Cisco Security Incident Response Team
Identifying and Developing Detections
In this we will walk through basic endpoint and network based scenarios and how we develop detections through the analysis of both the network traffic and source samples.
Every event is unique and I will be sharing how our Security Incident Response methodology provides expedience and allows for flexibility to continuously adjust to the dynamic threat landscape. Whether it’s an insider threat, distributed denial of service, advanced malware at the endpoints or customer data breach, a process includes helping an organization through identification, isolation and remediation using analysis and data mining, forensic image analysis, infected system dynamic instrumentation, malware reverse engineering and exploit analysis and re‐implementation. Our methodology will help you apply solutions to real world problems.
Director of Information Security, HealthStream
Detect and Respond…Knowing What to do During a Breach
During this presentation I will present techniques, process and high level overview of tool sets to be deployed in Breach Detection and Incident Response. This will be a high level framework for implementing this crucial security component and involving all levels of the Technology Organization.
Secure Golden Key, A Big ISP
hashcat: GPU password cracking for maximum win
After briefly touching on the general concept of password cracking, the focus of the talk will be on the effectiveness of different attack modes in hashcat, with a heavy emphasis on rule-based attacks. While the name of the talk is “hashcat,” this talk will almost exclusively discuss the GPU-enabled versions (Specifically cudahashcat). The final phase of the talk will include the results of my own experiments in creating rule sets for password cracking, along with an analysis of the known plaintext passwords from the test hash list.
Managing Vice President, Gartner
Top Trends and Takeaways for Cybersecurity, 2015-2016
With the digital business driving accelerated adoption of cloud, IoT, mobility and big data, the way IT and OT are delivered is changing. Each change brings new threats and breaks old security processes. This session reviews the hot trends in Security for 2015 and beyond
DLP Architect, Black Diamond Technology
Practical DLP Deployment for your Organization
A practical, real-world approach to deploying Data Loss Prevention into your organization. How to define a DLP program using a business driven approach followed up by some deployment planning considerations. Next describe some program specific details for deploying DLP for Data at Rest, Data in Motion and Data In Use (Endpoint). Final topics to discuss will include incident triage, reporting and remediation followed by plenty of time for Q and A.
Chief Security Strategist, Bit9
Modern Threats Require Modern Defenses: 3 Security Concepts for 2016
As our cyber defenses continue to be less than sufficient, we are realizing we must tailor them more to the attacks that face us. While the problem isn’t necessarily in the security technology stack itself, the overall strategy of the stack, the team, and overall resource utilization must be revisited. We’ll explore three advanced cyber defense concepts that you should be applying or at least considering as we head into 2016: analytics, orchestration, and risk hunting.
Cyber Crime Supervisor, Federal Bureau of Investigation
FBI View into Your Greatest Threat
Organizations today face a growing number of threats to their intellectual property. Engage with a panel of experts from the FBI as they review many of these bad actors including Russian organized crime, Anonymous, hacktivism, Nigerian scammers, advanced persistent threats, insiders and even your C-Suite level executives. Which of these is the greatest threat to your organization?
Principal Architect, WWT
Foundational Security Architecture and Unknown Threat Detection – Combined for Optimal Defense
The increase in frequency, duration, and expense of cyber-attacks can be traced back to corresponding increases in the sophistication of attackers as well as advanced technology vulnerabilities within enterprise environments. The continued inability to efficiently detect these attacks is often the result of various levels of both organizational and architectural immaturity. From an architectural perspective common issues we see include scattered sensors with no central correlation, minimal asset information showing business context, limited historical data, limited data sources, and an almost complete dependence on known threat detection. In this session, you will be shown broad multi-vendor cybersecurity enterprise architecture that combines both foundational security controls and advanced real-time analytics, designed together to alleviate these deficiencies. It will be presented in a way for you to identify where you currently stand in a maturity model and to see a vision of where you might be heading in the future.
VP Information Risk, Optiv Security
Cyber Risk: Increasing Oversight Requires Focus on What Matters
Cyber risk has risen on board and audit committee agendas, partially because of recent data breaches and their resulting financial, legal and reputational repercussions. CISOs are being asked to provide updates on the strategy to protect the ‘crown jewels’ and whether investments in security are being directed at areas of highest risk and reward. Preparing for these meetings requires an information security aligned with enterprise objectives and risks. In this presentation, Renee Guttmann, vice president, information risk, Office of the CISO at Optv, will discuss how to best prepare for crucial conversations with executives and boards of directors.
