Date post: | 23-Dec-2015 |
Category: |
Documents |
Upload: | kathleen-hines |
View: | 217 times |
Download: | 2 times |
Planning and Conducting An IT Security Conference
Two Approaches
Robert Ono, University of California, Davis
Theresa Semmens, North Dakota State University, Fargo
2
Information Security Training Conferences
A Component of a Broader Information Security Program
Several Options Available Schedule: One-time vs On-going Focus: Technical vs Management Format: Lecture vs Hands-on Instruction Funding: Internal vs External Sponsors Location: Off-site vs Campus Facilities
3
Key Planning Areas
Conference Coordination Staff Identification of Key Objectives Program and Budget Planning Integration with Sponsors Event Logistics/Facilities Determining Session Content Project Management Post-Conference Evaluation
4
Two Examples
IT Security Symposium, UC Davis Biennial Schedule Next Conference, June 22-24, 2005 Registration Limited to University of California Staff
IT Security Conference, North Dakota State University Annual Schedule (Tentative) Next Conference, November 3, 2005 Registration open to IT staff in K-20, public , private, and
tribal
5
2005 IT Security Symposium, UC DavisConference Planning Committee
Campus IT Security Officer, Chairperson University Participation from Technical Staff
School of Veterinary Medicine Deans’ Office, College of Letters and Science Dean’s Office, College of Agricultural and Environmental
Sciences Computer Science Department Plant and Environmental Sciences Department University of California, Office of the President
Classroom Technology Specialist, IET Communication Specialist, IET Administrative Specialist, IET Project Management, IET Contract Web Developers
6
2005 IT Security Symposium, UC DavisFormal Objectives
Discuss Relevant/Timely Security Topics for System/Security Administrators,
Provide Hands-on Lab Training Opportunities for Security Knowledge/Skill Advancement
Promote Sharing of Local Security Knowledge and Expertise
Provide a Networking Opportunity Among Registrants
Serve Technical Audience of 75% UC Davis and 25% Other UC campuses
Maintain An Affordable Conference Fee ($100 or less)
7
2005 IT Security Symposium, UC DavisConference Format
Two and a Half Day Conference Single Keynote Speaker Hands-on Instructional Labs (30 @ 3 hours each)
Campus Session Technical Presenters (6) Sponsor In-Kind Technical Presentations (24)
Instructional Lectures (15) Financial Sponsor Sessions (5) Networking Opportunity – BF/Lunches Registration Fee ($85)
8
2005 IT Security Symposium, UC DavisProject Schedule – 32 Weeks
Weeks 1-8, Bi-Weekly Meetings1. Define Objectives2. Establish Event Format and
Calendar3. Prepare Budget4. Determine Sponsor Participation5. Identify Resources for Event
1. Instructional Rooms2. Catering3. Keynote and Overflow4. Audio/Visual Requirements5. Proctors
6. Establish Subcommittees7. Prepare Communication Plan8. Initiate Development of an Online
Registration System9. Solicit Sponsors & Keynote
Weeks 9-32, Weekly Meetings
1. Request Faculty Participation
2. Prepare/Release Call for Papers
3. Review Submitted Sessions
4. Finalize Session Content
5. Prepare/Release Online Registration & Communications
6. Finalize Catering Order
7. Finalize Speaker Honorarium
8. Prepare Conference Handouts/Shirts/Bags
9. Prepare Instructional Labs
10. Arrange Proctors & Registration Staff
11. Conduct Conference
12. Post Evaluation
9
2005 IT Security Symposium, UC DavisCommunication Plan
What Are The Key Messages? Who are Target Audiences? Who Can Help Spread Messages? Web Sites – Informational and Registration Announcements – Registrants/Vendors/Speakers Publications – Organizational and Institutional Graphics Signage Acknowledgements
10
2005 IT Security Symposium, UC DavisConference Sponsors
Financial Sponsors Two Levels, $7,500 and $3,000 Independent Session Opportunity Material Display Opportunity Corporate Logo on Conference T-Shirt
Instructional Session Sponsors Technical Instruction Demonstration Material Display Opportunity Corporate Logo on Conference T-Shirt
11
2005 IT Security Symposium, UC DavisBudget (2.5 days)
