Clinton Electronics Corporation CNB Technology, Inc. CNL Software, Inc. Cochrane USA Code Blue Corporation Cohu, Inc. – Electronics Division ColorID, LLC COMMEND, Inc. Commissionaires COMNET Concentric Security, LLC Control Risks Control Room Group – a division of AVI-SPL Contronics Technologies Cooper INDUSTRIES Cop Security System Corp. CORNELL Counter Terrorist Magazine (The) CoverX Corporation Cross Match Technologies, Inc. CSO Magazine Cygnus Security Group D3 Security Management Systems

DAHLE North America Datacard Group DataDirect Networks Dayton T. Brown, Inc. DEANSTEEL MFG CO. DEDICATED MICROS, Inc. Deister Electronics Designed Security, Inc. (DSI) DeTect, Inc. DeTekion Security Systems, Inc. DETEX Diebold Incorporated Digital ID Solutions, LLC Digital Supply International Digitize, Inc. DITEK Corporation DMP Dolphin Components Corp. DoorKing, Inc. Dortronics Systems, Inc. DRS Technologies, Inc. DSI Security Services, Inc. DSX Access Systems, Inc. DVTel, Inc. DynaLock Corp. Dynasound – Soundmasking & Eavesdropping Protection Division e-DATA Corporation EasyLobby, Inc. ECSI International, Inc. EK Ekcessories ELC Security Products ESRI Essen Trade Shows EURESYS Europ Assistance USA Evax Systems EverFocus Electronics Corporation Exacq Technologies, Inc. Explosive Countermeasures Int’l. EYE TRAX Faro Fastcom Technology Feeling Software Fire and Life Safety America Firetide

Admission to the Exhibits is FREE when you register in advance ($75 value).

Exhibits is FREE when you register in advance ($75 value). 6 ASIS 2011 Anticipate the unexpected.
Exhibits is FREE when you register in advance ($75 value). 6 ASIS 2011 Anticipate the unexpected.

6 ASIS 2011 Anticipate the unexpected. The security tools, techniques, and talent for tomorrow.

Fisher Labs Fleet Management Solutions FLIR Systems, Inc. Florida Association of Security Companies (FASCO) FreightWatch International (USA), Inc. FujiFilm North America Corp. Fujitsu Frontech North America, Inc. Future Fibre Technologies FutureSentry

Hirsch Electronics Hitachi America, Ltd. HMA Consulting, Inc. Homeland Security Newswire Honeywell International Huffmaster Protective Services Group HySecurity Gate Operators Hytera Communications i2, Inc. i 3 International IAPP

G4S

ICD Security Solutions

GAI-Tronics Corporation Galaxy Control Systems Gale Force Software Corporation Gallagher Security USA, Inc. Garrett Metal Detectors

ICE PACK Emergency Sustainment Systems, LLC ICx Technologies IDenticard Systems Identification Systems Group idOnDemand

“this is the largest gathering of security professionals and the most comprehensive display of security technology in the world.”

Milton Moritz, CPP, President Moritz Associates

Gatekeeper Security Gavin de Becker & Associates General Lock & Clark Security General Services Administration Genetec Genius Vision Digital, Inc. GENRIC George Washington University GeoVision, Inc. GEUTEBRUCK Security, Inc. GlassLock, Inc. Global Engineering Security System Global Rescue, LLC Global Software Graybar GSP Systems, Inc. Guardian8, Inc. Guardsmark, LLC Gunnebo Entrance Control GVI Security HanitaTek, LLC Heigl Technologies HGH Infrared Systems, Inc. HID Global Hikvision Digital Technology Co., Ltd. Hill & Smith, Inc.

IEE Sensing IEI (Now Part of Linear) IFSEC iJET Intelligent Risk Systems Ikegami Electronics (USA), Inc. Iluminar ImmerVision IndigoVision, Inc. INEX/ZAMIR Infinova Ingersoll Rand Security Technologies InMotion CCTV, Inc. InstaKey Security System Installations, Inc. Insulgard Security Products Integrated Security Corporation Intelli-Check-Mobilisa, Inc. INTELLIKEY Corporation Intergraph Corporation International SOS Intransa, Inc. Investigations Canada, Inc. iOmniscient Corporation Ionit Technologies, Inc. IPVideo Corporation IQinVision IRIS Companies, (The) (ISC) 2 Pavilion

iThreat Solutions iView Systems Izzo Insurance Services, Inc. JDS Digital Security Systems, LLC Johnson Controls, Inc. Jolly Technologies, Inc. Jupiter Systems K2 Solutions, Inc. Kaba Access Control KBC Networks Keltron Corporation Keri Systems, Inc. Key Systems, Inc. Key Tracer Systems, Inc. Keyscan, Inc. KeyTrak, Inc. KKP Security Group Koukaam Kowa Optimed, Inc. Krieger Specialty Products

MER, Inc. Meridian Technologies, Inc. Messoa Technologies, Inc. Metro One Microsemi/PowerDsine Microsoft Corporation Middle Atlantic Products, Inc. MILESTONE SYSTEMS MKS Instruments Mobotix Corp. Modular Security Systems, Inc. Monitor Dynamics, Inc. Monitronics Moog QuickSet MorphoTrak Morse Watchman, Inc. MSA Security NAPCO Security Technologies, Inc. NASATKA BARRIER, Inc. National Background Data

KT & C USA

NC4

L-1 Enterprise Access Division (Bioscrypt) Laboratory Corporation of American Holdings Laipac Technology Laminex, Inc. Lantronix LawMate America Leading Holdings, Inc. LENSEC-IP Video Surveillance LG Electronics USA – Iris Technology Division Liberty Uniform Mfg. Co., Inc. LifeSafety Power, Inc. LightLOC Divison of Woven Electronics Linear, LLC Lion Uniform Group – a G&K Services Company LockDown, Inc. Lockmasters, Inc. LOUROE ELECTRONICS LSI – Lockmasters Security Institute/Lockmasters, Inc. Lumidigm, Inc. M.C. Dean, Inc. Madico Window Films MAGICARD – Ultra Electronics Magnetic Automation Corp. March Networks Marlin Leasing Corp. Marshall Electronics, Inc. Martin Yale Industries, Inc. Matrix Systems, Inc. Maxxess Systems, Inc. MBM Corporation McGard, LLC

NEDAP Network Video Technologies Next Level Security Systems, Inc. NIGHTSTICK Niscayah, Inc. Nissan North America NITEK NUUO, Inc. Oberthur Technologies Omnitron Systems Technology On-Net Surveillance Systems, Inc. (ONSSI) One Source Industries Ontario-Canada Delegation Open Options, Inc. OPENEYE Optellios, Inc. Optex Optiview, Inc. Orion Images Corp. OSRAM SYLVANIA OSSI (OLTIS Security Systems International) OzVision Pacific Lock Company Pacom Panasonic Par-Kut International, Inc. Parabit Systems, Inc. Patriot3, Inc. Paxton Access, Inc. Pelco, Inc. by Schneider Electric PENTAX Imaging Perceptics, LLC Petersen Mfg. Co., Inc. Philadelphia Insurance Co.

THE MECHANIC GROUP, Inc.

Pivot3

MEDEX Global Group, Inc.

Pixim, Inc.

ASIS is proud to honor this year’s Security’s Best—the most innovative new technology, product, and
ASIS is proud to
honor this year’s
Security’s Best—the
most innovative new
technology, product,
and service solutions.
innovative new technology, product, and service solutions. The winning entries from this competition, open to all

The winning entries from this competition, open to all ASIS exhibitors, will be featured in the Accolades Showcase in the Exhibit Hall. View product informa- tion online pre- and post-show and see the solutions ‘up close and personal’ on-site.

and see the solutions ‘up close and personal’ on-site. September 19–22, 2011 | Orange County Convention

“If you are thinking about or looking for anything in or about security, you’ll find it here, see it here, and experience it here.”

Robert Crow Director, Corporate Security AmerisourceBergen Corporation

Telular Corporation Texecom Limited Theia Technologies THETW Thomson Reuters Tilt-A-Way/Ideal Mfg., Inc. TLO Today’s Facility Manager TOKINA INDUSTRIAL, Inc. ToteVision Tower Solutions Training Camp Traka USA Transformational Security, LLC TransTech Systems, Inc. Travel Guard Tridium Triple Canopy TSSIA – Taiwan Safety & Security Industry Assoc. Tyco Security Products TydenBrooks Security Products Group TYMETAL Corp. U.S. Postal Inspection Service U.S. Saudi Arabian Business Council U.S. SECURITY ASSOCIATES, Inc. UDP Technology Uncle Mike’s Law Enforcement Underwriters Laboratories, Inc. UNIONCOMMUNITY CO., LTD. UniPro Uniforms United States Bullet Proofing, Inc. Universal Safety Response – GRAB Barrier Universal Services of America University of Denver University of Maryland University College University of Phoenix UTC Fire & Security (Formerly GE Security) Valcom, Inc. Valor Systems, Inc. Ventas De Seguridad Veracity USA Verint Video Solutions

Plasco ID PlaSec, Inc. Point Grey Research, Inc. POINTMAN Polaroid ID Systems POWDERSAFE Pty, Ltd. PowerFlare (PF Distribution Ctr) PPM 2000, Inc. Premier Mounts Premier Wireless, Inc. PRO Barrier Engineering Protech/Protection Technologies, Inc. Protection One, Inc. ProxiGuard/BlueCard Software Technology Co., Ltd. Proxim Wireless PureTech Systems, Inc. QNAP, Inc. Quantum Secure, Inc. Quartermaster, Inc. Quest Diagnostics Quintron Systems, Inc. Rainbow CCTV Rapiscan Systems Raytec Raytheon RBH ACCESS TECHNOLOGIES, Inc. Realtime DAR record usa, Inc. Redline Communications Research Electronics Int’l., LLC RF Ideas, Inc. RGB Spectrum ROFU International Corp. Rosslare Security Products RS2 Technologies, LLC RSSI Barriers, LLC RTM Soft Rytec High Performance Doors S2 Institute S2 Security Corporation Safety Technology International, Inc. SAIC Salient Systems Salto Systems, Inc. Samsung Techwin Sarnoff Corporation Scallop Imaging Scanna MSC, Inc. Schneider Electric School Planning & Management/ College Planning & Management SDC-Security Door Controls SDM & Security Magazines SecurAmerica, LLC Securitas Security Services USA

Securitech Group, Inc. Security Buyer Security Director News and Security Systems News Security Information Systems, Inc. Security Journal/Palgrave Macmillan Security Management SECURITY PRODUCTS MAGAZINE Security Sales & Integration Magazine Security Solutions Int’l. Security Today Magazine – India Security Tronix Security-Net Seguridad en America Send Word Now SensaVideo Senstar, Inc. Sentry 360 Security Sentry View Systems SentryNet Shanghai Xinfan Container Fit ShotSpotter, Inc. SIEDLE Sielox/Costar Video SightLogix SimonsVoss SITE – SECURE Smarter Security – Outdoor Division Smartvue Corp. Smiths Detection SMP Europe Limited Sony Electronics Southwest Microwave, Inc. SPAWAR Atlantic SPECO Technologies Stanley Security Solutions THE STEELE FOUNDATION STENTOFON/Zenitel Group Stone Panels, Inc. STOPware, Inc. Stretch, Inc. Sun Myung Electro-Telecom Co. Surveon Technology Synology America Corp. T.S. MicroTech, Inc. TagMaster North America, Inc. TAKEX AMERICA, Inc. TALK-A-PHONE CO. TAMRON USA, Inc. Tavcom Training Team NiSCA/Kanematsu USA & GLORY TEAM Software, Inc. Tech, Inc., Corp. Tech Systems, Inc. Telephonics Corporation

Vertex Standard Vicon Industries, Inc. Video Insight, Inc. Video Mount Products Videology Imaging Solutions, Inc. videoNEXT Network Solutions, Inc. VIDEX, Inc. VIDO Security System Co., Ltd. VidSys, Inc. VIEWZ VIGITRON, Inc. Viking Electronics, Inc. Virtual Imaging, Inc. (Canon) Viscount Systems, Inc. Vision Components GmbH Visitor Pass Solutions by Data Management, Inc. VIVOTEK, INC. Vumii Imaging, Inc. Watec/Genwac Wausau Tile, Inc. Webster University WEISER SECURITY SERVICES, INC. Whelan Security Co. Whitaker Brothers, Inc. Wilson Bohannan Padlock Company Winland Environmental Security Winncom Technologies Winsted Corporation WIRECRAFTERS, LLC Worldwide Imaging & Detection Systems, Inc. X-Test Xiamen Leading Optics Co., Ltd. Xtec, Incorporated Xtralis Zebra Technologies Zistos Corporation

Incorporated Xtralis Zebra Technologies Zistos Corporation PErSONALIzE yOur ShOw ExPErIENCE wIth thE ONLINE PLANNEr ANd
Incorporated Xtralis Zebra Technologies Zistos Corporation PErSONALIzE yOur ShOw ExPErIENCE wIth thE ONLINE PLANNEr ANd

PErSONALIzE yOur ShOw ExPErIENCE wIth thE ONLINE PLANNEr ANd ASIS MOBILE!

