On March 9, 2001, AIT Global held a FREE Half-day Seminar, from 8:00 AM -11:30 AM. The event was hosted by AIT Member Columbia University School of Law (CLS) who also provided a Continental Breakfast for the attendees.The seminar for CIOs, IT Directors/Managers, Security Officers, Network/System Administrators, and all others responsible for the design, integration, and maintenance of site security and its policies, took place in the newly constructed William and June Warren Hall, of Columbia Law School.
Martin Thomas Howard, Systems Analyst and Security Administrator of the Columbia Law School Information Technology department, gave a presentation on “Security policy creation and implementation: Why these steps are necessary and critical to all organizations.” Mr. Howard’s presentation consisted of an overview security policy creation and implementation, with practical examples of why these steps are necessary and critical to all organizations.
Several techniques of monitoring and auditing site security, with emphasis on how to identify, remove, and/or avoid creating common network vulnerabilities were discussed. Not only did Mr. Howard explain why links to informative resources, like news groups and non-profit web sites, that aid the process of hardening an organization’s infrastructure, are central to Site Security, but he also provided several sets of printed materials that the attendees could leverage in their efforts to harden their infrastructures. The RFC2196 guide to Site Security, RFC2150 guide to Incident Handling and Response, and the RFC2504 User’s Security Handbook were made available as excellent starting points and/or supplements to security professionals responsible for site security.
Eugene Grygo, Associate News Editor, InfoWorld, an IDG Publication, gave a presentation on the “Dangers of not taking security measures seriously: The world view.” Mr. Grygo dove into the global perspective of information technology and recent security breaches to top-level companies and organizations to help illustrate the need for a solid security infrastructure on all levels of the organization’s systems and networks.
Mr. Grygo helped exemplify how security must be taken seriously regardless of the size, function, or vision of the organization, and that if these measures are not taken, how detrimental it can be to the companies’ overall image, vitality, and longevity in the industry.
Bob Gaughan, Director of Product Marketing at Nortel Networks, gave a presentation on “Firewall types and their purpose: Implementation methodology, with particular attention to stateful firewalls.” Mr. Gaughan is a vibrant and insightful speaker that was able to lead the audience through even the more technical nitty-gritty of firewall implementations. His wit and charm were refreshing, but never detracted the attention of the attendees from the gravity of taking security seriously. Funny, and irreverent, Mr. Gaughan added a dash of humor to a topic that can sometimes leave even the more technically savvy individuals scratching their heads.
Gregory Sturtevant, Special Agent Federal Bureau of Investigation (FBI), gave a presentation on “Investigative trends: Today’s top eight techniques (bugs, worms, etc.) and targets (denial of service, identity theft, etc.), that IT and I/S professionals must acknowledge and protect.” Mr. Sturtevant ’s emphasis on hard data and statistical analysis of who, what, where, when, and how networks and infrastructures are infiltrated drove home the clear cut need to make security one of the directing forces in any organization’s information technology implementation. There was no arguing with cold hard facts that he presented, and if that data didn’t serve to sway one’s opinion that security is not something to be considered a one time expense in a capital budget, but rather that all organizations must incorporate solid and consistent techniques of auditing and rectifying vulnerabilities in an organization’s network… nothing will.
Save for a few minor difficulties with the weather that the attendees had to negotiate on their way to and from the location, the seminar was well received by all who participated and shared information throughout the event.
AIT, founded in 1986 with the State University of New York at Farmingdale, is an educational IT society. See www.aitglobal.com for information on AIT’s upcoming events, and for Membership Benefits.
AIT President Mike Lackey welcomes Guests to the AIT-Columbia Breakfast Seminar.
Columbia Law School’s Martin Howard points out why Security Policy Creation and Implementation are Necessary and Critical to all Organizations.
Speakers and Enablers: Greg Sturtevant, FBI; Frantz Merine and Martin Howard, Columbia Law School; and Mike Lackey, AIT (not shown, Eugene Grygo, Infowrold, an IDG Publication, and Bob Gaughan. Nortel Networks).
Nortel’s Bob Gaughan animates the finer points of Firewall Types and their Purpose, with Particular Attention to Stateful Firewalls.
Some of the attendees taking in site-security protection information from the Seminar’s expert presenters.
The FBI’s Greg Sturtevant highlights Investigative Trends in the World of Cyber Security, including primers on today’s Top Eight Techniques and Targets that IT and I/S Professionals Must Acknowledge and Protect.