Annual Discover Security Conference 2018 - ISSA Hawaii's 25th - Theme: Relevant InfoSec Solutions
←
→
Page content transcription
If your browser does not render page correctly, please read the page content below
ISSA Hawaii’s 25th Annual Discover Security Conference 2018 Attendee Packet October 10 and 11, 2018 Theme: Relevant InfoSec Solutions
Relevant InfoSec Solutions October 10, 2018 Aloha and Welcome to the 25th Annual Discover Security Conference. Theme: Relevant InfoSec Solutions Relevant InfoSec Solutions showcases some of the most advanced security solutions in the market today. Learn about how these solutions can address the 2018 information security trends that matter. Use artificial intelligence and machine learning to boost your cyber defense. Be proactive about preventing ransomware. Appropriately secure the IoT and mitigate the rise of the botnet risk. Augment your cybersecurity professional knowledge and skill shortage. Develop a cybersecurity framework for your organization. Operationalize patching and application testing. Learn how Relevant InfoSec Solutions can help you address you and your organizations most pressing challenges. Sincerely, The Board of Directors Information Systems Security Association Hawaii Chapter Page 2 of 27
When: October 10 - 11, 2018 (Registration begins at 7:00 am) Where: Pōmaika‘i Ballrooms at Dole Cannery 735 Iwilei Rd, Honolulu, HI 96817 http://pomaikaiballrooms.com REGISTRATION FEE: TIG ISSA MEMBER: $50.00 NON-ISSA MEMBER: $100.00 Page 3 of 27
Thank you to our Sponsors Gold Sponsors Page 4 of 27
Beverage Sponsor Material Sponsors Page 5 of 27
General Sponsors Page 6 of 27
JPNI Page 7 of 27
AGENDA Day 1 – Wednesday, October 10, 2018 October 10 Vendor Speaker Topic 0715 – 0815 Breakfast and Registration 0815 – 0830 ISSA Hawaii Jock Purnell Welcome and Announcements 0830 – 0900 Sailpoint Cullen Comprehensive, Intelligent Identity Solution Landrum 0900 – 0930 Trend Micro Jim Unseen Threats, Imminent Losses Montgomery 0930 – 1000 Checkpoint TBD TBD 1000 – 1030 Vendor Recognition, Break and Exhibition 1030 – 1100 Secure Eric Baum Increase confidence with resilience. How a Technology network model improves your situational Hawaii awareness and threat mitigation 1100 – 1130 ESET Drew Dodson Today’s threat landscape - Time for a Ransomware reality check 1130 – 1200 Carbon Black Michael Marx The Real Authority: Staying Conscious in Computing 1200 – 1230 Lunch and Exhibition 1230 – 1300 Gigamon Kevin Improving Security using Metadata Peterson (in 2nd Ballroom) 1300 - 1330 Continue Lunch and Exhibition 1330 – 1400 Palo Alto Jon Friese Automation Wars Networks 1400 – 1430 Direct Defense Jim Broome Fighting for the Fifth Place - How to Get the Most From The Solutions You Need, And The Solutions You Want 1430 – 1500 Sophos Chris Tackling the Challenges with Threat McCormack Identification and Response 1500 – 1530 Break and Exhibition 1530 – 1600 VPLS Solutions Anthony Offense and Defense: It’s Good to Play Both GiandomenicoSides 1600 – 1630 RSA Sean Ennis Orchestrating the Hunt: Using Automation to Threat Hunt Faster and More Effectively 1630 – 1700 TBD TBD TBD 1700 – 1800 Announcements and Exhibition Page 8 of 27
AGENDA Day 2 – Thursday, October 11, 2018 October 11 Vendor Speaker Topic 0715 – 0815 Breakfast and Registration 0815 – 0830 ISSA Hawaii Jock Purnell Welcome and Announcements 0830 – 0900 Symantec / Chris D. Mobile Threat Landscape Optiv Rowlands 0900 – 0930 World Wide Barry Jones / Building Sustainable Security Architectures Technology Ken Westin 0930 – 1000 Netskope Bob Gilbert Forget the Dark Web Right under your nose, there’s a place even riskier. Can you see the Bright Web? 1000 – 1030 Vendor Recognition, Break and Exhibition 1030 – 1100 Proofpoint Tage Wolters Rainbow of attacks: The new social media, mobile, and email phishing 1100 – 1130 Forcepoint Dede Alexiadis Empowering Cloud Security with Cloud Access Security Broker Technology (CASB) 1130 – 1200 Malwarebytes Cameron Cybercrime Tactics and Techniques Report Naghdi 1200 – 1330 Lunch and Exhibition 1330 – 1400 Juniper Zach Forsyth Social Media, the Gateway for Malware 1400 – 1430 App Sec Ryan Hogan GDPR – Now What? Consulting 1430 – 1500 Infoblox Bob Smiley DNS’s Role in Securing Your Network 1500 – 1530 Break and Exhibition 1530 – 1600 Cisco Jon Rutledge Securing Serverless Cloud-based Resources with Flow Analytics 1600 – 1630 SecureWorks John Hollner Answering the C-Suite’s Toughest Cyber Questions (to Get What You Want) 1630 – 1700 1700 Announcements and Adjournment 1730 - 2100 ISSA Hawaii Evening Reception Page 9 of 27
