17 Jun 2002 Monday by sdfwerte


                                                                                          Day                             17 Jun 2002 Monday

                                             11 00-11 3 0 Opening Ceremony
                                             11 30-12 3 0 Keynote Speech
                                             History of Hackers, Past, Present and Future Trends
                                             Speaker: Mr. David Rhoades, SANS Instructor (English)
                                             Hacking has been around for a long time since the first launch of commercial electronic computer
                                             in the 1960s. Early hackers broke into telephone networks to make free calls. Today, some
                                             hackers just break into computer systems for fun. Throughout the years, the hacking behavior,
                                             techniques and purposes have changed a lot. In the early years, hackers were computer experts
                                             who understood low level programming and in-depth knowledge in operating systems. With the
                                             availability of hacking program downloads and web-based tools, hackers today require less skill
                                             to hack into systems. Mr David Rhoades will lead us through the history of hacking, and reveal
                                             the changes in the mindsets of hackers, as well as the growing sophistication of hacking tools.

 Track 1                                                                                                                                                                                 Track 2

[1.0] Building a Highly Secured Anti-virus and Anti-hacking Network                                       [2.0] Preparing for Security Incidents
                                                                                                          13:45-14:30                (Cantonese)
13:30-14:15 (Cantonese/English)                                                                           As the evolution of e-commerce creates an immense opportunity for enterprises to interact
                                                                                                          with the internet, the risk of exposure becomes much greater than before. Therefore, the
Viruses have become more intelligent and added more hacking behavior. Hacking also becomes
easier, and many people do it at work. Administrators are facing greater challenge protecting             basic security measures such as firewall deployment are no longer sufficient to protect
networks. We will discuss the latest technology which can strengthen security and ease                    your corporate network. Are you overwhelmed with any possibility of disaster? Indeed,
management to prepare for the latest security threat.                                                     preparing for the security events become a major challenge for most companies. Now, you
                                                                                                          are cordially invited to know more about how you can tackle to this challenge.
                             Mr. Leo Chan, Regional Engineering Manager, Network Associates Inc.
                                                                                                                       Mr. Jackson Lee, Network Seurity Consultant, CL Technical Services Limited

[1.1] Integrated Firewall and VPN Solutions for Today’s Applications
                                                                                                          [2.1] An Effective IT Security Management Program
14:30-15:15 (Cantonese)                                                                                   14:45-15:30 (Cantonese/English)
To protect networks from the threats and vulnerabilities caused by new types of hacker attacks,
wireless LANs and the business practices that are redefining which users can be trusted to access         Information is an asset which, like other important business assets, has value to an
mission-critical data, traditional perimeter security models become increasingly inadequate.              organization and consequently needs to be suitably protected. Information security is
NETSCREEN TECHNOLOGIES, INC. develops scalable network security solutions for enterprises                 characterized as the preservation of confidentiality, integrity and availability. To achieve the
and services providers. Its award-winning line of integrated security systems and appliances              goal of safeguarding information asset, an organization should implement security controls
combine firewall, VPN, traffic management and other security functions within a purpose-built, high-      in management, operational and technical aspects. This presentation will introduce best
performance platform.                                                                                     practices of security controls and how an organization should go about choosing and
                                                                                                          implementing them.
             Mr. Thomas Chan, Technical Consultant, NCSA, CISSP, NetScreen Technologies, Inc.
                                                                                                                                                       Mr. Henry Ng, Security Lead of HP Consulting,
                                                                                                                                                                 Hewlett-Packard Hong Kong Limited
[1.2] Next Generation Security Architecture
                                                                                                          [2.2] Securing the Internet Round Trip

