May 19, 2009

May Meeting Topic: PCI-DSS Compliance
Presenter: Ulf Mattsson

Abstract
The session will review the different options for data protection strategies for PCI DSS and other regulations. We will present case studies on data protection in an enterprise environment. We will position different solutions that can protect the enterprise data against advanced attacks from internal and external sources. We will show how to provide a balanced mix of different approaches to protect sensitive information like credit cards across different systems in the enterprise, including tokenization, encryption and hashing. We will show how to balance performance and security, in real-world scenarios, and recommend when to use encryption at the database level, application level and file level. This session will also present methods to protect the entire data flow across systems in an enterprise while minimizing the need for cryptographic services.

This interactive, educational presentation will:

1. Review of case studies on enterprise data protection;
2. How to prevent internal and external threats;
3. Review solutions for enterprise data encryption and key management;
4. How to prevent data misuse and advanced attacks on data;
5. How to protect the entire enterprise data flow;
6. How to develop a database encryptionstrategy balancing security, performance and other aspects;
7. Review and position different solution alternatives;
8. Discuss how to balance security, performance and other aspects.

About Ulf T. Mattsson
Ulf T. Mattsson, chief Technology Officer, Protegrity Corporation, created the initial architecture of Protegrity’s database security technology, for which the company owns several key patents. His extensive IT and security industry experience includes 20 years with IBM as a manager of software development and a consulting resource to IBM’s Research and Development organization. He specializes in the areas of IT Architecture and IT Security. Ulf is the inventor of a number of European patents and US Patents, Data Usage Control, Dynamic Access Control, Intrusion Prevention and Cross System Layer Security. He holds a master’s degree in Physics, a degree in finance and a degree in electrical engineering.

May 19, 2009 6:30 PM

740 15th Street NW
4th floor
Washington, DC 20005

Click here for details.

Please email your RSVP if you plan to attend.