Transparency, Governance and Protection
The E-commerce Security Dilemma
IBM Warwick

24th March 2004

AGENDA

09:15 - 09.55 Coffee and registration

09.55 - 10:00 The E-commerce Security Dilemma & Introduction
Geoff Petherick, IBM CUA

10.00 - 10.40 Introduction to E-mail and Corporate Liability
Will Roebuck, E-business Regulatory Alliance

  • Vicarious liability.
  • Case update.
  • Sexual and racial discrimination.
  • Altering contract terms.
  • Crime in the work place.
Will Roebuck is co-founder and director of the E-business Regulatory Alliance, a not-for-profit association that lobbies for legislative change in e-business. Since 1998, he has worked at senior corporate, parliamentary and government levels, including the NCC, British Chambers of Commerce, and EURIM. Will also set up the recent £0.5 million CD-id project and has worked as legal counsel to EAN International's food traceability expert group. He was also formerly a Barrister with the Crown Prosecution Service with many interesting and amusing experiences which he would be happy to share during the breaks. Will enjoys the gym, tennis, and swimming, and enjoys other challenging pursuits.

10:40 - 11:20 On-line Contracts - Looking for Holes
Andrew Sparrow, Lecote Solitors

  • Offer v Invitation to Treat - web site configuration.
  • How to avoid mistakes - understanding the legal relationship.
  • Internet Terms & Conditions - protecting your web site.
  • The E Commerce Regulations 2002 - do you conform?
  • Whose Law applies? - B to C & B to B; getting justice.
  • The impact of Mobile Communications - is good to talk?

Andrew Sparrow is a National award winning Solicitor and head of Lecote Solicitors. He is author of four books on the law of e-commerce including the Financial Times book E-Commerce and the Law which carries a forward by Patricia Hewitt, Secretary of State for Trade & Industry. His books are published in China, the latest title is scheduled for publication in the US and he speaks Internationally on the subject of e-commerce.

11.20 - 11.40 Coffee

11.40 - 12.20 Computer Forensics and Best Practice
Leigh Allen, National Hi-Tech Crime Unit (NHTCU)

  • NHTCU profile.
  • Brief overview of crimes committed using email.
  • ACPO Best Practice Guide in relation to computer based evidence.
  • Forensic issues relating to email clients (Both stand alone and server).
  • Deleted emails/content - Is the evidence available?
  • Impact on business - The criminality and the forensic police investigation.

Leigh Allen is a Digital Evidence Recovery Officer working within the computer Forensics Section of the National Hi-Tech Crime Unit (NHTCU). The NHTCU is a multi-agency unit set up to combat national and transnational serious and organised crime within or which impacts on the UK. DC Allen is a trained Forensic Computer Analyst. He also has a comprehensive Criminal Investigation and Intelligence background.

12.20 - 13.10 Lunch

13.10 - 14.25 Key Pointers for Corporate Security
Ed Blake & Ross Bushby, Real Solutions

  • Where do you start? Security Policy & Enforcement
  • External risks & Perimeter Security
  • Internal risks & Data Integrity
  • Intrusion Prevention
  • Secure information delivery
  • Emerging threats and defences
  • Information gathering techniques + Live Hacking demonstration

Edward Blake is Head of Security for Real Solutions and has worked as a security consultant for the last 7 years. Prior to this he did a (BSc) Information Systems degree in Artificial Intelligence, Remote Sensing via Satellite and information gathering and analysis techniques. He has worked on a large number of secure infrastructure projects for the Public, Finance and Corporate sectors and is used in an advisory role by a number of IT security vendors and publications.

Ross Bushby is a CISSP and Senior Security Architect for Real Solutions and has worked in IT for the last 12 years. He is Real Solutions Chief Ethical Hacker and is employed to provide consultancy and Penetration Testing services to some of the most secure environments in the Public, Finance and Corporate sectors. He also provides educational services and white papers on some of the key vulnerabilities and weaknesses of IT security systems to the security industry.

14.25 - 14.45 Tea

14.45 - 15.25 iSeries Security - Worry Free?
Leonard Broich, Byteware

  • OS/400, still virus free?
  • The IFS, a perfect host
  • Modern Computing and the risk to iSeries
  • Resource Management for safety and security
  • What can users do to protect their system?

Leonard Broich was employed by IBM for almost 40 years, in various Programmer and Management positions, and most recently as a Senior Program Manager - Marketing prior to his retirement in 1996. He served in assignments in Atlanta, Rochester, Minnesota and Milan Italy as part of GSD, AS/400 and the iSeries Marketing staff. The last 22 years were spent in Marketing focused on software sales and strategy. He also has served as Vice President of Marketing for a data warehouse firm in Switzerland, and is currently Director - International Channels, Bytware, Inc., an Advanced Business Partner with IBM. His personal interests include car collecting and restoration, woodworking, fishing and golf.

15.25 - 16.05 Transparent or Secure? - Encryption Techniques
Richard Agnew, Decru

  • Managing the IT environment to view all data.
  • The role of the IT Data Controller and role separation.
  • A black box approach without application changes.
  • Digitally signing data to prevent unauthorised access.
  • Securing information at source to ensure it does not reach the public domain.

Richard Agnew has been an IT professional for over 20 years within a software engineering environment and specialised in large DB design including spending part of his career in UNIX DB area. For 8 years he worked for EMC in the support group responsible for technical support within the comms and media marketplaces. A keen rugby fan Richard helps to coach youngsters in the finer points of the game.

16.05 Close