ISSA Discover Security Conference 2018 Speakers LISTED IN ALPHABETICAL ORDER BY VENDOR NAME AppSec Consulting Speaker: Ryan Hogan, GCIH, GCWN, GCFE, CRISC, CIPM, CIPP/E, Director, Strategic Advisory Services Topic: GDPR – Now What? European Privacy requirements are getting some BIG updates. The changes bring some good news, bad news, and plenty of gray areas to get lost in. Learn the basic information about EU Privacy and the GDPR to line up a bunch of “I told you so’s”, or maybe get real lucky and leverage it to get a budget for the things that you need to do to get ready for EU Privacy requirements. Bio: Ryan Hogan is the Director of AppSec Consulting’s Strategic Advisory Services team. Ryan is a risk management professional with more than 17 years of industry experience. Ryan has served in key information security roles at large enterprises within the finance, technology, manufacturing, and pharmaceutical markets. He has worked on all sides of the security equation. Ryan has worked as an auditor reviewing security controls for SOC reports, and as security manager at a service provider that is having its security controls audited, as well as a security manager at customers reviewing the results of a service provider’s security audit. He uses this perspective and experience to provide a balanced view and a risk based approach to information security that meets business objectives. In addition, his experience and expertise includes performing Enterprise IT Risk Assessments, preparing for ISO27K implementation, Privacy Program management, Vulnerability Management, and Security Strategic Planning. Ryan has a strong track record of interpreting and applying a variety of information security-related frameworks and standards to meet an organization’s business objective. His common sense approach, communication skills, and initiative elevate him amongst his peers in the industry. Expertise includes… IT Risk Assessment and Data Security Consulting (ISO27001:2013), Vulnerability Assessment / Vulnerability Management, Privacy Program Management, Service Organization Controls 1 & 2 – Audit Readiness, Strategic Remediation Consulting, General IT Controls Specialist, Information Security Policy Development. Page 10 of 27
Carbon Black Speaker: Michael Marx, Enterprise Sales Engineer Topic: The Real Authority: Staying Conscious in Computing With the rise of Automation , AI, and Machine Learning - we have been creating decisions out of the now and setting them in other dimensions we do not understand, but can comprehend. We tell the machine something and it does something. When the machine tells us something, we do something. In this talk, Mike Marx will explore our decision pathways in information security contexts to arrive at what is happening in the only time that matters, now. Carbon Black (NASDAQ: CBLK) is a leading provider of next-generation endpoint security. Carbon Black serves more than 4,000 customers globally, including 33 of the Fortune 100. As a cybersecurity innovator, Carbon Black has pioneered multiple endpoint security categories, including application control, endpoint detection and response (EDR), and next- generation antivirus (NGAV). Leveraging its big data and analytics cloud platform – the Cb Predictive Security Cloud – Carbon Black solutions enable customers to defend against the most advanced cyber threats, including malware, ransomware, and non-malware attacks. Deployed via the cloud, on premise or as a managed service, customers use Carbon Black solutions to lock down critical systems, hunt threats, and replace legacy antivirus. Bio: Who is the one that is architecting the change around us? Between Gen-X, Millenial, and Gen-Z; If we read between the lines, we see why. For the past 20 years, Mike Marx has been investing time into education, computing concepts, and helping others translate the information that surrounds them in every moment. Mike holds a B.S. from The University of Central Florida in Information Systems, has spent time consulting for Siemens Global, and has also been selected to contribute to a risk study at Harvard Law. Having completed the journey to all 7 Continents before the young age of 30, Mike's passions in life land in the baskets of knowledge, exploration, and adventure. There is no destination, physically or mentally, too far for arrival. Check Point Software Technologies Speaker: Check Point Software Topic: TBD Synopsis: TBD Page 11 of 27
Bio: TBD Cisco Speaker: Jon Rutledge, CSS Cisco Cloud Security, Cisco Systems, Inc. Topic: Securing Serverless Cloud-based Resources with Flow Analytics Topics of discussion will include the following: Cloud Migration Micro Services Containerization Serverless Computing Our goal is to enable companies to improve their security posture in the evolving Multi-Cloud hybrid landscape. DirectDefense Speaker: Jim Broome, President Topic: Fighting for the Fifth Place - How to Get the Most From The Solutions You Need, And The Solutions You Want While working with investors from both sides of the negotiation, we hear the term “fighting for fifth place.” But, what the heck does that mean? Because of compliance, the first four choices for your budget have already been made. If your product from a vendor or creator standpoint doesn’t fall into one of these first four categories, you are fighting for fifth place budgeting. In this presentation you will learn the tools and technologies that are most beneficial from a budget perspective, and from the hacker's perspective. Bio: Mr. Jim Broome is a seasoned IT/IS veteran with 20+ years of information security experience in both consultative and operational roles. Jim leads DirectDefense, where he is responsible for the day-to-day management of the company, as well as providing guidance and direction for DirectDefense’s security service offerings. ESET Software Speaker: Drew Dodson, Partner Sales Engineer Page 12 of 27
