Infosecurity ISACA North America Expo and Conference Presentations and Descriptions 

 


Beginner Beginner       Intermediate Intermediate       Advanced Advanced

Track 1—Emerging Security Tools & Techniques

111—Dark Web Review - a Deep Dive into a Dark World Intermediate

Wednesday, 20 November | 10:00AM – 10:50AM

  Download Presentation

Alex Holden
Hold Security, LLC

In this uncensored view of the Dark Web and Hackers we will see how their systems function, and what we can do to stop them. From botnets, to financial scams we will look at hackers’ Dark Web panels and learn more about their techniques.

After this session you will be able to:

  • Understand hackers targeting techniques and build appropriate defenses
  • Build scalable and useful risk evaluation program based on real threats
  • Have a much better understanding of how hackers’ function, which in the end will help defeat them in their advances
  • Use skills to change hacker supply chain rendering their attacks unfeasible against your environments

121—Using Cloud Access Security Brokers to Stop SaaS Data Leaks Intermediate

Wednesday, 20 November | 11:00AM – 11:50AM

  Download Presentation

Robert LaMagna-Reiter
CISO
FNTS

Shadow IT. Unsanctioned vs. Sanctioned Apps. SaaS provides flexibility & agility, but not without risk. Enter CASB – a means to control SaaS usage, sensitive data exposure and prevent malware propagation.

After this session you will be able to:

  • Describe the features & benefits of a CASB solution.
  • Understand the various CASB deployment methods & determine which is most appropriate for your business.
  • Control SaaS applications, prevent sensitive data leakage and enable secure SaaS usage
  • Understand how to integrate a CASB into your operations and achieve ROI

131—Assessing Integrated Risk Intelligently Advanced Managerial

Wednesday, 20 November | 1:20PM – 2:10PM

Charles Harry
CEO
Decision Point Analytics LLC

This talk will introduce and demonstrate a new approach for categorizing and measuring integrated risk in complex organizations. Based on rigorous research conducted at the University of Maryland, we weave together models that connect network maps with mission and business functions and run attack scenarios to estimate consequence. This approach allows for a more thorough understanding of the broad array of consequences threat actors can engineer and estimates the integrated risks across mission sets.

After this session you will be able to:

  • Demonstrate a new quantitative method for assessing risk to specific mission and business functions in complex organizations.
  • Be exposed to a new quantitative index, graph models of representative networks, and new visualization techniques for modelling risk.
  • Classify the variety of cyber attacks in a new taxonomy.
  • Be exposed to a new method for visualizing integrated risk for complex organizations and critical infrastructure.

141—Exposing The Dark Overlord – Using OSINT to Identify a Group of Modern-Day Cyber Terrorists Beginner

Wednesday, 20 November | 2:20PM – 3:10PM

Vinny Troia
Chief Security Research and Strategy
NightLion Security

Since its formation in 2016, The Dark Overlord hacking group has extorted hundreds of organizations, terrorized thousands of people, and stolen millions of dollars from their victims.

Despite the young age of the group’s core members, their operational security and tactics are so well defined that it has taken years for law enforcement to catch up to them. My own investigation to discover and infiltrate The Dark Overlord spanned over 18 months.

This discussion will detail the formation of the group, its core members, and the tactics behind their attacks. I will provide evidence to demonstrate how this group of hackers were able to infiltrate their victims, wreak havoc, and evade capture.

This talk will discuss:

  • The OSINT processes and tools used to discover evidence,
  • An in-depth analysis of the data and decision-making processes that led to further discoveries
  • The correlation of seemingly irrelevant clues that ultimately led to identifying the group’s members
  • The process of locating (and indexing) the historical dark web data needed to associate the crimes with real people
  • The legal ramifications of data exploration and the fine line investigators must walk in order to track online criminals

While this talk will specifically resonate with law enforcement and members of threat intelligence, the process of gathering data and “people hunting” research is something that can resonate with everyone.

After this session you will be able to:

  • Understand the type of data available for sale and download on the dark web.
  • Learn the process used to collect and build a custom threat intel tool.
  • Describe the types of hacker forums on the darkweb, and distinction between their participants.
  • Describe who The Dark Overlord is, and why the discovery of their identities is significant.

151—The New Security Frontier: AI, Threat Hunting, Behavioral Anomalies, and Automated Response Intermediate

Wednesday, 20 November | 3:40PM – 4:30PM

  Download Presentation

Michael Melore, CISSP
Cyber Security Advisor
IBM

New methods are required to address threats increasing in frequency, sophistication, and impact, in an increasing climate of cost constraints, and resource and skills shortage. Traditional security controls and response can’t possibly keep pace.

After this session you will be able to:

  • Understand the value of AI in Cyber Security Defense.
  • Learn how AI differs from user behavioral anomaly detection and correlation engine results.
  • Learn how all AI, User Behavioral Analytics, Network Behavioral Anomaly Detection, Correlation Engine results, and automated response orchestration used together provide unique insight and resolution speed.
  • Understand why enterprise threat hunting roles are the newest enterprise security job opportunities.

211—End-To-End Injection Safety at Scale Intermediate

Thursday, 21 November | 8:40AM – 9:30AM

  Download Presentation

Mike Samuel
Security Engineer
Google, LLC

Trusted types bakes lessons learned by Google Security into the browser. Learn how small tool changes enable organizational factors that ease development of secure software and help a small blue team manage security for a large group of developers.

After this session you will be able to:

  • Explain to project leads, CTOs, CSOs how specific integrations of CI/CD tools and the code pipeline make interactions between developers and security people efficient.
  • Explain to early product decision makers what framework and stack features make it easier to produce robust systems.
  • Introduce software architects and developers to an oft-overlooked way to decompose trust decision problems.
  • Explain to developers strategies that have worked within Google to prevent some common security problems and coming browser changes that will make it even easier

221—Death by Automation - Accelerating Your SOC Using Open Source Tools Advanced Technical

Thursday, 21 November | 10:00AM – 10:50AM

  Download Presentation

Vikram Mehta
Associate Director - Information Security
MakeMyTrip India Pvt Ltd

The intent of the session would be to call out specifics around the process and technology that could be adopted to detect advanced threats and to respond to them in an automated / semi-automated manner, while using completely open source software!

After this session you will be able to:

  • The participant would get an high level understanding around big & fast data backed next-gen SOC implementations, starting with its varied and scalable ingest capabilities.
  • The participant would get detailed insights into entity profiling, machine learning and intelligence gathering at scale. Multiple real life use cases would be showcased in detail such as detecting un-usual login behaviour, un-usual activity on AWS.
  • Multiple practical orchestration and automated response use cases would be showcased, which the participant would be able to apply in a real world incident response pipeline. Tools and technology would be shared to readily implement the same.
  • Server-less analytics and threat hunting capabilities would be showcased (built on top of a security data lake in S3). The participant would be able to create multiple use cases that could analyse TBs of logs in a highly scalable and efficient manner

231—Continuous Fuzzing: The Trending Security Technique Among Silicon Valley’s Tech Behemoths Intermediate

Thursday, 21 November | 11:00AM – 11:50AM

  Download Presentation

David Brumley
CEO
ForAllSecure

Continuous fuzzing has become a hot security trend among tech behemoths like Google, Microsoft, and more. Dr. David Brumley will share his research on the synergistic power of guided fuzzing from his research at Carnegie Mellon University.

After this session you will be able to:

  • Describe how users can more quickly reach the scale and computing service required to bear the benefits of fuzzing
  • Share how automating high-effort manual tasks, such as vulnerability and risk management, will allow security engineers and developers to focus on problem-solving and innovation
  • Outline how organizations can start efficiently and effectively continuously fuzzing within their own team
  • Explain the origin of fuzzing, outline use cases for this method of dynamic negative testing, and provide insight into how DevSecOps can leverage fuzzing for scale

241—Authorization Using Attributes Advanced Managerial

Thursday, 21 November | 1:20PM – 2:10PM

  Download Presentation

Nat Bongiovanni
Chief Technology Officer
NTT DATA Federal Services, Inc

Most IAM Solutions focus on authentication which is a critical component of information security. Our discussion will be about authorization, specifically what is wrong with RBAC, and how to implement ABAC which solves many issues.

After this session you will be able to:

  • Understand the three critical deficiencies of Role Based Access Control (Role Explosion, Accumulation, and Application Brittleness)
  • Understand the basics of Attribute Based Access Control including the NIST ABAC Model, why it is superior. Specifically the elegance of the architecture, the centralization of policies, and the enhancement based on environment controls.
  • Understand how using existing authoritative data sources such as enterprise applications (HR, Ops Management, Case Management, etc) provides a ready source of both Subject and Object attributes to create effective policies
  • Understand the basics of how to get started, including an approach (Think Big, Start Small, Scale Fast) as well as lessons learned towards implementation.

251—DNS - A Phishing Chokepoint Advanced Technical

Thursday, 21 November | 2:20PM – 3:10PM

Carel Bitter
Spamhaus
 

As with many types of abuse, DNS plays a pivotal role in the enablement of phishing. We explore a way to find phishing domains with open source intel, without having access to actual phishing messages themselves.

After this session you will be able to:

  • See the value of combining open source intelligence to proactively find phishing domains.
  • Get started on building an in-house system to proactively discover phishing against their own organisation/brand.
  • Evaluate new and existing domains based on how much of a threat they pose to infrastructure and (end)users.
  • Start looking at their own DNS as a method of securing end users against targeted and non-targeted phishing attacks.

261—Modernize Your Incident Response Program for the Cloud Intermediate

Thursday, 21 November | 3:40PM – 4:30PM

  Download Presentation

Bibek Galera
Head of Cloud Security Operations
Zuora Inc.

This session will focus on real life processes to manage an efficient incident response lifecycle in modern cloud world. Additionally, we cover how to prioritize incidents and how to put emerging tools and technologies into action.

After this session you will be able to:

  • Learn about key challenges for an incident response program that works well in today’s dynamic cloud environment.
  • Learn about keys to a successful, practical, and modern incident response program.
  • Learn how to build the IR program.
  • Learn about various emerging new tools and technologies to consider.


Return to Event Page >>
 

Track 2—Cyberthreat Intelligence & Technologies

112—Code Signing: A Security Control That Isn’t Secured Intermediate

Wednesday, 20 November | 10:00AM – 10:50AM

  Download Presentation

Jing Xie
Threat Intel Analyst
Venafi

Enterprises use code-signing but overlook securing the infrastructure that supports the signing process. Learn poor practices that result in operational inefficiencies and security risks and how to create a scalable, secure code-signing ecosystem.

After this session you will be able to:

  • Understand the ecosystem that surrounds the issuance of code-signing that must be orchestrated accurately to ensure code-signing certificates are secure and apply this to assess weaknesses in their own code-signing infrastructure and processes.
  • Identify the four main poor practices applied to code-signing infrastructure, including decentralized control, a lack of policy enforcement around access rights, a lack of visibility and accountability, and insufficient knowledge/expertise.
  • Recognize operational inefficiencies and security risks that result from poor practices, such as failing to meet the volume and velocity of signing demand, inconsistent policy enforcement, and certificates and keys scattered across the enterprise.
  • Know how to create a scalable and secure code-signing infrastructure that considers the broader ecosystem, including signing operations and models, inter-organizational communications, process and policies, and certificates issuance and management.

122—Automating Secure Development: Practical DevSecOps in a Scaled Agile Framework (SAFe) Culture Advanced Managerial

Wednesday, 20 November | 11:00AM – 11:50AM

  Download Presentation

Rob Temple
Technical Solution Architect - DevSecOps
Mutual of Omaha Insurance

 

 

Leo Gerlock
Security Analyst
Mutual of Omaha

Advanced DevSecOps implementations facilitate agility, early fixes, open source visibility, and developer-centric tooling. The Scaled Agile Framework (SAFe) provides a culture where DevSecOps people, processes, and technologies thrive.