• Plan your session schedule.

• Search for companies, products, and services.

• Pre-book appointments with exhibitors.

• Learn about breaking ASIS news and show specials.

• Access a live Twitter feed.

8 ASIS 2011 Anticipate the unexpected. The security tools, techniques, and talent for tomorrow.

Certification Activities

ASIS CERtIFICAtIon

Prepare for ASIS Board Certification—take a Review Before the Seminar

Friday, September 16–Saturday, September 17 Peabody Hotel

The most respected leaders in security management are board-certified by ASIS International. Prepare a course of study to earn one of three ASIS designations (CPP, PCI, or PSP) by attending a classroom review prior to the Seminar and Exhibits. Experienced instructors provide a focused review of the subjects tested on each exam. Reviews may also be audited for a reduced fee (restrictions apply). Visit www.asis2011.org for details and to register.

Certification lounge

Monday–Wednesday, 9:00 am–4:30 pm

CPPs, PCIs, and PSPs are invited to visit the Certification Lounge throughout the Seminar. The Lounge is the perfect place to connect with other certificants from around the world and to get the latest in certification news. Members of the Professional Certification Board (PCB) and ASIS Certification Department staff will also be in the Lounge to network and answer your questions.

Earn up to 19 Recertification Credits

If you’re a CPP, PCI, or PSP, you can earn up to 19 recertification CPEs by attending the Annual Seminar and Exhibits:

1. Those who register for the Full Seminar (four days) will automatically receive sixteen (16) CPE credits plus three (3) CPE credits for attendance at the exhibit hall. (No documentation is required.)

2. Those who register for a Single Day registration will automatically receive four (4) CPE credits plus three (3) CPE credits for attendance at the exhibit hall.

3. Those who register as Exhibits-only can claim three (3) CPE credits (copy of the name badge is required as a form of documentation).

4. Those who attend as Exhibitors can claim three (3) CPE credits and one (1) CPE credit per session that they attend. (Copy of the name badge is required as a form of documentation).

(ISC) 2 ®EDuCAtIon

Free Credential Clinics

Sunday, September 18 Peabody Hotel

If you are an information security professional who would like to become (ISC) 2 certified, we invite you to take a sneak peak into our award-winning Official Review Seminars. During our half-day Free Credential Clinics you will be taught by an (ISC) 2 Authorized Instructor in accordance with (ISC) 2 approved education materials, so you can see for yourself which credential is the best fit for your skills and career path. You may choose from CISSP,®CSSLP,®CAP,®or SSCP®and decide whether an official education program is the best choice for you.

official Review Seminar

Saturday–Sunday, September 17–18 Peabody Hotel

(ISC) 2 is offering a two-day Intensive Education program for the CISSP or CSSLP certification, so if you would like to take advantage of the best discounts on (ISC) 2 official education, plan on registering for one of the classes. For more information or a complete listing of the offerings, please visit

www.isc2.org/congress2011.

(ISC) 2 Exam

Sunday, September 18 Peabody Hotel

(ISC) 2 will host a certification exam. Register for any (ISC) 2 exam online at

www.isc2.org/certification-register-now.aspx.

the CSO roundtable, a private membership group within ASIS International, is proud to offer an

the CSO roundtable, a private membership group within ASIS International, is proud to offer an exclusive slate of sessions and activities for senior security executives at this year’s Annual Seminar and Exhibits. In addition to this special CSO track, members can take advantage of a business lounge and a private area at the President’s reception. Access to these benefits is free for paid roundtable members. If you are not a roundtable member but are interested in attending these sessions, please contact manuela.costa@asisonline.org.

Speakers subject to change. Session times will be announced at a later date.

Distinguished Speakers

In the CSO Roundtable’s Distinguished Speaker Series, notable and sometimes controversial speakers join private sessions and take questions from members of the CSO Roundtable. The CSO Roundtable is proud to announce that Jeb Bush, former Governor of Florida, and Vicente Fox, President of Mexico, will participate as this year’s Distinguished Speakers.

When a Crisis Calls: Business Collaboration With the Public Sector

Public/private collaborations sound great on paper, but when a disaster strikes, this important relationship is put to the test. This session emphasizes lessons learned from previous crises and how to ensure better preparedness and resiliency by having good coordination between the two sectors.

Lori Hennon-Bell, Chief Security Officer, Prudential Financial

Social media Risks and Rewards

Should your company allow the use of Facebook or LinkedIn? How about letting workers use their iPhones? Are you planning to move any critical services to the cloud? Organizations move faster and function more efficiently when their security teams embrace, rather than reject, new technologies, but it’s not always easy to do so. Businesses also face increased intelligence threats from using social media. This session considers all sides of the debate and how security professionals can stop fighting technology demands and become enablers.

Jeff Berkin, Chief Security Officer, CACI

Changes in Corporate liability Put Companies and Executives at Risk

An employee used corporate Internet access in planning a crime, and the victim’s family sued to hold the company liable—and won. In Europe, the managing director of a German steel plant in Italy was charged with second-degree murder and received a 16-year jail sentence, held responsible (along with five other managers) for an accidental fire that killed seven workers. This session explores how the notion of corporate liability is changing across the globe, and provides advice to security leaders on how to keep their companies and executives safe from this kind of liability.

Brian Reich, CPP, Bergen County Prosecutor’s Office; Roger Warwick, CPP, Managing Director, Pyramid International

Revolution in the middle East: What’s next Will Affect your Company

From Bahrain to Yemen, discontent followed by ‘soft revolutions’ swept through the Middle East this year, dislodging some decades-old regimes and threatening others. What changes have been wrought in the region, and which regimes may be next? How are the new governments different from the regimes they are replacing, or will it be business as usual? And what will be the short- and long-term effects on multinationals that do business in the region? This presentation addresses these issues and encourages security executives to discuss other issues pertinent to doing business in the region.

Hugh McLeod, COO, Stirling Assynt (Europe), Ltd.

Becoming a trusted Advisor to the CSo

See page 15 for details.

10 ASIS 2011 Anticipate the unexpected. The security tools, techniques, and talent for tomorrow.

Pre-Seminar Programs and Events

Make the most of your time and resources in Orlando by adding one or more of these exciting programs to your agenda. Additional registration fees apply where indicated.

PRE-SEmInAR PRoGRAmS

the Impact of Cargo theft on the Global Supply Chain

Saturday–Sunday, September 17–18

This comprehensive program examines supply chain criminal activity in all modes and areas of the global logistics and transportation industry sectors. Beginning with the identification and assessment of existing threats and related vulnerabilities which significantly impact the supply chain, examine all aspects of effective mitigation processes. The critical role of actionable intelligence analysis in the strategic security planning process is emphasized, and specific supply chain security countermeasures are presented. Review the importance of existing transportation statutes and necessary cargo carriage liability coverage. The creation of a secure environment for people and cargo is examined, both from a supply chain standpoint and a terminal perspective. Trends in supply chain governance and the uncertainty of global political resolve are analyzed as key factors requiring substantial change for the improvement of supply chain security integrity in the face of the ongoing threat of criminal activity.

Presented by the Global Maritime and Transportation School (GMATS) at the U.S. Merchant Marine Academy

Program #1165 $595 member; $695 nonmember

Detecting Deception in Verbal and Written Statements

Saturday–Sunday, September 17–18 8:00 am–5:00 pm

This is an intensive, hands-on introduction to Statement Analysis. You will learn how to detect deception in verbal and written statements, allowing you to identify suspects and eliminate truthful persons as suspects. The technique will allow you to save time and resources as well as be more successful in your investigations. Learn from actual cases that were solved using the technique and gain practical experience.

Sponsored by John Dietz and Associates

Program #1164 $595 member; $695 nonmember

Advanced Guard Force management:

Improving Performance/Reducing turnover

Sunday, September 18, 8:00 am–5:00 pm

The basic element in private security today is still the security officer. Improper pre-employment screening, weak training programs, and worn out policies and practices resulting in even one bad performer can derail an entire protection program. This program, conducted by leading security managers with over 75 years of cumulative experience, outlines cases where training came too late and offers you practical advice on how to avoid the pitfalls of a less than optimum program. Topics include defining the security officer role, performing an objective evaluation, contract security, managing security in an organized labor environment, avoiding litigation, use of force, and building morale.

Sponsored by the International Foundation for Cultural Property Protection.

Program #1168 $395 member; $495 nonmember

Protection. Program #1168 $395 member; $495 nonmember Bank Security Risk mitigation Sunday, September 18, 8:00

Bank Security Risk mitigation

Sunday, September 18, 8:00 am–5:00 pm

This full-day program covers the major topics and concerns faced by corporate security managers in the banking and financial institutions environment. A panel of security directors and other bank security specialists will address the Bank Protection Act, risk assessment process, CPTED principles for banking, bank robbery training, effects of global financial crime, Internet banking account takeovers, preparing for court testimony, and creating added value in bank security programs.

Sponsored by the ASIS Banking and Financial Services Council

Program #1167 $395 member; $495 nonmember

Pre-Seminar Programs and Events

not a moment to lose: Facing the Security Challenges of the new Decade

Sunday, September 18, 8:00 am–5:00 pm

After a decade of disappointment that included both 9/11 and the near collapse of the global financial system, today’s security leaders, more than any time in history are faced with issues that require the knowledge and leadership skills to influence management. This program examines all-hazards global risk and its economic consequences as well as evolving compliance trends. A diverse group of expert practitioners will share their cross-functional methodologies, measures, and best practices for enterprise risk management, cost containment, and revenue influence within the framework of the company environment.

Sponsored by the ASIS Leadership and Management Practices Council

Program #1171 $395 member; $495 nonmember

Preparing for the Worst: Security Readiness and Response for your Critical Business Functions

Sunday, September 18, 8:00 am–5:00 pm

Every business has its own critical processes and functions, making resiliency to incidents vital. In this program, you will learn readiness, response, and recovery practices using standards related to the preservation of your assets. Information on resiliency, current practices, and training to ensure your exercises conform to established best practices will be provided. Topics include the DHS PS Prep Program, cyber security risks to critical infrastructure, liability and insurance issues resulting from a catastrophic event, an update on terrorism issues, and the Homeland Security Exercise and Evaluation Program (HSEEP).

Sponsored by the ASIS Critical Infrastructure Working Group

Program #1166 $395 member; $495 nonmember

Raising the heat on Soft target Protection: Is your open Access Business Environment Safe?

Sunday, September 18, 8:00 am–5:00 pm

The challenging task of protecting soft targets including hotels, arena events, and other entertainment and hospitality venues requires more than a basic security plan. This intensive, full-day program, presented by industry profes- sionals and government officials, provides an array of resources and information on staff training, current threat trends and mitigation, evaluating risks, response, the value of public- private partnerships, and liability exposure associated with major events in soft target environments. Leave with real world solutions to apply at your venue.

Sponsored by the ASIS Hospitality Entertainment and Tourism Council

Program #1169 $395 member; $495 nonmember

Securing houses of Worship now and in the Future

Sunday, September 18, 8:00 am–5:00 pm

International polls on terrorism list houses of worship in the top five ‘at risk’ sectors for the threat of terrorist attacks. This program addresses the risks, threats, and vulnerabilities to houses of worship and faith-based organizations from various cross-denominational religions in the U.S. and abroad. Learn how to develop risk manage- ment strategies that will help your organization implement solid safety and security plans as well as aid in deploying detailed operational protection procedures.

Sponsored by the ASIS Cultural Properties Council and the Houses of Worship Security Committee

Program #1170 $395 member; $495 nonmember

Security Committee Program #1170 $395 member; $495 nonmember 12 ASIS 2011 Anticipate the unexpected. The security

12 ASIS 2011 Anticipate the unexpected. The security tools, techniques, and talent for tomorrow.

the Basis of Security Design: Functionally Integrated Systems Sunday, September 18, 8:00 am–5:00 pm Based

the Basis of Security Design:

Functionally Integrated Systems

Sunday, September 18, 8:00 am–5:00 pm

Based on the first part of Facility Security Design, ASIS’ popular three-day program, this one-day intensive workshop delineates a step-by-step process to identify assets and assess value, identify threats and vulnerabilities of those assets, and then use that information in a risk assessment process to help develop functional design requirements for solutions to the vulnerabilities. New hands-on exercises help you put the approach into a realistic scenario. The program wraps up with discussion on how to take the functional requirements and prepare the preliminary design package.

Sponsored by ASIS Security Architecture and Engineering Council

Program #1172 $395 member; $495 nonmember

the Successful Security Consultant

Sunday, September 18, 8:00 am–5:00 pm

Launch a new security consultant practice or jump-start an existing one – this popular, one- day program will show you how! Learn from a faculty of seasoned consultants how to avoid the expensive mistakes that can sabotage your success. The program is filled with practical information that will save you time, money, and frustration. Take home a comprehensive workbook of sample proposals and reports that give you a clear advantage when competing for a security consulting assignment.