15:30-16:15 (Cantonese)                                                                                   15:45-16:30 (Cantonese)trip - an online request followed by a corresponding
When managers and security professionals consider implementing a security strategy, they usually          All Internet processes follow a round
concentrate on protecting the perimeter, focusing on the firewall and signature-based network             response. The blended threat has created point products to protect at different aspects.
intrusion detection only. In fact, a security infrastructure consists of at least three key components:   These products often operate independently and difficult for organizations with limited
firewalls, network intrusion detection, data and network integrity (DNI) tools. These technologies        support capabilities, to deploy and support them within an enterprise. This session will
have become an integral part of the infrastructure of trust supporting mission- and business-critical     explore how to secure the round trip with protection at all layers, at the perimeter of the
data and applications. You can learn more about the Next Generation Security Architecture by              trusted network. In this way, a single security solution with multiple capabilities could act
attending this seminar and visiting GTI's booth in the Showcase.                                          as a "traffic cop" at the gateway between an enterprise network and the Internet.
                              Mr. Billy Ngun, Consulting Engineer, Global Technology Integrator Ltd.                    Mr. Manfred Hung, Senior Systems Engineer, Symantec Hong Kong Limited

[1.3] Securing Unix for the Enterprise                                                                    [2.3] eSecurity Solution for All Web Based Applications

16:30-17:15 (Cantonese)
As today's highly sophisticated eBusiness infrastructure continues to expand, managing security
across the enterprise becomes increasingly complex. A complete, cross-platform security solution          16:45-17:30              (Cantonese)
that safeguards systems from wireless devices to the mainframe is a must to all the modern                Accessing your web based application & data with highest level of security. A cost effective
enterprise. In this session, you will learn how to implement an integrated, policy-based and fully        e-security appliance enables enterprise to define, enforce and manage the encryption,
scalable security infrastructure management solution to provide you with the best options.                authentication and authorization that protects the web enabled data and applications. Its
                                                                                                          innovative design delivers a highly scalable Solution that integrates all aspects of security
                                              Mr. Yang Hin, Product Manager, Computer Associates          for web based applications.
                                                                                                                                 Mr. Raymond Yeung, Chief Representative, Rainbow Technologies

                 0 9 30-10 15 Keynote Speech
                                                                               Day                         18 Jun 2002 Tuesday
                                                                                                                 Effective information security management
                                                                                                                 involves a combination of prevention, detection
                                                                                                                 and reaction. While proper preventive measures
                 An Overview on Information Security Incident Handling                                           and safeguards reduces the risk of security
                                                                                                                 attacks, information security incident does occur.
                 Speaker: Mr. Tony Wong, Senior Systems Manager,
                                                                                                                 It is necessary to get prepared in order to
                          IT Security Infrastructure Services,                                                   facilitate proper and effective response and
                          ITSD,HKSAR Government (Cantonese/English)                                              system recovery.

  Track 1                                                                                                                                                                     Track 2
[1.4] Defending Networks Against Cyber Attacks                                                           [2.4] Database Encryption - Securing Your Sensitive and
                                                                                                         Critical Information in the Corporate Databases
10:30-11:15 (English)
DoS and DDoS which transcend global boundaries are increasing worldwide due to creativity of
hackers and the uptake of broadband, jeopardizing the performance and availability of your organi-
                                                                                                         10:45-11:30               (Cantonese/English)
                                                                                                         Internet revolutionalized the way how information can be easily accessed and
zation's website as well as the security of your on-line businesses.                                     exchanged globally. A lot of efforts are put into ensuring safe and secure delivery
Traditional security measures are not enough to stop them. The Attack MitigatorTM is a low cost, easy    of information on this global network. The end points of the communication where
to use, purpose-built appliance designed to preserve content, availability and maintain efficient        information is permanently stored also warrant the same level of attention. The
response times during the most sophisticated DoS attacks.                                                repository, containing sensitive and critical business information, is often
It sits in the gateway of the internet, saving your network and existing security equipment from being   susceptible to external as well as internal attack. In this presentation, we will
assaulted by DoS traffic so firewalls and IDSes can continue doing their job uninterrupted.              introduce the concept of Database Encryption as an additional means to safeguard
                       Mr. Alexander Turkington, Vice President, Asia Pacific, Top Layer Networks        data security in a corporate, internet or intranet environment.
                                                                                                                     Mr. Ernest Wong, Vice President, Technology, SecureNet Asia Limited
[1.5] Network Security with NetScreen and NetIDS - Firewall and IDS
Integrated Protection                                                                                    [2.5] Intrusion Trend 2001-2005 & Survivable Systems

