|
Westport, CT, November 23, 2010 —
The Fairfield County InfoSec Group met on November 11 in Westport, Connecticut, to hear David Sherry, Chief Information Security Officer for Brown University, speak on "This Isn't Your Mother's Internet: Mitigating Web 2.0 Threats."
In his talk, Sherry described the Web 2.0 revolution, and how it is (or will soon be) a fact of life in the enterprise. He discussed the many positive aspects of 2.0, while also bringing to light the potential for the disclosure of confidential corporate information, and the compromise of security postures. Web 2.0 is something to be embraced, he argued, but not without consideration of the risks and how to mitigate them. He advocated taking a holistic approach to mitigating 2.0 threats, with a goal of raising awareness on industry standards, best practices, and interoperability, as well as strategies for developing, implementing and enforcing a tight policy for using these technologies.
The Fairfield County InfoSec Group was formed earlier this year because there was no information security group that met regularly in the Fairfield area, which includes Fairfield, Stamford, Norwalk, Greenwich, Danbury, Shelton, and even parts of northern Westchester County. Many companies in the area have IT security and risk/audit practitioners, but they would have to travel to Hartford or New York City for InfoSec networking opportunities or meetings of groups such as the Information Systems Security Association (ISSA) or the Open Web Application Security Project (OWASP).
One of the attendees at the latest meeting of the group was Otto Goencz, Manager, Security Technology for EmblemHealth, based in New York City. He said, "The bidirectional nature of Web 2.0 blurs organizational borders, without much regard to traditional data confidentiality and integrity. This reality can present real challenges, especially when the organization is required to comply with various regulatory requirements, such as HIPAA or SOX. David Sherry's excellent presentation made it clear that Web 2.0 is here to stay, and we'd better get ready before Web 3.0 hits the Internet."
The presenter, David Sherry, said, "I was pleased to represent Brown University at this gathering of security practitioners, and to share my personal view and experience with addressing Web 2.0 security concerns. Knowledge sharing is absolutely key in the security space, and it's never better than during an interactive and passionate meeting of security pros."
NetSPI is a privately held information-security consulting company founded in 2001. By using its consulting team's deep security knowledge and its CorrelatedVM vulnerability management & reporting solution, the company is a trusted advisor to large enterprises. NetSPI provides a range of assessment and advisory services designed to analyze and mitigate risks and ensure compliance with relevant regulations and industry standards. Clients include large financial services firms, retailers, healthcare organizations and technology companies.
More information is available at www.netspi.com.
|