Sponsored by International Association of Professional Security Consultants (IAPSC)

Program #1173 $395 member; $495 nonmember

(IAPSC) Program #1173 $395 member; $495 nonmember “From a security field perspective, it is the best

“From a security field perspective, it is the best available conference/ show on security in the united States.”

Michael Burton Security Manager ACE Cash Express

CISSP®2-Day Intensive Education Program

Saturday–Sunday, September 17–18 8:00 am–5:00 pm

two-Day Review Seminar—Exclusive For those information security professionals considering becoming (ISC)² certified, a two-day Official Review Seminar for CISSP will be offered for a one time only price of $750.00. Please register for this by calling certification consultant Guy Wiltse at +1.703.637.4416 or online at

www.isc2.org/certification-register-now.aspx.

Sponsored by (ISC) 2

$750 member/nonmember

. Sponsored by (ISC) 2 $750 member/nonmember CSSlP®2-Day Intensive Education Program Saturday–Sunday,

CSSlP®2-Day Intensive Education Program

Saturday–Sunday, September 17–18 8:00 am–5:00 pm

two-Day Review Seminar—Exclusive For those information and application security professionals considering becoming (ISC)² certified, a two-day Official Review Seminar for CSSLP will be offered for a one time only price of $750.00. Please register for this by calling certification consultant Guy Wiltse at +1.703.637.4416 or online at

www.isc2.org/certification-register-now.aspx.

Sponsored by (ISC) 2

$750 member/nonmember

. Sponsored by (ISC) 2 $750 member/nonmember September 19–22, 2011 | Orange County Convention Center |
. Sponsored by (ISC) 2 $750 member/nonmember September 19–22, 2011 | Orange County Convention Center |

Pre-Seminar Programs and Events

PRoFESSIonAl touRS

Kennedy Space Center

Sunday, September 18, 1:00 pm–6:00 pm

Kennedy Space Center Sunday, September 18, 1:00 pm–6:00 pm Blast off! Get up close and personal

Blast off! Get up close and personal with a Saturn Rocket. This two-hour guided tour of the Kennedy Space Center by trained space experts gives you a unique view of the space program, from launch preparation to liftoff. ASIS guests are treated to close views of space shuttle

launch pads from the top of the 60-foot-tall LC-39 Observation Gantry with 360 degree views of the Cape, the Vehicle Assembly Building (VAB), and the massive crawler-transporter, which transports the shuttle from the VAB to its launch pad. At the conclusion of the guided portion of the tour, guests will disembark at the Apollo/Saturn V Center to marvel at a massive 363-foot-long Saturn V moon rocket. The Apollo/Saturn V Center

is a tribute to the Apollo astronauts and the

machines that got them to the Moon—and brought them home safely.

Then join Kennedy Space Center professionals who will discuss the basics of security for America’s Space Program. You will have an opportunity to tour the Apollo/Saturn V Center at your own pace prior to returning to the main campus. Test out the Shuttle Launch Experience simulated attraction for a virtual space voyage.

Short of becoming an astronaut, there’s no better way to get a glimpse of the Kennedy Space Center! Buses depart the Orange County Convention Center at 1:00 pm and return by 6:00 pm.

Fee: $70

Virtual and Immersive training Systems Experience

Sunday, September 18, 1:30 pm–5:30 pm

Experience active training the way military and law enforcement experience it. Cubic Corporation designs, develops, manufactures, and provides

a full range of virtual training devices for national military and security forces worldwide. Be ready to put on the gear and step into the virtual world where your adrenaline flows.

Create your own training scenario on the computerized tabletop display or Mission Rehearsal Planning System. This software brings computer gaming to real-world experiences.

Test your small arms engagement skills in Cubic’s scenario-based small arms simulators. Pick the target; take the test.

Experience driving a Humvee through enemy territory with guns blazing. The big screen animation reacts to your actions. Are you ready for a challenge?

Get down and dirty in this Multiple Integrated Laser Engagement Simulation, which accurately replicates actual firing capabilities, detects hits from laser ‘bullets,’ and performs damage and/ or casualty assessments. Will you survive?

This is an experiential tour. Be ready for action! Buses depart the Orange County Convention Center at 1:30 pm and return by 5:30 pm.

Fee: $75

ASIS WomEn In SECuRIty SESSIonS AnD EVEntS

Join us for the 2011 Women in Security program and continue to improve your leadership skills, build your career network, and nurture your mentoring relationships.

ASIS Women in Security open Session

Tuesday, September 20, 3:15 pm–4:30 pm

Join the ASIS Women in Security Group for an open session set to explore topics unique to females in the industry. This premiere networking event opens with a series of four separate breakout sessions, including: Achieving Your Potential with Certification; Projecting Confidence in the Workplace; Mastering Situational Leadership; and Becoming a CSO. Attendees select two of the four sessions to attend. Conclude the session with open discussions and informal networking.

Breakout session options:

Session one: Achieving your Potential with Certification In today’s job market, it’s critical to be, and stay, competitive. ASIS professional certifications convey competence and credibility—providing the edge required to advance and achieve professional goals. Learn the steps to achieving certification and how you can leverage your credentials to stand out among your peers and advance in your security career.

Session two: Projecting Confidence in the Workplace You have been told to carry yourself with confidence. Until now, you have not been told how to do so. Join us and master the skills you need to project confidence in the workplace.

Session three: mastering Situational leadership This session, led by Natalie Runyon, Goldman Sachs Global Security and CSO Leadership Training, will provide tools to help you know when to be strong and decisive and when to be

14 ASIS 2011 Anticipate the unexpected. The security tools, techniques, and talent for tomorrow.

collaborative and inclusive, and how to adapt your leadership and communication styles appropriately. Session Four:

collaborative and inclusive, and how to adapt your leadership and communication styles appropriately.

Session Four: Becoming a CSo Climbing the corporate ladder is fraught with obstacles and challenges. Listen as experienced CSO Marene Allison, Worldwide Vice President of Information Security at Johnson & Johnson, shares her experiences and advice on attaining one of the highest professional levels in the corporate arena.

networking Reception

Tuesday, September 20, 4:45 pm–5:45 pm

Come together and connect with peers for a special hour of networking and discussions hosted by the ASIS Women in Security Group. Enjoy cocktails in a relaxing setting as you become reacquainted with colleagues and expand your worldwide network of professional contacts.

Women in Security Keynote Breakfast

Wednesday, September 21, 7:00 am–8:00 am

Accomplished business consultant, coach, and trainer Susan Mazza, Women’s Business Center, Florida Institute of Technology, shares her unique understanding of human systems and passion for instigating leadership. Discover and inspire the leader in you as you learn to unlock the potential of the human spirit.

Reaching Forward, Reaching Back:

mentoring Women in Security

Wednesday, September 21 11:00 am–12:00 noon

This session will provide hands-on tools to assist in recruitment, retention, and development of women in the security environment. Learn from your colleagues how mentoring has been an invaluable part of their professional experience, and walk away from the session with specific how to’s and next steps.

Terri Howard, Director, Crisis Management, FEI Behavioral Health

Howard, Director, Crisis Management, FEI Behavioral Health younG PRoFESSIonAlS Make new connections and strengthen your

younG PRoFESSIonAlS

Make new connections and strengthen your professional network at ASIS 2011 by attending events such as these with peers and established practitioners.

young Professionals Reception (CSo Roundtable members Invited)

Sunday, September 18, 5:00 pm–6:00 pm

Engage, listen, and learn from peers and high-level industry leaders during this dynamic networking reception hosted by the Young Professionals Group. Three stimulating, 20-second presentations from accomplished industry leaders on leadership, advancement, and achievement create the basis for an hour of thought-provoking conversation and discussion.

President’s Reception—networking With the CSo Roundtable

September 20, 8:30 pm–10:00 pm Universal’s Islands of Adventure®

Join your peers and CSO Roundtable members for a private reception held at the President’s Reception. Enjoy top-flight beverages and hors d’oeuvres while you mingle with peers and senior leaders in a relaxed atmosphere. By invitation.

Becoming a trusted Advisor to the CSo

Wednesday, September 21, 1:45 pm–3:00 pm

Many chief security officers hire multiple deputies, each with different backgrounds and skill sets, to be subject matter experts and trusted advisors on a host of threats. Those who advance in their organizations to become deputies to the CSO are provided with a great learning opportunity—not to mention a chance to step up into the CSO position some day. But how do you get to become a deputy in the first place? This panel discussion, with deputy CSOs from major multinational companies, will provide some ideas as well as answer questions from the audience.

Steve Braden, CPP, Vice President, Corporate Security Services, Capital One Bank; Bryan Fort, CPP, Corporate Security Manager, McCormick & Co., Inc.; Scott Lindahl, Director Corporate Security, Kellogg Company; Bill Ovca, President, Ovca Associates, Inc.

“ASIS International is the most comprehensive educational and networking resource in the security field.

Daniel H. Kropp, CPP Director, Physical Security Towers Watson

Focus on homeland Security

this year’s comprehensive education program includes 30 sessions in the homeland security track. If you’re responsible for protecting the homeland, these topics, presented by leading experts from government and industry, may be of special interest to you. But don’t limit yourself to these sessions—you’re sure to find additional relevant topics throughout the program. (Sessions begin on page 18.)

Monday SEPtEmBER 19

11:00 am–12:00 noon

2106 Israeli Security: unconventional

threats, unconventional methods

Oren Raz, Head of Security, Consulate General of Israel to New England; Amit Gavish, CPP, General Manager, North America, BriefCam; Steve Surfaro, Industry Liaison, Axis Communications

2108 Protection of Corporate/General

Aviation Aircraft, hangers, and Airports

Dr. Daniel Benny, CPP, PCI, Security Discipline Chair, Embry Riddle Aeronautical University Worldwide

2109 the Evolving Concerns of Food

Defense Related to Economically motivated

Adulteration (EmA) and Compliance With the Food Safety modernization Act (FSmA)

Shaun Kennedy, Director, National Center for Food Protection and Defense

2118 national Security Information:

top Five Aspects to Successfully Protecting

our Secrets

Dorene Colwell, Director Special Security Programs, Office of Intelligence and Analysis, Department of the Treasury

LAw ENFOrCEMENt/ MILItAry APPrECIAtION dAy

Wednesday, September 21

If you are an active law enforcement or military professional, you are invited to attend the keynote with Vicente Fox, as well as Wednesday’s sessions and the Exhibits—at no charge. To obtain your complimentary registration for this special day, please register onsite in Orlando at ASIS Registration. Government or military photo ID is required.

Registration. Government or military photo ID is required. 1:45 pm–3:00 pm 2203 Video Quality in Public

1:45 pm–3:00 pm

2203 Video Quality in Public Safety: First

Responder Case Studies

Steve Surfaro, Industry Liaison, Axis Communications; Anna Paulson, Electronics Engineer, VQIPS Lead, U.S. Department of Commerce; Donald Zoufal, Director, SDI; William Badertscher, CPP, Senior Engineer for Facility and Security Control Systems, Georgetown University; Larry Flournoy, Associate Director, Texas A&M University; Robert Rhoads, Telecommunications Specialist, U.S. Department of Homeland Security; James Prokop, PSP, Deputy Program Manager, U.S. Department of Homeland Security

2204 America’s Vulnerable Ports and

Waterways: Current Issues in maritime

Security

Laura Hains, CPP, Maritime Security Specialist, Independent Security Consultant; Laurie Thomas, Maritime Security Coordinator, University of Findlay

2205 Separating Fact From Fiction: the

Food Safety modernization Act of 2011

Brian Stegmann, Senior Engineering & Food Safety Manager, Corn Products International; Matthew Ryan, Director Corporate Security, The Hershey Company; Frank Pisciotta, President, Business Protection Specialists, Inc.

2208 What’s new on the Floor?

Howard Belfor, CPP, President, Belfor & Associates, LLC; Ronald Lander, CPP, Chief Specialist, Ultrasafe Security Solutions

2213 Cyber Jihad: use of the Virtual World

Jeffrey Bardin, Chief Security Strategist, Treadstone 71

2216 Reducing Risk for Elected officials

Robert Oatman, CPP, President, R.L. Oatman & Associates, Inc.