11:30-12:15               (Cantonese)
Firewall protection is a basic requirement nowaday. Is that all? Depolying Intrusion Detection System
(IDS) will further strengthen the overall network security.                                              11:45-12:30 (English)
In this seminar, the trend and implementation of firewall (NetScreen) and IDS (NetIDS) will be           The Company's Security Service Center has been monitoring intruder activity since
presented. Furthermore, one will understand the benefits of the integration between the two systems      2000. Much has changed since then, from our technology to the Internet
and how one willl enjoy such advanced protection in an affordable way.                                   community, to attack techniques. In this Seminar, we shall give a brief overview of
                                                                                                         recent trends that affect the ability of organizations (and individuals) to use the
                                            Mr. Danny Ma,Vice President, New Sky Internet Limited        Internet safely.
                                                                                                                                                    Mr. Norman Pan, Managing Consultant,
[1.6] Security Strategies for Enterprise/SME Data Defense Systems                                                                                       Doctor A Security Systems (HK) Ltd.

13:30 - 14:15 (Cantonese/English)                                                                        [2.6] Securing your Enterprise Network with IPSec VPN
Unknown Viruses and its variants are evolving at such a fast pace that even keep updating new virus
signature files may not be sufficient to combat against new threats simply by comparing suspects
with updated signature files. What if AV companies fail to discover new viruses before its breakout?     13:45-14:30             (English)
NORMAN is the first to present the New Patent Technology - Deep Scan and Sandboxing - to detect          WAN bandwidth is one of the most expensive recurring IT expenditures. With the
new viruses and eliminate the possibility of false alarms.                                               advent of broadband technology, IT managers have another choice. However,
Security measure is more than just anti-virus software; firewall and encryption software is emerging     pumping confidential corporate data to insure internet is highly risky. This briefing
as the last defense line to protect your valuable assets.                                                suggests a way to protect your data over the internet while taking advantage of
While Business Continuity Planning advocates use of backup systems to relieve financial loss when        high bandwidth and ever dropping broadband charges.
disaster strikes, it takes administrators lot of time and resources. IBAS Data Recovery Services and           Mr. Roger Luk, Regional Support Manager (Greater China), SonicWALL Inc.
Data Erasure Tools provide alternative way to secure valuable data.
                                   Mr. Oystein Normann Syversen, Vice President, NORMAN ASA              [2.7] Requirements for Managed Security Monitoring
[1.7] Next Generation of Internet Security - Proactive Antivirus &                                       Provider
Content Security                                                                                         14:45-15:30             (Cantonese)
                                                                                                         Managed Security Monitoring (MSM) Services are becoming the most critical
                                                                                                         necessity of the IT/IS management. In this session, we will discuss the different
                                                                                                         MSM models adopted by various ser vice providers. Moreover, a list of
14:30-15:15 (Mandarin/English)                                                                           requirements for MSM will be presented, such that various companies can select
Recent mass-mailing virus outbreaks have proven that current antivirus/content security solution is      the most suitable MSM models according to their own characteristics.
not fast and efficient enough to protect against new viruses and malicious codes. Trend Micro
                                                                                                                                    Dr. H K Cheung, Sr. Security Consultant, e-Cop.net Ltd.
believes that proactive virus prevention policy is a fast response during virus outbreaks to remove
high volume of infected messages before a virus pattern becomes available. Trend Micro's next
generation solution - proactive and complete antivirus/content security solution - gives enterprises     [2.8] Employee Internet Management
effective protection and peace of mind against new viruses.
                                             Mr. David Jang, Manager-Asia Paciic, Trend Micro Ltd.       15:45-16:30                (Cantonese)
                                                                                                         As more companies adopt the internet as a corporate tool and enjoy the benefits
[1.8] Enterprise Security on Key Management                                                              the technology brings, they need to take care not only how to avoid information
