Business-line executive for Network Protection for IBM Internet Security Systems (ISS), Linda Jones will present the opening keynote address, “The Evolving Threat of IT Security”.  Jones’ presentation will focus on why and how do members of the University community become targets of what has become a very organized criminal element.  The talk will describe the types of attacks that are taking place and why today's systems just aren't capable of keeping up.

After consulting in the then-fledgling information security industry, Jones joined IBM ISS where she has worked for the last seven years. Since its inception in 1994, ISS has commanded the leading edge of security innovation, inventing cornerstone technologies such as vulnerability assessment and intrusion detection/prevention.
 

North Carolina State licensed counter-intelligence professional, Masucci has more than 24 years of experience in consulting including digital forensics, industrial espionage, identity theft, physical and IT security, and other technology issues. He also provides assistance to law enforcement on homicides, robberies, embezzlement, and other criminal cases.

Chuck Kesler, a Senior Manager with Symantec's Advisory Services consulting team in the Southeast US region, is responsible for managing a team of security consultants and overseeing the execution of vulnerability assessments, penetration tests, and other security-related projects. With over 18 years of experience as an IT professional, Kesler has previously held a number of IT management and director-level positions in public- and private-sector organizations, with significant experience in the service provider industry and higher education. He has been responsible for building security programs from the ground-up, including policy and procedure development, hiring and developing information security staff, managing security incidents, and responding to security audits. He has also authored papers, presented at conferences, and provided guest lectures on topics ranging from business strategy to legal and regulatory compliance issues. Kesler began his career in 1989 at NC State, working first as a mainframe systems programmer for the Computing Center, and was later part of the teams that developed, implemented, and administered the Eos and Unity environments. He holds a B.S. in Physics (1989) and a MBA (2004) from NC State as well.
 

The discussion will focus on prevention of identity theft and will touch on what individuals can do to protect themselves. The center of attention will be placed, however, on what an enterprise can do to protect its users and how identity management, role based access control (RBAC) and auditor products are used to improve identity privacy and protection and how these products are used to resolve an identity theft incident. 

Andy Dunfee has assisted more than 40 customers designing and implementing identity and access management solutions, with a large focus in education. Considered an expert with Sun’s Identity Manager Product, he has worked with every version of the product since inception. He has authored several documents that have influenced the direction of identity management in several enterprises. Kesler also has more than five years of industry experience working with several technologies including: J2EE; .NET; LDAP directory technologies; Oracle, SQL Server and MySQL databases; and ERP products including SAP, PeopleSoft and Banner. Dunfee is currently lead consultant on the NC State University 'System Access Request' (SAR) application development project for automated access control.'

Tim Gurganus received his BS in Computer Engineering from NC State University in 1988. He worked for three years at Carolina Power & Light programming process controllers while attending graduate school at NC State. He received his master's degree from the Integrated Manufacturing Systems Engineering Institute in 1992. From 1992-2006, he worked for NC State University in several systems administrator positions. He is currently an IT Security Officer in NC State's OIT. He is a Microsoft Certified Systems Engineer. He was one of the instructors for an undergraduate computer security course in NC State's Computer Science Department. He started studying computer security in 1999. Since then, he has investigated more than 500 computer security incidents on the NC State campus.
 

HIPAA security.
 

current position involves executing a new and more effective paradigm of network security assessments in that the assessment is contained within the long-term consultative relationship.
 

During this presentation you will learn how the security regulation landscape changes frequently. What is driving this increased emphasis on security and privacy? How can we know how it applies to our environment? Untangling the jumble! The presentation will reflect on what has changed in our culture to change security from a nuisance to a necessity. Then a hierarchy of regulations, standards and best practices will be presented. Best practices should control our implementation of technology, particularly with regard to security. In this way, we can have a road map of precautions and safeguards that can prepare us for when the villains hit.

John Baines is the Assistant Director of the Confidentiality, Integrity, and Accountability team in the Security and Compliance Unit of NC State's Office of Information Technology. Baines has successfully fought and directed in the trenches of many Information Technology projects on a variety of battlefields. He has a continued interest and considerable experience in the Information Security field, including a Certified Information Systems Security Professional (CISSP) award.
 

The “bad guys” are real and they know what we (the “good guys”) are doing with computer forensics.  What are the “bad guys” doing to make our computer forensic examinations harder?  What tools are they using?  Is there any hope for the future?

Charles T. Williford is a graduate of North Carolina State University where he earned a degree in accounting.  He also holds a Certificate in Computer Programming from North Carolina State University.  Charles holds the professional designations of Certified Public Accountant (CPA), Certified Information Systems Auditor (CISA) Certified Information Technology Professional (CITP), Certified Fraud Examiner (CFE) and Certified Public Manager (CPM). Williford has 29 1/2 years of financial and Information Systems (IS) audit experience with the Office of the State Auditor and currently functions as Director of Information Systems Audits in the Auditor’s Office. He has performed many general controls reviews and application controls reviews and has been responsible for reviewing the most complex systems in state government. Williford is a member of the American Institute of Certified Public Accountants, the North Carolina Association of Certified Public Accountants, the Association of Certified Fraud Examiners, and the RTP Chapter of the Information Systems Audit and Control Association.