Security Vulnerability Engineer, HCA
The Path to Security…Mitigating User Negligence
The Path to Security…Mitigating User Negligence
Through the use of effective training techniques and exercises, employees and users can be educated on how to make safe Information Security decisions. It is critical to the success of a total Information Security Program that users are trained properly as they are a major layer of defense against malicious intent. The current methods of training people about InfoSec are failing and the number of user related breaches increases every year. Through effective training practices, user negligence can be mitigated and controlled and the Information Security Program can be better practiced throughout entire organizations.
Persistence Pays Off – “A Brief History of APTs and their Lifecycle”
This session will be talking about the history of APT attacks and the lifecycle and steps an APT takes. As technology continues to grow Advance Persistent Threats become more of a problem. Attendees will learn about APT attacks starting with the first APT attack ever recorded to some of the more popular attacks that have happened. This talk will give them insight onto how the attacks were formed, what effect they had on the target and globally, and who was behind the attacks. With this kind of information it will give security professionals a chance to see a different perspective on how cyber-attacks take place.
CEO & President, T.E.N
Pathways to Empowered Security Leadership
The evolving security leader can seamlessly blend technical knowledge with business acumen to serve as a trusted partner to the board and the business…but no one starts at the top. During this invaluable panel discussion, top CISOs and information security leaders will share personal stories about when and where their careers began, what pivotal events launched them into leadership, and what has empowered them to grow stronger in the field. Security professionals at any level of experience will benefit from hearing the advice, knowledge and personal challenges these leaders have faced on their pathways to empowered security leadership.
- Panel Featuring :
- Kyle Duke, CIO, TENN Care
- Bob Quandt, Exec Director of Security, Healthways
- Scott Breece, CISO, CHS
- Michael Mangold, Director of Security, Tractor Supply
Director Market and Technology Innovation, Symantec
Epidigitalogy…Surveying for Digital Diseases Like an Epidemiologist
The presentation will cover an introductory history of epidemiology and how information security stands to benefit from modern epidemiology processes used in the surveying of populations for indicators of potential epidemics. Instead of passively waiting for a massive breach to engage incident response, information security surveyors need to engage in the constant day to day active surveying of corporate population data to find the digital disease pathogen before it becomes an epidemic. The key to preventing digital diseases today and well into the future, will be to copy the investigation and prevention techniques of the 19th century Dr. John Snow and the Center for Disease Control and Prevention Epidemiological Intelligence Service. This presentation will walk the audience through an epidemiological analogy to better explain the differences between passive and active surveillance and show the audience a way to speak to management in a manner they can more easily understand. The presentation will also introduce some epidemiological visualization and graphing ideas to give the audience a starting point in epidigitalogy.
Sr. Director of Product Marketing Strategy, Raytheon
Enabling Resiliency in the New Threat Landscape
In this session you will learn how defense strategies need to be fundamentally transformed to operate in this new reality. While prevention is ideal, detection and containment become imperative. Instead of chasing and counting alerts, new quality metrics such as dwell time and lateral movement need to become critical measures. Most importantly, end-to-end visibility across the enterprise is critical. Combining this with contextual information for access through a single pane of glass gives analysts the ability to understand what is transpiring across the enterprise and quickly determine what is malicious and what is not and take fast decisive action.”
President & Founder, The Security Awareness Company
I Survived Rock ‘n’ Roll…Can You Survive Security Incident Escalation
I am going to talk about such diverse topics as:
• Graceful Degradation when the IT Hits the Fan
• How we avoided rioting and chaos in Jamaica when Stevie Wonder and Bob Marley were jamming… and the power went out!
• How banks fail hundreds of millions of customers with no security reporting process.
• Why Liza Minnelli’s live TV Show was an excruciating exercise in
• DIY-engineering when cameras and audio fall out of sync!
• What you do when there are 80 musicians in a studio and your primary recording desk dies… and there is no back up!
• What monstrous audio and video patch bays can teach us about logical system flow.
• Event escalation procedures that actually work.
• Why a live stage performance is just like a network closet.
• Debugging: 1970 analog vs. 2013 digital
• DIY on the fly: Solder or code?”