The security organization is finally starting to get the visibility that it had been asking for, but now it doesn¿t know how to deal with it. Many chief information security officers understand that they need to align themselves with the business and provide strategic advice, but they don¿t know how. The results from Forrester¿s Enterprise And SMB Security Survey, North America And Europe, Q3 2007 highlight some of these issues, challenges, and priorities for CISOs.

This survey covers:

• Top issues, challenges, and priorities for CISOs in 2008
• The changing responsibilities of the security organization
• Progress businesses have made in aligning security with other parts of IT and the business

Each attendee is able to schedule up to two 20-minute one-on-one sessions with the Forrester analysts of their choice, depending on availability. These meetings are consistently rated as one of the most popular features of Forrester Events.

This presentation will show trends in carrier-based detection of global attacks in the context of AT&T's network management and security infrastructure. The session will illustrate with recent examples shifts in attack methods from worms to botnets and discuss and illustrate DDOS filtering and other virtualized security methods.

Attendees at this session will learn:

• How trends are shifting in network-based attacks
• Why botnets pose such a significant threat to global infrastructure
• How carriers can significantly reduce the risk ¿in the cloud¿ of network attacks

Implementing policy and prioritizing resources for staying on top of and dealing with an ever-evolving and elusive threatscape is an important step in protecting the enterprise. So is implementation of a network security architecture in your environment. But what to do when the latest attack trends are internet-wide and the scope of your policy and security devices aren¿t? The key is deep intelligence as an input to be aligned and synchronized with your own preventive, detective, investigative, and reactive processes. The most effective security governance doesn't stop with policy or prioritization of resources; it includes appropriate monitoring and control mechanisms to help assure both policy compliance and policy effectiveness through a reliable feedback mechanism enabling strategic and operational nimbleness in handling shape-shifting attack models and technologies. The result is a model for operational excellence in integrating and aligning archetypal global threat and vulnerability intelligence with your concrete security and compliance architecture to maximize the real value of the intelligence to you.

This presentation will include a discussion on the importance of a deep level of intelligence about threats, including the styles, inclinations, and motives of the actors and those that enable them. It will also cover best practice for rigorously aligning your assets, signature policy, vulnerabilities, threats, and intelligence with each other and with your organizational security policy and risk management goals. This session will focus specifically on:

• The persons, motives, and business models behind the present day attacker
• The importance of leveraging a "follow the enabler" model
• The lifecycle management of intelligence and threat detection and response

This talk, based on a book of the same title (co-authored by Greg Hoglund), will expose the inner workings of online game security for all to see, drawing illustrations from massively multiplayer online role-playing games (MMORPGs) such as World of Warcraft to discuss

Why online games are a harbinger of software security issues to come How millions of gamers have created billion-dollar virtual economies How game companies invade your privacy Why some gamers cheat Techniques for breaking online game security How to build a bot to play a game for you Methods for total conversion and advanced mods

Ultimately, this talk is about security problems associated with advanced, massively distributed software. With hundreds of thousands of interacting users, today's online games are a bellwether of modern software yet to come. The kinds of attack and defense techniques that this presentation will describe are tomorrow's security techniques on display today.

With low-cost connectivity, mobility, virtualization, outsourcing IT infrastructure and more, the network perimeter's line has been blurred. However, as companies adopt a layered approach to building security into the fabric of their networks, they shouldn't completely remove focus from the perimeter.

The most advanced organizations consider the concept of the true, ever-changing perimeter as an integral part of having a focused, accurate defense in depth approach.

Organizations still struggle to protect secure zones, such as research labs and SCADA networks. In this session, attendees will learn how to validate secure zones, protect critical infrastructure, and define the network's true perimeter.

