Advertise on ITWeb         Thu, 02 Jul, 21:40:10 PM
SANS TRAINING SANS training is highly sought-after internationally
Register your seat now!
Agenda: Day 1 - 7 May Agenda: Day 2 - 8 May Workshops: 9 May SANS Training: 9 & 10  May
Date: 9 & 10 May 2013
Time: 08h30 - 17h00
Venue: Sandton Convention Centre

ITWeb is proud to announce it will once again run SANS training alongside its annual Security Summit.

Known as the most trusted source for computer security training, certification and research, SANS training is highly sought-after internationally. This high-calibre information security training will be available again to local delegates. Following the success of last year, we are offering 20 Critical Security Controls: Planning, Implementing and Auditing again in 2013.

20 Critical Security Controls: Planning, Implementing and Auditing
Facilitator: Ted Demopoulos, SANS certified instructor

Click here to register

Course length: two days
12 CPE credits

The 20 Critical Security Controls have already begun to transform security in government agencies and other large enterprises, by focusing their spending on the key controls that block known attacks and find the ones that get through.

With the change in FISMA reporting implemented on 1 June, the 20 critical controls become the centrepiece of effective security programs across government. These controls allow those responsible for compliance and those responsible for security to agree, for the first time, on what needs to be done to make systems safer. No development in security is having a more profound and far-reaching impact.

These top 20 controls were agreed upon by a powerful consortium, brought together by John Gilligan (previously CIO of the US Department of Energy and the US Air Force) under the auspices of the Centre for Strategic and International Studies. Members of the Consortium include NSA, US Cert, DOD JTF-GNO, the Department of Energy Nuclear Laboratories, Department of State, DOD Cyber Crime Centre, plus the top commercial forensics experts and pen testers that serve the banking and critical infrastructure communities.

Ted Demopoulos' first significant exposure to computers was in 1977 when he had unlimited access to his high school's PDP-11 and hacked at it incessantly. He consequently almost flunked out but learned he liked playing with computers a lot.

Ted's business pursuits began in college and have been continuous ever since. His background includes over 25 years of experience in information security and business, including 20+ years as an independent consultant.

Ted helped start a successful information security company, was the CTO at a "textbook failure" of a software startup, and has advised several other businesses.

Ted is a frequent speaker at conferences and other events, quoted often by the press, and maintains Security Certs, a Web site on Security Certifications. He also has written two books on Social Media, has an ongoing software concern in Austin, Texas in the virtualization space, and is the recipient of a Department of Defense Award of Excellence.

Ted lives in New Hampshire and more about him is available at Demopoulos Associates. In his spare time, he is also a food and wine geek, enjoys flyfishing, and playing with his children.

Why take this course?

The automation of these top 20 controls will radically lower the cost of security while improving its effectiveness. The US State Department, under CISO John Streufert, has already demonstrated more than 94% reduction in "measured" security risk through the rigorous automation and measurement of the top 20 controls.

Who should attend?

Auditors CIOs
Risk officers
Information assurance auditors
System implementers/administrators
Network security engineers
IT administrators
DOD personnel/contractors
Federal agencies/clients
Private sector organisations looking for information assurance priorities for securing their systems
Security vendors and consulting groups looking to stay current with frameworks for information assurance
Operators monitor for attacks
17 Apr 2013 – Distributed denial of service strikes can cause major traffic headaches for cellphone companies.
Desperately seeking cyber security skills
17 Apr 2013 – Skills training in SA is on par with international standards, but the country does not have enough experts to prevent cyber attacks, says UJ’s Basie von Solms.
Spending needed to thwart attacks
11 Apr 2013 – Most security issues can be contained to some extent, if companies are prepared to invest.
SA fails on forensic readiness
4 Apr 2013 – Forensic readiness is crucial to successful investigations and prosecutions, yet few South African firms are prepared, says Cyanre.
Cyber security risk cannot be eliminated
25 March 2013 – In the past two years, there has been remarkable development and spread in organised hacking of corporates, says expert.
IT-based fraud on the increase
25 March 2013 – The ease with which fraudsters can acquire tools needed to commit fraud and the explosion in data are contributing to the growth, says Paladion.
BYOD - no turning back
20 March 2013 – For most organisations, it's too late to stop BYOD, but it's not too late to manage it, says a security expert.
Formulating an attack-focused security plan
26 Feb 2013 – To successfully formulate an attack-focused plan, start with an assessment to find live attackers on the network, says MANDIANT.
Info security needs new focus
12 Feb 2013 – Information security has to shift beyond perimeter protection to understanding the attacker, says De Beers.
SA progresses in cyber crime fight
8 Feb 2013 – Moves are afoot to get SA’s cyber crime policing up to speed with the rest of the world, says ISG.
Understanding "bad guys" key in cyber warfare
6 Jan 2013 – Offence-oriented defence has become key in the battle against cyber crime, according to a security expert.
For the latest headlines visit our Security Summit news portal
in partnership with