After this session you will be able to:

  • Articulate why DevSecOps technologies and processes must include the developer culture awareness for successful implementation and management.
  • Understand trends and proven successes in leading edge DevSecOps automation technologies. Translate the DevSecOps buzz word to relevant, software engineering practices.
  • Describe how to engage development teams in DevSecOps developer-centric security models and agile, iterative security testing as part of the SDLC workflow.
  • Describe how the SAFe Scaled Agile Framework promotes iterative DevSecOps practices and leverages agile methodologies to bridge the gap between Security, Governance, and Development Teams.

132—Cyber Terrorism - Real Threats Exist

Wednesday, 20 November | 1:20PM – 2:10PM

  Download Presentation

David Darnell
CEO/CISO
Systrends

State supported teams of “bad actors” have developed cyber threats and cyber weapons to successfully challenge the defenses of any nation’s critical infrastructure. This presentation will analyze and show details of the current top cyber threats and vulnerabilities that are enabling cyber crime & cyber terrorism. In addition, a review of possible best defenses along with disaster preparedness will be presented, including case study analysis about protecting the power grid and the welfare of key personnel.

After this session you will be able to:

  • Describe and have a better awareness of power grid cyber threats
  • Describe cyber terrorism threats & "kill lists"
  • Explain possible defenses to cyber terrorism
  • Better understand and explain disaster preparedness for cyber terrorism

142—Cyber-attacks on Industrial Technology and SCADA Systems Intermediate

Wednesday, 20 November | 2:20PM – 3:10PM

  Download Presentation

Top-Rated SpeakerRobert Findlay
Global Head of IT Audit
Glanbia

A presentation on actual attacks that have happened, the basic weaknesses that can be exploited and the key controls people need to deploy to defend against cyber-attacks in plants and utilities.

After this session you will be able to:

  • Discuss the components of industrial control systems and why they lead to easy to exploit weaknesses so that the attendees will understand how their systems can be attacked
  • Cover real life examples of attacks and how these weaknesses were exploited using concrete examples of why the controls matter.
  • Understand basic controls that stop 98% of all exploits and takeaway a shortlist of actions to complete
  • Know what concerns they should raise in their organisation

152—Don't Lose Your Crypto: Scams, Hacks, and Pitfalls of Blockchain Assets Intermediate

Wednesday, 20 November | 3:40PM – 4:30PM

  Download Presentation

Tyler Moffitt
Security Analyst
Webroot

In-depth analysis of: Social media scams, ICO exit scams, exchange scams and hacks, 51% attacks, Cryptomining malware, private key malware, fake wallets, DNS poisoning phishing, Ponzi schemes, Pyramid/MLM scams, and how to avoid these attacks.

After this session you will be able to:

  • Showcase new attack vectors from criminals where the target is your hardware to mine cryptocurrency while you pay an increased power bill.
  • Exchanges and web wallets frequently fall prey to attacks. Learn how to avoid these common attacks and secure your crypto.
  • Social engineering scams seeking crypto work wonders on social media. If it sounds too good to be true, it usually is.
  • Learn about the few but critical flaws in different types of blockchain tech.

212—How Weakness in DNS and Email Superpowers BEC Attacks Intermediate

Thursday, 21 November | 8:40AM – 9:30AM

  Download Presentation

Michael Zeberlein
Director of Threat Intelligence
Area 1 Security

 

 

Blake Darche
Area 1 Security

BEC attacks continuously impact organizations large and small, despite community efforts to investigate and impede operations. The attacks are costly and constant. This presentation will explore a range of BEC attack TTPs and lure themes in depth.

After this session you will be able to:

  • Recognize and appreciate the breadth and depth of existing techniques to craft, present, and deliver BEC themed attacks.
  • Understand how weaknesses in the Domain Name System (DNS) registration process and Email protocols enable a broad range of BEC attacks.
  • Become more familiar with the contextual themes of various BEC lures, from social engineering, to linked phishing pages, to trojan based delivery via malicious attachments.
  • Better understand and recognize the flaws in lure crafting techniques that will allow for better detection, due to natural language barriers, allowing for deep learning model development.

222—Using Passive DNS to Strengthen Incident Investigation and Response Beginner

Thursday, 21 November | 10:00AM – 10:50AM

  Download Presentation

Carel Bitter
Spamhaus
 

Passive DNS is an incredibly powerful method of exploring DNS and expanding on known DNS based evidence. In this session we explain the basics of how Passive DNS works, and we will run through a set of examples based on real world cases that will showcase the level of insight Passive DNS can give. Armed with this knowledge we will do some hands-on investigating ourselves.

After this session you will be able to:

  • Understand what Passive DNS is and what kind of questions it can answer.
  • Understand the benefits of using Passive DNS to aid a variety of cyber investigations.
  • Use Passive DNS to help inform security decision making.
  • Use Passive DNS to explore phishing, fraud and intellectual property issues that are enabled by entries in the DNS system.

232—Multidimensional Attack Path Analysis: Eliminating Network Blind Spots Intermediate

Thursday, 21 November | 11:00AM – 11:50AM

Peter Smith
CEO
Edgewise

What happens when you change your view of what matters on your network? Understanding how attackers use low friction pathways helps you prioritize what to protect.

After this session you will be able to:

  • Learn how an attacker will reach intended data targets using the shortest viable network pathways.
  • Learn how to build an offensive map using free and open source tools.
  • Be more prepared against cyber attackers by using the data abstracted from an attack analysis.
  • Learn the information needed to conduct this type of analysis on their own networks

242—5G Security: New Vulnerabilities, New Solutions Intermediate

Thursday, 21 November | 1:20PM – 2:10PM

  Download Presentation

William Malik
VP Infrastructure Strategies
Trend Micro

5G will expose new vulnerabilities - new radio technologies, dynamic provisioning, virtualization, and automated orchestration - requiring new information security and privacy safeguards. Understand the weaknesses to better protect your organization.

After this session you will be able to:

  • Learn the components of 5G, including the complexity and new attack surfaces that 5G will bring to the enterprise, and a set of principles to deploy 5G-based applications securely.
  • Evaluate your organizational and architectural readiness for the many heterogeneous components making up 5G. Public cloud and edge computing security may be siloed, but 5G exploits will cross conventional boundaries.
  • Learn how to adapt your audit and reporting relationships to coordinate response to privacy and information security breaches. 5G will expose procedural weaknesses unlike any previous information technology.
  • Prepare your organization for the massive flood of IoT-based information, manage the rapid dynamic reconfiguration of their network infrastructure, and respond to attacks on personal privacy and corporate data integrity.

252—Offensive Threat Models Against the Supply Chain Advanced Managerial

Thursday, 21 November | 2:20PM – 3:10PM

Tony UcedaVelez
VerSprite, LLC
 

This presentation focuses on applying a more adversarial threat model to supply chain systems that are integrated into client environments.

After this session you will be able to:

  • Construct and apply threat modeling to supply chain software and systems with a more adversarial approach.
  • Understand the PASTA (Process for Attack Simulation and Threat Analysis) methodology and how to use it in your risk analysis.
  • Understand key threat motives, libraries, and impact considerations in relation to supply chain.
  • Define an attack surface for supply chain hacks that may affect your own organization.

262—Using the Distributed Vulnerability Assessment to Improve the Security Level Intermediate

Thursday, 21 November | 3:40PM – 4:30PM

  Download Presentation

Ferenc Leitold
Secudit

For measuring the security level of an infrastructure, the DVA model use the following parameters: 1 cyber-threat properties; 2 information of IT elements; 3 users’ behavior information. Using the model recommendations can be calculated also.

After this session you will be able to:

  • Understand the methodology of DVA using three main input parameters (threat info, IT elements, user behavior).
  • Distinguish the impacts of threat, IT elements, user behavior to the security level of the organization.
  • Understand how the integrated security level can be distributed into different contributors, such as individual users, devices or any group of them.
  • Understand how the integrated security level can be used for improving the security in the organization, how can it support the decisions.


Return to Event Page >>
 

Track 3—Cybersecurity Leadership & Development

113—Hacking to Teach Cyber Awareness in an Organization Beginner

Wednesday, 20 November | 10:00AM – 10:50AM

  Download Presentation

Kris Martel
Chief Information Security Officer
Emagine IT

Using hacking tools and tactics to make an impact on your organizations culture about security awareness. How real life examples and hacking use cases of coworkers and executive leadership can greatly influence the impact of security awareness.

After this session you will be able to:

  • Identify new techniques to improve security awareness in their organization.
  • Create more effective security awareness training policies within their organization.
  • Measure the impact of current security awareness across the organization and identify problem areas to address.
  • Establish defined metrics to measure security awareness across an organization.

123—Cyber Leadership in an Ecosystem Context Advanced Managerial

Wednesday, 20 November | 11:00AM – 11:50AM

  Download Presentation

Matthew Doan
Commercial Cyber Strategy
Booz Allen Hamilton

Cyber leaders are ill-prepared for the enormity of their task. It’s now about rallying disparate teams across a sprawling ecosystem and applying highly-nuanced capabilities to ensure business health. We’ll examine an actionable cyber leadership framework for uplifting mindset and skillset.

After this session you will be able to:

  • Understand the new mindset and skill set requirements of a modern cyber leader
  • Use “systems” thinking to analyze the makeup of a modern business ecosystem (including cloud, OT, and connected products) and establish a "map" for layering security over it
  • Implement a framework for catalyzing security teams, shaping the hearts and minds of stakeholders, and orchestrating security efforts across the business ecosystem
  • Feel prepared and energized to undertake new and valuable forms of self-development

133—Bat Cave to Board Room, Selling Technology Solutions to Upper Management Intermediate

Wednesday, 20 November | 1:20PM – 2:10PM

  Download Presentation

Top-Rated SpeakerRussell Horn
President
CoNetrix

Good technology employees can see needs and develop solutions; great ones can transfer this knowledge to others. During this session we will focus on the soft skills required to communicate technical needs to a non-technical audience.

After this session you will be able to:

  • Understand the science behind presentations and communication.
  • Use visual aids, body language and voice more effectively to enhance their ideas.
  • Deal with nerves and have more confidence in their presentation.
  • Learn ways to grab their listener's attention, hold their interest, and conclude strongly.

143—Implementing a Cybersecurity Skills Competencies Framework Advanced Managerial

Wednesday, 20 November | 2:20PM – 3:10PM

  Download Presentation

Top-Rated SpeakerAllan Boardman
Director
CyberAdvisor.London

The session will provide an insight, based on recent practical experience, into tools that can be used to implement a skills competencies framework & the supporting processes to perform assessments for individuals and departmental level assessments.

After this session you will be able to:

  • Gain a clear understanding of a practical approach to implementing a skills competencies framework across information assurance roles, including audit, security and risk management.
  • Understand how the various industry guides and frameworks can be leveraged to develop and customise a skills competencies framework.
  • Learn about practical tools that can be used by management to assess skill levels within their own teams and identify potential gaps.
  • Learn about a practical tools that can be used by individuals to self assess their own competency levels across a range of relevant skills, and identify areas they may wish to focus on in support of their career development.

153—Can You Hear Me Now? Improving Conversations between Security and ‘the Business’

Wednesday, 20 November | 3:40PM – 4:30PM

  Download Presentation

2018 Top-Rated SpeakerBen Smith
Field Chief Technology Officer
RSA

Your internal Security and Business teams have a common goal, but don't always speak the same language. This session reviews proven communication techniques, development of metrics, and presentation of data - all designed to help you bridge this gap.

