|Ralph Echemendia is a world-renowned Instructor, Ethical Hacker and Security Expert,
who has appeared on KTLA, CNN, FOX News and Animal Planet, as well as in the pages of USA
Today and Forbes magazine to name a few. He has been involved in the research and
development of internationally recognized courseware and certifications as well as several key
security technologies currently powering some of the most powerful e-commerce sites on the
Internet. He has also developed a two day Applied Hacking and Social Engineering with Kevin
Mitnick and collaborates on many different areas of information security with other well know
Echemendia is described as a security samurai whose experience began at the age of 14 with ham radio, phone phreaking and the old bulletin board systems. His interest in technology eventually led to jobs in the computer industry. For over 14 years, he has conducted security audits and penetration tests, and consulted for numerous organizations around the world, including the United Nations, Oracle, and various hospitals and financial institutions.
In early 2007 Mr. Echemendia joined Terremark Worldwide (NASDAQ:TRMK) Security Information Services Group and previously founded Execsecure and the Hacker academy. Prior to that he acted as Information Security Product Line Manager for Intense School he authored the official EC-Council ECSA certification materials and acted as Lead Instructor and Information Security Consultant and researcher on a number of projects, prior to this Ralph founded and was Co-CEO of ReDvolution Technologies, LLC., a security consulting and education provider based in South Florida with clients throughout the US and Latin America. Ralph was also a principal partner and Director of Security and professional services for Coral Reef Techknowledge. He also held the position of Director of Web Operations for Yupi Internet (now MSN Latin America) and was responsible for creating and implementing systems to report risk, availability, downtime, response time and network health. He also designed a layered security architecture, which in conjunction with existing load balancing / high availability systems resulted in increased security while not degrading performance. Prior to joining YupiMSN, Ralph was the Chief Information Officer for StarTravel.com, where he engineered, managed and implemented a secure high availability (HA) data communications infrastructure at Internet co-location facilities located in Miami, FL and San Diego, CA. In addition, he gathered information, researched and performed exhaustive assessments on a number of transit and access providers around the world to complete the design of a network optimized for US and Latin American connectivity.
Mr. Echemendia was also responsible for network and systems implementation at Oracle Latin America and served as the Operations Engineer/Senior Systems Administrator for VisualCom, Inc. where he was responsible for the complex system development, technical life cycle and management of the United Nations Missions Secure Web project. He was once also a Security Specialist and Systems Programmer for McKessonHBOC.
Mr. Echemendia is a member of the ISSA, he holds EC Council’s Certified Ethical Hacker, Certified Security Analyst certifications and also the OSSTMM Professional Security Tester certification by the Institute for Security and Open Methodologies.
Ralph has been providing professional services for several years and has written and delivered training on “Hacking” and other information security topics to the US Marines Corp., Army, Navy, SPAWAR, Bristol Meyer Squibb, Google, AMEX, Boeing, Intel, Microsoft, Google, Symantec and IBM to name a few.
Presentation Topic: TBD
|As Chief Strategy Officer, Alan Shimel is responsible for guiding StillSecure® on its mission to bring innovative and effective networking and security solutions to the marketplace.
Mr. Shimel has become an often-cited personality in the security community. Through his blog and weekly podcast, his commentary on the state of security and the marketplace is closely followed within the industry. Additionally, Mr. Shimel is active in the open source community, serving as a director of the Open Source Snort Rules Consortium (OSSRC) and founding the OS2A. He is a sought-after speaker at industry conferences and events.
Prior to co-founding StillSecure, Mr. Shimel has had a wide range of business experiences. He was most recently SVP of Sales and Business Development of Cachier® a manufacturer of network acceleration appliances. Prior to that, he was VP of Business Development at Interliant® where in a little more than 3 years he was instrumental in forging relationships and strategic partnerships with such industry players as, Dell Computer®; Verisign®; Microsoft®; IBM®; Cisco®; and EMC®. He was also a key team member when Interliant acquired 27 companies and completed a successful IPO. A pioneer in the Internet industry, Shimel was one of the founders of Tri Star Web®, a NYC-based, early entry in Web hosting that was acquired by Sage Networks®, which later became Interliant.
Mr. Shimel is a graduate of St. Johns University with a Bachelor of Arts in Government and Politics, and holds a JD degree from NY Law School.
Presentation Topic: Compliance for Compliance’s Sake: How Regulatory Compliance gives us a False Sense of Security
Does being compliant with regulations such as PCI and implementing best practices like SAS-70 make you secure? The simple answer is not necessarily. Although regulations and best practices were meant to enforce minimum security requirements, passing an audit doesn’t mean that you’ll never get hacked (as we’ve seen with recent high-profile breaches such as Heartland Payment Systems).