Since mid-2007, Web attacks have quickly evolved into injections into trusted and popular Web sites using multiple background hosts to quietly download malware onto users' systems. An estimated 79% of malware is downloaded from popular Web sites, and the attacks often use custom encryption wrappers and obfuscation techniques to evade detection in Web gateways, leaving the desktop to defend itself. The game has changed, and analyzing all Web traffic for threats inline is not sufficient. Hybrid gateways use cloud services with honey grids to provide new layered defenses against malware. This session includes:

• An authoritative review of changing Web gateway defenses for new attack techniques.
• An explanation of how to layer defenses in a hybrid Web gateway using honey grids, inline detection, and Web content controls.

As networks have evolved into crucial enablers of business competitiveness, the dangers posed by new technologies and those using them have similarly evolved. Navigating the stormy realm of network security ¿ and appropriately balancing security with access ¿ becomes more challenging all the time. This session offers useful direction for establishing effective network security amidst a climate of change, dispelling myths and revealing important security secrets. Myth no. 1: Shrink-wrapped products and patches are sufficient to protect your network infrastructure. Secret no. 1: You can actually spend less to make your network more secure. This session will expose these and more, offering practical guidance for designing and implementing an adaptive network that delivers the utmost protection.

The PCI Data Security Standard has raised the bar for information security, amplifying the need to safeguard sensitive data and bringing into the vernacular the tension point between data privacy and data usability, including the ways in which all customer data is collected, shared, and used throughout the organization.

As enterprises are becoming increasingly connected to the Internet and as hard organizational computing boundaries are fast disappearing, chief information security officers are facing fresh challenges in enterprise computing. Some of these challenges include responding to never-ending new threats, dealing with complex interaction models beyond the company's intranet, and struggling to keep proprietary information secure in a collaboration-centric culture. To enable success in this environment, which must accommodate business innovation as well as security challenges, CISOs have to navigate a complex and fast-changing technology and threat landscape. In this session, we will address these issues relating to an open and collaboration-oriented enterprise computing model. More specifically, we will cover:

• Global trends on Web 2.0 adoption, deperimeterization, and the consumerization of corporate IT as well as how these trends affect enterprise security
• The top security threats and what you can expect for tomorrow in this increasingly open and connected world
• Critical steps to help CISOs develop a security strategy to deal with today¿s and tomorrow¿s security challenges

Information security managers around the globe are frustrated as they struggle to make sense of the reams of data being churned out in today's enterprise environment. The real challenge for them is not only to identify what is important but also to be able to tie this information from disparate tools to business-centric metrics so that senior executives can understand the data, take action, and be confident that the enterprise is secure. This session will outline the approaches that successful CISOs have taken to articulate their case for security.

• Developing operational metrics for your security environment
• Articulating the case to senior management and the board of directors
• Gaining executive support for security initiatives and budget

Each attendee is able to schedule up to two 20-minute one-on-one sessions with the Forrester analysts of their choice, depending on availability. These meetings are consistently rated as one of the most popular features of Forrester Events.

In many organizations, IT security operational duties are being distributed across the entire IT organization. IT security managers must build successful partnerships across IT boundaries and influence the right security behavior without having direct control over resources and budget. Responsibilities often overlap with other organizations such as HR, legal, audit services, and physical security. IT security managers need to foster win-win relationships with these groups and still find ways to collaborate with business units and external partners.

• Identify where IT security roles overlap with other groups
• Brand IT security as a shared responsibility
• Promote and support IT security projects in other groups
• Build a business-results-oriented reputation
• Be more than an electronic security cop

Every year at our Security Forum, we've run the "Future of Security" panel to look at what threats, defenses, and environmental shifts are on the near and distant horizon of IT security. This year, we continue that tradition by welcoming back Dr. Geer and Dr. Thompson who will peer deep into the industry's crystal ball:

• What¿s next: threats and countermeasures in 2013?
• How will the threat landscape evolve from now until then?
• What will we be able to measure? Will it matter?
• What does ¿maturity¿ look like in the security industry?

Following their presentations, both speakers will participate in a moderated panel discussion and jointly address questions from the audience.