4:30 pm–5:30 pm

2311 Building on the Foundation: more on

Arabs and Islam

Nawar Shora, CEO, Shams Training & Development

2319 Insider threat: A national Concern

Douglas Thomas, Principal Deputy Director, Office of the National Counterintelligence Executive

2320 Protecting America’s Electric Grid

Brian M. Harrell, Sr., CPP, Manager of Critical Infrastructure Protection, North American Electric Reliability Corporation (NERC); Mark Weatherford, Vice President/ Chief Security Officer, North American Electric Reliability Corporation (NERC)

16 ASIS 2011 Anticipate the unexpected. The security tools, techniques, and talent for tomorrow.

Tuesday SEPtEmBER 20

Wednesday SEPtEmBER 21

Tuesday SEPtEmBER 20 Wednesday SEPtEmBER 21 11:00 am–12:00 noon 3107 Considerations and Advancements in Providing a

11:00 am–12:00 noon

3107 Considerations and Advancements

in Providing a Defended Site Perimeter

Joseph L. Smith, PSP, Director/Senior Vice President, Applied Research Associates

3109 update: the u.S. Department of

homeland Security and the Chemical Facility Anti-terrorism Standards

Sue Armstrong, Deputy Assistant Secretary, U.S. Department of Homeland Security

3115 Rail Security: Protecting the

Customer’s lading

Larry Schuck, CPP, President, LarMar Security Consulting, LLC

3119 Protecting your Business:

understanding Islam and Islamofacism

Michael Trapp, CPP, Director, Corporate Security, Tesoro Companies, Inc.

3180 Architecting and Building a Secure

Virtual Infrastructure and Private Cloud

Rob Randell, Staff Security and Compliance Specialist, VMware, Inc.

1:45 pm–3:00 pm

3208 It Security Council Series: Is the

Power Infrastructure Secure? utility and

Smart Grid Security

Maureen McGovern, President, KSB Solutions; Mark Schreiber, CPP, Design Engineering Specialist, Fluor Corporation; Sunil Kumar, Senior Solutions Consultant, Alert Enterprise, (ISC) 2 Appointee; Cpt. Werner Preining, CPP, Responsible for European Operations, Interpool Security, Ltd.

3210 the Rise of Domestic terrorism

Sean Joyce, Executive Assistant Director, Federal Bureau of Investigation

3214 Soft targets

James C. Reynolds, CPP, Director of Safety and Security, Hilton Worldwide

4:30 pm–5:30 pm

3303 Integrator Series: transportation

and Port Security Solutions

Jose Gomez, Port Authority New York New Jersey; Hector Pesquera, Port of Miami

3313 Defense Security Service Report

to ASIS

Stan Sims, Director, Defense Security Service; Drew Winneberger, Director, Industrial Policy and Programs, Defense Security Service

11:00 am–12:00 noon

4102 Public-Private Partnership in

Emergency Planning and Florida’s Regional

Domestic Security task Force Concept

Joyce Dawley, Co-Chair, RDSTF5; Robert Hansel, Co-Chair, RDSTF5; Karen Weaver, Regional Critical Infrastructure Coordinator

4120 the DhS office of Infrastructure

Protection and the Ah&lA—Resources for hotels

Bill Schweigart, U.S. Department of Homeland Security; Victor Glover, CLSD–Senior Vice President, Safety and Security, Accor North America

1:45 pm–2:45 pm

4201 Public-Private Partnership in

Intelligence Sharing: the Central Florida

Intelligence eXchange (CFIX)

Robert Lefiles, Director of the State Fusion Center, FDLE; Cpt. Dave Ogden, CFIX Director, Orange County Sheriff’s Office; Kristie Toruno, CFIX Intelligence Liaison Officer Coordinator; Larry Steiffel, CPP, CFIX Board Member, Walt Disney World Security

4204 Integrator Series: Critical Infrastructure

Security Solutions (Energy, Water, Gas)

Speakers to be announced.

4208 In our neighborhood: Domestic terror

Groups and their tactics

Rusty Capps, President, CT/CI Training Partners, LLC; Deborah (Deedee) Collins, Executive Director, National Security Training Institute

4212 Gaining Insight on mexico’s Crisis

Kurt Norrigan, CPP, President, Kamen & Associates, Inc.

4219 lodging Partnerships With

law Enforcement

Paul Frederick, CPP, American Hotel and Lodging Association and Chairman, Loss Prevention Committee and Director, Global Safety and Security, Hilton Worldwide, Inc.; Harvey “Skip” Brandt, CPP, Director of Security, Boston Park Plaza Hotel and Towers; Local and Federal Law Enforcement from Orange County Florida Sheriff’s Tourism Police

MONDAY, sEPTEMbEr 19 Schedule-aT-Glance

all sessions will be held at the Orange county convention center.

(ISC) 2 Security Congress 11:00 am–12:00 noon 2101 ASIS Standards: Auditing for Improvement—Security Risk and
(ISC) 2 Security Congress
11:00 am–12:00 noon
2101
ASIS Standards: Auditing for
Improvement—Security Risk and Resilience
Auditing
X
2102
Future Threats and Mitigation in the
Air Express Industry: Why Cross-Company
Communication is Critical
X
X
2103
Integrator Series: Collaborative/
X
X
X
X
X
Consultative Selling
2104
Organized Retail Crime Update: We Have
X
Come a Long Way
2105
War-Driving: Drive, Detect, and Defense of
X
X
Wireless Networks
2106
Israeli Security: Unconventional Threats,
X
X
X
X
Unconventional Methods
2107
School Security Used to Be So Easy! The
X
X
X
Changing Challenges in K–12 Education
2108
Protection of Corporate/General Aviation
X
X
X
Aircraft, Hangers, and Airports
2109
The Evolving Concerns of Food Defense
Related to Economically Motivated Adulteration
(EMA) and Compliance With the Food Safety
Modernization Act (FSMA)
X
X
X
2110
IT Security Council Series: Cloud
X
X
Computing for the Physical Security Practitioner
2111
Seek and Ye Shall Be Sued: Using Social
Networking Sites to Manage Risk Without Risking
Litigation
X
X
2112
The Quantum Leap in Security Lighting:
X
X
LED and Induction Lighting
2113
Therefore Go: Security Considerations for
X
X
X
X
Short-Term Mission Teams
2114
Creating and Implementing an Internal
Standardized Training Program for Your Security
Organization
X
X
X
2115
Business Case for Security: Creative Ways
X
to Show Security’s Proposition and Profitability
2116
A Practical and Technological Approach to
X
X
X
Managing Workplace Violence
2117
Corporate Account Takeover: Online and In
X
X
X
the Real World
2118
National Security Information: Top Five
X
X
X
X
X
Aspects to Successfully Protecting Our Secrets
2180
Next Generation Cloud Security
X
X
X
X
X
X
Compliance
2181
Critical Infrastructure Protection and
X
X
X
X
Risk Management
2182
Integrating Security Concepts Into System
X
X
X
X
and Application Design
2183
Yes You Can: How to Securely Deploy and
X
X
X
X
Manage Enterprise Mobile Devices
2184
A Practical Guide to Implementing a Risk
X
X
X
X
Management Strategy
2185
Introduction to the Software Assurance
X
X
X
Track
LEVEL
Arch/Eng/Design
Crime/Loss Prevention
Crisis Management
Critical Infrastructure
Global
Government/Military
Homeland Security
Information/IT Security
Investigations
Legal
Management
Physical Security
Professional Development
Terrorism
Young Professionals
Systems Integrator NEW
Application Security
Cloud Security
Governance,
Regulation,
and
Compliance
Mobile Networking
Security and
Social
Swiss Army Knife

18 Asis 2011 Anticipate the unexpected. The security tools, techniques, and talent for tomorrow.

MONDAY

LEVEL KEY: Fundamental Intermediate Advanced

(ISC) 2 Security Congress 1:45 pm–3:00 pm 2201 ASIS Standards: Preparedness Basics— Learn How to
(ISC) 2 Security Congress
1:45 pm–3:00 pm
2201
ASIS Standards: Preparedness Basics—
Learn How to Protect Your Business and Supply
Chain
X
2202
Integrator Series: Design Your Best Physical
Security Solution for the Corporate Security
Campus
X
X
X
X
X
2203
Video Quality in Public Safety: First
X
X
X
X
X
Responder Case Studies
2204
America’s Vulnerable Ports and Waterways:
X
X
X
X
X
X
Current Issues in Maritime Security
2205
Separating Fact From Fiction: The Food
X
X
X
Safety Modernization Act of 2011
2206
IT Security Council Series: Who Are You,
and Why Should I Trust You? Current Trends in
Identity and Access Management
X
2207
The Process of Investigation and the
X
X
X
X
X
X
Fundamentals of Fact-Finding
2208
What’s New on the Floor?
X
X
X
X
X
X
X
X
X
X
X
X
X
X
2209
What It Takes to Be a Security Executive
X
X
Today
2210
Getting Executive Buy-In for Corporate
Security, Business Continuity, and Crisis
Management
X
X
X
2211
Beyond Statistics: What Crimes are Faith-
X
X
X
Based Organizations Really Facing in the U.S.?
2212
Premises Liability: A Trial Lawyer’s Hints for
X
X
X
the Security Professional
2213 Cyber Jihad: Use of the Virtual World
X
X
X
X
X
X
X
2214 Five Common Mistakes Interviewers Make/
X
X
X
Five Successful Strategies
2215
Should You Have Known: Lessons Learned
X
X
X
X
X
From a Multiple Homicide in the Workplace
2216 Reducing Risk for Elected Officials
X
X
X
X
X
2217 Security’s Role in Managing Successful
X
X
X
X
X
Events
2218
Crisis Management and Social Media—the
X
X
X
X
New Opportunity
2219
Tools for a Successful Job Search:
X
X
Resumes, Cover Letters, LinkedIn Profiles
2280
Using the Cloud Security Alliance GRC
X
X
X
X
Stack to Attest Vendor Compliance
2281
Managing Privacy and Security: The CISO/
X
X
X
CPO Dialogue
2282 Software Security: Is OK Good Enough?
X
X
X
2283 How to Use Mobile Devices Correctly:
X
X
X
X
X
Setting up Security Guardrails
2284
New and Pending GRC Legislation and
X
X
X
X
How It Impacts Your Organization
LEVEL
Arch/Eng/Design
Crime/Loss Prevention
Crisis Management
Critical Infrastructure
Global
Government/Military
Homeland Security
Information/IT Security
Investigations
Legal
Management
Physical Security
Professional Development
Terrorism
Young Professionals
Systems Integrator NEW
Application Security
Cloud Security
Governance,
Regulation,
and
Compliance
Mobile Networking
Security and
Social
Swiss Army Knife

MONDAY, sEPTEMbEr 19 Schedule-aT-Glance

all sessions will be held at the Orange county convention center.

(ISC) 2 Security Congress 4:30 pm–5:30 pm 2301 ASIS Standards: Learn How to Conduct a
(ISC) 2 Security Congress
4:30 pm–5:30 pm
2301
ASIS Standards: Learn How to Conduct a
X
Business Impact Analysis
2302
Security Risk Management in Remote
X
X
X
Site Mining
2303
Integrator Series: Best Practices in
X
X
X
X
X
X
X
Integrated School Security: K–12
2304
Special Events Security in the City of
X
X
X
X
X
X
Orlando: Best Practices, Operations, Technology
2305 High-Rise Security
X
X
X
2306 IT Security Council Series: Forensics and
X
X
X
E-Discovery
2307
Generate Cash by Uninvesting in Security
X
X
X
X
Equipment Services
2308 To Arm or Not to Arm?
X
X
X
X
2309 Information and Data Security While Away
X
X
From the Office
2310
Understanding the Shifting of Risk: A
X
X
X
Moving Target
2311
Building on the Foundation: More on Arabs
X
X
X
and Islam
2312
New Security Standard in China and Your
X
X
X
Business
2313
Advanced Internet/Social Network
X
X
X
Investigations and Background Checks
2314 How to Create Your Security Manual
X
X
X
X
X
X
X
X
X
2315 Get Ready for the Aftermath: Post Incident
X
X
X
X
Management
2316
Is Your Workforce Ready to Travel to High-
X
X
X
X
Risk Destinations? What You Need to Know Now
2317
Security Excellence: Tools to Enhance
X
X
X
X
X
Security’s Mission
2318
Initiating and Conducting Internal
X
X
X
X
Investigations in Multi-National Corporations
2319
Insider Threat: A National Concern
X
X
X
2320
Protecting America’s Electric Grid
X
X
X
X
2380
Cloud Incident Response
X
X
X
2381
Cyber Security and the Socio-Political
X
X
X
X
Landscape: Going Beyond the Technology
2382 The Economics of Failure
X
X
X
2383 Mobile Devices: Employee Monitoring and
Data Loss Prevention in Light of the Expectation
of Privacy
X
X
X
X
X
2385
Why Do Developers Make These Dangerous
X
X
Software Errors?
LEVEL
Arch/Eng/Design
Crime/Loss Prevention
Crisis Management
Critical Infrastructure
Global
Government/Military
Homeland Security
Information/IT Security
Investigations
Legal
Management
Physical Security
Professional Development
Terrorism
Young Professionals
Systems Integrator NEW
Application Security
Cloud Security
Governance,
Regulation,
and
Compliance
Mobile Networking
Security and
Social
Swiss Army Knife

20 Asis 2011 Anticipate the unexpected. The security tools, techniques, and talent for tomorrow.

MONDAY LEVEL KEY: ● Fundamental ■ I ntermediate ▲ Advanced MONDAY, sEPTEMbEr 19 • 11:00
MONDAY LEVEL KEY: ● Fundamental ■ I ntermediate ▲ Advanced MONDAY, sEPTEMbEr 19 • 11:00

MONDAY

LEVEL KEY: Fundamental

Intermediate

Advanced

MONDAY, sEPTEMbEr 19 • 11:00 am–12:00 noon

11:00 am–12:00 noon

2101 Asis standards: Auditing for

improvement—security risk and resilience Auditing

Advanced

Security, risk, and resilience auditing is essential for identifying business opportunities and process improvements. auditing verifies conformance with standards and industry best practices, identifies cost savings, and is essential for the self-declaration process in the uS-dhS PS-Prep Program. learn how to establish and conduct a credible security, risk, and resilience auditing program using the International Standard ISO 19011—the same auditing techniques used by professional auditors and third party certification bodies.

