ITKE Community Blog

May 2 2012   5:07PM GMT

Information Security Decisions hosts LIVE #ISD12 Tweetchat on Friday, May 4 @ 12:00 PM EST

Guest Author Profile: Guest Author

Please join us for our #ISD12 TweetChat! As our annual Information Security Decisions New York Conference approaches, we’re excited to get the conversations started! Lindsay Jeanloz (@TT_Edit_Events), Director of Editorial Events, and Mike Mimoso (@Mike_Mimoso), Editorial Director of the Security Media Group, will be hosting this #ISD12 TweetChat “In Real Life” from 12:00-1:00 pm EST this Friday, May 4 in the #ISD12 TweetChat Room. We’re thrilled to have conference speakers Diana Kelley (@securitycurve) and Dan Guido (@dguido) participate in the conversation!

Here are the planned topics and some potential discussion questions:

TOPIC 1: Big Data and Security:

  • Despite all the cries for analysis of security data, logs are for the most part ignored. Why would security teams want to collect more data they won’t analyze?
  • Is big data for security feasible?
  • What tools are necessary to adequately gain visibility into security events and properly analyze them?

TOPIC 2: Mobile Security:

  • Mobile hacking, reality or fiction?
  • What are attacker capabilities around mobile hacks and malware?
  • Where are the exploitable vulnerabilities with mobile platforms?
  • Which defensive tactics work?

TOPIC 3: Cloud Security:

  • What three security issues do my executives need to know about cloud computing?
  • If I’m a small company with very little clout, how do I get adequate visibility into a service provider’s controls?
  • My organization has an incident response plan; how can I ensure that translates to a cloud computing engagement?

TOPIC 4: Threats:

  • How much attention should my organization pay to hacktivists? Does it matter who’s attacking me if I’m not a government agency or the military?
  • What are the most common data exfiltration points that an organization needs to monitor and/or block?
  • If signature-based antimalware isn’t adequate any more, why should my organization keep running it and investing in licenses and upgrades, etc.?


  • Now that PCI is on a three-year cycle, how should an organization prioritize its PCI program until the next version of the standard is released?
  • Any insight into whether the recent guidances will be requirements in the next version?
  • Tokenization or encryption? Is tokenization enough in a PCI environment for security and compliance? How are they complementary?

Reminder: #ISD12 TweetChats are a marketing-free environment! Join the chat to connect, learn and get excited for our upcoming Information Security Decisions Conference on May 15, but please do not post product-specific information.

It’s easy to join the Twitter conversation by logging in to the #ISD12 TweetChat Room, which automatically keeps you in the conversation by tagging all tweets with the #ISD12 hash tag. If you are unable to access the TweetChat room, simply search in Twitter for #ISD12 and tag your tweets with #ISD12 so they can be seen by everyone else.

If you have any questions, please contact Lindsay Jeanloz, Director of Editorial Events at TechTarget, at

 Comment on this Post

There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

Share this item with your network: