Overcoming the Compliance Conundrum CSOs must comply with a bevy of regulations. A main objective for many IT security professionals is discovering ways to leverage the work that goes into meeting just one of these mandates to apply to another so that compliance efforts are not duplicated. But what steps must they take to ensure that they're not constantly re-creating their workload as they attempt to meet each mandate? Paul Kurtz, executive director of the Cyber Security Industry Alliance, and Dave Cullinane, CISO of Washington Mutual Inc. provide their expert advice with Illena Armstrong, editor-in-chief, SC Magazine moderating. A

The recent theft of a laptop with the personal information of 26.5 million American veterans on it created a national outrage. This incident revealed just how vital it is to secure data on portable devices, as well as brings into question just what information should be stored on these tools in the first place. During this webcast, we will find out from experts if companies are doing an adequate job in developing policies and enlisting technologies to safeguard portable devices, and learn what they need to be doing better.

CSOs must comply with a bevy of regulations -- from GLBA and Sarbanes-Oxley to HIPAA and SB1386. Besides ensuring that they are meeting the requirements set forth in each without duplicating efforts, IT security professionals also must make sure that the risk mitigation practices and solutions they implement are actually effective. That is, how can CSOs be sure that after they've passed the audit for compliance - once that box is checked off -- that the solutions and strategies they're using are actually doing what they're claiming? To answer this means proving to organizational executives that all the work to comply with regulations actually decreases the risk that corporate data will be compromised. On April 20, we get expert advice and learn ways such an objective can be achieved from Gene Fredriksen of Raymond James Financial and Marcus Sachs of SRI International and the U.S. Department of Homeland Security.

Sophisticated worms and zero-day threats plague companies' IT networks daily. Combine these problems with a lack of a defined perimeter, traveling and contracted workers, rising internal threats, regulatory requirements and non-stop vulnerabilities and you're living the chief security officer's daily nightmare. Chris Painter, the deputy chief with the U.S. Department of Justice's Computer and Intellectual Property Section, and Pamela Fusco, former chief information security officer (CISO) of Merck & Co., tell us about some of the more insidious types of information security problems that IT security leaders are facing now and offer up some pragmatic ideas on how to address them