|
||||
T1. Legal issues involved in creating security compliance plans T2. From Microblogging to a Zero Costs e-Prescribing System: Building a Social e-Prescribing System Using Open Source Technologies T3. Digital Investigations and Forensic Analysis - Practices and Technologies
DETAILS
T1. Legal issues involved in creating security compliance plans The world doesn’t need another compliance plan that sits on a shelf. Security is too important an issue for a company to spend time designing a plan that gathers dust. The best way to create a compliance plan is to leverage a company’s experts: their colleagues. Companies do this by giving them the legal and regulatory tools they need to create a plan that they can own. In this intensive three hour workshop, you will learn how to view security through the lens of a lawyer, or, more importantly, a regulatory enforcement official. After a briefing on those laws and regulations currently impacting technology security, you will learn why these regulations were enacted in the first place. This understanding will provide an understanding of how to create compliance plans that anticipate changes in regulations and the application of the regulations to individual businesses. We will then create a matrix that prioritizes those issues, and the laws that may relate to them. Finally, we will discuss drafting strategies companies can use to turn the dry topic of legal compliance into a policy that their team will remember and refer to. This workshop will cover:
T2. From Microblogging to a Zero Costs e-Prescribing System: Building a Social e-Prescribing System Using Open Source Technologies In this tutorial I would like starting from the Twitter stream and updating status developing the idea of building an e-prescribing system using microblogging technologies.
T3. Digital Investigations and Forensic Analysis - Practices and Technologies Digital forensics analysis is usually seen as a specialised domain of information and communication technologies (ICT) that is employed when a serious crime involving ICT is committed. It is by and large seen as a responsibility of the computer crime units of law enforcement agencies to conduct examinations of the ICT resources used in a crime. Likewise, until a few decades ago, computer and network security had a perception of defence utility for military establishments. But now computer and network security has become a commodity of every corporate system and home PC. Today's businesses are feeling the need of efficient monitoring mechanisms to protect them from emerging commercial threats such as competitor analysis and steganalysis. The staff members of an enterprise ICT teams are therefore required to acquire the digital forensics analysis skills and the corresponding investigation tools. This trend is experiencing a significant shift in the recent years as the commercial interests of corporate sector increasingly require the post-incident analysis capabilities to ensure business continuity. This tutorial will provide an insight into the technical, legal and societal aspects of digital investigations and forensic analysis. The tutorial will provide a set of best practices for carrying out forensics analysis of different kinds of devices and systems. The tutorial will highlight the role of digital forensics in enterprise information architecture. It will present a framework for embedding digital forensics analysis techniques at various stages of corporate ICT lifecycle. The tutorial will provide pragmatic analysis of the perception of privacy in the cyber realm especially related to personal data and its analysis by third parties. The tutorial will also provide an overview of the emerging challenges in this field mainly due to the virtualisation and decentralisation of computing and networking infrastructures across geopolitical borders. |
||||
Copyright (c) 2006-2012, IARIA