Topic: Today’s Threat Landscape - Time for a Ransomware Reality Check Join us for an critical update on the evolving cyber threat landscape. We’ll give you an in- depth look into infrastructure cyber criminals use to profit from your sensitive data. Additionally, we will walk you through everything you need to know to stay ahead of ransomware, the root cause of a data breach and how to prevent them both. Bio: Drew Dodson is an AWS and Security+ accredited Sales Engineer with 10+ years’ experience providing cyber security solutions to organizations of all sizes. With a strong background in technical support, Drew intuitively understands the multitude of challenges customers face and solves them through joint approach focused on education and innovative technology. Forcepoint Speaker: Dede Alexiadis, Principal Sales Engineer, Forcepoint Topic: Empowering Cloud Security with Cloud Access Security Broker Technology Come join Forcepoint at ISSA Discover Security 2018 to understand what threats are introduced to organizations through cloud adoption. Many organizations are uploading sensitive information to the cloud both knowingly and unknowingly. Forcepoint will talk through the tools and strategies necessary to adopt cloud applications while maintaining proper security controls necessary. Some topics on conversation will include: Shadow IT – Users uploading sensitive data to cloud applications unknowingly to Information Security Teams Access controls around cloud applications Compliance topics when storing data in cloud repositories as well as storing state, federal, or International regulated data in cloud repositories. Data Loss Prevention in the cloud Centralized governance for multiple cloud applications Bio: Dede Alexiadis is a Principal Sales Engineer at Forcepoint, specializing in cloud security. She has worked in the areas of data security, encryption, and now assists organizations to understand cloud adoption risks. Dede has spoken at numerous ISSA and ISACA events around the country. She holds a MS in Computer Science with a Concentration in Security from Boston University. Page 13 of 27
Gigamon Speaker: Kevin Peterson, Sales Engineer, Gigamon Topic: Improve Security using Metadata Imagine what a security analyst could deduce if they had visibility into all the common applications flowing through their network. They could optimize the data being sent to security tools, correlate information across the various protocols to know who is talking to whom and get visibility into malware and bad actors that may be hiding on the network. Many enterprises aggregate information from various sources, such as events and logs from DNS servers, web servers and security tools to hunt for threat events and indicators of compromise. But these are not reliable sources; logging can be turned off inadvertently or for performance reasons. Raw network data is the ultimate source of truth – but sending it all to a SIEM can become very expensive. The bottom line is visibility into your application traffic is elemental to security – if you can’t see it, you can’t secure it. What’s needed is deep insight into your applications: Identify which applications are contributing to network traffic. Use application metadata to gain more context of potential threat events and to more easily enforce corporate compliance. Lower tool cost and improve tool efficiency by filtering out low-risk, high-bandwidth traffic. Send suspicious traffic to a tool on-demand when an anomaly is detected. If you need to monitor, identify, and filter application traffic so you can more easily identify anomalies and lateral propagation of threats, please attend. Bio: Kevin comes from an enterprise transmission and network engineering background and has over 20 years of experience in Information Systems and Cyber Security. During his career he has been responsible for conducting and supporting traffic engineering, information assurance and cyber security activities for federal, state, and commercial organizations in the defense, law enforcement, media, utility and healthcare industries. Kevin has lived in and supported customers in both North America and EMEA. Areas of specialization include Smart Cities, Federal & DOD Network Architectures, and IIOT. Kevin is an active member of ISSA, ISACA, AFCEA, and IEEC, and holds certifications Security+, VCP, CNE, SPX, and GSEC. Infoblox Speaker: Bob Smiley, Presales System Engineer, Infoblox Topic: DNS’s Role in Securing Your Network When it comes to your business, your network is the gateway to the world. Unfortunately, protecting your network from evolving threats is more difficult than ever. Device proliferation, BYOD, Internet of Things, virtualization, hybrid cloud adoption—all are crucial trends that Page 14 of 27
