Improving Risk Assessments with Cyber Threat Intelligence
Information Security is still not mature in the practice of estimating risk when compared to other industries such as Finance, or Insurance. A primary reason for this is the historical lack of structured, comprehensive, and consistent data models for categorizing and quantifying cyber threats within risk equations. Many know that using Cyber Threat Intelligence (CTI) can improve management of threats in real-time. Value yet to be fully realized from CTI, however, is how newly-emerging threat data models have the potential to fix the long-standing problem of quantifying threat likelihood. Ultimately, better risk estimates are now possible - as are discussions of risk that business leaders will find meaningful and valuable.
Del Russ, Xerox - Director of Cyber Security Operations & Cyber Threat Intelligence (CTI)
Del Russ is the current Director of Cyber Security Operations & Cyber Threat Intelligence (CTI) at Xerox Corporation. His current work focus is upon recognizing where business missions benefit from having a better understanding of cyber threats, and in pioneering new security solutions. Mr. Russ has created, deployed, and managed numerous operational cyber-security programs, including two that have won CSO50 industry awards (2015, 2017). His twenty-six years in IT include seventeen in Security, and eleven prior in Software Engineering. Mr. Russ has serviced clients in the Defense, Finance, Public Sector, Telecom, Healthcare, and Technology Manufacturing sectors. He has B.S. in Computer Science from the State University at Buffalo, NY, with a minor concentration in Psychology. He has been a certified Digital Forensics & Threat Hunting (GCFA) expert since 2005, and is a CISSP.
Cybersecurity While Traveling
Recommendations for cybersecurity while traveling abroad often sound like they were taken directly from the plot of a spy movie: use clean "throw-away" devices, accounts, and passwords; assume you'll be compromised. Similar, although slightly less scary, recommendations abound for travelers going on vacation: don't post your location online; don't use public Wi-Fi. In this presentation, Stacey will provide insight into the targeting, theft, scams, and espionage that have driven the creation of these often-touted recommendations so you can intelligently calculate your risk while traveling and choose which recommendations are appropriate for your (or your co-workers) next trip.
Stacey A. Wright, Center for Internet Security - Director of Cyber Intelligence
Stacey A. Wright is the Director of Cyber Intelligence at CIS (Center for Internet Security), where she runs the Intel Team for the Multi-State Information Sharing and Analysis Center (MS-ISAC) and Elections Infrastructure Information Sharing and Analysis Center (EI-ISAC). She has designed and built the Intel Team to focus on providing strategic and operational cyber intelligence to state, local, tribal, and territorial (SLTT) governments. The team publishes more than 200 products per year providing timely, actionable SLTT government and elections-focused insight on cyber risks, actors, trends, tactics, vulnerabilities, and incident response. Recipients use the intelligence to improve visibility, detection, accuracy, and strategically align resources to the current cyber environment. In addition to her work at CIS, Stacey teaches two graduate cybersecurity and threat intelligence classes at the State University of New York. Prior to her employment at CIS, Stacey was the Cyber Intelligence Analyst for the Federal Bureau of Investigation (FBI) Albany Division, where she was responsible for coordinating the local cyber intelligence program and served as the FBI's liaison to the MS-ISAC. Stacey began her career as an Information Systems Specialist for the Cambridge, MA, Emergency Communications and Fire Departments. She received her Bachelor of Science in Criminal Justice from Northeastern University, and her Master of Business Administration from the University of Massachusetts, Boston. She is a formally trained Intelligence Analyst and a national speaker on cybercrime.
This two-hour session will take attendees through a basic on-line threat hunt. We will cover exploring a rogue IP that appears in your logs, dissecting a URI that one of your other tools uncovers but that makes no sense as you see it initially, tracing a malicious actor using bitcoin wallets, performing actor-centric research including the actor's TTPs, associated IoCs and specializations. We will walk through the scenario using live on-line demos of tools and both commercial and free resources. These are techniques that the instructor uses regularly to track down actual malicious actors.
P. R. Stephenson, PhD, CISSP (Ret), VSM, LPI (Michigan)
Cyber Criminology, Cyber Jurisprudence
Peter Stephenson has taught information assurance, network attack and defense, digital forensics and cyber investigation on both the graduate and undergraduate levels. He started his 50+ year career as a U.S. Navy cryptographer, then moved into the private sector where he operated his own information security consulting practice for some 20 years. Navigating the industry and his career with aplomb, he then became director of technology for the global security practice of Netigy Corporation and was, until July 2003, the director of technology and a research coordinator for QinetiQ Trusted Information Management, a large international information security professional and managed services company. He holds a doctorate in digital investigation and is pursuing a second PhD in law. He holds the CISSP (retired) designation from (ISC)2 and retired as a Fellow of the American Academy of Forensic Sciences. He has authored “Investigating Computer Crime” and the “Official (ISC)2® Guide to the CCFP CBK” He also is former CISO of Norwich University. In short, Stephenson knows a thing or two about IT security.
His current personal reseach home is at the helm of the Cyber Crime Research Lab, which is engaged in cutting edge research related to cyber crime technology, cyber threat intelligence, cyber law and jurisprudence, cyber criminology, and cyber threat hunting. It is also home of Forensic Threat Hunting™.