Ten Win/Mac/Linux/Solaris Computing Labs $ Donated Food (2 Lunch, 3 Breakfasts, 2 Afternoon Refreshments) $13,750 Door Prizes ($1,000 Instruction Cert x 6 and Texts) $ 5,250 External Developers, Conference Web Registration $ 3,500 Keynote Speaker – Streaming Video $ 3,000 Conference T-Shirts (275) $ 2,500 Session Speaker Gratuity (UC Speakers) $ 2,000 Duplication/Office Supplies $ 1,000 Facility Setup (Labor/Fees) $ 1,000 Facility/Space Rental $ 1,000 Speaker Appreciation Dinner $ 1,000 Conference Polo Shirts (20) $ 650 Bus Transportation During Event $ 500 Keynote Speaker Gratuity $ 100 Contingency Fund $ 3,000 Revenue – Projected Registration Fees $18,000 Revenue – University of California, Office of the President $ 5,000 Revenue – External Sponsors $18,000
12
2005 IT Security Symposium, UC DavisConference Schedule
June 22, Wed, 8-10:30am Breakfast, Opening & Keynote
June 22, Wed 10:30-12noon Concurrent Financial Sponsor Sessions
June 22, Wed, 1:45-4:45pm Instructional Computing Labs/Lectures
June 22, Wed, 12-1:30pm Lunch
June 22, Wed, 1:45-4:45pm Instructional Computing Labs/Lectures
June 23, Thu, 8-8:45am Breakfast
June 23, Thu, 9-12noon Instructional Computing Labs/Lectures
June 23, Thu, 12:15-1:30pm Lunch/Sponsor Tables
June 23, Thu, 1:45-4:45pm Instructional Computing Labs/Lectures
June 24, Fri, 8-8:45am Breakfast
June 24, Fri, 9-12noon Instructional Computing Labs/Lectures
13
2005 IT Security Symposium, UC DavisSponsors and Session Contributions
Financial Sponsors Dell and Tipping Point
Application Infrastructure and Performance Protection
KPMG International Business Improvement and
Technology Implementation Microsoft Corporation NEC Solutions America
Simplified Password Management and User Identification
Sophos Assessing Security Risks
Teros Understanding and Preventing
Web Application Attacks
Instructional Sponsors Apple Computers
OSX Tiger – New Security Features Securing OSX
IS Inc. Certified Training Securing Windows Server Active Directory Securing Windows Server 2003
MacTrainers Certified Training OSX Basics OSX Security
Microsoft Implementing Windows Update Service Secure Configuration of Windows 2003
New Horizons Certified Training Ethical Hacking Techniques
Sun Microsystems Solaris 10.x Implementing Solaris Security Toolkit
14
2005 IT Security Symposium, UC DavisUC Faculty/Staff Presentations
Campus Firewall Services Converting Policy to Reality Deploying Tripwire – A Change Auditing and Security Tool Establishing A Virtual Private Network Improving Unix Security – Advanced Topics Introduction to Computer Forensics Intrusion Detection with Open Source Tools Planning, Staffing and Sustaining a Secure Department IT
Function Running a Secure Fedora Linux Machine Identifying Unix
Compromises Vulnerability Scanners to Intrusion Prevention – What’s Next UC Davis Information Security Standards
15
2005 IT Security Symposium, UC DavisCurrent Status
Registration Open: April 4, 2005 Conference Web Site:
http://itsecuritysymposium.ucdavis.edu/ Conference Registration Site:
https://secure.ucdavis.edu/securitysymposium/
16
2005 IT Security Symposium, UC DavisLessons Learned
Start Planning Process Early Financial and Content Sponsors
Requires Objective Approach – Somewhat Similar to An RFP Consider Sponsor Interests Sponsorship Levels Lots of Follow-up Required Timing of Financial Sponsor Sessions
Local Networking Opportunities During the Conference Computing Lab Setup Review Post-Conference Evaluations for Suggestions
17
2004 IT Security Conference, NDSU, Fargo“A Call to Action”
Conference Demographics Dual Population Base
Provide and information and networking resources for Colleges and Universities in a tri-state area Rural area schools, K-12 in a tri-state area
Dual Audience and Purpose Provide information and training to:
Technical staff Administrative staff
Conference hosted off campus Presenters fees were “no charge” or local expertise
18
2004 IT Security Conference, NDSU, FargoConference Planning Committee
2004 NDSU IT Security Officer,
Co-Chairperson EduTech Director, Co-
Chairperson ND University System IT
Security Officer NDSU ITS Management:
Director, Policy Management
Communications Specialist
HR Specialist
2005 All of those for 2004 plus: EduTech:
EduTech Help Desk Manager
EduTech Coordinator of Network Services
19
2005 IT Security Conference, NDSU, FargoFormal Objectives
Increase awareness of IT security issues and solutions Discuss best practices in the areas of policy, technology
& operations Increase networking opportunities with peers Provide workable solutions for those institutions on a
“shoe-string” / non-existent IT security budget Serve a broad technical/administrative audience Minimal Conference Fee – Many K-12 lack funding Location – Learning Labs?