enhance business performance. But they also add complexity and increase the attack surface. DNS is an essential component of network connectivity, but it has emerged as the number one threat vector for malware command and control, DDoS attacks, and data exfiltration. Even as your network modernizes and gains valuable new capabilities, threats multiply exponentially. During this session, learn more about threats to DNS infrastructure, and how to use DNS as an integral defense mechanism in your overall security ecosystem. Bio: Bob is a Presales Systems Engineer at Infoblox Juniper Networks Speaker: Zach Forsyth, Security Architect, Juniper Networks Topic: Social Media, the Gateway for Malware Social Media is typically outside of enterprise control, extremely easy to access, and widely used on your networks, and while you were opening up access, and looking the other way, cybercriminals have honed their craft, and are weaponizing Social Media platforms to launch devastating attacks that are breaching even seemingly hardened Security Architectures. To safeguard your evolving network and cloud environment from today’s advanced threats, you need security solutions that can automatically identify and analyze threats, and then respond at machine speeds to utilize the entire network to provide rapid protective measures. Bio: Zach Forsyth is a security specialist with over twenty years of experience and thrives on solving complex security problems. His primary love is cyber security and advanced malware prevention; but he fully understands in order to be successful at securing an organization, you must have a detailed understanding of firewalls, networking, malware delivery and weaponization, intrusions, exploits, social engineering and related fields. Zach has appeared on the AT&T ThreatTraq show, and as a speaker and panelist at leading security conferences such as RSA, Interop, Blackhat, and Secureworld. In addition, he has been published by CNN, DarkReading, Defend Magazine, SC Magazine, CSO Online, Technewsworld and Infosecurity Magazine. Malwarebytes Speaker: Cameron Naghdi, Malwarebytes Page 15 of 27
Topic: Cybercrime tactics and techniques: State of Malware New ransomware, VPNFilter attacks, compromised routers, and increases of zero-day attacks are all indicators that cybercriminals are redirecting their energy to more potentially dangerous attacks. Learn how to counter these in our session; Cybercrime Tactics and Techniques Bio: Cameron Naghdi is the Systems Engineering Manager for US-West at Malwarebytes. Cameron has worked for multiple endpoint technologies and has supported every vertical from retail and healthcare up to Federal/Civilian agencies and the Department of Defense. Beyond working for Malwarebytes, Cameron spends his time working on the technology advisory board of 802Secure and is Co-Founder and CTO at FilecheckIO. Cameron also gives presentations on the threats of today as well as solutions for tomorrow’s biggest security challenges for both security contractors and corporations alike. Netskope Speaker: Bob Gilbert, Chief Evangelist and VP Product Marketing, Netskope Topic: Forget the Dark Web. Right under your nose, there’s a place even riskier. Can you see the Bright Web? The Dark Web is a well-known part of the internet where many sites are not indexed by search engines and can only be accessed if you know the site address, making them effectively hidden. Accessing the dark web requires special software, like browsers configured with Tor. Once inside the dark web, “dark net” markets exist that sell sensitive data stolen in breaches (in addition to illegal products like drugs and firearms). The currency of choice is the cryptocurrency Bitcoin. But there is one area arguably more dangerous and much larger in scale, and that is the Bright Web. We use the Bright Web every day, and it consists of tens of thousands of places Page 16 of 27
