Keynote Address:The Rules of Life - A Holistic Approach to Security
Edward P Gibson, Chief Security Advisor, Microsoft, UK

• Law enforcement; governments; industry
• Technology - trustworthy computing and security development lifecycles
• People and the rules of life

Federated Identity: Securing Citizen Inclusion, Take-up and Trust for Online Services
Drew Wagar, Identity Specialist, Sun Microsystems, UK

• What is Identity and why is it so important?
• What stops the take up of online services?
• How does Federation address these issues?

The Payment Card Industry Data Security Standard: Impact on Retail Information Technology
John Duffin, Director of Security and EFT Consulting, The Logic Group, UK

• The PCI DSS is the card schemes' latest initiative to reduce card fraud
• It forces the retail industry into facing information security issues
• The potential costs of compliance could exceed the costs of chip & pin

PCI DSS – Closing the Loop on ‘Card Not Present’ Fraud
Robin Docksey, Information Security Manager, Play.com, UK

• PCI DSS has changed the way vendors and merchants view their networks and electronic processes. The stringent rules now imposed and subsequent vulnerability scans, will have an impact on their resources as they work towards meeting the security criteria
• These security requirements cover the majority of fundamental IT Security principals, therefore some will already be in place and others will require long term work to achieve
• Defining which issues to prioritise can be difficult. There are however, some security processes that can be implemented quickly and easily allowing the longer term projects to remain unchanged

How Secure is Wi-Fi Today?
Neil Jarvis, Senior Information Risk Control Officer, UBS Investment Bank, UK

• Follow up of security studies performed in 2001The growth of wireless access points over the past few years
• The state of security with regard to these devices
• Weaknesses in implemented wireless networks Is Wi-Fi Security worse than it was four years ago?

Corporate Awareness and Wireless Security 80211X
Simon Gunning, Technical Director, Digilog, UK

• Aging Systems – what you need to know
• Being aware of change
• Tools to capture a wireless network

Personal Area Networks: A Hole in Your Pocket!
Mark Rowe, IT Security Consultant, Pentest Limited, UK

• Bluetooth is everywhere but how secure is it?
• Why are devices still vulnerable to three year old vulnerabilities?
• Mobile phones exploits are old news, and synchronise PDA – where did my network go?

• Today’s computer threats and attacks are still increasing - Why?
• The Trusted Computing Group (TCG)creates standards to integrate trust and security into computing platforms
• T/C motherboards and system kernels contain a hardware based root of trust for enabling built in security with next generation trusted OS and applications

Using Trusted Computing to Build a Safer World
Martin Sadler, Director of Trusted Systems Lab, HP, UK

• The problems that motivated the industry coming together to work on Trusted Computing
• The key ideas and how they can be utilised by operating systems and applications
• Where we are in realising safer solutions

Trusted Computing Opportunities and Threats
Alan Cox, Open Source Developer, UK

• The technology is here and it's not going away
• Developing your current tools
• Challenges to IT and compliance

The Requirements of the Data Protection Act 1998
Stewart Room, Partner and Head of Data Protection Unit, Rowe Cohen, UK

This presentation will identify the IT security issues within the Data Protection Act 1998 and the Privacy and Electronic Communications (EC Directive) Regulations 2003. Key issues covered include:

• The requirements of the seventh data protection principle and its interpretation
• Guidance issued by the Information Commissioner
• The special security issues for electronic communications

Identifying the Global User
Sian Birch, Freelance Security Consultant, UK

• User identity issues within a truly global organisation
• The ever-present social engineering threat - countering 'soft' attacks on user identity
• Securing access to the virtual workplace - handhelds, portals, and other very remote access

The Importance of Employee Awareness to Information Security: Three Case Studies
Martin Smith, Managing Director, The Security Company Ltd, UK

• If security infrastructure is the engine, staff awareness is the oil
• The critical importance of engaging personnel
• Just how important investment can be to the success of a company's information security policies and infrastructure

Information Rights Management: Enabling you the Author to Control how your Documents and Messages are Used by Your Readers
Stephen Lamb, Technical Security Lead, Microsoft Ltd, UK

• Security mechanisms typically break down once your document or email is transferred outside your network boundary
• Information Rights Management can enable you to project and enforce using MW and MSO

Keynote Address: The Electronic Attack Environment to 2010
Roger Cumming, Director, National Infrastructure Security Co-ordination Centre (NISCC), UK

• Increasing risk in the information assurance space over the next few years
• The possible impact will affect more than just documents
• Sharing information about threats and vulnerabilities will improve the protection of systems

Who Do You Trust? An Open Source Approach to Secure e-Business
Eddie Bleasdale, Director, netproject, UK

• Secure e-Government / e-Business new challenges to the way IT services are delivered
• The benefits and financial gains from e-services are such that the current lack of security cannot be allowed to continue
• The existing investment in IT must be supported

Why Phish when you can Trawl?
Phil Cracknell, Director, Security Consulting Practice, Capgemini, UK

• An emerging form of electronic crime
• Wireless hot spot development
• Secure network issues

Challenging Compliance
Stuart King, Information Security Manager, Reed Elsevier, UK

• What are we aiming for: the myriad of different regulations and legislation that we have to address
• How much security do we need to have?
• Working together to achieve compliance: we all face the same challenges, so let’s communicate

Data Privacy: Fiction or Reality? How much Privacy are Individuals Entitled to Under the Law?
Scott Singer, Partner, Denton Wilde Sapte, UK

• Is there a law of data privacy?
• When does it apply?
• How far does it go?
• Do companies need to be concerned?
• What should you be doing to comply?

Software Security – Where are we Going Wrong?
Daniel Cuthbert, Corsaire, and Chairman, London Chapter, OWASP, UK

• A look at why the current development model is flawed
• How to introduce security into the development lifecycle
• How to persuade management and developers that security is important

MySQL Security: Best Practices
Ivan Zoratti, Sales Engineer, MySQL AB, UK

• How to operate a MySQL database in a secure way
• Describing some of security mechanisms of MySQL (e.g. access control system, security features like archive tables, encryption)
• Best practice for MySQL

Latest Threats in Malware
Graham Cluley, Senior Technology Consultant, Sophos, UK

• Cybercriminals are joining forces, launching attacks using combined technology
• Find out how spyware has grown as a proportion of all new threats
• Discover how and why malware authors have turned away from viruses and worms to targeted Trojan horse attacks
  

Endpoint Security - the Soft Centre Inside the Hard Shell
Steve Knight, Information Security Officer, Herbert Smith LLP, UK

• How to abuse Windows in the 21st century
• Common mistakes we should have learned to avoid
• Tips for not making the same mistakes again

Identification of Individuals using e-Passports
Bill Perry, Senior Consultant, e-Passport Program, UK Passport Service, UK

• How can this new technology be used commercially?
• What benefits are there across government?
• How can this influence joined up government?

RFID Security
Phil Royston, Project Manager, Innovision Research and Technology, UK

• What is RFID and NFC? - a brief explanation of how RFID and NFC works
• How secure is RFID? - an outline of the types of threats which may apply and how they can be countered
• How secure is NFC? - the tag in your phone, new security threats and how they might be countered....