Skip to main content

Secondary navigation:

2015 Agenda

 8:30   Doors Open, Continental Breakfast, Registration

 9:00   Introduction & Welcome, David Escalante & Michael Bourque, Boston College

 9:15  Docker Container Security – What is it good for (and not good for)?

Jeff Schiller, MIT

2014 was the year of Docker. This lightweight container technology was all the rage. In reality, Docker is new packaging for some very old (and in some cases tried and true) technology, combined into a very compelling application.  This talk will briefly discuss what Docker is and how it works, leading into a discussion of its security properties and where it fits in our toolbox of security techniques.

10:00   Coffee Break

10:15 Advanced Threats and Threat Identification

Brian Lowy, AT&T

Advanced threats are here for good, and the tools & techniques necessary to find APTs are already available to you. How flow, meta and log data can be used to find malicious activity within your network.

11:00   Identity and Access Management (IAM)

Ian Poynter,  Information Security Manager, The Broad Institute

Brian Bernier, Architecture & Integration, Boston College

Jeff Schiller, MIT

Panelists speak about their IAM strategies and plans. 

11:45   Vulnerability Management

Patrick Cain, Cooper Cain Group, Moderator

Harry Hoffman, MIT

Jamie John, Boston College

Dan Modini, Tufts

System vulnerability identification and management is a requirement in many environments. The panelists will discuss how they use the Nessus security scanner for vulnerability management, its good points, things that are challenging, and their (fluid) plans for the future.

 12:30   Lunch

 1:30     Information Security Awareness at Harvard
Christian Hamer, Harvard

As cyber criminals continue to steal data and capture headlines, its easy for people to feel helpless. Though the risks will always exist, there are certain common sense measures people can take to protect themselves. Behavior changes are an important part of any public safety campaign- from encouraging hand washing to discouraging texting while driving. Cyber safety will be no different. Join us to discuss the key behaviors, how we will promote them, and how we will measure success.

2:15    Mitigating DDoS Attacks

Harry Hoffman, David LaPorte, MIT

Your organization is in the cross-hairs, your organization is off-line - - the DDoS deluge has begun…what do you do next?  The speakers discuss real-world experiences and mitigation strategies.

3:00   Break

 3:15  Breach Insurance

Susan E. Fletcher, Director, Enterprise Risk Management, The Boston Consortium

Understanding your Breach Insurance is a key component to managing a data breach at your school.  This presentation will help familiarize you with the types of insurance available and how the insurance carrier will respond to a breach..

4:00   VPNs in Higher Ed -- How Many is too Many?

BC Security Staff

An truly open campus requires no VPN at all, but given a more closed campus and various access needs, a single VPN might not be enough, either. How many VPNs are reasonable? We will talk about BC's choices and current VPN setup in hope of provoking broader discussion.