Information Security Specialist Group
To be held on Thursday 16th September 2010 at IBM Bedfont Lakes, Feltham.
Securing access to information is important to any business. Security becomes even more critical for implementations structured according to Service-Oriented Architecture (SOA) principles, due to the inherent looser coupling of services and applications, and their possible operations across trust boundaries. To enable a business so that its processes and applications are flexible, you must start by expecting changes – both to process and application logic, as well as to the security policies associated with them. Merely securing the perimeter is not sufficient for today’s flexible on demand businesses.
IBM is a world leader in innovation, collaboration, and global integration. IBM products lead the way in securing SOA services – both internally and within the Cloud. This event provides a unique opportunity to learn from IBM’s experts in this specialist and rapidly developing field. This free event hosted by IBM will include the Group's Annual General Meeting.
Registration details are available below.
| 0900 – 0920 | Registration and networking opportunity. |
| 0920 – 0930 | Welcome and Introduction |
| Himanshu Wickramasinghe – IBM. | |
| 0930 – 1000 | IBM Security. |
| Brendan Byrne – IBM. | |
| IBM is not only a provider of software, services and hardware that support its customers to deliver a strong security posture, it also carries out fundamental research into a wide range of security issues. In addition IBM is itself a major global corporate with a strong security policy framework, governance structure and technology infrastructure underpinning its business goals. Like our customers we have to comply with a wide range of regulations and industry best practices including Data Protection Laws, SoX and PCI whilst operating as an efficient and agile business. This is further complicated by the need to manage, deliver and report on secure services for those customers whose technology and business process we run on an outsourced basis. During this presentation we will seek to cover IBM’s commitment to security and how it benefits customers, partners and the IBM corporate goals. | |
| 1000 – 1030 | Introduction to SOA Concepts. |
| Bruce Anderson – IBM. | |
| This session will explain SOA from three perspectives; • Organisation – What changes are needed, how are things different? • Architecture – What’s the big picture of the SOA world? • Technology – What makes it work now? It will then consider the value of SOA from the point of view of several communities; • Business leaders – How does it help my business? • End users – What difference does it make to me? • Suppliers – How can we make money? Finally it will indicate some of the key success factors for SOA adoption and use. |
|
| 1030 – 1100 | Break – Coffee/Tea. |
| 1100 – 1145 | SOA Security Concerns. |
| Ian Robertson – IBM | |
| In this session we will look at the security issues that SOA introduces, what are the new challenges? We will examine a number of approaches to address them, considering for instance the design and interoperability challenges involved, reinforcing this with example cases. | |
| 1145 – 1230 | Addressing SOA Security Concerns. |
| Martin Borrett – IBM. | |
| In this session we will take a number of the issues and concerns discussed in "SOA Security Concerns" and start to show how they can be addressed. Looking particularly at which have been addressed by organisations today and which remain a challenge. We will look at where technology solutions have emerged based on standards again using case studies to support this. | |
| 1230 – 1330 | Lunch and networking opportunity. |
| A buffet lunch will be served. A vegetarian option will be available. | |
| 1330 – 1400 | SOA Security in Action (Application in Projects). |
| IBM speaker to be confirmed. | |
| 1400 – 1440 | Cloud Security. |
| Marin Borrett – IBM. | |
| The Cloud is a much discussed and hyped topic. In this session we will aim to identify some of the new security challenges that it introduces and raise awareness of them. We will share IBM's perspective on these issues, our point of view, and the steps we are taking to address these challenges with our clients. | |
| 1440 – 1515 | Maintaining Security Governance in the Cloud. |
| Tom Mellor – IBM. | |
| Cloud computing offers the prospect of delivering IT capacity that dynamically flexes to meet changing business requirements. However, this flexibility and cost-effectiveness comes at a price. There is a substantial risk that Personal Information will leak out of the business, and the lack of transparency of the provider's security processes make it essential that the business’s security governance processes are adapted to reflect these new risks. | |
| 1515 – 1545 | Open Discussion – "Moving Security Forward". |
| An open discussion led by Himanshu Wickramasinghe of IBM that considers the current position of information systems security and its direction in light of new and emergent technologies, concepts and architectures. | |
| 1545 – 1610 | Break – Tea/Coffee. |
| 1610 – 1620 | Shared Systems Infrastructure Security. |
| Himanshu Wickramasinghe – IBM. | |
| A brief view at shared infrastructure security (service separation) in the context of contemporary system architectures. To be confirmed. | |
| Followed by Closing Remarks from Himanshu Wickramasinghe on the IBM portion of the day. | |
| 1620 – 1705 | ISSG Annual General Meeting. |
| This portion of the meeting is restricted to ISSG members only. All ISSG members may attend, even if not attending the remainder of today's event. The AGM Agenda and associated papers will be distributed to all members at least 14 days before the meeting. |
The above is the provisional programme for the event and may be subject to change. Prospective delegates should check this web page for any changes. These will also be notified to delegates via the joining instructions or on the day.
This will be a free event. It is only available to ISSG members.
You can register for this event in two ways.
First, you can register instantly for this event using the BCS on-line event registration system.
To use this facility, please visit the BCS Events Registration Page. When you get to the list of all BCS events, scroll down to the ISSG Event on 16th September 2010, and click on the link.
Alternatively, you can register by post. To do this, please download and print out the registration form, and send it to the address shown on the form.
If you wish to register less than 7 working days before the event, please first contact BCS Specialist Groups Administration on 01793 417416, to express your interest and confirm that space is still available. For this event, no registrations can be accepted after 14.00 on Friday, 10th September 2010 in any event.
If you absolutely cannot register in either of these ways, please contact BCS Specialist Groups Administration on 01793 417416 for assistance. In all circumstances, you must register before attending.
In view of the likely demand for this event, delegates who register but subsequently find that they are unable to attend are requested to notify BCS Specialist Groups Administration on 01793 417416 as soon as possible.
If you have not heard from us within two weeks of submitting your application by either method, please contact BCS Specialist Groups Administration on the telephone number given above.
Membership of the ISSG is open to all BCS members regardless of membership grade. To register for ISSG membership, BCS members should log into the BCS members area on the BCS Web Site and add the ISSG to their specialist group membership details.
Those who are not BCS members may attend chargeable seminars for one year at a higher fee but will be requested to join the BCS after a year.
Data Protection Act 1998: IBM, the BCS and the ISSG operate strictly within the rules of this legislation and personal data relating to all delegates will only be disclosed according to law. Delegates should note that their essential personal data will be shared between authorised staff in the BCS and the ISSG and may also be shared with authorised staff at the seminar venue for the purposes of event administration and security.