The theme of the British Computer Society Information Security Specialist Group (BCS-ISSG) annual conference is: the cost of reputations on-line.
The theme of the British Computer Society Information Security Specialist Group (BCS-ISSG) annual conference is the cost of failing to implement adequate security measures to protect enterprises from inherent vulnerability. Noel Bonczoszek, chairman of BCS-ISSG will open the March 20-21 event, at the Milton Hill Conference Centre, Abingdon. Speakers include Peter Wood, of First Base Technologies, with an analysis of the potential damage to the reputation of an organisation in the eyes of its customers if it fails to pay due regard to information security. How can an organisation see the loss in tangible form? Quantifying the cost is the question for Piers Wilson of Insight Consulting, in two case studies. The first afternoon is largely devoted to legal issues. While technology failure will cost an organisation in terms of its ability to compete in the market, failure to comply with legal and regulatory requirements can lead to claims for damages and prosecution, the BCS-ISSG says. One example is failure to comply with data protection provisions. The in-coming Information Commissioner has made clear that a robust approach will now be adopted towards enforcement, and Jonathan Bamford from the Office of the Information Commissioner will outline the issues. Charlotte Walker-Osborn, solicitor, will follow. The day ends with a forum.
Day two
On day two a keynote speech from Rupert Kendrick, solicitor, will suggest a framework that each organisation should have in place for assessing and managing the risks from the internet. Mike Nash, Director of Gamma Secure Systems and a member of the British and International Standards Committees responsible for ISO/IEC 17799, will discuss the latest developments in international adoption of BS 7799, technical changes to the standard and developments in 7799 certification. Alan Woodroffe of Secure Systems Support considers network traffic analysis.ÿ Linked to this is the question of ensuring adequate technology is in place to control access to systems and networks. Mark Osborn, of auditors KPMG, will consider the operational implications of deploying intruder detection systems and, equally important, how to deal with incidents of unwanted intrusion. Steve Cottle, Head of Information Management at STASYS, discusses system interoperability. The day ends with a Conference Review from ISSG President, Phil Phillips.
Computer forensics
Meanwhile on May 21 the BCS-ISSG and Southampton City Council are holding a Computer Forensics Seminar at the Novotel Hotel, Southampton. The event will cover the requirements for the production of computer evidence at any hearing or court; tools for conducting forensic examinations; and some of the problems. Visit www.bcs-issg.org.uk