After completing this session, you will be able to:

  • Describe, recognize and avoid common pitfalls when communicating risk internally
  • More fully understand your target audience (and level) when communicating risk
  • Recognize and better apply the multiple 'languages' which are required for you to be an effective risk management and/or information security professional
  • Uncover opportunities to improve collection and presentation of security-oriented data to support broader business objectives

213—Auditing with SOC-CMM: Cyber Security Detection and Incident Response Advanced Managerial

Thursday, 21 November | 8:40AM – 9:30AM

  Download Presentation

Vilius Benetis
Expert
NRD CS

SOC-CMM is maturity and capability model for evaluation of Security Operation Centers (SOCs). Speaker will share field experiences how to apply the model for auditing and developing SOC or CSIRT organisations.

After this session you will be able to:

  • Understand SOC-CMM model to choose it when needed.
  • Apply the SOC-CMM model for their audits or consultancies.
  • Understand SOC-CMM model limitations.
  • Assist SOC/CSIRT organisations to measure themselves and become more effective.

223—Dynamic Information Security in a Static Organizational Culture Advanced Managerial

Thursday, 21 November | 10:00AM – 10:50AM

  Download Presentation

Renay Carver, PhD
Veritable Associates, LLC
 

The presentation will discuss the need for static organizational cultures to become more flexible in meeting the demands of a dynamic information security framework.

After this session you will be able to:

  • Describe the influence of the security framework on the organizational culture
  • Describe the elements of culture should remain static (unchanging) as the organization pursues an effective information security framework.
  • Describe how information security procedures and policies impact company philosophy and values
  • Describe the demands on leadership in supporting and delivering an adaptive culture

233—From Zero Awareness to Accelerating and Scaling A Diverse Nextgen Into Cyber and Risk Professionals Advanced Managerial

Thursday, 21 November | 11:00AM – 11:50AM

  Download Presentation

Peter Meehan
SVP International & Partnerships
iQ4 Corp & CWA

 

 

Jeff Brown
CISO, Pension & Retirement Division
AIG

 

 

Alexander Abramov
Immediate Past President
ISACA-NYM

Accelerating a diverse talent pipeline into the Profession, while earning CPE credits. ISACA-NYM members are mentoring students through virtual-internships to massively scale new hires into roles, solving talent shortages and pathways to membership.

After this session you will be able to:

  • Understand how to implement the turnkey model in their local chapter; how it engages diverse talent from educational and ex services sources and what is required of mentors in exchange for CPE credits
  • How the model leverages the NCWF Framework and NICE taxonomy to take learners through team and role-based real-world scenarios to gain experience and get inspired into risk careers and ISACA membership.
  • How the model scales the attraction and inspiration of the next generation from zero awareness of the Cyber, Risk and Resilience profession on to career pathways, including ISACA student membership and CSX Nexus courses.
  • Hear testimonials from course Alumni, ISACA members, educators and employers, witness how transformational and scalable it is and why it is attracting nearly 50% females without affirmative selection from all socio-economic backgrounds.

243—A New Employer-Driven Model of Cyber Workforce Development For Dell Intermediate

Thursday, 21 November | 1:20PM – 2:10PM

  Download Presentation

Simone Petrella
CEO
CyberVista

The cyber training landscape produces over-credentialed, yet under-qualified, candidates, while employers lack clearly defined roles. We examine how job role and skills assessments resulted in more effective cyber workforce training at Dell, Inc.

After this session you will be able to:

  • Learn to identify professional and career pathways for your organization’s cybersecurity professionals.
  • Glean how this new model can assist in recruiting and other talent strategies.
  • Understand a starting point to assess cyber employees’ skills and competencies.
  • Learn how to guide hiring/training efforts by more efficiently identifying areas to upskill staff.

253—The ROI of Information Security Teams Advanced Managerial

Thursday, 21 November | 2:20PM – 3:10PM

  Download Presentation

Collins Oduor
Information Security Officer
UNOPS/UNECA

 

 

John Ombagi
IT Security Assistant
@iLabAfrica

Many organizations have no clear cut roles for their InfoSec teams. As such there is redundancy in the roles and the teams do not perform to the optimal best. Why do most organizations get this wrong? How do you measure your ROI from Infosec team?

After this session you will be able to:

  • Explore how to form effective teams and review the skills requirements with considerations of the current and future security threat landscape.
  • Use case studies to clearly define IT Security roles as they relate to Incident response, information asset protection and risk management.
  • Learn ways to make IT security teams achieve maximum performance
  • Review logical IT Security structure and formulate a framework for their organizations

263—How to Articulate the Value of Information Security to Senior Management? Advanced Managerial

Thursday, 21 November | 3:40PM – 4:30PM

  Download Presentation

Andrej Volchkov
Consultant
Stramizos

One of the major challenges is presenting IS value or the return on security investment (ROSI). This session aims to provide elements allowing CISOs to design a security reports for the needs of supervision and annual review by senior executives.

After this session you will be able to:

  • Understand the importance of a security reporting system for CEOs, CIOs and CFOs. Understand the imperatives of business-oriented communication and decision-making by non-specialists.
  • Define the basic elements of a security reporting system and the key indicators that such a report must include.
  • Develop an information security report template and a Key Points Indicator (KPI) to produce relevant reports.
  • Provide strategic indicators that senior executives understand allowing effective communication of the value of security to decision-makers and stakeholders.


Return to Event Page >>
 

Track 4—Security Risk & Compliance

114—How Global Expansion Affects Cybersecurity Risk Intermediate

Wednesday, 20 November | 10:00AM – 10:50AM

Brian Tokuyoshi
Palo Alto Networks

The tremendous pressure for a business to grow as fast as the market can bear can create operational hardships on a security team. Learn about how to look at the landscape of security at global scale and how to prepare for your next phase of growth.

After this session you will be able to:

  • Evaluate how organic growth and mergers & acquisitions affect the ability for the security team to deal with risk. Learn about how geographical issues can create operational issues.
  • Understand how mobility and cloud create new security deployment challenges when considering the evaporation of the traditional network boundary as an enforcement point.
  • Evaluate traditional network design considerations that need to be re-evaluated in light of the changes to perimeter security.
  • Get insights into frameworks for evaluating risk controls across the spectrum of access, threat prevention, data loss, risk mitigation and threat detection.

124—Illuminating the CISO’s ICS Blind Spot Intermediate

Wednesday, 20 November | 11:00AM – 11:50AM

Asaf Weisberg
CEO
introSight
ISACA Board of Directors

Industrial Control Systems (ICS) are everywhere; Whether a Building Management System or a manufacturing process, ICS are highly vulnerable to Cyber threats. Learn about the CISO’s ICS blind spot and how to illuminate it.

After this session you will be able to:

  • Learn about ICS network architecture and its components.
  • Identify the players in the ICS cybersecurity arena, their current rolls and responsibilities and understand why it needs to change.
  • Understand how the potentially devastating consequences of ICS failures effect ICS Cyber-risk mitigation practices.
  • Learn about the ICS Cyber Risk landscape and its challenges.

134—Security Key Point Indicators or "How to Measure Security from the Governance Perspective" Advanced Managerial

Wednesday, 20 November | 1:20PM – 2:10PM

  Download Presentation

Andrej Volchkov
Consultant
Stramizos

Having reliable indicators is imperative to be able to assess risks and develop reliable reports for IS decision-making bodies. This session aims to provide elements allowing CISOs to develop metrics to facilitate security program supervision.

After this session you will be able to:

  • Understand why it is difficult to find the right KPIs in the field of security.
  • Distinguish between technical metrics and those needed for program management and governance.
  • Distinguish between different categories of metrics, with examples in each category.
  • Have a catalog of metrics and tools to establish metrics for different needs: risk analysis, calculation of the return on security investment (ROSI), operational KPIs, maturity models.

144—Making Cents of Maturity: Building Resistive Strength Intermediate

Wednesday, 20 November | 2:20PM – 3:10PM

  Download Presentation

Colleen Kerr
Senior Cyber Controls Governance Consultant
HM Health Solutions

Users will be engulfed in the land of cyber security controls in relation to GRC. Using a quantitative analysis framework, FAIR the program prioritizes controls and encourages users to implement critical controls to increase their resistive strength.

After this session you will be able to:

  • Create a continuous program for monitoring & enhancing control maturity
  • Reduce potential risks by building resistive strength
  • Quantitatively analyze risks and controls for prioritization
  • Educate end users on the importance of control maturity

154—Next Gen Risk Assessment - Can it Save My Bacon Both with Regulators and in Litigation? Advanced Managerial

Wednesday, 20 November | 3:40PM – 4:30PM

  Download Presentation

Tod Ferran
Managing Consultant
Halock Security Labs

A discussion of the new Duty of Care Risk Assessment methodology (DoCRA) also known as the Center for Internet Security Risk Assessment Method (CIS RAM). Discuss what sets this method apart and why it is an important business tool.

After this session you will be able to:

  • Understand what sets the Duty of Care Risk Assessment apart from all others.
  • Understand what regulators are looking for in a complete and thorough risk assessment and how the Duty of Care Risk Assessment fulfills those regulations and standards.
  • Understand what basic questions are asked during litigation after a breach and how the Duty of Care Risk Assessment answers those questions.
  • Understand how to complete a Duty of Care Risk Assessment along with where to get the free tools to successfully complete the assessment.

214—Risk Informed Privacy Management: The NIST Privacy Framework Beginner

Thursday, 21 November | 8:40AM – 9:30AM

  Download Presentation

Tom Conkle
Optic Cyber Solutions

NIST recently released the draft Privacy Framework to help organizations manage risk imposed by holding and processing privacy data. This session shares lessons learned during the journey to develop the Privacy Framework and its key components.

After this session you will be able to:

  • Understand the process leveraged by NIST to develop the Privacy Framework and to ensure industry representatives were actively engaged throughout its development.
  • Recall the primary components within the Privacy Framework and how they help organizations manage Privacy risks.
  • Analyze the objectives and outcomes described in the Privacy Framework Core.
  • Use the Privacy Framework implementation steps to identify the appropriate risk-informed privacy program for your organization.

224—How to Train Your Robot: Security Governance for RPA Solutions Intermediate

Thursday, 21 November | 10:00AM – 10:50AM

Glenn Keaveny
Director
Grant Thornton

This session will address the basic concepts and benefits of Robotic Process Automation Solutions and how security governance can be effectively applied.

After this session you will be able to:

  • Understand what RPA is and is not, including use cases and limitations.
  • Understand how RPA technology can liberate, empower and challenge.
  • Understand the difference between traditional automation vs. RPA.
  • Apply security governance to RPA solutions without disabling the flexibility of the solution.

234—Crypto-Agility: Responding Quickly to Cyber Security Events Intermediate

Thursday, 21 November | 11:00AM – 11:50AM

  Download Presentation

Michael Thelander
Director Product Marketing
Venafi

Organizations rely heavily on TLS and other encryption protocols to protect data. Yet, most are at risk because they don’t maintain crypto-agility. Learn the threats that make crypto-agility a requirement and an action plan to achieve crypto-agility.

After this session you will be able to:

  • Understand the large-scale certificate and key security events that threaten organizations
  • Know how to evaluate the current crypto-agility of an organization
  • Know how to leverage certificate governance to improve risk posture
  • Develop a crypto-agility plan to successfully respond to certificate security event

244—Using NIST Frameworks with COBIT 2019 Intermediate

Thursday, 21 November | 1:20PM – 2:10PM

Greg Witte
G2 Inc
 

Learn about new processes for combining the benefits of NIST’s risk-based information security frameworks and ISACA’s updated COBIT 2019.

After this session you will be able to:

  • Learn about the modernized COBIT 2019 Framework and how new focus areas, design factors, and goals cascade support stakeholders’ objectives.
  • Understand how performance management measures and metrics help document & track achievement of outcomes described in NIST’s Baldrige, RMF, Privacy, and Cybersecurity Frameworks and in COBIT.
  • Learn ways to integrate these frameworks to help govern and manage enterprise information and technology, effectively balancing risk, resources, and technology value.
  • Understand how the COBIT 2019 Implementation Roadmap, along with the COBIT 2019 Design Process, help to implement risk-based frameworks and achieve organizational risk management objectives.