20
IT Security Conference, NDSU, FargoConference Format - 2004
Keynote SpeakerIS Risk Management – Challenges and Strategies
Two panel discussionsNetwork Authentication
Patch Management
Three general sessionsForensics, Wireless, MSUM solutions
Luncheon speaker Windows XP Service Pack 2 in the Educational Community
No Vendor booths
Keynote and last general session - vendors, no product promotion
Used a mix of outside and institutional expertise
21
IT Security Conference, NDSU, FargoConference Format - 2005
Single Keynote Speaker
Breakout session – two tracks – six sessions
Administrative
Technical
One panel discussion
Two general sessions
Vendor booths set up from 10 AM to 2 PM
Networking opportunity – BF/luncheon
Registration fee ($75.00)
22
2005 IT Security ConferenceProject Schedule - NDSU
Task Date Completed Committee Member
Set date 2/8/2005 All
Set budget 2/8/2005 Theresa
Reserve conference location, catering contract, 3/8/2005 Theresa
Send email with new date to past attendees 3/7/2005 Theresa
Review and send sponsor letter, log info and follow up
Tabled till next meeting Wayne, Cathy, Dick
Develop Marketing PlanTabled till next
meeting Theresa, Cathy
Build website Started Mary, Cathy, Theresa
Secure speakers Started Theresa, Jody
23
2005 IT Security ConferenceCommunication Plan - NDSU
Key Messages for Target Audiences
Web Site (http://its.ndsu.nodak.edu/security/conference-05/) Information, Announcements Registration Form
Publications – Organizational and Institutional
Signage
Forms – participant, sponsor, vendor, presenter
Acknowledgements
24
2005 IT Security Conference Sponsors - NDSU
Vendor Sponsorships 2005 Conference
$500
2004 Conference Symantec $500 DakTec $500 Cisco $1000
25
2005 IT Security Professionals Conference Schedule (tentative AM)
Time Session7:30 Registration
8:00 Welcome
8:30 Keynote Address – Dr. Kevin Streff, SDSU, Information Assurance
9:30 General Session – Jack Suess, Spam, Initiatives & Research
10:50 Panel Discussion – Secure Management of Wireless Networks
11:45 Luncheon & Vendor Visitation
26
2005 IT Security Professionals Conference Schedule (tentative PM)
Breakout SessionsTrack A Track T1:00 First Response for Incidents Dr. Steven Gribble –
“Security on the Move”
2:00 Dr. Huirong Fu – Cisco – Wireless War drivingInformation Assurance
3:00 John Weaver – ISO 17799 Dr. Steven Gribble – Measuring Spyware at the
UWGeneral Session4:00 STAGEnet, Dan Sipes, ITD, State of North Dakota
27
2005 IT Security Conference, NDSU, FargoProjected Budget
Expenses
Speakers (Travel & Lodging Expense) $3,000.00
Catering $3,000.00
Advertising $50.00
Registration & Miscellaneous $200.00
Conference Packets $300.00
Token of Appreciation $150.00
Hotel Internet Access Charge $50.00
Projected Expenses $6,750.00
Income
Registration based on 65 participants at $75 ea. $4,875.00
Vendor Sponsorships at $500 each (5) $2,500.00
Projected Revenue $7,375.00
Balance $625.00
28
Information Security Training Conferences - NDSU
Committee Morale Taking Ownership Marketing the conference
Conference Evaluations – Important Planning for the next time Annual/Bi-Annual?
Solid working relationship with conference location representative
Participants valued: wireless Internet access & the food!