Conference: October 10th, 2019
The conference features educational talks and a panel to expand your knowledge and foster security discussions. Conference Registration does not include the workshop pass. The workshop on Friday October 11th is a separate registration.
Speaker: William Hugh Murray
National Cyber Security Hall of Fame, (ISC)2 Fellow & Harold Tipton Lifetime Achievement Award, ISE Luminary Leadership Award
Speaker: Ron Ross
Dr. Ross led the Federal Information Security Management Act Implementation Project, which includes the development of security standards and guidelines for the federal government, contractors, and the United States critical information infrastructure. He is the principal architect of the NIST Risk Management Framework and multi-tiered approach that provides a disciplined and structured methodology for integrating the suite of security standards and guidelines into a comprehensive enterprise-wide information security program.
Fireside Chat - C4: Three Colonels and Crisis, What Could Go Wrong
Panelists: (ret.) U.S. Army Colonel JC Vega, (ret.) U.S. Army Colonel Jon Brickey, U.S. Army Colonel Hise Gibson, DBA
Are you prepared to respond to an epic clash between hackers that turns into a battle of survival? How does an intense, immersive experience build critical cybersecurity skills throughout an organization? What happens when people, technology, organizations, and processes are tested under duress? This fireside chat between three US Army Colonels will cover both disastrous and triumphant responses to crises, and what you can put into practice today. They will share their collective 90 years of experience, lessons learned, and best business practices to empower and inspire you to prepare for the imminent cyber crises.
Active Directory Security: Early Stage Attacks Activities to Watch For
Speaker: Rod Simmons
Attackers have demonstrated a consistent and ongoing ability to obtain access to workstations inside the network boundary through phishing, web and email attacks. From here, attackers set their sights on gaining control of Active Directory as a means to an end; compromising Active Directory is an easy way to gain access to all critical corporate data and resources. This presentation will discuss two early stage attack activities: LDAP reconnaissance and Password Spraying - that allow attackers to map out the target infrastructure to plan out their attack and begin to take over accounts. Detection strategies and mitigation steps will also be explained.
Business Risk Management: You Are a Click Away from Jeopardizing Your Business Goals
Speaker: Sam Vohra
Is developing a strong data security program part of your business strategy? Companies make significant investment in developing strategies to align operations with their business goals and objectives. However, many organizations do not consider business risk management as part of their operations while developing strategies. This exposes them to imminent information security threats. The best of strategies can derail progress of any business irrespective of size if they do not have appropriate risk management program in place. Companies are a click away from jeopardizing their business goals. One-click on a phishing email, bad link or malicious website can make companies vulnerable to breach entities. Recent Ransomware, Malware and data-breach attacks are a testimony of how no one is immune to getting exposed and its severe impact.
Speaker: Ondrej Krehel
Cyber extortion has reached new proportions, including six-figure ransomware payments. Considering the easy and quick payoff, cybersecurity experts expect these attacks to only increase. But stories made public provide limited knowledge of initial attack vector or details pertaining lateral movements. This session presents real cases of cyber extortion on corporate and high net worth individuals, many conducted by LIFARS Incident Response team, including hacking techniques for full network compromise and deployment of ransomware kits. This session also presents cases that are currently under investigation by the FBI and Secret Service. Attendees will walk away from this session with knowledge of the tools and strategies needed for elevating their cyber resilience.
Cyber-Physical Coordinated Attacks: The Emerging Complexity of Crisis Management
Speakers: Robert Darling, John C. Checco
It is conceivable and probable that today's adversaries have contemplated - and recruited for - event scenarios in which a physical crisis is pre-ignited by a series of one of more carefully orchestrated cyber incidents. As extremist groups grow bolder and attract younger more technology-astute prospects, there will be a convergence where both logical and physical attacks methods are used in concert towards a singular goal. These will be much more complex and targeted than the typical diversionary tactics we are prepared for today.