254—Security Risks Your Auditors Care About in a Cloud Native & DevOps World Advanced Technical

Thursday, 21 November | 2:20PM – 3:10PM

  Download Presentation

Top-Rated SpeakerMatthew Mabel
Vice President - Technology Audit
American Express

 

 

Bhaskar Ghosh
IT Risk Manager
Wintrust Financial Corporation

APIs, Containers, automated pipelines, and DevOps - oh my! Software delivery is changing, and the risks and audit considerations are changing too. You'll hear auditor perspectives on key risks, strategies and benefits of auditing Cloud Native/DevOps.

After this session you will be able to:

  • Understand key risks with APIs, Containerization and DevSecOps, and discuss practical audit techniques and benefits for covering these risks.
  • Understand how security and automation can be built into testing within cloud native/DevOps pipelines, and discuss practical auditing techniques and benefits for incorporating results from this testing into audits.
  • Understand risks related to automating and securing the development and deployment pipeline and discuss practical audit techniques and benefits for covering these risks.
  • Discuss governance and monitoring/reporting/dashboard considerations within cloud native development & DevOps - and why proper governance and reporting around these environments is so critical to their success.

264—Enterprise IT Governance and DevSecOps: A Grounded Theory Literature Review Advanced Managerial

Thursday, 21 November | 3:40PM – 4:30PM

  Download Presentation

Altaz Valani
Director of Research
Security Compass

 

 

Eduardo Lopez
McMaster University / Security Compass
 

The new approach driving continuous integration, deployment and security in short release cycles – DevSecOps – is challenging established enterprise IT governance practices designed to work in predictive, waterfall-like approaches.

After this session you will be able to:

  • Describe foundational concepts of DevSecOps
  • Define how a COBIT 2019-based enterprise IT governance system can adapt concepts from DevSecOps
  • List main risk areas in the implementation of DevSecOps from an enterprise IT governance perspective
  • Describe how asynchronous and continuous conformance processes may enable compliant IT governance operations


Return to Event Page >>
 

Track 5—Data Analytics Enhancing Cybersecurity

115—Take a Ride on the Dark Side - Data on the Dark Web Intermediate

Wednesday, 20 November | 10:00AM – 10:50AM

  Download Presentation

Derek Fisher
Security Leadership and Education
Securely Built LLC

Not many days go by without hearing about a new breach releasing data of hundreds, thousands and sometimes millions of people. What happens with that data? How is it used? How is it monetized. Who are the biggest threats?

After this session you will be able to:

  • Understand concepts of the Dark Web.
  • Recognize how data is misused.
  • Identify concepts for how to protect against a breach.
  • Identify who are the threats.

125—Analyst View: Cybersecurity and Big Data Pay, Jobs, Skills/Certifications Review and Forecast

Wednesday, 20 November | 11:00AM – 11:50AM

David Foote
Foote Partners LLC

Tech labor research firm Foote Partners' deep-dive analysis of the current/future state of Big Data and Cybersecurity jobs, compensation, hot skills and certifications, informed by proprietary data from 3,400 research partner employers in 40 industries. Compare your pay and get advice on the next 3 years of your career opportunities and how to best manage a cybersecurity workforce in the current disruptive tech environment.

After this session you will be able to:

  • Understand what’s trending right now in Cybersecurity and Big Data jobs and hot skills and certifications driven by disruptive tech growth
  • Compare your pay to the *real* market level salaries and skills/certifications cash pay premiums for Cybersecurity and Big Data jobs in 83 North American cities (data from 3,400 employers in Foote Partners' 2019 IT Professional Salary Survey and 2019 IT Skills and Certifications Pay IndexTM)
  • Understand which Cybersecurity and Big Data jobs and skills will be most in demand over the next 3 years driven by Blockchain, IoT, AI-driven development, Robotics Process Automation, Cloud, Edge Computing and other disruptive digital technologies
  • Understand job transition and promotion paths within a group of 40+ industries and how employers are building data analytics and cybersecurity capabilities through internal skills development, external hiring, and contingent staffing options.

135—Leveraging Behavioral Analytics to Strengthen Internal Controls Advanced Managerial

Wednesday, 20 November | 1:20PM – 2:10PM

  Download Presentation

Arvind Mehta
Vice President - Technology Risk and Audit Analytics
Exl Service

 

 

Jagmeet Singh
Global Head, Finance Transformation
Exl Service

User Behavior Analytics is an enhanced technique using machine learning and AI to identify potential control weakness, potential threats and underlying process issues. These techniques can be used to strengthen the internal control environment.

After this session you will be able to:

  • Establish ideas to leverage behavior analytics in order to drive deeper risk intelligence using advanced machine learning and analytics to increase the assurance over internal controls
  • Recognize the potential of advanced analytics within the internal audit function to provide deeper Insights and Foresights to Audit Committees
  • Evaluate real-life examples of how advanced analytics is used to transform the traditional audit methods and leverage analytics and behavior to continuously monitor controls.
  • Devise a high-level roadmap to drive enhanced risk sensing and intelligence in their organizations using advanced analytics

145—Effective Key Steps into Digital Forensics and Incident Response (DFIR) Intermediate

Wednesday, 20 November | 2:20PM – 3:10PM

  Download Presentation

Top-Rated SpeakerOren Elimelech
CEO & Founder
CyberTeam360
 

Key steps and highlights you need to be aware of while handling real cyber incidents.

After this session you will be able to:

  • Better prepare for cyber incidents and breaches
  • Understand the key steps necessary during an Incident Response process and Digital Forensics
  • Figure the pitfalls needed to avoid during cyber incidents handling
  • Build a training process for educating your staff and to improve their skillsets

155—Hacker-Powered Data: The Most Common Security Weaknesses and How to Avoid Them Intermediate

Wednesday, 20 November | 3:40PM – 4:30PM

Alex Rice
Founder & CTO
HackerOne

In this session, HackerOne’s CTO and Co-founder will present never before seen data on the most common critical vulnerabilities, based on more than 1,200 bug bounty programs, and describe how attackers could exploit these prevalent vulnerabilities.

After this session you will be able to:

  • Discover first hand examples of vulnerabilities attendees may not otherwise observe, including obscure bugs and their potential impact.
  • Gain insights that will help advance your defenses against the most common vulnerabilities.
  • Learn practical tips for avoiding the most common vulnerabilities and how to increase your chances of discovering them early on.
  • Understand which industries have successfully used bug bounty programs to seek out malicious threats.

215—Information Governance - the Foundation for Information Security Advanced Managerial

Thursday, 21 November | 8:40AM – 9:30AM

  Download Presentation

Deborah Juhnke
Senior Consultant
Information Governance Group, LLC

Information governance is essential for effective information security. Deleting redundant, obsolete, and trivial data through retention and rule enforcement will diminish the footprint for compromise and offer business value through reduced costs.

After this session you will be able to:

  • Identify the four foundational elements of Information Governance.
  • Understand the legal and compliance drivers for better records retention practices.
  • Frame effective arguments for how elevating specific records management practices is crucial for strengthening their organization's security posture.
  • Recognize and leverage the links between various information security standards and good Information Governance practices.

225—How to Use Your CAAT to Prevent Ghosting with One Snap

Thursday, 21 November | 10:00AM – 10:50AM

Rochelle Vargas
Ally

Work smarter, not harder. With Robotic Process Automation (RPA) on the rise in the Audit industry, learn how Ally Financial has identified opportunities to automate manual processes with Computer Assisted Audit Tools (CAATs) to create efficiencies with testing and identify data anomalies.

After this session you will be able to:

  • Learn how CAATs can automate audit testing and create efficiencies with scripting
  • Understand how CAATS can be used to prevent ghost users and test application access
  • Evaluate the benefits of utilizing data analytics for audit planning and continuous monitoring

235—Statistical Analysis of Network Exposure Intermediate

Thursday, 21 November | 11:00AM – 11:50AM

  Download Presentation

John O’Neil
Chief Data Scientist
Edgewise Networks

We will present an analysis of network traffic of 6 real-world networks to show how vastly overexposed systems and applications are in today’s computing environments.

After this session you will be able to:

  • Understand the complexities of modern networks in terms of exposure vs need
  • Learn how to analyze and measure exposure of critical business services and applications
  • Hear helpful tips on how to reduce exposure, and therefore risk, within a network
  • Make sense from the chaos, distilling the complexity of a network and balancing the competing goals of permissiveness vs. least privilege into metrics that are actionable.

245—From Heist to Hostage Situation: The Rise of the Modern Bank Robbery Intermediate

Thursday, 21 November | 1:20PM – 2:10PM

  Download Presentation

Tom Kellerman
Chief Cybersecurity Officer
Carbon Black

With increases in destructive cyber attacks and counter incident response, bank robberies in cyberspace are closer to hostage situations than heists. Tom will discuss recent breaches and a report surveying financial institutions on trends they see.

After this session you will be able to:

  • Understand and articulate the threats most commonly facing financial institutions
  • Share insights into the methodologies used by hackers targeting the financial sector as well as the malware tools they use, such as Emotet
  • Utilize the “Golden Rules of Threat Hunting,” equipping them with key threat detection skills applicable across a wide range of situations
  • Better understand the evolution of modern financial cyberattacks, including origins and driving forces such as nation-state actors

255—Artificial Intelligence Is the Next Turn on Data Analytics. Are You Ready?

Thursday, 21 November | 2:20PM – 3:10PM

Kiran Nagaraj
Principal
Deloitte & Touche LLP

As data analytics capabilities mature, it has become increasingly clear that Artificial Intelligence (AI) and related technologies are poised to change the future of business across sectors and industries. These technologies present an opportunity for enhancing risk management, security, and audit processes, but they also create challenges for risk, security, and audit teams to consider from unexplained algorithmic behavior to inherent bias. This presentation will highlight both the opportunities and threats from advanced analytics, such as AI, and identify control considerations to support related projects within your businesses.

After this session you will be able to:

  • Define AI and related concepts (e.g., advanced analytics, machine learning, deep learning)
  • Describe key opportunities for applying advanced analytics within risk management, security, and audit processes
  • Identify key risks and discuss lessons learned
  • Identify controls that can mitigate risks introduced by advanced analytics (like AI)

265—Creative Visualization with Data Analytics

Thursday, 21 November | 3:40PM – 4:30PM

Mary Breslin
President
Verracy

Each day the world generates 2.5 quintillion bytes of data. Every organization is tracking and maintaining information they never had before. That is a lot of data, and organizational leaders expect us to make sense of it—and not only make sense of it, but also communicate it in a way that it makes sense to busy executives. How do we do that? We visualize it. With a single image, a complex idea can be explained instantly. A good chart, graph, or picture can explain at a glance what may take 5 to 10 pages of narrative to explain in a report.

This session will show participants how to present data analytics results visually with state-of-the-art graphics presentations.

After this session you will be able to:

  • Understanding the “what and why” of data visualization and how data visualization will help an organization
  • Identify areas of opportunity for creating visualizations
  • Forge a path to creating successful visualizations


Return to Event Page >>
 

Track 6—Industry Trends and Insights

116—Quantifying Unknown Cyber Risks Advanced Managerial

Wednesday, 20 November | 10:00AM – 10:50AM

Manish Kalra
VP, Product Marketing
Expanse

In Expanse's research, we see that most organizations have cyber assets they aren't aware of, and because they aren't aware of them, these assets increase the risk to the organization. Compounding that risk is the fact that many of these unknown assets lack the benefits of the security controls and protections that the known assets benefit from (e.g. updated software, proper configurations and even basic security monitoring). So how do you calculate the risk associated with an asset you aren't even aware of? During this session, we will discuss the impact of these unknowns on your organization's risk, and propose a way to factor them into your calculations.

