Return to: MIS Research Center : Carlson School : U of M

Gold University of Minnesota M. Skip to main content.University of Minnesota. Home page.
One Stop | Directories | Search U of M  
 
MIS Research Center
what's inside image
About>
Academics>
IDSc Courses>
Connections
Event Calendar
News
Overview
History
Corporate Partners
Directions and Parking
Contact
Overview
EABC
IDSc Faculty
IDSc Degree Program Overview
IDSc Programs
IDSc MBA Program
IDSc PhD Program
IDSc Courses
Overview
Course Sponsporship Program
Course Sponsors
Outreach>
People>
Ph.D. Job Market
Publications
Overview
Seminar Series
Student Initiatives
EABC
Course Sponsorship
MISRC Leadership
IDSc Faculty
IDSc Staff
IDSc Doctoral Students
Research Associates
EABC
Research>
Seminar Series>
RFID Forum
Working Papers
Overview
Research Projects
Research Symposia
Research Interests
Friday Workshop Series
Working Paper Series
Overview
Slides
Registration
Webcast>
Overview
Chat
Archive
Live

 

Site Map

Event Calendar for the University of Minnesota Software Engineering Center

 
Home > Seminar Series > November 4, 2005

MIS Research Center Seminar Series
8:30 AM - 11:15 AM
1st Floor Auditorium, Carlson School of Management

Jesper Johansson

Date: November 4 , 2005

Speaker: Jesper Johansson, Microsoft

Topic: "Network Threat Modeling and Security Myths"

Event Registration

Abstract

Network Threat Modeling
Got all the patches? Configured your firewall? Think you are secure now? Think again! Installing the patches and configuring a firewall is just the first step in protecting a network. A truly dangerous attacker will use many techniques, most of them a lot more subtle and harder to protect against to compromise a network. In order to be able to establish proper protection measures for your network, you have to start not only with an understanding of the risks involved, but also with a detailed understanding of how the operating systems work and interact with the applications running on top of them. Only by understanding how simplistic operational practices can lead to total network compromise will you be able to avoid those practices. See a complete compromise of a network that, on the surface, appears to be very well protected. Learn why the easy way is not always the secure way. In the end, walk away with a better understanding of the operational practices that lead to the most severe of all compromises and be on your way to truly protecting your network beyond just simple patching, firewalls and even security configuration changes.

Security Myths
Far too much of what we do in security does not have any real impact on security, not to mention that it does not map to any realistic threats that you have decided to mitigate as part of your overall risk management strategy. In this session, we cover the top ten things that security professionals do that do not have any real impact on security. In some cases, these steps actually have exactly the opposite effect, as they compromise confidentiality, integrity, and/or availability instead of improve it.

Biography

Jesper is Senior Program Manager for Security Policy at Microsoft. In this position he is responsible for the tools customers use to implement security policies, such as the Security Configuration Wizard, Security Configuration Editor, and related tools. He has delivered speeches on network security all over the world and is a frequent speaker at large conferences and custom workshops, particularly in places that lend themselves to great diving. He has a Ph.D. in Management Information Systems and is a Certified Information Systems Security Professional (CISSP) and a certified Information Systems Security Architecture Professional (ISSAP).

Links

Hacking: Fight Back - How A Criminal Might Infiltrate Your Network
Jesper's Blog
Protect Your Windows Network: From Perimeter to Data - Book co-authored by Jesper
     ** Use the coupon code JJSR6437 and save 35%! **
Security Management Columns


 
©2008 Regents of the University of Minnesota. All rights reserved.
The University of Minnesota is an equal opportunity educator and employer.
Last modified on Tuesday, October 18, 2005 		Web Site Comments? | Contact Us | Privacy

Printer-Friendly Version