where sensitive data can be easily uploaded and shared publicly either with malicious intent or on accident by unsuspecting perpetrators. Join this scintillating discussion as we uncover the current state of the Bright Web, how it affects you and your company, and how recent technology advances provide the visibility and control you need to safely maneuver the Bright Web. Topics discussed: • New research that provides insight into how big and widespread the Bright Web is • A look at dozens of cloud services that make it easy to share sensitive data publicly • How the Bright Web wreaked havoc on three companies • 5 best practices for mitigating risk and safely enabling cloud services in the Bright Web Take a look into expanding the role of information security from a data protection exercise to actually aligning security processes to data workflows. We will look at some practical and some next generational methods to integrate practices in order to be able to articulate security impact to outcomes. Take a journey through different Machine Learning, AI, Big Data algorithms, all in efforts to improve the elusive “context” . This presentation will look into the differences of those methodologies and provide recommendations on building scalable platforms that can co-exist with existing data lakes to drive efficiency and context aware security. Bio: Bob heads up the product marketing efforts at Netskope, the leading cloud access security broker (CASB). Bob is a prolific speaker and product demonstrator, reaching live audiences in more than 45 countries over the past decade. His career spans more than 20 years in Silicon Valley where he has held leadership roles in product management and marketing at various technology companies. Most recently he was the Chief Evangelist at Riverbed where he was a member of the pioneering team that launched Riverbed from a small start-up of less than 10 employees to a market leader with more than 2,800 employees and $1B in annual revenue. Palo Alto Networks Speaker: Jon Friese, Senior Cybersecurity Engineer Topic: Automation Wars How the adversaries are using automation to attack our corporate environments. Understand the adversary playbooks and how to the flip the tables by using automation to defend your networks, employees, and data. Page 17 of 27
Bio: A Certified Information System Security Professional (CISSP) Jon Friese, works as a Sr. Cybersecurity Engineer at Palo Alto Networks. Jon focuses on working with businesses to develop security solutions that align with business needs and requirements. With over 20 years of experience working with customers, sales teams, and product teams he provides a real-world, hands-on, perspective to the challenges that face many organizations. Security has been a focus for him throughout his career, whether in service of the country, (Go Navy!) or within a variety of technology organizations, ranging from Fortune 500, Value Added Reseller, and manufacturing. Roles ranging from RF technician, system administrator, network engineer, manager of information systems, pen tester, security engineer, solutions architect, and cybersecurity engineer. Proofpoint Speaker: Tage Wolters, Sr Engineer, Proofpoint Topic: Rainbow of attacks: The new social media, mobile, and email phishing Criminal gangs and opportunists are expanding their attacks beyond simple malware and account credential theft. They see financially and emotionally devasting rains, floods and fires as opportunities to prey on people to steal account numbers or personal information and that’s in addition to real estate funding scams. Their attacks have begun to mix social media, email, mobile devices, and the dark web data to appear more convincing than ever in their phishing. Join us in this session, where we’ll share case studies, impact, and practical steps for identifying and dealing with these new attacks. Bio: Tage Wolters is a Sr. Engineer with Proofpoint’s Security practice. He has more than two decades of experience working in the information technology, security and services industry. He has a documented track record of successfully consulting and advising some of the largest customers across the private and public sectors. He is an expert in defending against Cyber threats targeting specific individuals in an organization, and extensive experience helping businesses enhance their security postures to prevent future attacks. Tage holds a Master’s in Business Administration from Middlebury College and multiple technical certifications. RSA Speaker: Sean Ennis: Senior Principal Systems Engineer Topic: Orchestrating the Hunt: Using Automation to Threat Hunt Faster and More Effectively Until our computer overlords become truly artificially intelligent, human analysis and insight will continue to be a crucial part of the threat hunting lifecycle. But this dependence poses a huge challenge to most organizations who are already struggling with resource shortages, skill gaps, and tool fatigue with the result being very few organizations able to truly institute an exhaustive cyber threat hunting program. Page 18 of 27
