Note: this blog is a mirror of my HP Labs Blog, on the same topic, accessible at: http://h30507.www3.hp.com/t5/Research-on-Security-and/bg-p/163

Wednesday, March 9, 2011

Conference – Centre for Cybercrime and Computer Security Conference

I have been invited to give a presentation at the coming Conference at the Centre for Cybercrime and Computer Security, 15 March 2011, Newcastle.

I will be giving a presentation on “Risk Exposure to Social Networks in Enterprises”.

This is a great opportunity to network with experts in this area and to share thoughts about related HP Labs R&D activities that we have been carrying out in Bristol, UK.

Please consider attending.


--- Posted by Marco Casassa Mont (here and here) ---

--- NOTE: use this mirror blog if you prefer posting on an external blog site ---

--- NOTE: my original HP blog can be found here ---

Security and Identity Analytics

I have got a paper accepted at the coming IEEE Policy 2011 Symposium.

This paper is based on a recent HPL Technical Report I published, on “Risk Assessment and Decision Support for Security Policies and Related Enterprise Operational Processes”.

Looking forward at presenting this work.

Interestingly, this paper describes work that we did jointly with a major HP customer, in the space of Security Analytics and Identity Access Management.

This work de-risked Security Analytics in this area: it is now one of the Security Analytics capabilities offered as a service by HP Information Security.



--- Posted by Marco Casassa Mont (here and here) ---

--- NOTE: use this mirror blog if you prefer posting on an external blog site ---

--- NOTE: my original HP blog can be found here ---

UK Cyber Security Challenge 2011

I have been involved (as part of the HP Labs team) in the recent final of the UK Cyber Security Challenge 2011.

It has been a very interesting experience observing and engaging with the various participants. Very good fun.

I would really encourage the readers to engage in the coming editions.

--- Posted by Marco Casassa Mont (here and here) ---

--- NOTE: use this mirror blog if you prefer posting on an external blog site ---

--- NOTE: my original HP blog can be found here ---

On the value of being part of Conference Program Committees

In the last years I have been invited to be part of many Program Committees of conferences and workshops. Just in the last month I had to deal with paper reviews for MobiSec 2011 and SECRYPT 2011.

Some statistics: based on my experience, I would say that only 25-30% of the papers that I review are usually worth their publication, because of the innovation and new insights they provide.

Nevertheless, I believe this is a great opportunity to stay in touch and up-to-date with key R&D topics. In my case, in the space of security, privacy, IAM and risk management.


--- Posted by Marco Casassa Mont (here and here) ---

--- NOTE: use this mirror blog if you prefer posting on an external blog site ---

--- NOTE: my original HP blog can be found here ---

Making good progress in the UK EnCoRe Project

The UK collaborative EnCoRe project is making good progress towards achieving a key set of objectives.

I have been deeply involved in finalising the new version of the EnCoRe Architecture that will support the coming case studies and (hopefully) a pilot with a major UK company. It will be soon publicly released.

We are currently working on an “EnCoRe System Framework” that will enable grounding this architecture at the system, compliance and regulatory levels – to enable the above mentioned case studies and pilot.




--- Posted by Marco Casassa Mont (here and here) ---

--- NOTE: use this mirror blog if you prefer posting on an external blog site ---

--- NOTE: my original HP blog can be found here ---