Q&A: InfoSec World Conference and Expo

Jean Hey serves as Vice President of Conferences for MIS Training Institute. In this capacity she has been responsible for over 100 conferences, many of which focus on segments of information security. In this interview she talks about the upcoming InfoSec World Conference and Expo, taking place in March 2009.

Introduce InfoSec World to our audience.
InfoSec World is MIS Training Institute’s flagship security conference and expo, held annually in Orlando. This year’s conference runs March 9 – 11, with extra summits and workshops taking place before and after the conference. At InfoSec World, about 1500 information security professionals gather for three days to share their experiences and products and to learn the latest trends and techniques in data loss prevention.

Who are the featured speakers this year?
Featured speakers for InfoSec World 2009 are Whitfield Diffie, CSO of Sun Microsystems and inventor of public key cryptography; Michael Rochford, Director of Counterintelligence at Oak Ridge National Laboratory, who played a pivotal role in capturing Robert Hanssen of “Breach” fame; and Amanda Ripley, senior writer for Time and author of “The Unthinkable: Who Survives When Disaster Strikes – and Why.”

What security topics will be in the spotlight at the event?
Every year InfoSec World 2009 focuses on perennial problems such as strengthening firewalls, defending applications, managing identity and the latest legal concerns. This year extra attention is given to how to sustain your security initiatives on a shoestring; how to stem the tide of data leakage from laptop and mobile devices, how to defend against web browser and social networking attacks, and the latest on outsourcing and SaaS.

What tracks and workshops would you highlight?
This year features several hands-on workshops that reflect the growing interest in log management, perimeter security and virtualization. In addition, we have a hands-on track hosted by SANS which will offer security professionals the opportunity to explore in-depth, over three days, cutting-edge hacking techniques. For the second year running we have developed a track for IT auditors whose work is inextricably tied to information security. In addition, the increasing importance of end-point security convinced us of the need to dedicate a track to protecting the remote user.

Are you satisfied with the number of early registrations? How much has the event grown in the past few years?
Early registrations are slightly down but it is too soon to make any reliable predictions, since our major mailing only reaches registrants in January. I would expect, however, that given the weakened economy, it would be unlikely for InfoSec World’s registrations to be above those of last year. Because of our loyal following both from alumnae and exhibitors (who value the event’s high-quality leads) we believe InfoSec World will be in a relatively strong position.

There are quite a few security conferences in the US. What do you see as your strengths? How are you building on these advantages?
The intent of the conference has always been to offer a vibrant mix of strategic and technical sessions that reflect the latest developments in information security. It is one of the few conferences that gives equal weight to both management concerns and technical challenges, evident in the wide spread of topics in the eleven tracks, three summits and 15 workshops. We are building on this strength by offering a SANS track for those who want to immerse themselves in highly technical content, and by offering several hands-on workshops, mentioned above. For the managers in our audience, this conference has a new GRC summit held after the conference, which will complement the CISO summit held the day before the conference begins. We also have a strategy and management track and legal track. Unlike many of our competitors, this conference showcases practitioners and what they are doing to make their organizations secure. Other security conferences rely on vendors and consultants for speakers. We have carefully picked pioneer practitioners – from companies as varied as Coca-Cola, Mayo Clinic and eBay – to describe their own experiences and lessons learned implementing security measures.