They say that DLP solutions for larger organizations are maturing and
being commoditized. What does this mean for the actual value that they can deliver
for any given technology, management or cost overhead? Will DLP lite fly? How
will a non-transparent control like DLP change user behavior and what can
management do about it? How clever can DLP get in what it can inspect (OS,
platform, apps, etc.), classify, or apply policy to encrypt or assert rights
management? How are delivery models going to change? How will the technology
adapt to the mobile device challenge, social media and the era of BYOD? And how
does this stuff fit into the life and work of an infosec team when it is the
business that needs to make most of the decisions about violations? Join us to
get some answers and views from our industry experts.
World Wide Product Marketing Manager, InfoSphere Guardium and Optim Solutions, IBM
Madia is a World Wide Data Security Strategist for the Information Management
Security and Compliance solutions. She
has been with IBM for eleven years.
Kimberly earned an undergraduate degree in Computer Science from
Allegheny College and an MBA in Strategy and Information Management at Carnegie
Mellon University. During her career at
IBM she has worked as a technical support representative and a business partner
enablement manager. Currently she is
focused on developing solutions across software brands to support data security
and compliance. She is a regular speaker
at tradeshows and user groups and blogs regularly about data security breaches
and strategies to mitigate risks.
Presentation Overview: A
Risked Based Approach to Data Security
management is the identification, assessment, and prioritization of risks
followed by the coordination of resources to minimize, monitor, and control
risks. The end goal is to minimize the
probability or impact of unfortunate events such as data breaches, data loss or
exposure of sensitive information.
From a database
perspective, risk can come from many sources including: database
vulnerabilities, privileged user abuse, human error, malicious attacks such as
SQL injection, stolen credentials, unauthorized database changes and much
more. How can organizations quantify and
minimize this risk?
During this webcast, we will discuss how to
quantify database security risks and remediate these risks by monitoring and
blocking database access, mitigating database vulnerabilities, eliminating
threats and establishing centralized database security controls.
Allan Wall - UK, Europe Chapter
ISSA Web Conference Committee, Session Moderator
Allan Wall has been working within
the IT industry for over twenty years, the last seventeen in the field of
information security. For the majority of that time, he was responsible
for managing a team of IT Risk Management focused pre-sales systems engineers
/ consultants for Symantec in the UK. He is currently an information
security consultant largely focused on delivering CISO-type services for
SME’s. A CISSP for 9
years, Allan is a Founder Associate Member of the Institute of Information
Security Professionals and a Fellow of the British Computer Society. He has
participated on a number of ISSA UK expert panels and he serves on the ISSA UK management
team as Director of Academic Liaison.
Allan has a BSc in
Biochemistry and Genetics and a Post-Graduate Certificate in Education from
Newcastle University (UK), and a Masters in Information Security from Royal
Holloway University of London. He appears regularly as a
specialist presenter at information security events, and as a workshop
facilitator. He is a guest lecturer for the MSc in Information Security at
Royal Holloway University of London.