OCTAVE Overview & Basics of IDS/IPS
Event 73

Tuesday

December 6, 2005

Royal Crown Conference Centre, 83 Garry Street (Winnipeg, Manitoba)

11:45 AM to 1:45 PM

Presented By:

Sponsored by the Royal Crown Conference Centre

For further information contact

Omena Babalola, Event Director - (204) 946-1451 Omena

Visit the ISACA Winnipeg Chapter web site at isaca-wpg.org

SCHEDULE
Registration.........11:45 AM to 12:00 AM
Lunch Break.........12:00 AM to 12:45 PM (Lunch Provided)
Presentation........12:45 PM to 01:30 PM
Q & A Session.......01:30 PM to 01:45 PM

During this Event, Members recently awarded their CISA or CISM designations will be presented their Certificates.

SPEAKER INFORMATION

Keith Olsen
Keith Olsen is a Senior Security Engineer at Information Security Technology, Inc. (IST) located in Winnipeg Manitoba, Canada. Keith's focus is delivering security consulting and training services to IST clients. Keith has served as the technical lead in security consulting engagements in the areas of security assessments, security architecture and design and security technology deployments for enterprise customers. Keith has over 18 years of real world experience in the computer industry having worked as a Programmer, Network Administrator, Senior Technical instructor, and Network Security consultant. Keith is highly regarded for his training expertise having logged thousands of hours in front of thousands of students delivering consistently high quality certified technical training.

SESSION DESCRIPTION (1 CPE Credit)
OCTAVE
Information systems are essential to most organizations today. However, many organizations form protection strategies by focusing solely on infrastructure weaknesses; they fail to establish the effect on their most important information assets. This leads to a gap between the organization's operational and information technology (IT) requirements, placing the assets at risk. Current approaches to information security risk management tend to be incomplete. They fail to include all components of risk (assets, threats, and vulnerabilities). In addition, many organizations outsource information security risk evaluations. The resulting evaluation may not be adequate or address their perspectives. Self-directed assessments provide the context to understand the risks and to make informed decisions and tradeoffs.

The first step in managing information security risk is to understand what your risks are. Once you have identified your risks, you can build mitigation plans to address those risks. The Operationally Critical Threat, Asset, and Vulnerability EvaluationSM (OCTAVESM) enables you to do this.

This presentation will give you an introduction to the OCTAVE process and how it can be used by your organization as a key component of your information security practices.

Basics of IDS/IPS

Types of IDS/IPS - Host vs Network

Choosing an IDS/IPS

IDS/IPS Checklist
1. Does your organization have a written policy that can serve as the framework for IDS/IPS configuration and Rule Set?
2. How much reporting will be required by the IDS/IPS software?
3. What is the commitment level of the staff for

• Deployment
• Rule development and updates
• Log analysis and Backup
• Effectiveness testing
• Training

4. Are there legal or mandated guidelines that need to be adhered to when configuring the IDS/IPS sensors? (PHIA, FIPPA, C6 Etc.)
5. Do you expect to use the IDS/IPS system or logs to prosecute malicious employees?
6. Do you have any housekeeping guidelines with regards to log storage and archiving?
7. Budget considerations
8. Are gateways going to be monitored inside and outside the firewall?
9. Goals and scope of the IDS/IPS project
10. Set up Pilot - Product Demo

WHO SHOULD ATTEND:
Systems Administrators, IT Auditors and Information Security professionals.
Learning Level: Begining

Event Costs (all prices include GST & are in Canadian Funds)

• Member.........................$ 30.00 (ISACA or CGA Members only)
• Group rate for 5 or more...$ 35.00 per person
• Non-Member...................$ 40.00

ISACA Winnipeg Chapter Members in good standing (their dues paid) are invited to attend this event as guests of the chapter. Use the ISACA Member Express Resistration button and choose the Guest option from the drop down menu for the Rate field.

Cancellation Deadline: November 29, 2005.  Refer to Polices below.

Express Registration requires Member ID & PW.

Event Policies

Please refer to our Chapter Cancellation & Substitution Policy   and   Privacy Policy

Advance Registration and Payment is greatly appreciated and Substitutions are allowed. If we cancel a course for any reason, our liability is limited to the registration fee only.

The speakers, topics and events are correct at the time of publishing and if unforeseen circumstances occur, ISACA reserves the right to alter or delete items from the program.  

The presenters have prepared this material for the professional development of ISACA members and others.   Although they trust that it will be useful for this purpose, neither the presenters, nor ISACA can warrant the use of this material would be adequate to discharge the legal or professional liability of members in the conduct of their practices.

For ISACA info contact the President - for Membership info the Membership Director

_________________________________________________________________________

For information about this website or to report a problem contact The Webmaster.

© 2001-2008 ISACA Winnipeg Chapter, Inc. All rights reserved.
ISACA^®, CISA^®, CISM^®, COBIT^®, ITGI^® and KNET^® are registered trademarks of the Information Systems Audit and Control Association^®.

Please read the Legal Disclaimer and our Privacy Policy