Dr. Marc Siegel, Commissioner, ASIS Global Standards Initiative, ASIS International; Lisa DuBrock, CPA, CBCP, Managing Partner, The Radian Group, LLC

Sponsored by the ASIS Standards and Guidelines Commission

2102 Future Threats and Mitigation

in the Air Express industry: Why Cross-Company Communication is Critical

Advanced

The air cargo express industry is facing greater security challenges. Threats from terrorist organizations and attempts to place explosive devices in cargo have resulted in additional regulation. air express relies on speed to differentiate it from the rest of the cargo industry. Increased documentation, compliance, and regulatory requirements impact the critical benefit that air cargo seeks to deliver. What methodologies are currently available to protect cargo? can new technologies provide all the answers? learn how the industry can be more pro-active in lobbying governments and promoting its own solutions. understand existing and future threats and possible solutions that could be adopted to mitigate risks and strengthen our industry.

Simon Roberts, Vice President, Security, DHL

2103 integrator series:

Collaborative/Consultative selling

Fundamental

In this key session framing the integrator track, you’ll learn collaborative and consultative techniques to take the important steps to mutual success with your end user. learn how to identify needs first, then follow through with products and services. Sell within your ability to deliver and where there are market needs and opportunities. There is a difference between consultation and collaboration: create value with users by partnering. Become innovative and proactive in adding to each partner’s business success. Finally, you’ll learn the consultative Sales Process to become the consultant your customers cannot afford to be without!

Frank DeFina, Samsung; Bill Bozeman, President, PSA Security Network

2104 Organized retail Crime Update:

We Have Come a Long Way

Intermediate

Organized retail crime is responsible for $30 billion in losses to retailers annually. The retail industry has mounted the fight against ORc gangs and fences with databases like leRPnet that function nationally, to efforts by individual investigators’ networks. This session explores various techniques, partnerships, and mitigation strategies that are proving effective. The presentation ends with an update on hR 5932, the Organized Retail Theft Investigation and Prosecution act of 2010.

Alan Greggo, CPP, Founder/CEO, Profit RX, LLC; Mark McClain, Director of Investigations, Asset Protection Division, Wal-Mart Stores, Inc.

Sponsored by the ASIS Retail Loss Prevention Council

2105 War-Driving: Drive, Detect, and

Defense of Wireless Networks

Advanced

With the increasing use of wireless access points for computer networks accessed by numerous types of devices, the possibility of exploiting the exposures and vulnerabilities of these systems is becoming more prevalent. even with the constant changing of technologies to safeguard these networks, the opportunities for individuals to attempt to penetrate the systems are on the rise. learn the basics of wireless networks, the controls that exist, the latest techniques used by perpetrators, and further enhancements to providing a more secure environment.

Alan Nutes, CPP, Senior Manager, Security and Incident Management, Newell Rubbermaid

Education sessions: 2000 Series

Education sessions: 2000 Series MONDAY, sEPTEMbEr 19 • 11:00 am–12:00 noon 2106 israeli security: Unconventional

MONDAY, sEPTEMbEr 19 • 11:00 am–12:00 noon

2106 israeli security: Unconventional

Threats, Unconventional Methods

Fundamental

This session exposes you to global perspectives on protecting government buildings and embas- sies, defense industries, scientific installations, industrial plants, and a national airline. a fusion of unconventional physical security methods and technology will deliver a controversial journey through an environment of adapting threats.

Oren Raz, Head of Security, Consulate General of Israel to New England; Amit Gavish, CPP, General Manager, North America, BriefCam; Steve Surfaro, Industry Liaison, Axis Communications

Sponsored by the ASIS Physical Security Council

2107 school security Used to be

so Easy! The Changing Challenges in K–12 Education

Intermediate

Tweets, friending, cyber bullying, and sexting are terms that are difficult to understand, much less control. What are the latest technology threats and how can they impact an otherwise safe learning environment? Gangs and the violent student are new challenges. abusive parents have to be considered. how do you develop a threat assessment policy? What about workplace violence—can physical access control and surveillance help? What type of policies should be developed and enforced? We’ll assess the shrinking physical security budgets in public and private schools and provide practical, effective solutions.

Michael Ganio, Senior Manager, Orange County Public Schools; Fredrik Nilsson, General Manager, Axis Communications; Conan Bickford, Security, Safety and Transportation Manager, Lake Highland Preparatory School; Paul Timm, PSP, President, RETA Security, Inc.

Sponsored by the ASIS Educational Institutions Security Council and Physical Security Council

2108 Protection of Corporate/

General Aviation Aircraft, Hangers,

and Airports

Intermediate

Gain insight into the threats against private and corporate aviation aircraft, hangers, and airports. a preview of operational and physical security measures that can be implemented in the private and corporate aviation community will be conducted as well as an overview of the research on the effectiveness of the aircraft Owners and Pilots association airport Watch program.

Dr. Daniel Benny, CPP, PCI, Security Discipline Chair, Embry Riddle Aeronautical University Worldwide

Sponsored by the ASIS Transportation Council

2109 The Evolving Concerns of Food

Defense related to Economically Motivated Adulteration (EMA) and Compliance With the Food safety Modernization Act (FsMA)

Advanced

Food defense burst onto the scene with the realization that al Qaeda was considering attacks on food and agriculture. Potential threats have expanded rapidly including the growing recognition of eMa. The President’s Food Safety Interagency Working Group established the goal of improving the government’s ability to target foods and ingredients more likely to be utilized for eMa in order to focus their inspection and surveillance efforts. learn how an organization’s capabilities for identifying product risk for eMa can be improved.

Shaun Kennedy, Director, National Center for Food Protection and Defense

Sponsored by the ASIS Agriculture and Food Security Council

2110 iT security Council series:

Cloud Computing for the Physical security Practitioner

Fundamental

What do you need to know to be relevant in the discussion about cloud computing for physical security services? This session helps you ask the right questions to maximize the benefits of cloud computing to the business, mitigate risk, and earn you a seat at the table. Topics include cloud service and deployment models and how they apply to security services and applications, best practice concepts, risk management, business drivers, and applicable security considerations for moving to a Software-as-a-Service (SaaS) model. learn about the tools currently endorsed by the cloud Security alliance and how they will be applicable within your environment.

Brian McIlravey, CPP, Vice President, Professional Services and Business Development, PPM 2000, Inc.; Steven Yanagimachi, CISSP, Security Advisor, The Boeing Company; Shayne Bates, CPP, CISM, CHS-V, Director, Security Cloud Strategy, LMC Consulting, Microsoft GSO, (ISC) 2 Appointee; Benjamin Butchko, CPP, President/ CEO, Butchko Security Solutions

Sponsored by the ASIS Information Technology Security Council

22 Asis 2011 Anticipate the unexpected. The security tools, techniques, and talent for tomorrow.

MONDAY LEVEL KEY: ● Fundamental ■ I ntermediate ▲ Advanced MONDAY, sEPTEMbEr 19 • 11:00

MONDAY

LEVEL KEY: Fundamental

Intermediate

Advanced

MONDAY, sEPTEMbEr 19 • 11:00 am–12:00 noon

2111 seek and Ye shall be sued:

Using social Networking sites to Manage risk Without risking Litigation

Advanced

The social networking revolution has changed the modern workplace and the way our employees and customers communicate. Sites such as Facebook, MySpace, Twitter, and linkedIn contain a wealth of personal information. Is it lawful for employers to use this information for business purposes? This fascinating and fast-paced session demonstrates how these sites function and reveals some of the amazing data they contain. learn how to safely and legally use these resources without exposing yourself or your organization to unnecessary and costly litigation.

James Burke, Partner, Wilson Elser, Moskowitz, Edelman and Dicker; Elizabeth Ho Sing, Wilson Elser, LLP; Eugene Ferraro, CPP, PCI, CEO/Founder, Business Controls, Inc.

2112 The Quantum Leap in security

Lighting: LED and induction Lighting

Intermediate

compare traditional lighting systems with the next generation of security lighting: led and induction lighting. analysis of energy consumption, return on investment, quality and quantity of lighting, light trespass, and pollution considerations are covered. leed and GReen point considerations are provided. case studies demonstrate proper applications of this revolution of lighting technology and its impact on the security world.

Randy Atlas, Ph.D., CPP, AIA, Vice President, Atlas Safety & Security Design, Inc.

Sponsored by the ASIS Security Architecture and Engineering Council

2113 Therefore Go: security

Considerations for short-Term

Mission Teams

Fundamental

every year thousands of people travel overseas to participate in short-term, faith-based relief projects. These initiatives vary widely in scope and can include everything from building and educational projects to disaster relief and medical assistance. This presentation provides a 10-step process for security planning in support of these mission trips.

Scott Watson, CPP, Principal Consultant/CEO, S.A. Watson and Associates, LLC

Sponsored by the ASIS Cultural Properties Council

2114 Creating and implementing

an internal standardized Training Program for Your security Organization

Intermediate

With the complexities of operating a fully functional security organization, the creation, implementation, and operation of a dedicated training program is essential. Without a standardized training curriculum, organizations risk inconsistent results, less than optimal productivity, decreased morale, potential lawsuits, and more. This session presents a comprehensive training model. learn how to create, implement, and track a training plan which supports the goals and objectives of your business mission. explore various learning styles, enterprise-wide systems, and the benefits of a feedback component. If your organization lacks a fundamental training curriculum, operates an outdated training system, or considers training an outsourcing issue, this session is for you.

Jeffrey P. Grossmann, Esq., Assistant Professor/Director Homeland and Corporate Security Program, St. John’s University

Sponsored by the ASIS Academic Programs and Training Council

2115 business Case for security:

Creative Ways to show security’s Proposition and Profitability

Intermediate

as organizational security budgets continue to erode, it is essential for security leaders to have and apply business acumen to program management. This session provides security managers with insights and strategies for developing their business case when building security program budgets and presenting them to c-suite leadership. essential financial concepts, along with the development of metrics, will be discussed. In addition, examples where Security was seen as “heroic” for changing delivery models will be given. Presenters bring extensive real-world security management and consulting experience to this timely topic.

Elliot Boxerbaum, CPP, President/CEO, Security Risk Management Consultants, Inc.; Bonnie Michelman, CPP, Director of Police, Security and Outside Services, Massachusetts General Hospital

Sponsored by the ASIS Healthcare Council

Education sessions: 2000 Series

Education sessions: 2000 Series MONDAY, sEPTEMbEr 19 • 11:00 am–12:00 noon 2116 A Practical and Technological

MONDAY, sEPTEMbEr 19 • 11:00 am–12:00 noon

2116 A Practical and Technological

Approach to Managing Workplace Violence

Advanced

effectively managing potential threats of violence that may impact the workplace entails utilizing a framework based on industry best practices, collaborative partnerships, and technology. This presentation provides an overview of the threat management framework used by the Microsoft Global Security Investigations team. hear how the team assesses potential threats of violence and specific security strategies used to mitigate possible threats to its staff and facilities. The presentation also reviews organization-specific approaches and challenges to delivering threat management services on a global scale.

James Louie, Group Investigations Manager, Microsoft Corporation

2117 Corporate Account Takeover:

Online and in the real World

Advanced

This presentation covers the tools, techniques, and tactics of the online fraudster targeting large corporate accounts for financial gain via account Takeover (aTO). Specific schemes being utilized will be discussed as well as emerging threats. understand best practices for preventing this type of fraud as well as advanced controls that will help you protect your own company.

Matthew Harper, Group Vice President, Client Authentication, SunTrust

2118 National security information:

Top Five Aspects to successfully Protecting Our secrets

Fundamental

Protecting vital national security assets is becoming much more complicated and the challenge to keep up can be overwhelming. The name of the game in national security is change, and at a scale and pace that is unprecedented. This presentation offers a clear outlook on what is really important and opens the floor for discussion. Taking a look at the Top Five can assist you in responding to the many threats and risks in today’s changing landscape.

Dorene Colwell, Director Special Security Programs, Office of Intelligence and Analysis, Department of the Treasury

2180 Next Generation Cloud security

Compliance

Intermediate

Security in the cloud requires automated provisioning, continuous monitoring, and reporting on control effectiveness over time—especially important for any regulated industry which uses either public or private cloud resources. elastic provisioning of cloud resources must also include adaptive security and privacy controls. Guidance on creating a next generation security compliance framework which is inherently tied to industry standards is given and regulatory frameworks will be presented.

