Homeland Security to host closed-door security forum

Conference will bring together security experts from law enforcement, Internet service providers, and the tech industry

The U.S. Department of Homeland Security will host a invite-only conference two months from now that will bring together security experts from law enforcement, Internet service providers, and the technology industry.

The Internet Security Operations and Intelligence (ISOI) workshop will be held on August 27 and 28 at the Academy for Educational Development in Washington D.C. It is expected to draw about 240 participants who will engage in a frank discussion of the latest trends in cybercrime, said Gadi Evron, a security evangelist with Beyond Security who is one of the event's planners.

"It's an organized group of volunteers from all across the industry, governments, and services," he said via instant message. "All trusted people, all people who do something extra than their job... We respond to international threats and mitigate them, and establish global cooperation across borders daily."

The conference will be hosted by the U.S. Computer Emergency Response Team, part of the Department of Homeland Security.

This group has met previously in hush-hush events hosted on the campuses of Microsoft and Cisco Systems, and has helped in the response to a number of cyber-crime incidents including the denial of service attacks in Estonia and the recent compromise of Miami's Dolphin Stadium Web site, which was hacked just days before the stadium played host to the National Football League's Super Bowl game.

Because the conference is attended by a pre-screened audience (the press is not invited, thank you very much), presenters at the ISOI workshops offer a deeper level of technical detail than at other events, said Dan Hubbard, vice president of security research with Websense, who is presenting in August. "It really helps communicate the struggles on both sides of the coin."

Hubbard will be discussing a new tool he has developed for detecting infections of social networking Web sites, called HoneyJax.

Similar to a "honeypot" computer, which is designed to lure cyber-attackers, HoneyJax "allows you to track exploits in the Web 2.0 world and helps assist in the identification of misuse of these technologies" Hubbard said.

Other scheduled talks will cover topics such as the Estonian cyber-attacks, the use of Web-based mail for spam, and "Phishing and the IRS." Speakers will be from organizations such as Cisco, AOL, McAfee, the U.S. Department of the Treasury, and the Computer Emergency Response Team of Estonia.

The workshops attract a "pretty good spread of people," said Exploit Prevention Labs Chief Technology Officer Roger Thompson, another presenter. "It's really just a forum for security professionals in different disciplines to get together and talk over a beer."

Copyright © 2007 IDG Communications, Inc.

How to choose a low-code development platform