Find us on
 |
 |
 |
 |
 |
Past Programs
 |
Keynote: Securing IT in Healthcare: Part III |
 |
Keynote: SITH3, Technology-Enabled Remote Monitoring and Support |
 |
Intersection of mHealth and Behavioral Health |
Newsletter
ISTS Information Pamphlet
|
8:15 a.m. |
Buses Leave Courtyard by Marriott for the Dartmouth Campus |
|
8:30 a.m. |
Conference Registration and Continental Breakfast |
|
9:00 a.m. |
Denise Anthony |
|
9:10 a.m. |
Legal and Regulatory Developments for Privacy and Security (Abstract) Rodney Petersen |
|
10:05 a.m. |
"Crimeware" Threats (Abstract) Peter Cassidy |
|
11:00 a.m. |
Break |
|
11:15 a.m. |
Hacker Trends and Motivations Scott McGaunn |
|
12:10 p.m. |
Lunch |
|
1:00 p.m. |
Panel Discussion: Email Services for the Campus Community Participants: Mary Corcoran (Boston College), Adam Preset (University of Pennsylvania), and Ellen Young (Dartmouth College) |
|
1:55 p.m. |
Campus Life Online: Understanding Student Culture and Facebook (Abstract) Ana Martínez Alemán and Katherine Lynk Wartman |
|
2:50 p.m. |
Break |
|
3:05 p.m. |
Government-related Activities in Education and Workforce Training for Information Security Brenda Oldfield |
|
4:00 p.m. |
Emerging Trends in Enterprise Security Metrics (Abstract) Andrew Jaquith |
|
4:55 p.m. |
Wrap-up David Bucciero |
|
5:30 p.m. |
Social at the Hanover Inn, Hayward Lounge |
|
7:00 p.m. |
Free Time for Dinner |
|
8:30 p.m. |
Buses Return to Courtyard by Marriott |
|
8:15 a.m. |
Buses Leave Courtyard by Marriott for the Dartmouth Campus |
|
8:30 a.m. |
Continental Breakfast |
|
9:00 a.m. |
Break-out Session 1 The Higher Education Bridge Certification Authority (HEBCA) and the Four Bridges Forum (4BF) (Abstract) Pleasant Skies, or a Gathering Storm: The Good and Evil of Security Services in the Cloud (Abstract) The Phishing Education Landing Page (Abstract) |
|
10:10 a.m. |
Break-out Session 2 The Higher Education Bridge Certification Authority (HEBCA) and the Four Bridges Forum (4BF) (Abstract) The Phishing Education Landing Page (Abstract) Anatomy of an RIAA File-sharing Lawsuit (Abstract) |
|
11:20 a.m. |
Break-out Session 3 Pleasant Skies, or a Gathering Storm: The Good and Evil of Security Services in the Cloud (Abstract) Anatomy of an RIAA File-sharing Lawsuit (Abstract) |
|
12:30 p.m. |
Lunch |
|
1:15 p.m. |
Conference Wrap-Up The Conference will conclude at 2:00 p.m. Bus service back to the Courtyard by Marriott will be provided at this time. |
Legal and Regulatory Developments for Privacy and Security
The politics of privacy and security have reached new heights as the Obama administration announces a comprehensive review of cybersecurity. While many in Washington are waiting to see what the White House proposes as the way forward, the Congress and federal agencies continue to craft legislation and regulations designed to combat concerns for identity theft, data protection, and safeguarding of our nation's critical infrastructure. This session will provide an update from Washington, focusing on recommendations from the administration and private sector groups that call for a comprehensive cybersecurity strategy.
Rodney Petersen
"Crimeware" Threats
Phishing has evolved from pure social engineering schemes to crimeware-based phishing systems using sophisticated technical subterfuge, sometimes blending both kinds of schemes in a single attack architecture. In this segment, Mr. Cassidy reviews genres of crimeware, the data they target and the mechanisms by which they propagate.
Peter Cassidy
Campus Life Online: Understanding Student Culture and Facebook
In this talk, the authors of Online Social Networking on Campus: Understanding What Matters in Student Culture (Routledge, 2009) will discuss the results of an empirical study of undergraduate college student use of the social networking site Facebook. They will pay particular attention to the meanings students make of their own use of this site, as well as implications for college administrators.
Ana Martínez Alemán and Katherine Lynk Wartman
Emerging Trends in Enterprise Security Metrics
Managers know that "you can't manage what you don't measure." Budget pressures and the need to demonstrate security effectiveness have led leading enterprises to embrace security metrics as a key discipline. In this talk, Forrester senior analyst and noted author Andrew Jaquith discusses prevailing trends in security metrics and measurement, identifies key best practices, and recommends areas for future research.
Andrew Jaquith
The Higher Education Bridge Certification Authority and the Four Bridges Forum (4BF)
Strong authentication of identity and thorough verification of devices is a mandatory requirement for critical cyber infrastructures. The use of Public Key Infrastructures (PKI) can provide stronger authentication of individuals and devices, and enable a host of security services based on the digital certificates they issue. This break-out session will include a discussion of the benefits of PKI on campus with information on the Higher Education Bridge Certification Authority (HEBCA) and Four Bridges Forum (4BF) which enable PKI certificates to be interoperable across major US federal agencies, US-based pharmaceutical companies, aerospace and defense contractors and colleges and universities.
Scott Rea
Pleasant Skies, or a Gathering Storm: The Good and Evil of Security Services in the Cloud
Staff and students participating with Dartmouth's Cyber Security Initiative (CSI) will discuss their research on performing security services in the cloud. The findings suggest that there are potential technical and cost benefits of using cloud services for a number of tasks including penetration testing, forensic analysis, security monitoring, honeypots, and various processor-intensive security procedures. However, those with malicious intentions could also reap these benefits and the team will address concerns such as anonymous use of cloud services, the risk of easy access to high-powered computing, and potential legal complications in dealing with attacks from the cloud.
Dartmouth's Cyber Security Initiative
The Phishing Education Landing Page
The primary motivation of the APWG/CMU CyLab Phishing Education Landing Page is to instruct credulous email users the moment they have placed themselves at risk: when they have clicked on a link in a phishing email. Why? Because that failure in judgment presents a "teachable moment" for someone who has almost fallen victim of a phishing attack - and is when training is most effective. Mr. Cassidy will introduce the landing page, explain its logistical architecture, and review some of the data about users who have been redirected to it developed by APWG's partners at CMU CyLab. See: http://education.apwg.org/r
Peter Cassidy
Anatomy of an RIAA File-sharing Lawsuit
An attorney for a defendant in an RIAA file-sharing suit and the defense's expert witness dissect aspects of these lawsuits on matters of interest to university computer departments. Put on your latex gloves and bring your scalpel.
Ashlyn Lembree and Sergey Bratus