This session will talk about using the concepts of orchestration and automation to streamline and programize threat hunting at scale. Bio: Sean Ennis is a Threat Hunter & Principal Systems Engineer at RSA with ~14 years of experience in the threat detection and incident response space. During that time he has consulted on and helped build security operations, technology and threat hunting/response programs for organizations across North America. Sailpoint Technologies Speaker: Cullen Landrum, Senior Sales Engineer, CISSP Topic: Comprehensive, Intelligent Identity Solution While the Aloha spirit is of warm welcome, information security professionals must work tirelessly to close the door on bad actors trying to break into their IT network. But what do you do if an unauthorized outsider manages to get inside? Or what if the threat originated from within? A central tenet of mitigating risk to information security should be the governance of digital identities and their access rights to sensitive information. Key Takeaways: Discover how to govern all user identities (employees, contractors, vendors, volunteers, etc.) to ensure appropriate access to sensitive information Understand how an integrated identity solutions can help secure all applications as well as data stored in files, whether on-premises or in the cloud Gain insight into how fusing artificial intelligence with identity technology enables better governance decisions Learn how you can achieve greater operational efficiencies with automation of provisioning processes Bio: With 17+ years of experience in Identity and Access Management, Cullen Landrum is a Senior Sales Engineer at SailPoint. Cullen specializes in the areas of Identity Management in State/Local and Higher Education. Prior to joining SailPoint Cullen worked for several startups including Aegis Identity, Symplified and Agiliance supporting Commercial, Federal, State and Local and other government entities. Cullen worked for Sun Microsystems/Oracle as a Senior Systems Engineer supporting telecommunications and Federal government organizations. But it all started with a little consulting company based in Plano TX – EDS – where Cullen spent 10+ years as a developer on everything from mainframes to Tandem to Java. Cullen holds a Bachelor of Arts in Computer Science and Mathematics from the University of Colorado, Boulder, is an ISSA member and a CISSP. Secure Technology Hawaii Speaker: Eric Baum. VP, RedSeal Page 19 of 27
Title: Increase confidence with resilience. How a network model improves your situational awareness and threat mitigation Digital resilience is an organization’s ability to continue to operate through an impairment, while minimizing customer harm, reputational damage, and financial loss. Resilient organizations: Know their entire, as-built networks, including data paths within the network Set targets, measurements, and goals for defense and response Employ best practices in change management and prioritize risks and intelligence for better decision-making Respond rapidly to incidents – while maintaining operational readiness, reducing the risk of losing data, and preventing additional harm Learn how one model of all your network environments – public cloud, private cloud and physical assets – can mitigate threats by improving your vulnerability prioritization, incident investigation and segmentation. Bio: Eric Baum is a Vice President with RedSeal, specializing in Cyber Security and Digital Resilience. Prior, Mr. Baum was a Director for QinetiQ North America, Cyveillance Division, focusing on Cyber Intelligence and Threat Mitigation. Past roles include Vice President for the Insider Threat Business Unit for Raytheon, formerly Oakley Networks. Before joining Oakley, Baum worked with PGP Corporation. Other notable experience includes an active and inside involvement in an "Intelligent Sniffer" program originating from the Intelligence Community and the U.S. Department of Defense with Raytheon. Throughout his 17+ years in cyber security & intelligence, information assurance & operations, and insider threat mitigation, Baum has developed quite an extensive list of relationships, accomplishments, and a thorough understanding and passion for the industry. Baum sits on the Advisory Board for Cyber Security & Information Assurance at National University and is also a participating member of the IT-ISAC and InfraGard. He is recognized by the HTCIA (High Technology Crime Investigation Association) and ISSA (Information Systems Security Association) as a speaker and trainer at the international and chapter levels. SecureWorks Speaker: John Hollner, SecureWorks Topic: Answering the C-Suite’s Toughest Cyber Questions (to Get What You Want) Bio: Security Specialist John Hollner has been with Secureworks for over 7 years. For the last 4 years, he’s covered Hawaii and Los Angeles, helping 100s of commercial businesses use corporate risk to build a case for better cyber security while tackling various PCI, HIPAA, Page 20 of 27