Robert Weronick, CPP, Director of Global Security, Alexion Pharmaceuticals, Inc.

Director of Global Security, Alexion Pharmaceuticals, Inc. 2181 Critical infrastructure Protection and risk Management

2181 Critical infrastructure

Protection and risk Management

Intermediate

Whether it’s keeping the lights on, financial markets running, or fresh water flowing from our taps, critical Infrastructure permeates every aspect of our daily life. In this interactive panel discussion, we’ll explore how risk management practices shape the protection of our very way of life. The role of a risk-based approach to protecting the nation’s critical infrastructure is crucial to providing the best possible security program for the limited resources at our disposal. In this panel discussion, we’ll hear from all sides of the issue.

Mark Weatherford, Vice President/CSO, NERC; Diana-Lynn Contesti, Board Chairperson, (ISC) 2 ; Allan McDougall, Principle, Evolutionary Security Management

McDougall, Principle, Evolutionary Security Management “Absolutely the best conference for learning, obtaining

“Absolutely the best conference for learning, obtaining information on state-of-the-art technology, and for networking.”

carl Mountain Senior Investigator, Global Security Microsoft

24 Asis 2011 Anticipate the unexpected. The security tools, techniques, and talent for tomorrow.

MONDAY LEVEL KEY: ● Fundamental ■ I ntermediate ▲ Advanced MONDAY, sEPTEMbEr 19 • 11:00

MONDAY

LEVEL KEY: Fundamental Intermediate Advanced

MONDAY, sEPTEMbEr 19 • 11:00 am–12:00 noon

2182 integrating security Concepts

into system and Application Design

Intermediate

Integrating security requirements and controls into business processes, applications, and systems has proven to be a nearly impossible challenge for most organizations. Typically, security is approached as an afterthought long after the ability to design effective security solutions has passed. This session provides solutions to that problem and explains how every security manager and every organization can work together to build business solutions that are resilient, reliable, and secure.

Kevin Henry, Owner, KMHenry and Affiliates Management, Inc.

Kevin Henry, Owner, KMHenry and Affiliates Management, Inc. 2183 Yes You Can: How to securely Deploy

2183 Yes You Can: How to securely

Deploy and Manage Enterprise Mobile Devices

Intermediate

adopting smartphones and tablet devices will give your organization a competitive business advantage. however, the risks associated with a haphazard roll-out of mobile devices can decimate those benefits and result in a very expensive security incident. With the right information, an organization can have the best of both worlds:

competitive advantage plus a secure mobile infrastructure. This presentation provides you with the information you need including mobile device security policies, employee training expectations, device hardening details, centralized management options, and more.

Jerod Brennen, Senior Security Analyst, Jacadis

and more. Jerod Brennen, Senior Security Analyst, Jacadis 2184 A Practical Guide to implementing a risk

2184 A Practical Guide to

implementing a risk Management strategy

Intermediate

Risk management has received a lot of attention as security practitioners begin to focus their efforts on raising their profile with executive leadership. learn from your peers as we discuss the successes and failures on the path to create a risk management program from the ground up. Implementing an effective risk management strategy can be a daunting task and has eluded even the most seasoned security professionals. The panelists share their greatest hits and a few misses on the path to effective risk management.

Brandon Dunlap, President, Brightfly Consulting; Chris Trautwein, Information Security Officer, (ISC) 2 ; Michael D. Kelly, Technical Architecture Consultant, Security, Target Corp.

Technical Architecture Consultant, Security, Target Corp. 2185 introduction to the software Assurance Track ■

2185 introduction to the software

Assurance Track

Intermediate

For the nation’s critical infrastructure to be reliable, resilient, robust, and secure, the software supporting it must also have the same qualities. a broad spectrum of critical applications and infrastructure, from process control systems to commercial application, depend on secure software. an estimated 90 percent of reported security incidents result from exploits against defects in the design of software. Therefore, ensuring the integrity and resiliency of software is vital to protecting the infrastructure from threats and reducing overall risk from cyber-attacks. To ensure system reliability, it is critical to include provisions for built-in security of the enabling software.

Joe Jarzombek, Director of Software Assurance, U.S. Department of Homeland Security

of Software Assurance, U.S. Department of Homeland Security September 19–22, 2011 | Orange County Convention Center

Education sessions: 2000 Series

Education sessions: 2000 Series MONDAY, sEPTEMbEr 19 • 1:45 pm–3:00 pm 1:45 pm–3:00 pm 2201 Asis

MONDAY, sEPTEMbEr 19 • 1:45 pm–3:00 pm

1:45 pm–3:00 pm

2201 Asis standards: Preparedness

basics—Learn How to Protect Your business and supply Chain

Intermediate

Preparedness supports the mission of your business and supply chain. all businesses are unique and need to tailor design their preparedness programs to optimize business opportunities. This session examines the basic principles of establishing a preparedness program for your business and throughout your supply chain by using the new ISO 31000 Risk Management Standard.

Robert Weronick, CPP, Director of Global Security, Alexion Pharmaceuticals, Inc.

Sponsored by the ASIS Standards and Guidelines Commission

2202 integrator series: Design Your

best Physical security solution for the Corporate security Campus

Fundamental

learn directly from corporate security directors about the challenges they face and the services you can provide to benefit them. understand the issues, challenges, and solutions for securing corporate campuses. examine whether to have a command center or field security. learn about remote entry processes. explore how to deal with surrounding crime. consider intellectual property theft and more.

Ed Bacco, Amazon; Robert Arntson, Amazon; Terry Jordan, SeaWorld; Nicole McDargh, CPP, Securitas

2203 Video Quality in Public safety:

First responder Case studies

Intermediate

Video Quality in Public Safety (VQIPS) is a forward-thinking group combining collective professional experience and standards development. learn about their work that will become your tool for measuring video quality and selecting the right solutions right for your use. The VQIPS web-based portal has become a useful resource and a future standard, supporting any size municipality. come and be a part of this effort!

Steve Surfaro, Industry Liaison, Axis Communications; Anna Paulson, Electronics Engineer, VQIPS Lead, U.S. Department of Commerce; Donald Zoufal, Director, SDI; William Badertscher, CPP, Senior Engineer for Facility and Security Control Systems, Georgetown University; Larry Flournoy, Associate Director, Texas A&M University; Robert Rhoads, Telecommunications Specialist, U.S. Department of Homeland Security; James Prokop, PSP, Deputy Program Manager, U.S. Department of Homeland Security

Sponsored by the ASIS Physical Security Council

2204 America’s Vulnerable Ports

and Waterways: Current issues in Maritime security

Intermediate

The u.S. Maritime Transportation System (MTS) contributes more than $750 billion annually to the u.S. gross domestic product, and sustains more than 13 million jobs. It is a complex intermodal system containing over 25,000 miles of navigable waterways. This session begins with an update on current laws and regulations governing maritime security and goes on to discuss a major shortfall—the threat from unsecure foreign ports which threatens the very core of our national Maritime defense.

Laura Hains, CPP, Maritime Security Specialist, Independent Security Consultant; Laurie Thomas, Maritime Security Coordinator, University of Findlay

Sponsored by the ASIS Transportation Council

If you’re not an ASIS member—join now and save up to $340 on your registration.

See www.asis2011.org/registration for details.

26 Asis 2011 Anticipate the unexpected. The security tools, techniques, and talent for tomorrow.

MONDAY LEVEL KEY: ● Fundamental ■ I ntermediate ▲ Advanced MONDAY, sEPTEMbEr 19 • 1:45

MONDAY

LEVEL KEY: Fundamental

Intermediate

Advanced

MONDAY, sEPTEMbEr 19 • 1:45 pm–3:00 pm

2205 separating Fact From Fiction:

The Food safety Modernization Act of 2011

Intermediate

This session examines the new regulation’s impact on regulated facilities and their security practitioners to clarify misconceptions. It covers both the scientific and traditional security requirements associated with the regulatory concepts of food safety versus food defense, and the required skills and competencies of outside security consultants. attendance is a must for regulated food security managers whose organizations may not have the same resources of a larger organization to implement the new requirements.

Brian Stegmann, Senior Engineering & Food Safety Manager, Corn Products International; Matthew Ryan, Director Corporate Security, The Hershey Company; Frank Pisciotta, President, Business Protection Specialists, Inc.

Sponsored by the ASIS Agriculture and Food Security Council

2206 iT security Council series: Who

Are You, and Why should i Trust You? Current Trends in identity and Access Management

Intermediate

logging onto an enterprise network or a cloud- based application needs to be as secure as entering a physical facility, yet today’s security professionals often find themselves hard-pressed to protect both physical and logical assets and comply with stringent government mandates. learn about the current best practices to control identity and manage access to corporate assets by trusted parties. Gain a solid understanding of the technologies, standards, regulations, business challenges, and the questions to ask related to identity and access management. discuss new and emerging trends.

Gary Klinefelter, Principal, Creative Innovation Strategies; Don Fergus, Vice President/CSO, Intekras, Inc.; Sal D’Agostino, CEO, IDmachines, LLC; Jose Hernandez, Director Information Security, Fluor Corporation

Sponsored by the ASIS Information Technology Security Council

2207 The Process of investigation

and the Fundamentals of Fact-Finding

Intermediate

Proper and ethical investigations are complex undertakings, fraught with potential for legal liability. When done properly and ethically, they combine an intricate mixture of skill, experience, and luck. This session introduces you to the Process of Investigation®and the fundamentals of fact-finding. Review how to safely and legally conduct investigations while obtaining the best return on investment of time and resources. Review the eight methods of investigation, the secrets of modern case management, evidence analysis, and the practical aspects of effective report writing.

Eugene Ferraro, CPP, PCI, CEO/Founder, Business Controls, Inc.

2208 What’s New on the Floor?

Fundamental

Make the most efficient use of your time by learning where new and innovative products can be found on the exhibit floor spanning over 230,000 square feet! The session highlights both physical and information technology security products.

Howard Belfor, CPP, President, Belfor & Associates, LLC; Ronald Lander, CPP, Chief Specialist, Ultrasafe Security Solutions

Sponsored by the ASIS Physical Security Council and Information Technology Security Council

2209 What it Takes to be a security

Executive Today

Advanced

developing world-class risk mitigation for your organization is key to succeeding as a security executive today. hear from two senior leaders as they discuss aligning security and cross- functional risk mitigation with operational strategies, effectively communicating the value proposition to the c-Suite and diverse stakeholders, and ensuring that programs both align with the core strategic plan and protect the brand. learn how mentoring/job shadowing can help your future leaders engage, grow within their role, identify best practices, and provide lasting depth/breadth in your organization.

Michael Howard, General Manager, Chief Security Officer Microsoft Global Security, Microsoft Corporation; Francis D’Addario, CPP, CFE, Emeritus Faculty, Strategic Influence and Innovation, Security Executive Council (SEC)

Education sessions: 2000 Series

MONDAY, sEPTEMbEr 19 • 1:45 pm–3:00 pm

2000 Series MONDAY, sEPTEMbEr 19 • 1:45 pm–3:00 pm 2210 Getting Executive buy-in 2213 Cyber Jihad:

2210

Getting Executive buy-in

2213

Cyber Jihad: Use of the Virtual

for Corporate security, business

World

Continuity, and Crisis Management

Intermediate

Intermediate

This session provides practical guidelines for working with senior executives to obtain support for corporate security, business continuity, and crisis preparedness. learn successful strategies for obtaining full senior-level support, how to communicate when high-consequence warning signs are being ignored, and how to provide your executive sponsor with the tools needed to keep the leadership team involved in prevention and preparedness efforts over time.

Bruce T. Blythe, CEO, Crisis Management International, Inc.

Sponsored by the ASIS Crisis Management and Business Continuity Council

2211 beyond statistics: What

Crimes are Faith-based Organizations really Facing in the U.s.?

Intermediate

Statistics can often be misleading, and even the Justice department’s crime statistics are not totally accurate, especially when it comes to analyzing crimes against religious organizations. In this panel discussion, security professionals from different faiths will look deeper into the problem that houses of worship in the united States are facing and why the numbers do not accurately portray the whole picture.

Jeffrey Hawkins, Manager, Security Management Education Outreach, American Military University; Nawar Shora, CEO, Shams Training & Development; Chris Delia, Director of Security, Anti-Defamation League; Jeffrey Berrett, Director of Protective Operations, Church of Jesus Christ of Latter-day Saints

Sponsored by the ASIS Cultural Properties Council

2212 Premises Liability: A Trial

Lawyer’s Hints for the security

Professional

Advanced

This session examines what types of premises are subject to negligent security cases, what kind of injuries give rise to these cases, the duty of the commercial property owner, how to assess the crime situation, common security measures discussed in these cases, and proper use of marketing materials.