Cybersecurity Blueprint for Digital Transformation / Industry 4.0
Speaker: Viral Trivedi
Overview of Digital Transformation and Industry 4.0 and need for cybersecurity; Industrial Cybersecurity Threat Landscape & Threat vectors; Key differences between Industrial OT & Enterprise IT Security methodologies; Use of security technical controls to detect and alert when anomalies arise, things like firewalls, intrusion systems and anti-ware; and the ability to respond to and recover from a cyber incident - this would include the ability to monitor through your corporate data center or security operations center.or that of a third party
Cybersecurity vs. Employee Privacy
Speaker: Mark Francis
The insider threat is a key risk vector in cybersecurity programs as well as one of the hardest to protect against. Employees with authorized access to corporate systems can intentionally, or inadvertently, engage in activities that can quickly compromise systems or confidential information. In order to protect against this threat, organizations are implementing more aggressive internal monitoring programs that may include endpoint monitoring, activities logs, scanning outbound communications traffic, CCTVs and tracking mobile devices. All of these practices have a bearing on employee expectations and privacy laws, and the underlying trust in employer-employee relationships. This session will cover all of these consideration, including: Common insider threats; Different solutions organizations are using to counter insider threats; General landscape of employee privacy laws; Aligning cybersecurity practices with employee privacy policies; Evolving privacy laws and how they may impact insider threat programs.
Defending the Impossible: IoMT
Speakers: Nina Alli
Medical environments are notorious for being difficult to defend. Not only are there budget constraints, but the connected devices might be considered antiques. This talk will discuss the risk(s) that exist in medical environments, how to create practical, low-cost defensive solutions, and how to work with device manufactures to bring in secure and scalable solutions.
From DevOps to DevSecOps: The Changing Position of Security Testing
Speakers: Peter Mosmans
Let's start with a white hat hacker's view on how a security test is generally being performed across the Internet. Glance over the standard penetration testers' workflow - and look at the challenges that some of those phases pose. This will give you an overview of current methods of security testing. What are the effects of the ascent of DevOps to security testing in general? An overview will show you what assets are usually being tested, when in the Software Development Life Cycle, and how the tests are being performed.
Then the talk will switch its point of view, and will take a look from the perspective of a black hat hacker: With this mischievous look we will revisit the what, when and how of security testing. Are there any shortcomings of current testing methods? And has DevOps made a black hat's life easier or more difficult?
The last part of the talk will be spent on the latest DevOps spin-off: DevSecOps. It will show how security testing can be implemented into development and operations practices. Will this increase the overall security posture of a company?
After this talk, you'll have a realistic view of what security testing entails or should entail, and the unique challenges and opportunities that DevOps and DevSecOps bring for companies. From a white hat's perspective - and a black hat's perspective
Gloom to Boom: Transforming Cyber Risk into Cyber-Resilience and Value
Speaker: Andrea Bonime-Blanc
In a session that emphasizes the importance of cross-disciplinary collaboration on all things cyber, cyber-risk management, resilience building and oversight, Andrea places "cyber" into the universe of what she has dubbed ESGT (environmental, social, governance and technology) issues, risks and opportunities that businesses and other types of organizations must master to survive and thrive in today's complex, rapidly changing and constantly challenging environment. This session will cover: Placing cyber into the universe of ESG&T risks organizations face; Understanding cyber from a governance and oversight standpoint - what is your executive management and board looking for; Understanding your role - whatever it might be - in cross-disciplinary teams addressing cyber; Transforming cyber risk into cyber opportunity; and Understanding how to discern the most important strategic risk aspects of cyber.
Introducing Zero Trust into a Legacy Infrastructure
Speaker: John C. Checco
Zero Trust, as defined and implemented in BeyondCorp, leaves a lot to be desired when looking at it from a legacy infrastructure perspective. And although many vendors are answering the call to support traditional networks, an organization needs to understand the holistic view and ramifications of introducing such a culturally different paradigm into their network access and security model.
Maritime and Aviation Cybersecurity: Threats to the Sea and Air
Speakers: Brian M. Stites, Paul Ferrillo
The maritime and aviation industries have both experienced an increase in the connectivity of their operations, creating expanded digital ecosystems. While the effects of this movement have led to efficiencies and higher productivity, they have also created additional vulnerabilities and access points for cyber criminals to exploit. Despite facing the same - if not greater - cyber risks as other industries, both private and public efforts to combat threats to the maritime and aviation industries have not been on par with their peers. This presentation will explore maritime and aviation cybersecurity challenges, the potentially devastating effects of failing to address threats, the need for increased private and public efforts to mitigate risks, and what can be done to combat these threats.