After this session you will be able to:

  • How unknown assets proliferate, and therefore your risk increases
  • How to factor this risk of unknowns into your assessment of your cyber posture
  • Processes and tools organizations can use to discover and thereby reduce the risk of unknown assets

126—Improve Security, Privacy and Compliance with Continuous Oversight

Wednesday, 20 November | 11:00AM – 11:50AM

  Download Presentation

Fouad Khalil
VP Compliance
SecurityScorecard

The concept of monitoring information system security has long been recognized as sound and valuable management practice. For additional consideration, a large portion of compliance requirements for information security and privacy are supported by such monitoring. Security programs must be aligned with privacy and compliance programs to ensure those areas of data protection compliance are appropriately met and monitored, and then actions based on maturity levels must be aligned with information assurance programs.

After this session, you will be able to:

  • Better understand technologies and regulations that drive the need for continuous oversight
  • Obtain a good understanding on what constitutes continuous oversight
  • Walk through examples of metrics/data in support of continuous oversight benefits.

136—Trust but Verify: Building a Third-Party Cyber Risk Program

Wednesday, 20 November | 1:20PM – 2:10PM

  Download Presentation

Ryan Spelman
Senior Manager
CyberClarity 360

Over 60% of breaches are caused by a third-party, making your organization's partners, vendors, and suppliers one of your most significant vulnerabilities. Yet, most organizations struggle to wrap their arms around this problem. During this session, you will learn how to use the Third-Party Cyber Risk Lifecycle to re-write your organization’s risk story to better manage risk, increase compliance, and strengthen your organization’s overall risk posture.

After this session you will be able to:

  • Explain the importance of a robust third-party cyber risk program to legal, compliance, and other business units
  • Understand and align your program with the third-party cyber risk lifecycle
  • Begin to build your program and identify the people, process and technology you need

146—Turn Corp Compliance Policies into Testable Requirement for the Mainframe

Wednesday, 20 November | 2:20PM – 3:10PM

Brian Marshall
President
Vanguard Integrity Professionals

A discussion about the pitfalls and failures that occur with corporate compliance and how to avoid them.

  • Steps to proper corporate compliance
  • The results of being consistent
  • Specifics of writing controls using real-life examples

216—The Overlooked Risks of Cybersecurity Automation Advanced Managerial

Thursday, 21 November | 8:40AM – 9:30AM

Chris Murphey
Director, Customer Success
Galvanize

In this session, we will explore some of the most common implementations of automation for cybersecurity programs and the associated risks. We'll look at real-world examples of successful and unsuccessful implementations and how the human element is a key factor when determining what—and how—to automate.

Some of the questions we'll answer:

  • Can you over- or under-automate your cybersecurity program?
  • Where do the greatest risks come from when it comes to automation? (People, process, and technology)
  • Which "low-hanging-fruit" tasks are best to automate?
  • What's the best way to spot potential or emerging risks?

Just like everything else, taking a risk-based approach to automation and machine learning help you in the long run—no matter if you're implementing new technology or upgrading your existing tech.

After this session you will be able to:

  • Understand how the "human factor" can increase the risk cybersecurity automation.
  • Learn from real-life examples of automation-gone-wrong.
  • Explore risks that you may have overlooked in your automation.

226—A New Strategy for Effective Cyber Security Awareness Campaigns Advanced Managerial

Thursday, 21 November | 10:00AM – 10:50AM

Robert O’Brien
CEO
MetaCompliance

There are major forces at play attempting to exploit your weakest link – People. As networks become harder to breach, hackers are increasingly targeting staff as they provide the easiest way to bypass an organization’s security defenses. Using sophisticated social engineering techniques, criminals can manipulate victims into performing certain actions or providing compromising information.

With increased Cyber threats and new regulations like Privacy Laws, organizations are obliged to make real efforts to improve employee behavior and mitigate these risks. What management teams are finding, is that real Cyber Security Awareness requires a change of culture across the entire organization. This is change management and we all know how difficult that can be!

Help is at hand with a practical approach to overcoming these challenges and obtaining real business benefits. At this presentation, we will step through the rationale behind Cyber Security awareness campaigns and why you should always keep the two objectives of risk mitigation and regulatory reporting at the center of your project.

After this session you will be able to:

  • Identify the key aspects of a Cyber Security Awareness Campaign
  • Focus on quick wins and build momentum for your awareness campaign
  • Cover compliance requirements for regulatory defense
  • What methods can be employed to engage Senior Executives and obtain support for your Cyber Security awareness campaign?

236—Fighting Crime with Compliance: SOC for Cybersecurity Intermediate

Thursday, 21 November | 11:00AM – 11:50AM

Andrew Houshian
Senior Manager,
A-LIGN

Today’s technology landscape is plagued with hackers and cyber criminals looking to compromise sensitive information from businesses of all industries and sizes. As data breaches continue to headline news outlets worldwide, users of service organizations have become weary of how their information is being protected. The American Institute of CPAS (AICPA) issued a new cybersecurity risk management reporting framework, the System and Organization Controls (SOC) for cybersecurity, to assist organizations in communicating relevant information about the effectiveness of their cybersecurity risk management program. To build the trust of existing and potential clients, the SOC for cybersecurity helps organizations gain a better understanding of cybersecurity threats and necessary controls needed to detect, respond and recover from security events. Andrew Houshian, SOC Practice Lead at A-LIGN, with over 12 years of experience in SSAE 18 (SOC 1), SOC 2, SOC 3 (SysTrust), and HIPAA and HITECH engagements, will explain the benefits and limitations of this new framework along with how constant updates to the organization’s CRMP will demonstrate a commitment to managing cybersecurity threats.

After this session you will be able to:

  • Prepare to adapt risk management programs to the ever-changing security landscape
  • Identify the different types of SOC examinations and determine the use cases for each
  • Understand how to use SOC 2 as measurement criteria
  • Describe the benefits and limitations of SOC for cybersecurity


Return to Event Page >>
 

Innovation Sessions

IN1: How to Avoid a Data Breach

Sponsored by Keeper Security, Inc.

Wednesday, 20 November | 9:35AM - 9:55AM

Darren Guccione
CEO & Co-Founder
Keeper Security, Inc

This session will take a look at the general state of cybersecurity and discuss the results of Ponemon State of Cybersecurity Research results while offering insight into what corporations can do to better protect themselves.

After this session you will be able to:

  • The current cyberthreat landscape
  • The real cost of a data breach
  • Results of the Ponemon 2019 SMB Cybersecurity Survey
  • How password management can help guard against problems you never want to have

IN2: Identities, Icebergs, and Headlines

Sponsored by Venafi, Inc

Wednesday, 20 November | 12:10PM - 12:30PM

  Download Presentation

Michael Thelander
Director of Product
Venafi

Like the visible part of an iceberg, it’s machine identities, rather than human identities, that make up the vast majority of authentication and encryption events in our networks. But despite recent news highlighting massive attacks that were enabled by the failure to protect these identities, they remain overlooked and underfunded. In this session we’ll talk about the critical importance of machine identities in modern initiatives like DevOps, cloud migration and containerization, and show how to prevent new attacks that focus on compromising these identities. It’s time to make machine identity protection a part of your mainstream cyber defense strategy.

After this session you will be able to:

  • Understand the threats facing machine identities of all types
  • See examples of where machine identity compromise led to breaches
  • Learn the three fundamental needs of modern machine identity protection: visibility, intelligence, and automation

IN3: Employees are Taking Data when They Quit

Sponsored by Code42

Wednesday, 20 November | 12:40PM - 1:00PM

Nathan Hunstad, CISSP
Principal Security Engineer and Researcher
Code42

Recent studies report that 90% of insider data loss, leak and theft goes undetected internally. Even worse, 60% of departing employees admit to taking data when they leave their job. Attend this session from Nathan Hunstand, Director of Security at Code42, to explore risks affecting organization’s data today and why IT and security teams need to focus on the employee offboarding workflow to protect company IP when employees and contractors quit.

After this session you will be able to:

  • Understand how to build a departing employee workflow
  • Identify things to avoid when building a departing employee workflow
  • Learn information about protecting against insider threat and departing employees

IN4: University and Education Partnerships

Sponsored by Purdue University Global

Wednesday, 20 November | 3:15PM - 3:55PM

Stephan Savage
Professor and Course Lead
Purdue University Global

In this session, we will discuss the role of universities to support industry by providing flexible outcome focused curriculum designed to overcome the cybersecurity talent shortage

After this session you will be able to:

  • Recognize industry requirements and challenges
  • Acknowledge and understand the relationship between academia and industry
  • Explain how IT certificates map to various job paths
  • Review how various courses and degrees align with specific certificate paths
  • Discuss measures of success and outcomes

IN5: How to Communicate Your Risk and Security Program Value to Executives

Sponsored by Lockpath, A NAVEX Global Company

Thursday, 21 November | 9:35AM - 9:55AM

  Download Presentation

Sam Abadir, CISM
Director, Industry Solutions
Lockpath, Inc

Many departments struggle with building a business case to create an effective, ethics-based risk management program. Plenty of executives today still think of risk management as a defensive, overhead activity or activities that are performed to satisfy legislative or regulatory requirements and deserve minimal attention. In this session, Lockpath will help attendees understand the different value propositions business executives need to know to understand and support risk management projects across the organization.

After this session you will be able to:

  • Articulate their current and future risk management goals
  • Understand their risk management value proposition
  • Define business case benefits and communicate value to business executives
  • Define tools and resources needed to achieve goals
  • Understand an approach for their GRC or IRM program

IN6: Leveraging Provable Security: Achieve Security Assurance in the Cloud

Sponsored by Tevora

Thursday, 21 November | 12:10PM - 12:30PM

Chris Callas
Manager of Cloud Security
Tevora Business Solutions

The advent of the cloud has intensified the threat landscape requiring security professionals to not just explain, but to prove their organizations’ level of compliance across complex environments. Provable security promises to expose potential vulnerabilities and give you absolute assurance that your entire cloud environment is secure based on mathematical proofs.

After this session you will be able to:

  • Understand current state of evaluating cloud security controls
  • How adopting a provable security model can benefit your organizations security posture
  • Critical questions you should be able to answer about your cloud workload
  • How to build provable security controls into your cloud environment.

IN7: Overcoming Today’s Most Pressing Third-Party Risk Management Challenges

Sponsored by OneTrust LLC

Thursday, 21 November | 12:40PM - 1:00PM

Jaymin Desai
Offering Manager, Third Party Risk CIPP/E, CIPM
OneTrust LLC

Managing third-party vendor risk before, during and after onboarding is a continuous effort under global privacy laws and security regulations. While outsourcing operations to vendors can alleviate business challenges, managing the associated risk with manual tools like spreadsheets is complex and time consuming. To streamline this process, organizations must put procedures in place to secure sufficient vendor guarantees and effectively work together during an audit, incident – or much more. In this session, we'll breakdown a six-step approach for automating third-party vendor risk management and explore helpful tips and real-world practical advice to automate third-party privacy and security risk programs.

After this session you will be able to:

  • Review the drivers and challenges organizations face when managing third-party vendor risk
  • Identify priorities before, during and after vendor procurement
  • Takeaway a six-step approach for automating the third-party vendor risk lifecycle
  • Hear real case studies from privacy experts on how to practically tackle the third-party vendor risk


Return to Event Page >>
 

Technology Showcase Sessions

Tech3: Do You Know If Your IT Infrastructure Is Secure? Explore How to Answer This Question and Hear True Tales from the Cybersecurity Trenches

Sponsored by Arctic Wolf Networks

Wednesday, 20 November | 11:00AM – 11:20AM

 


Tech4: Magecart & Beyond. Massive Client-Side Website Vulnerability

Sponsored by Tala Security

Wednesday, 20 November | 11:25AM – 11:45AM

Aanand Krishnan
CEO & Founder
Tala Security

This session will discuss how modern website architecture has presented an expansive and lucrative attack surface for hackers. Incidence rates of vulnerability will be detailed resulting from a study of the Alex-1000 global websites. There will also be discussion on the browser-native, standards-based security controls that are available to safeguard against these attacks including CSP, SRI, HSTS and others.