in partnership with

in partnership with
in partnership with
in partnership with
in partnership with             
in partnership with



About our speakers
About our sponsors
View the post-event video
View picture gallery
Cyber Readiness Challenge


in partnership with
Established in 2009, Performanta specializes only in the discipline of Information Security. The company provides technology, services and consulting solutions allowing them to give customers an end to end information security service. Their focus on pragmatic solutions is reflected in their motto: Practical Trust Performanta.

Symantec protects the world’s information, and is a global leader in security, backup and availability solutions. Our innovative products and services protect people and information in any environment – from the smallest mobile device, to the enterprise data center, to cloud-based systems. Our world-renowned expertise in protecting data, identities and interactions gives our customers confidence in a connected world.

Unified security management key to rapid response
24 Apr 2013 - Visibility of the entire ecosystem, and immediate access to necessary information, is key to effectively managing information security, says McAfee.
Consolidation: a new infosec imperative
17 Apr 2013 – Addressing multiple security areas with a variety of solutions can result in weak points and areas being overlooked, says McAfee.
Security certificates 'an infosec weak spot'
12 Apr 2013 – Malware with embedded digital security certificates can easily penetrate enterprise systems, says Venafi.
For the latest headlines visit our Security Summit news portal

20 Critical Security Controls: Planning, Implementing and Auditing
Fees exclude VAT Standard  fee
Delegate pass R15,500.00
ISG Africa members qualify for a 10% discount on the registration fee  -  please contact Maggie Pienaar on (011) 807-3294 to reserve your seat.
Delegates attending will receive:
Core Automation and Metrics
Strategic Coverage for Managers
Strategic Coverage for Auditors
Core Checklists
Auditor Checklists
SANS South Africa event Golf shirt
SANS registration details
SANS online registration
The SANS Institute was established in 1989 as a cooperative research and education organization. Its programs now reach more than 165,000 security professionals around the world. A range of individuals from auditors and network administrators, to chief information security officers are sharing the lessons they learn and are jointly finding solutions to the challenges they face. At the heart of SANS are the many security practitioners in varied global organizations from corporations to universities working together to help the entire information security community.

SANS is the most trusted and by far the largest source for information security training and security certification in the world. It also develops, maintains, and makes available at no cost, the largest collection of research documents about various aspects of information security, and it operates the Internet's early warning system - the Internet Storm Center.

Follow us on twitter and tweet about your thoughts around this event, #itwebsec

Do you want to join other leading security vendors and firmly position your company, brand, products and services to a high-level business decision maker audience at southern Africa’s only business focused information security event?
Don’t miss out on the opportunity to capitalise on the valuable marketing opportunities ITWeb’s annual Security Summit offers and
click here to learn about available sponsorship options or contact Debbie Visser, for a customised proposal designed to meet your objectives and budget.

Sensepost is an independent company that provides services in the Information Security Services area. Combining experience and knowledge, SensePost specialises in Information Security Consulting, Training, Security Assessment Services and IT Vulnerability Management.


Tweet about the ITWeb Security Summit