Michael Haggard, Esq., The Haggard Law Firm

The Internet is the platform of choice for cyber jihadis to recruit and communicate sensitive information. Osama Bin laden indicated long ago that 90% of the battle is information. This session takes you through the actual sites analyzed and their use of the cloud, and their publishing techniques and tools for information dissemination that goes viral. Review their expertise in awareness and training while using our tools and techniques against us. In addition, examine how cyber jihadis use the Internet in the radicalization process, in asymmetrical warfare, and how huMInT and OSInT can be used to counter their activities.

Jeffrey Bardin, Chief Security Strategist, Treadstone 71

Sponsored by the ASIS Global Terrorism, Political Instability, and International Crime Council

2214 Five Common Mistakes

interviewers Make/Five successful strategies

Intermediate

The process of sitting down across from a suspect employee and asking questions to obtain evidence or an admission of guilt is not something that comes naturally to most people. despite training, there are common mistakes made by inexperienced interviewers which can create barriers to communication, and ultimately a lack of cooperation and information. learn valuable tips for performing a personal assessment of interview habits, as well as several best practices to use when in the room.

Randy Tennison, CPP, Financial Analyst, Internal Investigations, Walt Disney Parks and Resorts

2215 should You Have Known:

Lessons Learned From a Multiple

Homicide in the Workplace

Advanced

Many cases of workplace homicide perpetrated by an employee show that there were numerous ‘warning signs’ which first-line supervisors failed to either recognize or respond to. In such cases it can be argued that, had such recognition and response taken place, the ultimate outcome of violence might have been prevented. This session draws upon practical lessons learned from a recent internal investigation of a multiple workplace homicide. learn how to identify risk factors and explore their impact on the evolving case; develop response options; identify internal/ external resources; and identify obstacles that restrain supervisors from responding proactively.

John Lane, Vice President, Crisis and Resilience Consulting, Control Risks

28 Asis 2011 Anticipate the unexpected. The security tools, techniques, and talent for tomorrow.

MONDAY LEVEL KEY: ● Fundamental ■ I ntermediate ▲ Advanced MONDAY, sEPTEMbEr 19 • 1:45
MONDAY LEVEL KEY: ● Fundamental ■ I ntermediate ▲ Advanced MONDAY, sEPTEMbEr 19 • 1:45

MONDAY

LEVEL KEY: Fundamental

Intermediate

Advanced

MONDAY, sEPTEMbEr 19 • 1:45 pm–3:00 pm

2216 reducing risk for Elected

Officials

Intermediate

executive protection specialists cannot necessarily stop an attack like the attempted assassination of congresswoman Giffords, but they may be able to frustrate a would-be attacker to the point where that person is effectively deterred. learn a practical, six-part approach to protecting a public figure or other persons (such as a corporate executive) at public events.

Robert Oatman, CPP, President, R.L. Oatman & Associates, Inc.

2217 security’s role in Managing

successful Events

Intermediate

Sony hosted over 5,000 guests at the FIFa World cup in South africa. Their key objective was to provide an enjoyable and safe experience for all. Operating in an unfamiliar territory added to the complexity in protecting each and every guest. The scope of responsibility included: translation services, a 24-hour hotline, incident management, emergency response, armed protection staff, and other major endeavors. Sony will undertake this on a bigger scale at the World cup in Brazil. In addition, Sony’s music, movie, and television business has unique challenges relative to the protection of personnel. Security’s role is an integral one.

Stevan Bernard, Senior Vice President, Sony Pictures Entertainment; John Rendeiro, Vice President, Global Security and Intelligence, International SOS Assistance, Inc.

Sponsored by the ASIS Utilities Security Council

2218 Crisis Management and social

Media—the New Opportunity

Intermediate

Social media is the most active and volatile method of dispersing information in the world today. This sudden, widespread emergence has led to several challenges for crisis management professionals at all levels. however, with the right attitude and management approach, social media offers new, unique opportunities. experts in the field have noted how social media has become a power tool for maximizing real-time situational awareness, and how it has significantly aided the management of numerous crisis events. This workshop will broaden your understanding of how social media is effectively used before, during, and after a crisis event.

Terri Howard, Director, Crisis Management, FEI Behavioral Health; Vivian Marinelli, Senior Director, Crisis Management, FEI Behavioral Health; Shawn Flaugher, Security Consulting and Design, Duke University & Health System

Sponsored by the ASIS Crisis Management and Business Continuity Council

2219 Tools for a successful Job

search: resumes, Cover Letters, Linkedin Profiles

Intermediate

has it been ‘forever’ since you’ve been in a job search? For most people, writing a resume is a chore that results in a two- or three-page ‘career obituary’ that does nothing to capture the attention of potential employers. learn to navigate the complex, sometimes frustrating world of job searching. This session will help you create an eye-popping, content-rich resume and cover letter that positions you as an expert in your industry.

Kimberly Schneiderman, City Career Services

2280 Using the Cloud security

Alliance GrC stack to Attest Vendor Compliance

Intermediate

Outsourcing critical business functions into the cloud can result in challenges of maintaining assurance and control over legal and regulatory obligations for data management and protection. The cloud Security alliance offers a solution in the cSa GRc (Governance, Risk Management, and compliance) Stack, a toolkit designed for peeling back and revealing those layers of accountability and responsibility between cloud service providers and their tenants. learn about the cSa GRc and how the IeTF/nIST ScaP standard can be used for continuous monitoring of cloud vendors compliance status, as well as how trusted computing technologies enable/ maintain a security posture.

Dr. Marlin Pohlman, EMC, Chief Governance Officer, Office of the CTO; Becky Swain, Program Manager, Security Assurance Services, CSPO, Cisco

Program Manager, Security Assurance Services, CSPO, Cisco 2281 Managing Privacy and security: The CisO/CPO Dialogue

2281 Managing Privacy and security:

The CisO/CPO Dialogue

Intermediate

Managing and protecting data in the global information economy demands coordination between an organization’s privacy and information security teams. With the precipitous rise in reported security incidents, it is paramount that these groups work together effectively. This presentation presents an overview of managing privacy and communicating with the ‘other’ side to deliver compressive and compliant programs for your organization.

Leslie Lambert; Michelle Dennedy; Hord Tipton, Executive Director, (ISC) 2

Dennedy ; Hord Tipton, Executive Director, (ISC) 2 September 19–22, 2011 | Orange County Convention Center

Education sessions: 2000 Series

Education sessions: 2000 Series MONDAY, sEPTEMbEr 19 • 1:45 pm–3:00 pm • 4:30 pm–5:30 pm 2282

MONDAY, sEPTEMbEr 19 • 1:45 pm–3:00 pm • 4:30 pm–5:30 pm

2282 software security: is OK

Good Enough?

Intermediate

how does an organization—short of a breach— justify expending critical resources to build more secure software? Given the current status of software security efforts and the struggles for business justification, industry would be well-served to look outside the security and information technology fields to other models for justification efforts. For example, the history of food safety, building codes, and the financial system provide lessons from which the software security industry can draw examples. This presentation discusses these models and what can be learned to help security officers and software project owners build cases for software security initiatives.

John Dickson, Principal, The Denim Group

initiatives. John Dickson, Principal, The Denim Group 2283 How to Use Mobile Devices Correctly: setting up

2283 How to Use Mobile Devices

Correctly: setting up security Guardrails

Intermediate

With a workforce growing more dependent on mobile devices every day—and often commingling personal and business use across many devices —the need to properly manage access, data, and appropriate use is of an equally growing concern for today’s security professional. Join Winn Schwartau and Spencer Wilcox, as Pam Fusco moderates what promises to be a lively discussion around the legal, technical, and organizational issues that come with enabling and managing security in a mobile workforce.

Brandon Dunlap, President, Brightfly Consulting; Winn Schwartau, Chairman of the Board, Mobile Active Defense; A. Spencer Wilcox, CPP, Supervisor, Compliance Services Constellation Energy

CPP, Supervisor, Compliance Services Constellation Energy “The seminar sessions are very good and valuable for

“The seminar sessions are very good and valuable for recertification.”

c.J. Rodden, cPP Director of Security hyatt hotels & Resorts

2284 New and Pending GrC

Legislation and How it impacts Your Organization

Intermediate

With several new pieces of legislation and regulations being considered at the federal level, what kind of impact will these new rules have on organizations and their compliance efforts? Join this panel as they discuss those regulations that are closest to being enacted and what you can do to prepare for the changes that they will bring.

you can do to prepare for the changes that they will bring. 4:30 pm–5:30 pm 2301

4:30 pm–5:30 pm

2301 Asis standards: Learn How to

Conduct a business impact Analysis

Intermediate

The business impact analysis serves as the foundation for decision making when designing a business continuity program and establishing a cost-effective business continuity plan. how do you conduct a thorough business impact analysis to prioritize the activities needed to establish an effective business continuity program? The new aSIS Business continuity Management Systems anSI Standard will be examined in the context of managing a continuity program.

Brian Zawada, Director, Business Continuity Solution, General Electric Company; Donald Bryne, Consultant, Resiliency Plus

Sponsored by the ASIS Standards and Guidelines Commission

2302 security risk Management in

remote site Mining

Intermediate

PT. IncO is part of the Vale nickel business group, the second largest mining company in the world. PT. IncO has been operating mining and smelting activities in a remote area of Indonesia since 1968. dealing with conflict, local customs, and culture diversity, the site is designed with an inclusive approach to the local community environment. during its 42 years of operation in Indonesia, PT. IncO has successfully managed security threats and challenges with great efficiency. harmony between security programs and a successful community development program have been instrumental in this success.

Surya Suhendra, Director of Security, PT. International Nickel Indonesia, Tbk; Andrew Northover, Managing Director, OPTARE Systems

30 Asis 2011 Anticipate the unexpected. The security tools, techniques, and talent for tomorrow.

MONDAY LEVEL KEY: ● Fundamental ■ I ntermediate ▲ Advanced MONDAY, sEPTEMbEr 19 • 4:30

MONDAY

LEVEL KEY: Fundamental

Intermediate

Advanced

MONDAY, sEPTEMbEr 19 • 4:30 pm–5:30 pm

2303 integrator series: best

Practices in integrated school security: K–12

Fundamental

learn directly from school security practitioners and agency professionals about the challenges they face and the services integrators can provide to best meet the needs of these clients. Topics include analyzing surveillance needs, understanding student safety and how to deal with the violent student, and executing threat assessment plans. learn how to deal with pornography on campus as well as bullying and fights. Mobile monitoring and event response considerations are also covered.

Mike Ganio, Orange County Public Schools; Conan Bickford, West Highland School

2304 special Events security in

the City of Orlando: best Practices, Operations, Technology

Intermediate

are you charged with security at special events? do you need to cover a large area: campus, downtown, or entertainment complex? Will you have to deploy a video surveillance system in a

matter of days or hours? are you looking into wireless as a possible solution, but concerned about security, reliability, and speed? If you are

a security director, integrator, or consultant,

don’t miss this session packed with how-to’s and real-world deployment examples. Get the information you need to ensure successful video surveillance for special events.

Jeffery Blye, Detective, City of Orlando Police Department; Ksenia Coffman, Marketing Manager, Firetide; Steve Surfaro, Industry Liaison, Axis Communications

Sponsored by the ASIS Global Terrorism, Political Instability, and International Crime Council

2305 High-rise security

Intermediate

This fast-paced discussion focuses on best practices established in the post 9/11 world for mid- and high-rise office building environments. Topics include methodologies used for full or

partial building evacuations and shelter-in-place. hear how to balance customer service with

a dynamic security program to gain tenant

confidence. Incorporate state-of-the-art technology to protect your assets. discuss implementing an all hazards response plan that clearly outlines duties and responsibilities for security directors and the property management team to address life-threatening emergencies.

Carlos Villarreal, Senior Vice President, Commercial Real Estate Division, Whelan Security

Sponsored by the ASIS Commercial Real Estate Council

2306 iT security Council series:

Forensics and E-Discovery

Fundamental

non-practitioners will receive a comprehensive overview of the fields of digital forensics and e-discovery. Gain a basic working knowledge including vocabulary, concepts, application in the corporate environment, and emerging trends. Review information forensics (data recovery), formal forensics, and e-discovery. analyze the differences and the uses, capabilities, and limitations of each, and consider the legal ramifications. discuss best practices in the areas of specific skill requirements, strategies, and controls for each category of forensic examination.

Andrew Neal, President, Southwest Digital Laboratory; Kevin Ripa, Director of Computer Forensic, Advanced Surveillance Group; Eric Sifford, Human/Signals Intelligence, U.S. Army, (ISC) 2 Appointee; Kelly “KJ” Kuchta, CPP, CFE, President, Forensics Consulting Solutions, LLC; Robin Harris-Walker, CPP, Harris Nibor International

Sponsored by the ASIS Information Technology Security Council

2307 Generate Cash by Uninvesting

in security Equipment services

Intermediate

are you paying more than necessary to maintain your physical security equipment, or paying for a level of service that can be reduced without affecting performance? an experienced panel representing equipment owners and service providers identifies the most common and significant cost-drivers associated with maintenance and service. They will then demonstrate, through real life examples, alternatives and containment strategies to minimize their impact on the security budget. also, understand the strategic importance of competitive bidding.