After this session you will be able to:

  • Learn how modern website architectures has lead to the acceleration of attacks with names such as Cross-Site Scripting, Formjacking, Magecart, Ad Injections, Content Injections, Cyptojacking and Website Supply Chain Attacks.As many as 5000 websites are successfully attacked each month leveraging a nearly universal client-side website vulnerability
  • Data and statistics from a study of the global Alexa-1000 websites will be presented to highlight the the widespread incidence of vulnerability and the current lack of deployed security capable of safeguarding against attacks.
  • Learn about the application of standards-based security solutions like CSP, SRI and others can be used to prevent these attack.
  • Learn about the application of automation to overcome the administrative and operational hurdles commonly associated with the deployment of CSP, SRI, etc.

Tech5: Inserting Code Analysis into CI w/o Slowing Builds Down

Sponsored by ShiftLeft

Wednesday, 20 November | 1:25PM – 1:45PM

John McDonald
Director of Engineering
ShiftLeft

This session will cover a demonstration of static application security testing (SAST) can be inserted into CI tools to analysis each build w/o out slowing down release velocity. The approach described is comprehensive, analyzing custom code, open source libraries, SDKs and APIs, and fast scanning 1,000,000 lines of code in under 15 minutes.

After this session you will be able to:

  • Secure every versions of every release
  • Insert security into DevOps pipelines
  • Shift AppSec further left
  • Bring security and development teams closer together
  • Fix vulnerabilities faster and more efficiently

Tech6: The Road to Continuous IT Controls - Bringing a DevOps Discipline to the IT Audit Ecosystem

Sponsored by Neverfail

Wednesday, 20 November | 1:50PM – 2:10PM

  Download Presentation

Jason White
Chief Strategy Officer
Neverfail

The error-prone, manual nature of SOC and other IT security audits can kill business velocity and team morale for at least 2-3 months every year. Market leading companies are achieving unsurpassed risk mitigation, competitive differentiation, and operational velocity by continuously monitoring and managing IT controls – making an audit pass a bi-product of continual compliance. This is only possible through automation.
In this session, we will introduce a DevOps approach to scaling audit and compliance that allows for an audit pass every day, effortlessly, while focusing the full breadth of your internal teams and resources on strategic growth.

After this session you will be able to:

  • Learn the 4 KPIs that regulate IT audit velocity
  • Discover how tech and automation unlock audit value
  • Learn how to turn an IT audit into a competitive differentiator
  • Learn how transforming your IT audit burden increases business velocity
  • Understand the skills and resources required to complete this transformation

Tech7: Cyber AI: Fighting Back with Autonomous Response

Sponsored by Darktrace

Wednesday, 20 November | 2:20PM – 2:40PM

Tyler Peairs
Account Executive
Darktrace

The digital enterprise is constantly expanding, with new IoT, cloud, and operational technologies all challenging traditional notions of cyber security. Safeguarding these evolving environments against machine-speed attacks has never been more difficult.

Yet the digital battleground now features its most formidable defender in Cyber AI — a self-learning technology that distinguishes friend from foe in order to thwart threats autonomously. With the Cyber AI Platform protecting your entire infrastructure in real time, it doesn’t matter whether the attack originates on a connected device, an industrial system, or in the cloud. Wherever it strikes, the AI fights back in seconds.

After this session you will be able to:

  • Why only Autonomous Response can counter today’s machine-speed attacks
  • Where advanced threat-actors exploit vulnerabilities in the cloud and IoT
  • What achieving 100% visibility can reveal about your organization’s risk profile
  • How the Cyber AI Analyst reduces the time spent triaging threats by 92%

Tech8: See Every Asset. Secure What Matters

Sponsored by Tenable

Wednesday, 20 November | 2:45PM – 3:05PM

  Download Presentation

Joseph Decker
Security Engineer
Tenable

When it comes to reducing cyber exposure, an effective vulnerability management approach can help eliminate blind spots that are often the root of security issues. In this session, you will learn how to: discover unknown assets and vulnerabilities, monitor unexpected network changes, and prioritize weaknesses to minimize your cyber risk and prevent braches. With real-time discovery, scanning, and Predictive Prioritization, Tenable helps you reliably and affordably communicate the status of all the IT assets on your network and focus your remediation efforts on the vulnerabilities that matter most.

After this session you will be able to:

  • Learn how to eliminate blind spots that are often the root of security issues.
  • Learn how to focus on the 3% of vulnerabilities that have been, or will likely be, exploited
  • Uncover why CVSS is an insufficient metric for prioritization – and the key criteria you need to consider
  • Understand the Predictive Prioritization process, which uses machine learning to help you differentiate between real and theoretical risks
  • Learn about new tools that provide insight into how effective your controls are and help you understand, manage and measure your cyber risk.

 


Return to Event Page >>
 

Workshops

WS1–Accelerated CSX Cybersecurity Practitioner Certification Workshop SOLD OUT!

Monday, 18 November & Tuesday, 19 November | 9:00AM – 5:00PM

Registration Fee: $1,299 member / $1,399 non-member

Register Now

 

 

2018 Top-Rated SpeakerFrank Downs
Director and SME, Cybersecurity Practice
ISACA

 

 

 

2018 Top-Rated SpeakerDustin Brewer
Manager, Cybersecurity Technical Content
ISACA

Take a fast-track to building, honing and affirming your cybersecurity skills and information security expertise in a hands-on, real-world learning experience where you can earn ISACA’s globally accepted CSX® Cybersecurity Practitioner Certification. Your current industry certifications and/or cybersecurity experience can count toward qualification requirements*.

In addition to receiving access to the Accelerated CSX® Cybersecurity Practitioner Certification Suite, which includes online practice labs, the 1-hour certification skills assessment, and the online certification application*, participants benefit from instruction by and interaction with professionals that created the CSX Cybersecurity Practitioner learning experience. Upon completion of the workshop, students will have prepared for and have the option of completing the 1-hour CSX Cybersecurity Practitioner skills assessment onsite and applying for certification online.* Take advantage of the fastest, easiest, and most enjoyable way to become a certified CSX Cybersecurity Practitioner!

Workshop includes hands-on training of the following:

  • System and Network Scanning
  • Firewall Implementation and Configuration
  • Vulnerability Scanning and Identification
  • Cyber Incident Monitoring and Escalation
  • Post Exploitation System Recovery

Please note: To fully participate in this event, all attendees are required to bring a laptop with an Internet accessible browser.

*In addition to successfully completing assessment labs for the CSX Cybersecurity Practitioner Accelerated Suite, attendees wishing to apply for the CSX Cybersecurity Practitioner certification are required to have either one of more IS/IT credentials or three years’ experience in 3 of the CSX-P cybersecurity domains: Identify, Protect, Detect, Respond, Recover. Admissible credentials include: CISA, CRISC, CISM, CGEIT, ECSA, CEH, LPT, GCIH, OSCP, GPEN, CySA+, CISSP, of certificates in CSX Cybersecurity Fundamentals or CSX Penetration Testing Overview.


WS2–The Truth About AI, Machine Learning and Cyber Security Revisited

Monday, 18 November & Tuesday, 19 November | 9:00AM – 5:00PM

Registration Fee: $850 member / $1,050 non-member

Register Now

 

 

2018 Top-Rated SpeakerKeatron Evans
Managing Consultant
KM Cyber Security, LLC

In this presentation we will take a technical deep dive into some of the latest and greatest innovations related to machine learning artificial intelligence and Cybersecurity. We will see some real examples of AI innovations in the cybersecurity space as well as a technical walkthrough and demonstration of some common attacks and AI applicability to helping solve some of these problems.

After completing this workshop, attendees will:

  • Learn several areas where early Machine Learning and AI has evolved and made great strides in cybersecurity since last year.
  • Learn about several devastating APT attacks driven and perpetrated using advanced machine learning and AI like automation.
  • Learn the basics of what Machine Learning and AI actually means.
  • Learn the difference between AI, Machine Learning and Deep Learning.

WS3–Auditing Microsoft 365 and Azure Cloud Security SOLD OUT!

Tuesday, 19 November | 9:00AM – 5:00PM

Registration Fee: $650 member / $850 non-member

Register Now

 

 

Robert Brzezinski MBA, CHPS, CISA, CISM
Principal
Bizwit LLC

This is a one-day course for auditors and security teams responsible for security and compliance of their Microsoft 365 and Azure Active Directory (AzureAD) environments. This course will provide students with knowledge and practical skills to audit Microsoft 365 tenants, and to improve security of Microsoft 365 configuration and monitoring capabilities. This course is designed with real world scenarios in mind to provide practical, effective approaches for asking and answering compliance questions, auditing Microsoft 365 before and after solution adoption; practitioner approach to continuous audit, monitoring, and creating additional security and compliance visibility. At the end of the course student will be able to effectively audit Microsoft 365 configuration and organization compliance, understand and improve security of the environment, and implement basic continuous audit and monitoring of the organization Microsoft 365 tenant.

After completing this workshop, attendees will be able to:

  • Answer questions and describe how Microsoft 365 complies with various regulatory frameworks and data protection standards
  • Assure proper basic Microsoft 365 configuration before solution adoption and email migration
  • Audit Microsoft 365 configuration after adoption (email migration) using graphical user interface (GUI) – Azure Active Directory (AzureAD), Security & Compliance center, Cloud App Security, Microsoft 365 Admin center, Exchange, SharePoint, Teams, Intune.
  • Audit specific Microsoft 365 elements that require use of PowerShell
  • Understand and use Security & Compliance Center for continuous audit / monitoring
  • Understand Windows Defender Security ATP Center role and capabilities in protecting the organization
  • Understand how Azure security tools can enhance organization security and compliance, by integrating data from multiple computing platforms and environments. Audit and configure Azure security tools for Microsoft 365 and some other computing platforms.
  • Understand how Microsoft 365 cybersecurity strategy works and protects users, devices and data when implemented correctly.

Attendees hands-on participation will require:

  • Laptop – Windows 10 Pro recommended
  • M365 or O365 existing tenant
    • Participant will need Global Admin privileges to see or interact with all functionalities
    • Install PowerShell Exchange Online module for trying some PowerShell commands
  • O365 tenant can be a trial subscription obtained from https://www.microsoft.com/en-us/microsoft-365/business/compare-more-office-365-for-business-plans
    • Choose O365 E3 or E5 trial (Enterprise subscriptions)
    • Trial subscriptions last 30 days – coordinate timing of your trial subscription!!!
    • Add a few fictious users to your tenant before workshop
  • Azure subscription (Not a must have), (Pay-as-you-go recommended) is required to interact with Azure security tools.
    • Steps below assure that your Azure subscription will be associated with your O365/M365 tenant AzureAD
    • From O365/M365 Admin center -> navigate to Azure Active Directory
    • Replace address https://aad.portal.azure.com with https://portal.azure.com/
    • Type subscriptions in Search box at the top -> navigate to Subscriptions -> Add Subscription
    • Select Free trial if available or Pay-as-you-go -> you will need to provide credit card number in both scenarios
      • Cost consumed will be minimal if any -> unless participant starts creating additional resources e.g. VMs, storage etc. Azure Pay-as-you-go Subscription can be canceled at any time – delete resources before canceling to avoid any charges

WS4–Penetration Testing in a Cloud Environment

Friday, 22 November | 9:00AM – 5:00PM

Registration Fee: $650 member / $850 non-member

Register Now

 

 

2018 Top-Rated SpeakerKeatron Evans
Managing Consultant
KM Cyber Security, LLC

What do hackers and other threat actors see when they decide to target your organization and your newly migrated cloud environment? How easily will they find your vulnerabilities and exploit them? Come and see a live demonstration of discovery, vulnerability mapping, and complete exploitation of servers hosted via cloud services. We will start off with the exciting demonstration and walk through the entire process of finding and exploiting the cloud-based services. During the second half we'll discuss data security responsibilities as related to Cloud Service Provider responsibility vs your responsibility, as well as some of the many security advantages gained by migrating to cloud services.

