The Houston Hacker Tour Houston March 3-4, 1998 Okay, you convinced your organization to embrace an open systems environment. You assured everyone that you and your colleagues were on top of thesecurity angle and you've make great strides. So why are you still nervous? Because paranoia and vigilance are the heart and soul of corporate security. And, whether you're a CIO or a security analyst, whether you manage your organization's entire security strategy or a small piece of it, you know the threats. You know there are countless points of vulnerability. You know a breach at any one of those points could be crippling. You know "100% secure" is a myth. Unfortunately, they know too - the people lurking outside your firewall, the people tapping into your phone lines, the people diving into your dumpsters. They're patient. They're persistent. And they'll find a way in if you let your guard down. You know you can't eliminate vulnerability, but you can reduce it. The question is, how? Find the answers at this interactive two-day session where Cambridge Technology Partners will introduce you to the enemy, their methodologies, and the steps you can take to protect your enterprise. What IS IT? Cambridge Technology Partners is pleased to present the New Hack Tour, a two-day "get-smart" session where you can go head-to-head with leading security analysts, security practitioners, and yes, hackers. Together, you'll explore liability issues and organizational behaviors, learn underground tools of the hacker trade, and discuss attack strategies and detection/protection methodologies. WHO SHOULD ATTEND? Security touches everyone in your organization - from the ground floor of ITto the executive suite. Cambridge recognizes this. The New Hack Tour is uniquely designed for diverse audiences - from technical engineers and system architects to CIOs. In fact, the tour features two tracks, one for the people battling in the network trenches and one for the people who own overall security strategy and are battling to improve it. HOW DOES IT WORK? During the session, participants from across the corporate landscape will: * Day One: Address - in one of two tracks - the micro- or macro-level security issues that directly impact their organizations and their careers. * Day Two: Collaborate with hackers in one comprehensive track to build new and more effective models of corporate security. Day One AGENDA Track One * Setting the Scene * Why is Security Important? * Who are the Players (Hackers, Crackers, and Phone Phreaks)? * Is Security Futile? * What's at Stake? Addressing Liability * Case Study: Anatomy of an Internet Crime * Identify and Discuss Your Security Nightmares * Case Study: Anatomy of a Corporate Security Plan Day ONE AGENDA Track Two * Setting the Scene * Why is Security Important? * Who are the Players (Hackers, Crackers, and Phone Phreaks)? * Is Security Futile? * Identifying the Holes: A Primer on TCP/IP and O/S Internals * Underground Tools * Attack Strategies * Detection and Protection Day two AGENDA Tracks One & Two Meet the Enemy Panel Enemy Perspective: The State of Corporate Insecurity Point and Counterpoint: Participant Driven Q&A with the Enemy Panel Silicon-Based Security Solutions: Architectures, Technologies, and Tools Carbon-Based Security Solutions: Organizational Structures and Behaviors PROGRAM FEES & REGISTRATION Program fees are $995 covering registration, program materials, continental breakfasts, breaks, and lunches. For more information or to register, contact: Billy Brittingham Cambridge Technology Partners 304 Vassar Street Cambridge, MA 02139 617-374-8580 wbritt@ctp.com ABOUT CAMBRIDGE TECHNOLOGY PARTNERS Cambridge Technology Partners is an international management consulting and systems integration firm. Our unique approach has fundamentally reinvented the way business solutions are delivered. We combine strategic consulting, IT strategy, process innovation and implementation, custom and package software deployment, network services, and training to rapidly deliver end-to-end business systems that create immediate bottom-line impact for our clients. We do it fast. We do it for a fixed price. And we do it on time. TIMED AGENDA - HOUSTON Tuesday, March 3 9:00 - 9:15 Welcome & Introductory Remarks Mike Hunziker, Cambridge Technology Partners 9:15 - 10:30 Opening Level-Set * Why is Security Important? * Who are the players (i.e. hackers, crackers, phone phreaks)? * Is Security Futile? Yobie Benjamin, Cambridge Technology Partners 10:30 - 10:45 Break Track One 11:00 - 12:00 What's At Stake? Liability And Legal Issues Addressed James Asperger, Esq. and Christine C. Ewell, Esq., O'Melveny and Myers 12:00 - 1:00 Lunch 1:00 - 2:00 Case Study: Anatomy of an Internet Crime TBD Agent, F.B.I. 2:00 - 2:45 Case Study: Internet Security and the Banking Industry Anita Ward, Senior Vice President, TCB/Chase Manhattan 2:45 - 3:00 Break 3:00 - 3:45 Breakout Exercise - Top Ten Security Nightmares 3:45 - 4:15 Report Backs & Discussion 4:15 - 5:00 Case Study: VISA International Bobby Colquitt, Vice President, VISA International 5:00 Adjourn Track Two 10:45 - 12:15 Identifying the Holes: A Brief Primer on TCP/IP and O/S Internals Peter Shipley, Network Security Associates 12:15 - 1:15 Lunch 1:15 - 2:45 Underground Tools and the Attack Marc Fabro, Secure Computing 2:45 - 3:00 Break 3:00 - 5:00 Detection and Protection Bob Keyes, Cambridge Technology Partners Peter Shipley, Network Security Associates 5:00 Adjourn Wednesday, March 4 9:00 - 9:30 Meet the Enemy Panel Wyatt Earp, B$tring, Yobie Benjamin, Peter Shipley, Dr. Who 9:30 - 10:30 Enemy Perspectives: The State of Corporate [In]Security Wyatt Earp, B$tring, Dr. Who, Benjamin, Shipley 10:30 - 10:45 Break 10:45 - 12:00 Point & Counterpoint: Participant Driven Q&A With Enemy Panel Wyatt Earp, B$tring, Benjamin, Dr. Who, Shipley 12:00 - 1:00 Lunch 1:00 - 2:30 Silicon-Based Security Solutions: Architectures, Technologies & Tools - Marc Fabro, Secure Computing 2:30 - 2:45 Break 2:45 - 3:45 Carbon-Based Solutions: Organizational Behavior and Structure Phillip Parker, Former Director for Counter-Intelligence, FBI 3:45 - 4:15 Closing Thoughts Mike Hunziker, Cambridge Technology Partners