Date / Time: April 13, 2012, 2pm to 4pm

Venue: Sophos Vancouver 580 Granville Street (Vault Room)

You will be asked to sign a confidentiality agreement before/during the meting, the text of the agreement is:
"The CIPS Vancouver Security Special Interest Group (Security SIG) is a group of information system security professionals dedicated to promoting awareness of issues and to furthering professional development in information systems. The members of the Security SIG wish to establish a mutually beneficial forum for the free and confidential exchange of information. Therefore, by signing this form you agree to keep confidential all matters discussed during this meeting now and hereafter. This form will also be kept as record of your attendance for CPE qualifications, if applicable."

Topic: Security Event Management - A Bridge Too Far ?

Presenter: Joost Houwen, Grant Thornton

Description:
While the introduction of modern security technology has improved the protection of company assets, it has also created huge information and data management issues. The first challenge often begins with how to efficiently (and securely) collect and store security event data. Then, once this data is stored, it is vital to action this data since somewhere in this data 'haystack' could lie traces of compromises, worms, and potential insider attacks.

This session will:

• Review implementation planning for the introduction of security incident/event monitoring (SIEM) solutions, product selection approaches, and a review of leading vendors/products.
• Provide a review common challenges in SIEM and Log Management deployments
• Discuss techniques for leveraging existing investments in centralized monitoring or SIEM (e.g. security metrics).