After completing this workshop, attendees will be able to:

  • Describe the proper steps to take when conducting or sourcing a penetration test against their cloud resources.
  • Have a solid picture of what the CSP's (Cloud Service Provider) responsibility is versus their responsibility in regard to data and resource security.
  • List the biggest security threats as related to cloud security.
  • Understand and be able to name several security benefits gained form migrating to cloud services.


Return to Event Page >>
 

 

Geek Street Sessions

Geek Street 1—Practical Approach to Application Security Assessment

Wednesday, 20 November | 9:30AM - 10:15AM

  Download Presentation

Zechariah Akinpelu
Manager, Information Security
FirstBank

Cross Site Scripting (XSS) has always been one of the Top 10 application vulnerabilities according to OWASP. This is a security vulnerability in web applications that allows criminal hackers to inject harmful code directly inside web pages.

After this session you will be able to:

  • Identify various XSS payloads and build a dense mechanism to counter the attacks
  • Leverage XSS vulnerabilities and know how to carry out various exploits such as (a) Stealing users’ cookies or session id (b) Defacing a web application (c) Advanced Phishing Attacks (d) Filter evasion and lots more
  • Learn about different countermeasure for XSS

Geek Street 2—Planning Complex Cyber Audits. The Case Of Galileo Ground Segment (1,500 MEuros)

Wednesday, 20 November | 10:25AM - 11:10AM

  Download Presentation

Jose Ramon Coz Fernandez
Cyber Internal Auditor
European Space Agency

The Galileo program represents the biggest program in Europe related to the Navigation Systems. The session will highlight the main challenges to plan cyber-audits of a big program and some of the lessons learnt.

After this session you will be able to:

  • Describe the main challenges to plan a cyber audit of a program with a budget of more than 3,500 million euros.
  • Understand the complexity to plan a cyber audit for a big program
  • Describe a way to detail the scope of a cyber audit plan
  • Describe a way to detail the scope of a cyber audit plan

Geek Street 3—Systemic Flaws in the Internet of Things

Wednesday, 20 November | 11:20AM - 12:05PM

Ken Munro
Cyber Internal Auditor
Pen Test Partners

Using live demonstrations, we'll show how systemic issues can lead to IoT devices being hacked and exploited, and examine why authorities still fail to deal with this growing issue. We’ll also give advice for parents/kids/friends about IoT security.

After this session you will be able to:

  • Describe the main challenges to plan a cyber audit of a program with a budget of more than 3,500 million euros.
  • Understand the complexity to plan a cyber audit for a big program
  • Describe a way to detail the scope of a cyber audit plan
  • Describe a way to detail the scope of a cyber audit plan

Geek Street 4—With Friends Like These, Who Needs Enemies?

Wednesday, 20 November | 12:15PM - 1:00PM

John Shier
Senior Security Advisor
Sophos

As we continue to see the threat landscape evolve, with attackers learning lessons along the way, the latest threat vectors are arising where we least expect them - our business partners and administration tools. Increasingly, individuals and small businesses are being used as unwitting vectors for attack against larger, well-defended organizations. In this session, John will examine the history of supply chain compromise attacks and talk about some of the latest tools and tactics. He'll demonstrate how and why they work and how to prevent, detect and mitigate against this continually evolving threat.

After this session you will be able to:

  • Supply chain compromises have moved downstream, it's not just about government secrets anymore
  • Small businesses are a likely target because of the relationships they have with larger enterprises
  • There's no such thing as too small to be a target and doing the bare minimum isn’t enough
  • MSPs and technology partners are also in the crosshairs because of their privileged access to businesses of all sizes

Geek Street 5—Using Chaos Engineering for Resilient Cloud Infrastructure Security

Wednesday, 20 November | 1:10PM - 1:55PM

  Download Presentation

Josh Stella
Founder and CTO
Fugue

 

 

Ricardo Green
Senior Solutions Architect
Fugue

Chaos engineering can be used to test the resiliency of cloud security and compliance. This session will include a primer on cloud security chaos engineering, a live demonstration, and tips for implementing chaos engineering into DevSecOps.

After this session you will be able to:

  • Learn how to use chaos engineering to identify and close cloud infrastructure security gaps
  • Learn how bad actors  use automation to exploit cloud resource misconfiguration, and how to use automated remediation tools to defeat them.
  • Learn about how to fit self-healing infrastructure and automated remediation approaches into their SDLC and DevSecOps processes.
  • Learn about the landscape of tools and approaches to build resilient infrastructure security for their cloud environments.

Geek Street 6—Meet the Bots - Our New Security Auditors

Wednesday, 20 November | 2:05PM - 2:50PM

  Download Presentation

Vishal Kalro
Director
Adobe

 

 

Charan Muddam
Senior IT Risk Analyst
Adobe

RPA brings in dramatic efficiencies, reduces the documentation burden and audit fatigue along with round the clock monitoring. RPA is the first step towards building a robust Continuous Auditing/Monitoring program.

After this session you will be able to:

  • Envisage and build the RPA Automation Program to bring in operational efficiencies in the Governance, Risk & Compliance practices
  • Appreciate the role of RPA technology in gaining meaningful insights in to the state of Infosec risks and the corresponding processes and controls put in place to mitigate the risks
  • Build RPA driven uses cases for conducting security reviews of AWS Cloud environment and traditional SAP environment
  • Comprehend the Bot performed security audit analysis reported through a platform like Power BI on an ongoing basis which is a key to the success of the Continuous Monitoring program.

Geek Street 7—Secure Composition: How Tooling Can Improve Security

Wednesday, 20 November | 3:00PM - 3:45PM

Mike Samuel
Software Engineer – Security
Google LLC

Lessons learned in Google engineering about how tools are ideally placed to preserve important security properties. This talk discusses template languages, a widely used tool that sits between untrusted inputs and oft-trusted outputs.

After this session you will be able to:

  • Understand how almost all template languages fall short with respect to XSS-safety
  • Recognize the “link litmus test” which shows how to distinguish a “safe” template language
  • Define “safe” in this context
  • Learn how Google re-engineered its template languages to be safe

Geek Street 8—How Artificial Intelligence Used for Fraud Investigation Can Prevent Insider Threats

Wednesday, 20 November | 3:55AM - 4:40AM

  Download Presentation

Tanya Harris
Director
Harrman Cyber

Based on research from Goldsmith University we shall discuss how Artificial Intelligence used for fraud investigation can be the preventative answer to reducing insider threat.

After this session you will be able to:

  • Understand the workings of the WWII cracking the Enigma code is critical to preventing insider threats.
  • Consider Alan Turning's role in message/semantics’ vs. Gordon Welchman's role in communication pathways/traffic analysis, to identify and intercept threats.
  • Recognize how the use of Artificial Intelligence does not require linguistic analysis and semantics in order to detect threats, therefore completely language independent for reducing threats across borders.
  • Identify how Artificial Intelligence does not require a set of rules in order to identify threats. Rather analysing patterns to identify significant changes in behaviour can ensure that critical events are not overlooked.

Geek Street 9—IoT Hacking for Beer

Thursday, 21 November | 9:30AM - 10:15AM

2018 Top-Rated SpeakerDustin Brewer
Manager, Cybersecurity Technical Content
ISACA

IoT devices are available for every corner of our homes and workplaces. Numerous articles, studies, and exploits have been published on the security (or lack of) of these devices and how they could affect our networks holistically but how easy is it really to hack an IoT device? In this talk we will explore the methodologies behind penetration testing IoT devices to discover what (if any) vulnerabilities are present.

After this session you will be able to:

  • Have a deeper understanding of how to apply pen testing methodology to IoT device testing.
  • Know the open source tools used to conduct device testing.
  • Be able to conduct IoT device testing on your own!
  • Be familiarized with the process of home beer brewing!

Geek Street 10—Threat Perspective from a Reformed Red Teamer

Thursday, 21 November | 10:25AM - 11:10AM

  Download Presentation

Joe Vest
Director of Training and Internal Services
SpecterOps

Compliance, best practices, and regulation all drive a security program. These programs pass audit and compliance checks, have robust patch management, and conduct vulnerability assessments. How do you know if they protect against real threats?

After this session you will be able to:

  • Understand differences between vulnerabilities and cyber threat tactics, techniques and procedures (TTPs) and how approaching security from a threat perspective can dramatically reduce operational risk due to cyber activities
  • Understand how the inclusion of cyber threat TTPs in security operations planning, design, implementation, and testing can greatly improve organizational security posture by applying a threat-based approach to security testing
  • Distinguish between common security testing types used to measure an organization's security posture and identify the gaps threat-based security testing can address
  • Understand the concepts of Red Teaming, Adversarial Emulation, and Threat Emulation as they are defined and explored as a means to perform threat-based security testing

Geek Street 11—An Attack on an API Server: What Happened, and What Were the Malicious Actors Looking For

Thursday, 21 November | 11:20AM - 12:05PM

Laurlent Gil
Group Architect Oracle Cloud
Oracle

The explosion of APIs is creating incremental security risks that must be addressed, considering that over half of the internet traffic is bot or API based.

After this session you will be able to:

  • The sources of API security vulnerabilities, web API
  • How DevOps teams can build more secure APIs and the typical vulnerabilities to look for.
  • Strategies for defending against the threats, including machine learning techniques that are used for detecting botnet activities.
  • Anatomy of API attacks: real case examples of application attacks that focused on API endpoint. Prioritizing human traffic over API traffic, and API traffic shaping. SQL Injection within an API call.

Geek Street 12—Securing an IoT Endpoint from Creation to Cloud

Thursday, 21 November | 12:15PM - 1:00PM

Nisarg Desai
GlobalSign

While a great deal of emphasis is given on securing different components of a device ecosystem, one often misses that the time of an attack, and the time of threat insertion, are often different. These take place during different phases of a device or endpoint’s lifecycle, usually by different actors and in different environments. This session explores the challenges of securing different components and sub-components of a device during its lifetime – birth, transport, installation, use, transfer, and sunset – and offers simple standards-based solutions to this problem.

After this session you will be able to:

  • Understand how the combination of current standards and upcoming technological advances will ensure safety and security for all.
  • Appreciate the IoT threat landscape beyond the security of devices in the field, as well as understand the threats and solutions during a device’s lifecycle.

Geek Street 13—Cyber Hunt

Thursday, 21 November | 1:10PM - 1:55PM

2018 Top-Rated SpeakerFrank Downs
Director and SME, Cybersecurity Practice
ISACA

 

 

2018 Top-Rated SpeakerDustin Brewer
Manager, Cybersecurity Technical Content
ISACA

The Cybersecurity Nexus Cyber Hunt is a live competition which pits participants against each other in a race against themselves and the clock to respond to a multipronged attack while concurrently conducting a penetration test against diverse asset sets. Participants will need to leverage capabilities from all cybersecurity domains, Identify, Protect, Detect, Respond, and Recover, in an attempt to outwit and outsmart other competitors and achieve the highest score!

Challenge subsets include the following skills:

  • Network Scanning
  • Vulnerability Identification
  • System hardening
  • System exploitation
  • Exploitation response
  • Much, much more!

After this session you will be able to:

  • Better understand asset identification and location via scanning technologies
  • Understand how to identify vulnerabilities on a system of responsibility
  • Better harden systems of responsibility
  • Understand elements of conducting a penetration test
  • Understand elements of responding to an incident or attack

Geek Street 14—Cyber Hunt

Thursday, 21 November | 2:05PM - 2:50PM

2018 Top-Rated SpeakerFrank Downs
Director and SME, Cybersecurity Practice
ISACA

 

 

2018 Top-Rated SpeakerDustin Brewer
Manager, Cybersecurity Technical Content
ISACA

The Cybersecurity Nexus Cyber Hunt is a live competition which pits participants against each other in a race against themselves and the clock to respond to a multipronged attack while concurrently conducting a penetration test against diverse asset sets. Participants will need to leverage capabilities from all cybersecurity domains, Identify, Protect, Detect, Respond, and Recover, in an attempt to outwit and outsmart other competitors and achieve the highest score!

