Click on hyperlink below for presentation

Sunday, March 18

Pre-Conference Workshops Morning Sessions

Practical Web Application Security and OWASP Top 10 implementation on Microsoft Platform

Presenters: Tin Zaw, CISSP, CSSLP (Bio)

Chapter Leader and President, OWASP Los Angeles Chapter Member, OWASP Global Chapter Committee

Adnan Masood, MCPD, MCSD .NET, and SCJP-II, Association of Computing Machinery (Bio)

This session is a hands-on introduction to the web application security threats using the OWASP top 10 list of potential security flaws. The OWASP Top Ten provides a powerful awareness list for web application security and represents a broad consensus about what the most critical web application security flaws are.

Focusing on Microsoft platform with examples in ASP.NET and ASP.NET MVC, we will go over some of the common exploits and techniques for writing secure code in the light of OWASP top 10. In this code centric talk, we will discuss built in security features ofASP.NET and MVC such as cross site request forgery token and secure cookies and how to leverage them to write secure code. The OWASP Top 10 Web Application Security Risks for 2010 which will be covered in this presentation include Injection flaws, Cross-Site Scripting (XSS), Broken Authentication and Session Management, Insecure Direct Object References, Cross-Site Request Forgery (CSRF),Security Misconfiguration, Insecure Cryptographic Storage, Failure to Restrict URL Access, Insufficient Transport Layer Protection and Unvalidated Redirects and Forwards.

Pre-Conference Workshops - Afternoon Sessions

Securing Your Private Cloud with Microsoft System Center 2012

Presenter: Christopher Urban, Mircrosoft Corporation  (Bio)

Learn how you can leverage various technologies in the Microsoft System Center 2012 suite to secure your private cloud. This session includes security topics on virtualization, identity, incident management, endpoint protection, reporting, and imaging to allow your organization to enter the future of computing while utilizing best security practices.

Dinner and Keynote
“The 4th Decade of the IT Revolution”
Kenneth C. Green, Ph.D., Founding Director , The Campus Computing Project

Late Night Hospitality

Opening Welcome and Plenary

Dr. Albert Karnig, President, California State University, San Bernardino

Concurrent Session I

• To BYOD or Not to BYOD, Is that Really a Question?
• Virtualization as an Educational Tool
• Help! The Mobile Device Invasion Is Here!
• Legal / Regulatory
• Chancellor's Offic Technology Award Winners

• End-To-End Virtualization

Concurrent Session II

• Cloudy With A Chance Of Hack
• Tablets & Cyber-Risk - Issues for Consideration

• Sherpa: Increasing Student Success With a Recommendation Engine

• eDiscovery and Records Retention
• CISOA Sponsored Training
• Open CCC and CCC Apply

Lunch and Keynote

"It Takes the Village to Secure the Village"

Stan Stahl, Ph.D., President, Information Systems Security Association (ISSA), Los Angeles Chapter

• Managing the Risk of Information Access

• What to expect after an incident notification? Or How to handle angry callers and threats of law suit!
• Cyber Governance and Cybersecurity

• Accreditation: How Should IT Participate and Prepare?
• Obtaining Payment Card Industry Certification (PCI DSS)
• Contracting  In a Technology World: How to Protect Your District

Concurrent Session IV

• Dealing With Data Motility – What To Do When Your Data Decides to ‘Leave’
• IT Security Governance: The SBCCD Planning Approach
• MIS: What's New and What's Not So New!

• Risk Factors To ERP Implementations
• Secure Single Sign On and Attribute Sharing with CAS and Shibboleth in Portal/ERP Systems

Dinner and Entertainment

Stand-Up Comedian

Don Friesen is a relatively "clean" performer who uses self-deprecating humor to lampoon his life as a suburban husband and father. His act consists of satirical scenes that spoof his daily interactions with his wife, kids, tech support, creditors, and airline pilots, mixed in with impressions, improvisation and audience interaction.

Concurrent Session V

• Compliance and Self-Encrypting Drives

• CyberWatch West

• CENIC Update: From the Network to the Cloud
• Making It Happen: TIPS and TRICKS from the Field
• Integrating Google Apps into an ERP/Portal Environment

Concurrent Session VI

• VDI - The Road to the Future of Desktop Management

• IBM X-Force 2011 Threat Landscape Overview

• Statewide Initiatives Status Update
• Web Based Self Service College Information Portal
• Mobile Applications: Meeting Students and Staff Where They Are

Hot Issues Update Session

Spotlight Session VII - Panel Discussion

Participation of Higher Education Institutions in National Cybersecurity Initiatives: Challenges and Opportunities