Even though the threat of a breach remains, most companies remain laser focused on the "checkbox". Whether companies decide to implement security in-house or outsource it to an MSSP (managed security services provider), most will probably never move beyond implementing minimal network security requirements to meet compliance.
In his presentation, Alan Shimel, Chief Strategy Officer at StillSecure, will cover the following topics:
|Virtualization expert Edward L. Haletky is the author of VMware Virtual Infrastructure Security: Securing ESX and the Virtual Environment, Peason Education (2009) and VMWare ESX Server in the Enterprise: Planning and Securing Virtualization Servers, Pearson Education (2008). Edward owns AstroArch Consulting, Inc., providing virtualization, security, network consulting and development. Haletky is also a 2009 VMware vExpert, Guru and moderator for the VMware Communities Forum, providing answers to security and configuration questions. Haletky is also a moderator for and participant in Virtualization Security Round Table Podcast.
Presentation Topic: Measuring Hypervisor Footprints: Assessing Risk to the Environment
Assessing, securing and hardening the Hypervisor is difficult at best, since the hypervisor is hidden from view. We will discuss what can be secured with the hypervisor, what should be audited, and how the entire virtual environment impacts the security of the hypervisor.
Pete Nicoletti, VP of Security Engineering, Secure Information Services, Terremark
|Pete has 24 years of experience in the Marketing, Sales, Development and Implementation of all type of Information Technologies. He is internationally regarded as a wireless pioneer having built the world’s first commercially viable Wireless ISP with over 500 antenna locations. He implemented the largest VoIP based call center in the US with 1500 sites and 5000 remote agents as the CTO of a large travel company. Pete is the co-author of 6 Process Patents focused in the area of Skill Based routing and Computer Telephony Integration. Formally he was the CSO/CTO of one of the most successful SMB Focused Managed Security Service Company’s and managed the security for hundreds of clients.
His notable awards include: Steve Balmer presenting him the "Microsoft Industry Solutions" Award at Comdex 2000 for the most innovative and advanced implementation of Microsoft applications, and recently the South Florida Business Journal’s “Best New Technology” Award for Protect Point’s Managed Security Service. He has owned several Computer Networking Consulting Companies and was the largest installer of Citrix and 3Com Equipment Worldwide 2 years running. He is currently the Vice President of the South Florida Information Systems Security Administrators after three years as President, VP on the Board of Directors of the FBI Infragard, a member of ISACA, Internet Coast, Honeynet Alliance, Computer Security Institute, IEEE, Secret Service Miami Electronic Crimes Task Force, EFF, Union of Concerned Scientists, and the Anti-phishing Working Group.
Pete is a Certified Information Systems Security Professional, a Certified Information Systems Analyst, Checkpoint Certified Systems Engineer and a Fortigate Certified Network Security Professional. Pete graduated from the University of Tennessee with a BS in Finance. Pete has been cited in over 50 IT magazines, is a distinguished guest lecturer for the Nova Master’s and Doctorate IT Security Program and frequently lectures on current IT security issues, DR/BC and Information Security topics. Pete recently completed a chapter on Content Filtering for the book: "Computer and information Security."
Presentation Topic: TBD
Robert Stroud, CGEIT
|Robert is international vice president of ISACA and vice president of service management and governance for the Service Management business unit at CA, helping to ensure that the company’s solutions adhere to best practices in service management and governance. A 27-year IT veteran, Stroud is a recognized industry speaker and leader. Stroud serves on the international itSMF board of directors. He has authored several major titles on ITIL and COBIT and was involved in the development of ITIL V3. He is a mentor, reviewer and part of the ITIL Advisory Group.
Presentation Topic: Governance, COBIT and the Cloud - A match made in the sky!
As IT professionals we are all aware of the total dependence of the Business on IT but with the challenges of the economic downturn we have all been looking to more efficient options to deliver service to our consumers. With the requirements to predict demand, balance scarce resources, deliver the correct level of service at the correct time whilst balancing emerging technological advances in virtualization, SaaS and Cloud computing, the proliferation of network connected devices and the ever increasing rate of IT enabled business change. Robert Stroud, ISACA International Vice President and internationally recognized Governance and Service Management evangelist will share his thoughts on the requirements for the future of Governance and COBIT in the Cloud to empower you and your business to continue to drive forward with effective and balanced governance.
© 2013 ISACA South Florida. All rights reserved.