Challenge subsets include the following skills:

  • Network Scanning
  • Vulnerability Identification
  • System hardening
  • System exploitation
  • Exploitation response
  • Much, much more!

After this session you will be able to:

  • Better understand asset identification and location via scanning technologies
  • Understand how to identify vulnerabilities on a system of responsibility
  • Better harden systems of responsibility
  • Understand elements of conducting a penetration test
  • Understand elements of responding to an incident or attack

Geek Street 15—CMMI® Institute: Building Resilience Through a Risk-Based ‘Cybermaturity’ Approach

Thursday, 21 November | 3:00PM - 3:45PM

Manage up your cybersecurity resilience, readiness and board confidence with the world’s first cyber capability maturity management platform, which provides a holistic, risk-based approach and road map.

After this session you will be able to:

  • Understand the challenges global organizations are facing and how leading organizations are solving
  • Understand the value of a risk-based approach for prioritizing investment for organizations with varying complexity and security demands
  • Understand CMMI Institute’s holistic approach of assessing an organization’s cybersecurity capability maturity
  • Understand how the CMMI Institute’s methodology can increase resilience and readiness and build board confidence

Geek Street 16—Securing Blockchain Platforms: What You Need to Know

Thursday, 21 November | 3:55PM - 4:40PM

  Download Presentation

Tuan Phan
Partner
Caplock Security LLC.

The session provides the attendees an in-depth understanding of common attacks on blockchain components, the underlying mechanisms and techniques, how to assess the risks for a blockchain network, and what defensive controls can be implemented.

After this session you will be able to:

  • Introduce to the key concepts of a public and private blockchain network. What are the basic security hygiene on blockchain network?
  • Learn how to identify and differentiate security threats and attacks on a Blockchain network, and how they can be applied against both public and private blockchain networks.
  • How to conduct blockchain security analysis for infrastructure, node, user wallet and smart contracts. Observe actual demos how certain vulnerabilities can be exploited.
  • Identify and implement blockchain security methods, best practices, and risk mitigation. Learn the ideal configurations or design architecture to reduce the risk profile for the blockchain network.


Return to Event Page >>
 

 

Keynotes

Opening Keynote Speaker

Theresa Payton
Former White House CIO & Cybersecurity Authority

In the wake of recent, debilitating cyberattacks at Equifax, Sony Pictures, Target and privacy breaches against prominent individuals in the public eye, Theresa Payton remains the cybersecurity and intelligence operations expert that people and companies turn to in order to strengthen their privacy and cybersecurity. Named by IFSEC Global as the 4th among the top 50 of the world's cybersecurity professionals and by Security Magazine as one of the top 25 Most Influential People in Security, she is one of America's most respected authorities on security and intelligence operations.

The first female to serve as White House Chief Information Officer, Payton oversaw IT operations for the President and his staff from 2006 to 2008 during a period of unprecedented technological change and escalating threats. Previously, she held executive roles in banking technology at Bank of America and Wells Fargo.

Currently, as the founder, president and CEO of a world class cybersecurity consulting company, Fortalice Solutions, LLC and co-Founder of Dark3, a cybersecurity product company, she remains the expert that organizations call for discretion, proactive solutions, and incident response/crisis management. Fortalice was recently named one of the Top 5 Innovative Cybersecurity companies in the D.C./MD/NoVa region and Theresa was recently awarded the Enterprising Women of the Year Award for the 2nd year in a row.

Payton was recently featured as the Deputy Director of Intelligence Operations in the new hit reality show CBSʼ Hunted. Payton collaborated with cybersecurity and privacy attorney, Ted Claypoole, to author two books focused on helping others learn how to protect their privacy online. Hailed as ʻmust-reads,ʼ by Jon Stewart when he talked to Payton on The Daily Show and by Katie Couric on her show Katie's Take the books assist the laymen with the security and privacy challenges of our times.

Payton is often sought out by national and international media news outlets to explain complex security issues in business and consumer terms to get behind the hype to understand, in laymanʼs terms, how to protect your privacy and security. She has been a repeat guest on the Today Show, Good Morning America, Fox Business Shows, Fox News Shows, CBS Morning & Evening News, BBC TV News and Radio, CBSN, CNN, NBC News, MSNBC, and NPR.

Recognized as a 2015 William J. Clinton distinguished lecturer by the Clinton School of Public Service, Payton passionately protects her clients, from the boardroom to the server room, and helps them understand the business risks to their organizationʼs cybersecurity. She and her team provide insight and methods critical to protecting people and organizations from rapidly evolving cyberattacks.

Closing Keynote Speaker

Jamie BartlettJamie Bartlett
British Author and Journalist

British author and journalist Jamie Bartlett will close the event, delving into the topics of cybersecurity and online privacy, internet cultures and social media. Bartlett is the author of Radicals Chasing Utopia: Inside the Rogue Movements Trying to Change the World and he currently serves as Head of the Violence and Extremism Programme and the Centre for the Analysis of Social Media at the think-tank Demos.

 


Return to Event Page >>
 

Spotlight Educational Sessions

SS1–The Rising Tide of Privacy: Finding the Commonalities

Wednesday, 20 November | 4:50PM – 5:10PM

  Download Presentation

Fouad Khalil
VP Compliance
SecurityScorecard

It all began with Europe's General Data Protection Regulation (GDPR). After that, a privacy tidal wave hit the United States with California first enacting a privacy law, followed by the state of Washington with many more expected to follow suit. Even outside of Europe and the USA, many nations including Brazil, United Arab Emirates and Australia are keeping pace with their own privacy regulations.

With the increasing number of regulations across the globe, businesses are struggling to comply with these new laws and regulations.

In this session, we will review fundamental privacy requirements across a variety of regulations to help streamline the key elements to meet compliance.

After completing this session you will be able to:

  • List best practices aimed at streamlining compliance.
  • Learn how to minimize compliance operational costs.
  • Identify what's next in the world of regulations.

SS2–Five Key Trends in Application Security

Wednesday, 20 November | 4:50PM – 5:10PM

Ameya Talwalkar
Co-founder & Chief Product Officer
Cequence Security

Today’s hyper-connected businesses rely on a broad set of web, mobile, and API-based applications to connect customers, partners, and suppliers across the Internet. Retirement planning, interacting with likeminded hobby enthusiasts, loyalty program participation while purchasing our favorite goods and services are just a few examples. These applications incorporate a wide range of application endpoints, such as a registration, login, or forgot user name and password pages.

While striking a delicate balance between speed of deployment and security-induced friction, CIOs and CISOs must consider five key industry trends that may impact their approach to application security.

  • How will a multi-cloud and possibly a multi-CDN deployment impact application security?
  • DevSecOps: can it be as nimble as DevOps?
  • What is the impact of the exponential use of APIs?
  • Microservices, service-mesh and serverless computing – what’s it mean to my security posture?
  • Data residency and data privacy laws – how will they impact me?

We will discuss various technology and deployment architecture options given these application security trends.

After completing this session you will be able to:

  • Identify how security and development work most effectively deal with a multi-provider world.
  • Recognize how the exponential number of application APIs impacts security.
  • See that application development and security can work together – without slowing deployment.

SS3–Back to Basics: The Fundamentals of Cyber Hygiene

Wednesday, 20 November | 4:50PM – 5:10PM

Jeremy Newberry
Cybersecurity Solutions Architect
Cyber Observer

New innovations with cloud and IoT are changing the ways we use technology and how we secure it. No matter how technology changes there are still the basic things you need to be doing in order to lower your threat risk and maintain the security of your systems and infrastructure.

In this presentation we get back to basics and review steps we know can be taken to improve security and resilience. We will discuss what is good cyber hygiene, why it’s important, and how to ensure your tool and software investments are configured and performing effectively.

After completing this session you will be able to:

  • The basics of Cybersecurity Hygiene
  • Current Enterprise Ecosystems - security tool fragmentation
  • Steps to improve Cybersecurity Hygiene and maximize ROI
  • Standards and frameworks based views

SS4–Addressing IT Security in an Evolving IT Industry

Wednesday, 20 November | 5:30PM – 6:00PM

Kent Feid
Head of Technical Business Development and Strategy
Quest | KACE

In this session, we'll discuss industry trends and how they are making it more challenging to manage and maintain a secure IT environment that's inclusive of both traditional endpoints, as well as the Internet of Things (IoT). This session also highlights specific tools that our KACE customers have implemented to address the ever-evolving changes in the industry that we know and love.

After completing this session you will be able to:

  • Discuss industry trends and pain-points.
  • Discuss things to consider with the introduction of the Internet of Things (IoT).
  • Introduce techniques and products we are seeing customers successfully implement to solve real world issues.

SS5–Staying in the Dark: How Intelligence Analysts are Using Data, Context and Automation to Stop Cyber Threats

Wednesday, 20 November | 5:30PM – 6:30PM

Gene Yoo
Resecurity

The consequences of cybercrime originating from the dark web impact nearly every industry and cost the global economy as much as $600 billion — about 0.8 percent of global GDP. Security industry experts project that companies around the world could incur costs and lost revenue amounting to more than $5 trillion over the next five years due to cyberattacks. Today, organizations must go well beyond knowing what’s happening IN your network. Organizations must have situational intelligence as to what’s happening outside their environment - who’s targeting them, how are they behaving, and who’s working together to put your company at risk? To deliver comprehensive, accurate and action-oriented visibility into the dark web, to get to the point where we can associate a particular threat actor with his real identity, we need to apply the power of data science, big data and AI technologies. Trained machine learning models and artificial intelligence engines are the tools needed to recognize relevant content by category and to mine meaningful information about threat actors and their operations in a near real time.

After completing this session you will be able to:

  • Recognize today’s tools can capture millions of dark web postings, including textual, graphical and binary information (containing attachments and other important artifacts), as well as metadata associated with the postings and the posting sources.
  • Know how cyberthreat intelligence analysts and cybercrime investigators can view information by thematic niche, community size (total number of actors and published postings), update and activity dynamics, risk perspective, and more to understand how to prioritize the key threat sources for more systematic monitoring.
  • Explain the importance of quantity vs. quality – Extracting the meaning of data through contextualization (geography, timing, adversary patterns, behaviors and other factors which may enrich data).
  • Understand how we can index dark web data (sources evaluation, reliability analysis, entities extraction, tagging, links analysis, and morphology analysis).
  • Understand how enterprises, national security agencies and law enforcement may apply data science in CTI as well as successful use cases.

SS6–Optimize ITGC Testing by Automating User Access and Segregation of Duties Assessments

Thursday, 21 November | 8:40AM – 9:30AM

Chad Wood
Client Partner
Galvanize

It’s time-consuming and repetitive to provide assurance over the effectiveness of IT controls. As the scope of IT assets expands to more cloud-based applications and networked devices, this workload is increasing. But there’s a better way than performing access testing by manually downloading user lists and running reports.

We’ll show you how to automatically connect to systems like Active Directory, SAP, LDAP, and Oracle, and reduce the time and effort spent on spotting unauthorized/ privileged access issues. We'll also look at an example of how our HighBond platform helped an organization see segregation of duties (SOD) issues in real-time, by matching provisioned access events across a conflict matrix of roles and responsibilities. Finally, we’ll show you how to setup workflows for remediation and documenting exceptions.

After completing this session you will be able to:

  • Apply robotic process automation to monitor potential user access issues
  • Gain continuous assurance over your SOD conflicts
  • Streamline remediation efforts and aggregate results into your ITGC framework


Return to Event Page >>