Power Tools for the Security Professional
Speaker(s): Robert Kratzke
Reports, logs, overload of information from a multitude of sources, this presentation will show some best practices of how security professionals can use the new tools/apps in Microsoft Office to build powerful business intelligence solutions quickly and easily without coding and/or customizing 3rd party applications. The Power Platform (Power BI, Flow, and PowerApps) will allow you to take all the data you need to act on and analyze to make decisions relating to security and other parts of your job, into Dynamic Dashboards giving you an easy to understand visual representation of your data, and allow you to create triggers to build workflows that will automate your process, speed up decision making, and improve communications.
Protecting the Big Apple: Managing Cyber Risk at the City Level
Speaker: Munish Walther-Puri
What are the major cyber risks to New York City? As we face cyber threats at the geopolitical and national levels, municipalities experience the impact on a local, tangible level. This talk will explore the technology and systems that serve New Yorkers, outline New York City Cyber Command's (NYC3) approach to cyber risk, and extract lessons from previous cyber attacks targeting municipalities, such as ransomware. NYC3 believes that cyber security is a public safety issue and this talk will explore several aspects of protecting the public and the city services that they use.
Saving American Businesses and Secrets Through Encryption and Micro-tokenization
Speakers: David Schoenberger, Paul Ferrillo
The cost of cybercrime approaches $600 billion a year. There are estimates that this number now approaches $1 billion per year. Our US businesses and Department of Defense community (and indeed the world community gets attacked constant losing valuable secrets and Intellectual property. New attacks grow daily as the world political climate promotes antagonism and theft. The world cyber regulatory climate grows more active and perilous everyday to business, as breaches continue to exposure PII and pHI. Obfuscation and De-identification of data provide strong defenses to attempts to steal mission critical business and IP. Encryption and Microtokenization are two excellent methods of protecting data. Microtokenizatin, thought the use of a MicroToken Exchange (MTE), is based on a simple idea: data can be hacked, intercepted, and stolen while traveling from one point to another over the Internet, so stop using real data. Eclypses' MTE solution removes the real data and replaces it with MicroTokens which are useless to cyber criminals. Tokenization technology protects any form of data over any type of network.
Security and Artificial Intelligence - Myths and Realities
Speaker: Keith Rayle
Artificial Intelligence (AI) is regularly touted as the panacea for today's cybersecurity woes. What is it and where did it all start? How is it being used today and what is the future of this technical advancement? AI is being rapidly adapted to a wide range of current problems, but what are the limits of it and what will we see it used for in the near future? This session will explore: The history of intelligent machines; Converging technologies and the impact on AI; How it works - models and an implementation example; The broader use of it in the security industry; AI and cybercriminals - how they deploy it; and The future of AI and cybersecurity.
Strategic Risk Management and Cyber Risk at 50,000 feet
Speakers: Ellen Shew Holland, Carol Fox
CEOs find that Cyber Risk is one of the top 3 items on the minds of boards. This session is designed to help build and leverage the knowledge from strategic risk management and cyber-security professionals to strengthen board effectiveness in this area. Takeaways include: Overview, similarities, and uses of ISO 27000 (Cyber-Security) and ISO 31000 (Strategic Enterprise Risk Management); Highlight strategic risk exposures for select industries and best practices for risk mitigation techniques; Show how multi-faceted and integrated risk management and cyber-security teams respond best to cyber claims; Show insurance coverage from varying lines of insurance for cyber-security related claims; and Discuss internal and external partnerships in mitigating risk and leveraging these to educate staff.
Understanding the Business Impact of Cyber Risk
Speakers: Richard Lethin, Eric Dull
Not all hosts on a network are created equal. Every host on the network is used for different business purposes, contains different intellectual property, and should exhibit different behaviors. Cyber security analysis is most efficient when it is performed with this context, but building this context is frequently manual, cumbersome, and produces models that are brittle and age poorly. These manual processes can be automated using network monitoring and applied data science, enabling better situational awareness of business importance during cyber security analysis and response.
Using Cyber Insurance Effectively (Before and During an Incident)
Speakers: Elissa Doroff, Billy Gouveia
Despite being available for over 20 years, many organizations still struggle with how to effectively use cyber insurance. In this presentation, we will cover when to use (and when not to use) insurance to manage cyber risk and well as things to think about in buying coverage. However, most of the presentation will center on how to leverage your cyber insurance carriers access to resources to help you prepare for and respond to a cyber event. We will also walk through case studies of how cyber insurance has effectively helped organizations respond and recover.
As part of our educational mission as a coalition of non-profit organizations, registration fees are only to cover the costs of the facility, food and refreshments.