CU InfoSecurity Conference 2015

The CU InfoSecurity Conference, scheduled for June 3 - 5 at the beautiful Golden Nugget Hotel & Casino in the heart of Fremont Street in Las Vegas, is the original and premier conference dedicated solely to credit union security. Our speakers are industry leaders in their respective fields and will provide practical advice on securing your credit union. This event represents a tremendous opportunity to learn, network with your credit union peers, and visit our Security Vendor Reception.

Sample topics that could be covered in this two and one half day security summit include:

  • Ransomware
  • Active Defense
  • Cloud Security
  • Data Encryption
  • Breach Prevention
  • Pervasive Security
  • Device Configuration
  • Social Media Compliance
  • Virtual Branch Security
  • Virtual Machine Security
  • Account Takeover Prevention
  • Network Security Strategies
  • Cyber Security Intelligence

Are you a credit union executive interested in seeing and hearing the latest in CU information security?

Register today!

AppSec and DevOps - What Should Teams Be Focusing On

AppSec California 2015 is just around the corner. I’ve looked at the agenda to get a sense of where attendees will spend their time. Overall, I suspect the top areas of interest will revolve around:

  • OWASP Top 10: SQL Injections, XSS, Chrome, Java, and other web/mobile app vulnerabilities, safeguards, and controls
  • Mobile Devices and Apps: iOS, Android, medical devices, geolocation, mobile SSL, Internet of things, MDM, and more
  • Collection of Best Practices: Development models, cryptography, threat modeling, ROI, policy management, GRC, and incident response

Here are my picks for the “must-see” sessions based on role:

  • Application Developers | Iron-Clad Development : Building Secure Applications (Training)
  • Application Testers and Quality Assurance | Why Your AppSec Experts Are Killing You (Session)
  • Application Project Management and Staff | Scaling Security in Agile Scrum (Session)
  • CIOs, CISOs, and CTOs | Building a Modern Security Engineering Organization (Session)
  • Security Managers and Staff | Enterprise Incident Response (Training)
  • CFOs, IT Risk and Compliance Staff and Auditors | Proactively defending your business against security protocol attacks and implementation flaws (Session)
  • Governance Executives, Managers, and Staff | Misconceptions in the Cloud (Session)
  • IT Professionals Interested in Improving IT Security | OWASP Top Ten Proactive Controls (Session)

I’m curious to know what sessions and trainings would be most interesting and valuable for you and your team. Is the security industry investing in the right topics? What's missing? Does anyone else find it troubling that we continue to discuss SQL injections and XSS as part of the OWASP top 10?

CU InfoSecurity Conference 2014

The CU InfoSecurity Conference, scheduled for May 21 - 23 at the beautiful Red Rock Casino, Resort and Spa in Las Vegas, is the original and premier conference dedicated solely to credit union security. Our speakers are industry leaders in their respective fields and will provide practical advice on securing your credit union. This event represents a tremendous opportunity to learn, network with your credit union peers, and visit our Security Vendor Reception.

Sample topics that could be covered in this two and one half day security summit include:

  • Mobile Security
  • Data Forensics
  • Insider Threats
  • Incident Response
  • Social Engineering
  • Secure Cloud Storage
  • Virtual Desktop Security
  • Fighting Banking Fraud

Are you a credit union executive interested in seeing and hearing the latest in CU information security?

Register today!

CU InfoSecurity Conference 2013

The CU InfoSecurity Conference, scheduled for June 2013 at the Platinum Hotel Las Vegas, is the original and premier conference dedicated solely to credit union security. Our speakers are industry leaders in their respective fields and will provide practical advice on securing your credit union. This event represents a tremendous opportunity to learn, network with your credit union peers, and visit our Security Vendor Reception.

Sample topics that could be covered in this two and one half day security summit include:

  • Mobile Security
  • Data Forensics
  • Insider Threats
  • Incident Response
  • Social Engineering
  • Secure Cloud Storage
  • Virtual Desktop Security
  • Fighting Banking Fraud

Are you a credit union executive interested in seeing and hearing the latest in CU information security?

Register today!

Brazilian University Embraces Wireless, BYOD, and IPv6

As part of theCube’s continued coverage of the HP Discover conference in Las Vegas today, Wikibon founder Dave Vellante met with two practitioners from HP customer, Sao Paulo State University in Brazil whose network supports about 60,000 users; among these users are roughly 45,000 students and 10,000 faculty members. Each faculty member has their own VoIP device connected to the network, equaling 10,000 managed VoIP endpoints. The campus, and therefore its network, is connected across 23 cities, supported by five regional nodes, with the main node located in the capital of the state. The network consists of two rings and a total of 40 WAN nodes.

The team manages over 300 physical servers, 60 percent of which are virtualized using VMware; a project that the university began in 2008.

The video provides some great insight into how an institution can embrace new technologies and the necessary change that comes with being innovative. Read the article and Watch the video.

Big Data and the Cloud – Take the Lead or Be Disrupted

Intel is a company driven by Moore’s law and possessing a culture that eats, drinks, and breathes innovation; they are always looking ahead, continuously moving forward, and constantly pushing itself to the next level. This doesn’t happen by accident – it is driven by the mission of a company organized and managed by leaders who embrace the mission and strive to uphold it. Big Data was a key element of Kim Stevenson's keynote earlier in the day, and she provided Furrier with her own definition of the term: “Big Data is all information created (machine-generated and human generated) – all of this information fits into the Big Data envelope.” Stevenson, Vice President Information Technology Group CIO at Intel, added that “the important parts of Big Data are the pieces we have failed to contextualize in a systematic way up until now.”

Among other things, Stevenson shared two recent scenarios in which Intel’s bleeding-edge innovation is evident: both of which were rooted in the Cloud.

1) The first use case provided was that of an in-house virtualized office/enterprise application store for Intel employees in which Intel moved its office and enterprise application-provisioning services to an environment that is 75 percent virtualized and in the Cloud. “This allows us to provision our services in under an hour for all of our employees,” said Stevenson.

2) The second use case covered Intel’s product development and design engineer operations. Intel deployed a massive cloud-based compute infrastructure comprised of 50,000 servers hung together in a grid (aka a “clustered cloud”). “This implementation dramatically improves the throughput time for every engineering job that happens at Intel,” said Stevenson.

The video delivers an amazing exchange between the hosts and the speaker - it is well worth watching. Read the article and watch the video to experience the conversation for yourself.

Getting Active/Active with Email Compliance: An IBM Customer Story

During the IBM Edge conference, live from Orlando, FL, theCube was able to capture a number of customer stories, including a session hosted by Wikibon analysts John McArthur and David Floyer in which they engaged with Tim Harvey, CEO of Perimeter E-Security, both an IBM customer and partner. Harvey described Perimeter E-Security’s value proposition as one that provides “more secure and reliable email services for mid to large enterprises at 50 percent less than the cost of managing the service in-house.” Harvey delivers on this value proposition by moving beyond basic email hosting and simple email archiving to a business solution that provides hosted email or hosted exchange services surrounded by a complete set of security and compliance capabilities such as email hygiene, encryption, and archival.

When asked by Floyer what drove Perimeter E-Security to select IBM as a partner, Harvey quickly pointed to IBM’s infrastructure solution set and their comprehensive services offerings. “IBM is capable of helping us to define and implement the most appropriate topology and architecture, doing so with a lot more flexibility than the other vendors evaluated,” said Harvey.

Read the article and watch the video to see how Perimeter E-Security is able to implement both active/active [and] active/passive solutions, based on the business need.