IT Security Mobilization Units - A Case from the Field (Part I)

Start Date: Sep 14, 2010 - Start Time: 5:30 PM
End Date: Sep 14, 2010 - End Time: 7:40 PM

Description:

HTCIA Ottawa Presents

The 3rd Annual Fall Case Study

*IT Security Mobilization Units - A Case from the Field*

The Situation

You are the head of IT Security for a security company that provides close protection services in unstable regions. You are currently working with a team in a City, outside of Canada. Your team is protecting a VIP who has received multiple death threats from various violent groups. Company personnel in country are all thoroughly vetted employees, and are under orders to maintain personal control of their equipment (including Blackberry and/or laptop) at all times.

The City has recently gone through a violent and bloody civil war. The current government was elected three years ago in a bitterly disputed election. The rebel faction still maintains a strong support base. The rebels have vowed to overthrow the current government and restore their order by any means, including extreme violence.

The Problem

Within the past several hours, various security incidents have occurred in the City, and near your location. Five minutes ago, you and the Commander received an alarm that someone has tried to access the company network, using a duress password assigned to a lead team member in the City.

The Case Study

The Commander needs to make a decision – “Stay-and-Play versus Grab-and-Go”. He urgently needs answers.

Join the Ottawa HTCIA Chapter and out moderator John Clayton in this three part Case Study, presented in phases, as we explore the investigative steps and outcomes - Phase I September 14, Phase II October 12, Phase III November 9, 2010.

Participants will act as investigators during these interactive, facilitator-led sessions. No need to prepare in advance, all necessary information will be provided at the sessions. Attendees just need to bring their imagination and wit.

Note: This case study is for illustrative purposes, and is fictitious in nature.

~ Focusing on Live Forensics, Real-Time Investigations, Rapid CIRT, and Live Intelligence ~

Agenda

5:30-6:15 PM On-site Registration, Networking and Cash Bar
6:15-6:20 PM Introduction of Speaker
6:20-7:20 PM Presentation
7:20-7:35 PM Question Period
7:35-7:40 PM Closing remarks

*First Name:

*Last Name:

*Email:

Phone:

Address:

City:

Province (or State):
---------- Alberta British Columbia Manitoba New Brunswick Newfoundland and Labrador Nova Scotia Northwest Territories Nunavit Ontario Prince Edward Island Quebec Saskatchewan Yukon Alabama Alaska Arizona Arkansas California Colorado Connecticut Delaware Dist of Columbia Florida Georgia Hawaii Idaho Illinois Indiana Iowa Kansas Kentucky Louisiana Maine Maryland Massachusetts Michigan Minnesota Mississippi Missouri Montana Nebraska Nevada New Hampshire New Jersey New Mexico New York North Carolina North Dakota Ohio Oklahoma Oregon Pennsylvania Rhode Island South Carolina South Dakota Tennessee Texas Utah Vermont Virginia Washington West Virginia Wisconsin Wyoming

Postal Code (or Zip):

* denotes required field

Additional attendees? None 1 2 3 4 5