                                                                                                         leakage, but also optimizing bandwidth utilization, avoiding legal liability from
                                                                                                         inappropriate or illegal use of the company internet. Find out how this powerful yet
15:30-16:15 (Cantonese/English)                                                                          easy-to-manage Internet filtering technology gives you the ability to transparently
As public key cryptography has become the basis of computer security, the weak point in enterprise       monitor, report and manage employee Internet use and serves as an easy way to
security has shifted from the data itself to the keys which protect them. Data is only as secure as      enforce your company's Internet access policy.
these keys. To address this issue, products have been developed to store keys securely within
                                                                                                                                Mr. Thomas Yu, CISSP, Consultant, Professional Services,
protected and trusted hardware modules.
                                                                                                                               Datalink Business Solutions Ltd, representing Websense Inc.
nCipher solves security problems by applying cryptographic solutions to points of risk across the
nCipher is redefining cryptographic security.                                                            [2.9] Why Information Security Management?
                                              Mr. Peter Sze, Director, Asia, nCipher Corporation Ltd.
                                                                                                         16:45-17:30             (Cantonese)
[1.9] Be aware when you’re online!                                                                       Information is the lifeblood of all organizations and can exist in many forms
                                                                                                         including paper, electronic means, films or spoken in conversation. In today's
                                                                                                         competitive business environment, such information is constantly under threat from
                                                                                                         many sources. These can be internal, external, accidental, or malicious. To
16:30-17:15 (Cantonese)                                                                                  ensure the confidentiality, integrity, and availability (CIA) of both vital corporate
                                                                                                         information and customer information, you can build a comprehensive Information
Virus & hackers attack are common in your daily use of Internet. We'll show you with examples, how
                                                                                                         Security Management System (ISMS), according to the standard of ISO 17799 and
common it is and let you know how far will it affect your business and even your daily work. We'll
                                                                                                         BS 7799.
suggest the solution to prevent and teach you how to justify the implementation of each security
solution. Real life case study will be shared with you in order to enhance your understanding and                                    Ms. Camille Poon, Operation Manager, BSI Pacific Ltd.
alert the importance of Internet Security.
                                      Mr. Benny Hu, Network Consultant, HKNet Company Limited
                                     Day                         19 Jun 2002 Wednesday
09:30-10:15 Keynote Speech
                Legal Issues Arising from Breaches in Security-What You Need to Know
                Speaker: Mr. David Ellis,
                         Partner, Johnson Stokes & Master (English)
                A breach of security by itself can be bad enough. But as well as any immediate damage caused if your security
                is breached you may find yourself liable to legal claims from other people who have suffered a loss as a result
                of the security breach. For example you may find yourself in breach of a duty of confidentiality or in breach of
                the provisions of the Personal Data (Privacy) Ordinance. This talk will take a look at the types of legal claims
                that could arise following a breach of security and the kinds of steps that can be taken to minimize such claims.

 10:30-11:15    Information Security Management: A Simple Concept, Complicated Challenge
                Security is one of the key components of end-to-end infrastructure management. Due to exponential increase
        [3.0]   in web-based deployments and transactions, enterprises are requiring security more than ever before.
                However, security has to be viewed and deployed in an integrated way by supporting all key components of a
                typical computing infrastructure. Networks, systems, databases and applications have to be secured in an
                integrated fashion. Beyond basic authentication and authorization, today enterprises are facing security
                challenges in many different areas.

                (Cantonese)                                      Mr. Sherwin Wong, Consulting Director, Computer Associates

 11:30-12:15    The Future of Enterprise Security: A Holistic Approach
                The Internet's pervasiveness and accessibility have brought countless benefits to businesses. Yet those same
                characteristics have also provided opportunities for misconduct. IT professionals are challenged by increasingly
                complex and powerful "blended threats" which are vastly different from traditional attacks. Blended threats
                require comprehensive security solutions that provide multiple layers of defense and response, with triggers to
                pre-determined responses when threats are encountered. This session will explore how organizations should
                formulate a comprehensive security strategy to protect increasingly complex information systems.

                (English)                                Mr. David Sykes, Director - North Asia, Symantec Hong Kong Limited

 14:00-14:45    Winning the Battle of Risks: PCCW Information Security Management
                Security management is always a great challenge to IT managers. PCCW would like to share the experience
        [3.2]   on how Information Risk Management could lead the corporate to the right approach to Information Security
                Management. The guest speaker, Mr. Dale Johnstone, Principle Information Security Consultant of PCCW has
                over 15 years of experience in information security from a diverse range of industries including:
                Telecommunications, Transportation, Finance, Defense and Government. Dale's focus is on strategic corporate
                level information security management applied in a risk managed and consistent manner. Dale will
                demonstrate the Risk relationship, management process, and some case studies. Throughout the presen-
                tation, audience will understand how risk management's approach could benefit the entire information security
                strategy and planning.

                (English)                               Mr. Dale Johnstone, Principle Information Security Consultant, PCCW

15:00 - 15:45   No limits for IT security - RSA’s Authentication & Authorization Solution
        [3.3]   As companies move forward with their e-business initiatives, they find that their new security challenge is not
                just about protecting the perimeter. It's also about protecting their internal systems and applications from
                unauthorized access via the Internet. A strong security plan must be in place that includes a combination of
                privilege and access management, strong authentication, and enforceable transaction processing. This
                discussion will address the business requirements driving this shift as well as the technical challenges that
                businesses will face as they enhance their e-security solution.
                Mr. Lim Pun Kok is responsible for managing a team of RSA Security Technical Consultants to ensure a high
                level of customer service and technical support for RSA Security's partners and customers. He also assists the
                Regional Country Managers in monitoring major account status, in addition to recruiting and training of RSA
                partners to promote the RSA Brand Name and its suite of products.

                (English)                                     Mr. Lim Pun Kok, Director, Asia Pacific, RSA Security (S) Pte Ltd

16:00-17:30 Forum: Future Trends in e-Security
                Mr. Roy Ko, Principal Consultant, Hong Kong Productivity Council

                Panel Members:
                Mr. Dale Johnstone, Principle Information Security Consultant, PCCW
                Mr. Lim Pun Kok, Director, Asia Pacific, RSA Security (S) Pte Ltd
                Mr. David Sykes, Director - North Asia, Symantec Hong Kong Limited
                Mr. Sherwin Wong, Consulting Director, Computer Associates

          We bring you to the future of e-security                                                                                                       Free Seminars
     2002 6 17 19                          301 306-8                                                                                                     Pre-registration Required


Please ✔ the session you would like to attend and complete the form below for free seat reservation
            17 Jun 2002 Monday                                18 Jun 2002 Tuesday                                         19 Jun 2002 Wednesday
     11:00-11:30    Opening Ceremony                          09:30-10:15     Keynote Speech                              9:30-10:15    Keynote Speech                             Platinum Sponsors:
     11:30-12:30    Keynote Speech                                C/E         An Overview on Information                      E         Legal Issues Arising from
                                                                              Security Incident Handling                                Breach in Security
            E       History of Hackers, Past,                                                                                           Mr. David Ellis,
                    Present and Future Trends                                 Mr. Tony Wong,
                                                                              ITSD, HKSAR Government                                    Johnson Stokes & Master
                    Mr. David Rhoades, SANS Instructor
                                                                                    Tra ck 1                              3.0           Information Security
                       Tra ck 1                                                                                                         Management: A Simple
                                                                          Defending Networks Against                      10:30-11:15
     1.0         Building a Highly Secured                    1.4                                                                 C
                                                                                                                                        Concept, Complicated
     13:30-14:15 Anti-virus and Anti-hacking                  10:30-11:15 Cyber Attacks
                                                                              Top Layer Networks
                 Network System                                       E                                                                 Computer Associates
                    Network Associates Inc.                   1.5             Network Security with NetScreen             3.1           The Future of Enterprise
     1.1 Integrated Firewall and VPN                          11:30-12:15 and NetIDS - Firewall and IDS                   11:30-12:15   Security: A Holistic Approach
                                                                              Integrated Protection                                     Symantec Hong Kong Limited
     14:30-15:15 Solutions for Today’s                                C
                                                                              New Sky Internet Limited
                 Applications                                                                                                           Winning the Battle of Risks:
                    NetScreen Technologies, Inc.                                                                          3.2
                                                              1.6             Security Strategies for
                                                                                                                          14:00-14:45   PCCW Information Security
     1.2         Next Generation Security                     13:30-14:15 Enterprise/SME Data Defense                             E
                                                                              Systems                                                   PCCW
     15:30-16:15 Architecture                                     C/E
                                                                              NORMAN ASA
                    Global Technology Integrator Ltd.                     Next Generation of Internet
                                                                                                                          3.3           No limits for IT Security -
                                                              1.7                                                         15:00-15:45   RSA’s Authentication &
     1.3            Securing Unix for the                                          - Proactive
                                                              14:30-15:15 Security Security Antivirus &
                                                                                                                                  E     Authorization Solution
                    Enterprise                                   M/E                                                                    RSA Security (S) Pte Ltd
     16:30-17:15 Computer Associates
            C                                                                                                             16:00-17:30   Forum: Future Trends in e-
                                                                              Trend Micro Ltd.                                          Security                                           Sponsor:
                       Tra ck 2                               1.8         Enterprise Security on Key
     2.0            Preparing for Security                    15:30-16:15 Management
                                                                  C/E         nCipher Corporation Ltd.
     13:45-14:30 Incidents
            C       CL Technical Services Limited             1.9             Be aware when you’re online!
     2.1         An Effective IT Security                     16:30-17:15
                                                                              HKNet Company Limited
     14:45-15:30 Management Program                                   C
        C/E         Hewlett-Packard Hong Kong Limited                               Tra ck 2
     2.2         Securing the Internet Round                  2.4         Database Encryption - Securing
                                                                                                                    Enquiry                                                     Supporting Organizations:
     15:45-16:30 Trip                                         10:45-11:30 Your Sensitive and Critical                         :
            C       Symantec Hong Kong Limited                            Information in the Corporate
     2.3            eSecurity Solution for All Web                        Databases
                                                                              SecureNet Asia Limited
     16:45-17:30 Based Applications                                                                                 Fax
            C                                                 2.5             Intrusion Trend 2001-2005 &                     :
                    Rainbow Technologies
                                                              11:45-12:30 Survivable Systems
                                                                              Doctor A Security Systems (HK) Ltd.   Email
                                                              2.6         Securing your Enterprise Network                    :
                                                              13:45-14:30 with IPSec VPN
                                                                      E       SonicWALL Inc.
                                                              2.7             Requirements for Managed
                                                              14:45-15:30 Security Monitoring Provider
                                                                      C       e-Cop. net Ltd.
                                                              2.8             Employee Internet Management
                                                              15:45-16:30 Datalink Business Solutions Ltd.,
                                                                      C       representing Websease Inc.
                                                              2.9             Why Information Security              Remark: The program is subject to change
                                                              16:45-17:30 Management?
                                                                      C       BSI Pacific Ltd
E=English                  C=Cantonese                   M=Mandarin

                                               Seminar Pre-registration Form (Fax: 2788 5860)
     Name:                                                                                       Position:                                                                         Hong Kong Chapter

     Tel:                                                                                        Fax:


To top