John Kerster, President, Security Design Associates, Inc.; Jeffrey Ryder, CPP, PSP, Senior Physical Security Specialist, Protective Services Police Department, Strategic Services Bureau Department of Real Estate Services, City of Washington, DC; John Bodolay, Founder, Acme Technical Group, LLC

“This is the largest security products show in the world, it is a must-attend event.”

Rudy Wolter Senior Vice President/Director of Security cITI

Education sessions: 2000 Series

Education sessions: 2000 Series MONDAY, sEPTEMbEr 19 • 4:30 pm–5:30 pm 2308 To Arm or Not

MONDAY, sEPTEMbEr 19 • 4:30 pm–5:30 pm

2308 To Arm or Not to Arm?

Intermediate

decades of decline in the number of armed security officers were reversed following 9/11. While the decision to arm or recommend the arming of officers is both controversial and emotional, it must be based both on solid data, quantifiable objectives, and a commitment to the safety of all concerned. This presentation, a case study of the actual decision-making process that resulted in the arming of a hospital security department, covers all aspects, from data-gathering to program implementation.

Anthony N. Potter, CPP, CHPA-F, Senior Director of Public Safety, Novant Health

2309 information and Data security

While Away From the Office

Fundamental

domestically and internationally, travelers need to be aware of the dangers that surround them while on personal or business trips. Technology used by criminals like WiFi snooping, “evil twins,” bluetooth surveillance, cloud hacking, GPS tracking, and others have been the downfall of many businesses and their competitive intelli- gence. This popular session cites case studies, shows examples of tools used by thieves, and give tips and pointers to lower the risk to travelers and their data.

J. Keith Flannigan, Ph.D., CMAS, Director, International Dynamics Research Corp.; Ronald Lander, CPP, CMAS, Chief Specialist, Ultrasafe Security Solutions; Roy Wilkinson, Ph.D., CMAS, CISSP, President, SPI Services

2310 Understanding the shifting of

risk: A Moving Target

Intermediate

Protecting a fixed facility is just one step. What about the product in transport from a facility perspective? This session looks at handling steps including multi-distribution warehousing, diversion, long route concerns, contaminated trailers, drivers, overnight unsecured yards, contractor or temporary services operating the warehouse, delivery confirmation, and customer verification measures. It explores the steps being taken along the food supply chain to protect our food. It also highlights potential changes stemming from the current regulatory environment.

Dan Walters, CPP, Manager of Security & Environmental Risk, CF Industries; Judy Fadden

Sponsored by the ASIS Agriculture and Food Security Council

2311 building on the Foundation:

More on Arabs and islam

Fundamental

This session starts with a pop quiz (this same quiz and session have been used in FBI, dOJ, and dhS trainings.) Then join in an interactive dialogue to address the misconceptions and perceptions about the Muslim and arab communities. Social and behavioral norms and mores, basic history and geography, Jihad, and other subjects that interest the audience will be addressed.

Nawar Shora, CEO, Shams Training & Development

Sponsored by the ASIS Cultural Properties Council

2312 New security standard in China

and Your business

Fundamental

as china becomes a new economic powerhouse, more investors are becoming interested in it. Yet because of cultural differences between the east and West, a simple investment could become a complicated disaster. It is vital for investors to understand the importance of protecting their investments. Private security is one solution. Gain insight as the speakers share over 30 years of practical experiences on why, when, what, where, and how.

Jack Chu, President, RA Consultants Limited; Hawn Chu, Consultant, RA Consultants Limited

Sponsored by the ASIS Investigations Council

2313 Advanced internet/social

Network investigations and background Checks

Advanced

Open sources go far beyond what is available in Google and Facebook, as well as other popular sites. This session looks beyond the obvious services into social networks and similar media to locate assets, discover company leaks, protect reputations, track down anonymous users, and expand the arsenal of resources available but unknown to the security professional. In addition, we’ll discuss the obvious pitfalls that most practitioners fall into when investigating these new media.

Cynthia Hetherington, President, Hetherington Group

32 Asis 2011 Anticipate the unexpected. The security tools, techniques, and talent for tomorrow.

MONDAY LEVEL KEY: ● Fundamental ■ I ntermediate ▲ Advanced MONDAY, sEPTEMbEr 19 • 4:30
MONDAY LEVEL KEY: ● Fundamental ■ I ntermediate ▲ Advanced MONDAY, sEPTEMbEr 19 • 4:30

MONDAY

LEVEL KEY: Fundamental

Intermediate

Advanced

MONDAY, sEPTEMbEr 19 • 4:30 pm–5:30 pm

2314 How to Create Your security

Manual

Fundamental

First, you will review the need for a manual and the absolute do’s and don’ts of writing it. Then the session takes you right into the nuts and bolts of writing one. Starting with a format, an outline, and how to delegate the written material, you will leave this class with written material that can be used in your own organization’s manual. a must for every security professional!

Darrell Clifton, CPP, Director of Security, Circus Circus Hotel Casino; Alan Zajic, CPP, Security Consultant, AWZ Consulting

2315 Get ready for the Aftermath:

Post incident Management

Fundamental

emergency and crisis plans normally prepare us for known dangers and/or hazards, acting as a guide to navigate the operations with limited, to no, damage. When all is said and done and the hazard is gone, what then? Many issues, from media to employee concerns, could still arise. Media communications, claims management, employee counseling, and other issues are realities that will surface. You should be prepared for everything that comes after the dust settles.

James C. Reynolds, CPP, Hilton Worldwide

2316 is Your Workforce ready to

Travel to High-risk Destinations? What You Need to Know Now

Intermediate

The need for organizations to send employees to high-risk destinations for critical work remains ever present, even in our digitally connected world. Security managers work hard to prepare their travelers for the sometimes unprecedented security challenges inherent to remote or politically unstable locales. This advance work not only protects employees but helps avoid the costs of a failed assignment. discover best practices around identifying, preparing, and assisting travelers who venture to high-risk destinations.

John Rendeiro, Vice President, Global Security and Intelligence, International SOS Assistance, Inc.; Bob Falconi, CPP, Director, Corporate Security and Safety, Symantec; Michael Clements, Director of Global Protective Services, Hitachi Data Systems

2317 security Excellence: Tools

to Enhance security’s Mission

Intermediate

Today’s response to threats and risk demands proactive strategies which address a range of security and business program elements. These elements must be correctly selected, implemented, and maintained, as well as scalable, mutually supporting, measurable, and capable of integration with one another. To assist, the availability of existing and emerging security standards facilitates the path to excellence. The presentation discusses what this process might look like and offers tools that will assist.

Phillip Banks, CPP, PE, Director, The Banks Group, Inc.; Dennis Shepp, CPP, PCI, President, Dennis Shepp Security Management Consultant, Inc.

2318 initiating and Conducting

internal investigations in Multi-National Corporations

Intermediate

Research from various sources indicates that economic crime (including fraud, corruption, and economic espionage) impacts on the vast majority of international corporations. Initiating, conducting, and managing investigations into suspected cases provides a wide range of challenges for corporate security professionals. at the same time, increasing regulation across the globe and many sectors means that the importance of providing results to support the business is becoming more important. Review the investigative process, focusing on the challenges associated with cross-border operations and multi-jurisdictional environments.

Dr. Christoph Rojahn, Senior Manager, Forensic & Dispute Services, Deloitte AG

2319 insider Threat: A National

Concern

Intermediate

In today’s increasingly wired and global world, foreign intelligence services, criminals, and private sector spies are increasingly focused on american companies. Their efforts compromise intellectual property, trade secrets, and technological developments that are the key to both our national security and long-term economic prosperity. To thrive, firms must focus on corporate threat vectors using both a security and a counterintel- ligence (cI) lens. hear how companies can leverage their current defensive security capabilities and develop new ones to create a strong cI posture designed to protect a company’s most vital secrets, while strengthening u.S. economic security.

Douglas Thomas, Principal Deputy Director, Office of the National Counterintelligence Executive

Sponsored by the ASIS Defense and Intelligence Council

Education sessions: 2000 Series

Education sessions: 2000 Series MONDAY, sEPTEMbEr 19 • 4:30 pm–5:30 pm 2320 Protecting America’s Electric Grid

MONDAY, sEPTEMbEr 19 • 4:30 pm–5:30 pm

2320 Protecting America’s

Electric Grid

Intermediate

The north american electric Reliability corporation’s (neRc) mission is to ensure the reliability of the north american bulk power system, and much is being done to protect the largest, most reliable grid on the earth. learn what neRc is doing to secure the grid from cyber and physical attacks. In addition, neRc will discuss security initiatives, the ongoing threat to industrial control systems, and the critical Infrastructure Protection (cIP) Reliability Standards.

Brian M. Harrell, Sr., CPP, Manager of Critical Infrastructure Protection, North American Electric Reliability Corporation (NERC); Mark Weatherford, Vice President/ Chief Security Officer, North American Electric Reliability Corporation (NERC)

Sponsored by the ASIS Utilities Security Council

2380 Cloud incident response

Intermediate

The cloud. Where small and large organizations are going and have gone. You want to be in the cloud, but how do you protect it? If an incident were to occur, would you know? how will you detect, notify, isolate, and contain cloud-based incidents? explore a strategic approach to improving IR awareness and detection to meet the cloud’s elevated demands. learn to analyze your IR requirements across the IaaS, SaaS, and PaaS platforms; how to talk with your vendor; risks to management; and IR containment, recovery, and evaluation test procedures.

Erika Voss, Consultant, CGI Federal; James Hewitt, Director of Security Governance, CGI

James Hewitt, Director of Security Governance, CGI 2381 Cyber security and the socio-Political Landscape:

2381 Cyber security and the

socio-Political Landscape:

Going beyond the Technology

Intermediate

Today, emerging issues around online security go beyond the threats to technology and its vulnerabilities. Threats are compounded by nation states engaging in cyber war as well as on-line criminals committing fraud for financial gain. With more people globally coming online and becoming Internet savvy, there is an associated political and social impact, as well as the rise of using new media for politically motivated objectives leading to new forms of manipulation and exploitation. cyber security is no longer just about protecting servers and networks from malware, denial-of- Service, and online compromise of information.

Freddy Tan, Chief Security Advisor, Microsoft Asia

2382 The Economics of Failure

Intermediate

In this session, we will discuss how much secure code costs in the software lifecycle. We will also look at how much patch management can impact the budgets of an organization as well as other good security practices. We also will compare all of the secure measures we take and then consider if it is worth it. In which areas can we just assume the risk?

Eric Irvin, Solutions Architect, Alert Logic

the risk? Eric Irvin, Solutions Architect, Alert Logic 2383 Mobile Devices: Employee Monitoring and Data Loss

2383 Mobile Devices: Employee

Monitoring and Data Loss Prevention in Light of the Expectation of Privacy

Intermediate

IT and business has long believed that they own the data that traverses their networks. as long as a banner and a policy existed informing users that no reasonable expectation of privacy existed, then it was perfectly legitimate to read, review, and record that data—until now. Based on three recent court cases, a company may be infringing upon an employee’s right to privacy if the company reads, reviews, or records that employee’s data traffic under certain circumstances. In this session we will discuss best practices and possible ramifications of the use of standard security and compliance monitoring tools, in light of recent case law.

A. Spencer Wilcox, CPP, Supervisor, Compliance Services, Constellation Energy

CPP, Supervisor, Compliance Services, Constellation Energy 2385 Why Do Developers Make These Dangerous software

2385 Why Do Developers Make

These Dangerous software Errors?

Intermediate

aimed at the entire development and acquisition lifecycle, the Masters of Software assurance (MSwa) adapts software engineering to software assurance (Swa). The MSwa Reference curriculum achieved Ieee and acM recognition. at the community college level, Software assurance Mobile Instruction (SaMI) is an iPad-based curriculum application set up for distance learning with a myriad of pre-loaded resources. The cybersecurity community supports the current developer workforce through free resources such as pocket guides. The Swa Forum Processes and Practices Working Group developed Swa benchmarking resources that synthesize existing software assurance best practices for use by development organizations addressing application security.

development organizations addressing application security. 34 Asis 2011 Anticipate the unexpected. The security

34 Asis 2011 Anticipate the unexpected. The security tools, techniques, and talent for tomorrow.

TUEsDAY, sEPTEMbEr 20 Schedule-aT-Glance

TUESDAY

all sessions will be held at the Orange county convention center. LEVEL KEY: ● Fundamental
all sessions will be held at the Orange county convention center.
LEVEL KEY: ● Fundamental
■ Intermediate
▲ Advanced
8:00 am–9:00 am: KEYNOTE: Jeb Bush, Governor of Florida, 1999–2007
(ISC) 2 Security Congress
11:00 am–12:00 noon
3101
ASIS Standards: Conducting a Risk
Assessment—the Foundation for Successful
Risk Management
X
3102
Security Engineering in High Threat
X
X
Environments
3103
Crime, Terror, or Natural Disasters: