The Information Systems Security Association, an Irish security professionals group is hosting an event coming up on June 10th overlooking Microsoft’s products and security. You can register for this free event at http://www.issaireland.org/june09 and it is open to anyone who registers. Below is an overview of the event:
“Our next event will be on Wednesday June 10th and will be a special event in conjunction with Microsoft, focusing on the upcoming security enhancements in the Windows platform and Microsoft’s security work in Dublin. This event will run from 2PM to 5PM and our venue this month is the Academy building at 42 Pearse Street, just around the corner from Pearse Street DART station.”
Security Improvements in Windows 7 & Server 2008 R2
Dave Northey, Principle Systems Engineer, Microsoft Ireland
Later this year Microsoft will release two new products in the Windows family: Windows 7 and Windows Server 2008 R2. Both releases will introduce new security features and capabilities as well as enhancing the security of the Windows platform. As Irish organizations consider their deployment strategies for Windows 7 and 2008 R2 it is appropriate that our first presentation should introduce the security improvements in both products and demonstrate some of the new features of interest to security professionals.
Our speaker for this session will be Dave Northey, Principle Systems Engineer with the TechNet group at Microsoft Ireland. Dave has worked with Microsoft for over 13 years in a career which has spanned Microsoft’s consulting, account management, sales and evangelist groups. Since 2006 Dave’s has worked with Irish IT professionals to introduce Windows Vista, Server 2008, Hyper-V, SoftGrid, System Centre and other new technologies in Microsoft’s infrastructure portfolio.
How Microsoft Manages Information Security
Frank O’Keeffe, Regional Information Security Manager, Microsoft IT
At past ISSA events we have heard how organizations such as Intel manage information security internally, following on from this we have asked Frank O’Keeffe to present Microsoft’s approach to information security and highlight the lessons which can be learned from an organization of their scale and complexity. Microsoft Information Technology (Microsoft IT) provides global IT and information security services for Microsoft. This presentation focuses on how the Information Security organization within Microsoft IT helps Microsoft protect its digital assets. In addition to being Microsoft’s Regional Information Security Manager for EMEA Frank is one of the senior ISSA members in Ireland with over 10 years information security experience at Microsoft, Elavon, Symantec and the Irish Defence Forces, and holds the CISA, CISSP and SSCP certifications.
Microsoft’s Malware Research: Conficker Case Study
Elda Dimakiling & Francis Allan Tan Seng, Microsoft Malware Protection Centre
One aspect of Microsoft’s information security efforts is often overlooked: their work in the anti-malware area. Following a series of acquisitions in recent years Microsoft is now a leading anti-virus and anti-malware company offering multiple products and services to protect customers and with one of the largest research & response organizations. A key part of this anti-malware organization is the Microsoft Malware Protection Centre in Dublin where two of our speakers, Elda Dimakiling and Francis Allan Tan Seng, are based. On June 10th Francis and Elda will present Microsoft research on the Conficker worm, its propagation techniques and its payload. Their presentation will show the impact of Conficker, discuss Microsoft’s role in dealing with this attack and suggest good practices on how to prevent similar attacks in future.
Tools for Securing Windows Environments
Short talks & demos by Irish security professionals
To close this event we will have a series of short presentations from ISSA members to discuss and demonstrate the many free tools which are available for securing Windows environments. These short talks will cover free tools from Microsoft such as LogParser and TAM ("Threat Analysis & Modeling") as well as third-party tools which members have found useful.