FFIEC, ISO and NIST 800-171 compliance requirements. With 10 years of marketing-as-a- service and sales training experience prior to getting into cyber security, he brings a thoughtful C-Suite messaging approach to help you get project approval. Sophos Speaker: Chris McCormack, Sophos Topic: Tackling the Challenges with Threat Identification and Response Identifying and responding to cyberthreats is probably one of your biggest challenges… partly because most firewalls and EDR solutions are either completely ineffective in providing actionable information or drown you with data that requires a team of experts to sift through. In this session, we’ll take a look at these challenges and how best to solve them - it’s a lot easier than you might think. Symantec / Optiv Speaker: Chris D. Rowlands, Senior Product Specialist, Mobile Threat Defense Symantec Corporation Topic: Mobile Threat Landscape Today’s modern operating systems, like iOS and Android, are designed for ubiquitous and wireless access from anywhere in the world, and have very different use cases and security requirements compared with traditional PCs and servers. Mobile devices are on and connected 24/7, and often owned and managed by individuals, dramatically increasing the attack surface relative to PCs. Malicious hackers have shifted much of their attention to these new operating systems that may provide a direct link into large companies with valuable assets worth stealing. Today, their methods are less focused on broad and annoying attacks on consumers and more on targeted attacks on specific individuals in specific organizations who have the right access levels to high-value assets. Well-researched social engineering exploits, combined with system vulnerabilities, make these attacks highly effective, even against smart and educated individuals. Solutions exist that protect companies from mobile cyber-attacks by securing mobile devices, whether owned by the company or the individual, from the entire landscape of mobile threats-including malware, network-based threats, vulnerability exploits and other targeted attacks, without changing the mobile user experience, compromising user privacy or adding extra burden to IT. Today we will discuss the Mobile Threat Landscape, show an example of what a Mobile Threat looks like, and discuss best practices to protect your Mobile Data. Bio: Chris D. Rowlands is a Mobile Threat Defense expert who helps companies detect, mitigate, and secure their Smart Devices and Tablets against Mobile Threats. He believes that Mobile Devices are an easy way for hackers to gain access to your personal and professional data and is on a personal and professional mission to educate people on how to protect themselves. Chris has been in the Mobility Industry for over 20 years and began Page 21 of 27
specializing in Enterprise Mobile Applications with AT&T in 2009. He has also had roles with MobileIron, Certes Networks, and Skycure (which was acquired by Symantec). Trend Micro Speaker: Jim Montgomery, Trend Micro Technical Advisor | TMSM | MCSE Topic: Unseen Threats, Imminent Losses During this presentation, we will review combined threat data from the first six months of 2018 to reveal trends in the threat landscape and the latest risks facing businesses. The goal is to provide guidance to businesses globally, informing corporate security strategies and align protection against today’s most impactful threats. Traditional indicators of security risk have become unreliable, as many obvious tools, tactics and procedures used by cybercriminals are not being followed. Instead, cybercriminal attention has shifted from attention seeking ransomware attacks to more subtle and subversive attacks. These include cryptocurrency mining, fileless malware, increased focus on BEC attacks, and more sophisticated router attack payloads. Through the Zero Day Initiative (ZDI), Trend Micro has insight into trends and predictive analytics on what types of attacks will be seen in the wild next. In the first half of 2018, the ZDI published more than 600 advisories, with significant growth in the number of Foxit and SCADA bugs. This indicates we are likely to see more attacks coming soon that leverage Foxit reader and SCADA systems, which are prevalent in critical infrastructure. To combat these tactics, it’s more important than ever to have a complete, multilayered defense strategy that protects against new and proven attack vectors. The latest attack types require sophisticated detection capabilities, but traditional protections are also required to stop often-overlooked methods of entry that may not be thought of as a risk. Bio: Jim has been securing enterprise organizations compute environments for over 25 years. During this time he has worked with several Fortune 500 companies developing unique and strategic solutions to provide a safe and secure environment for their digital infrastructure. Jim currently works for Trend Micro as a Technical Advisor for their very large enterprise accounts. In this capacity Jim serves as an integral liaison between customer and product to ensure the security capabilities of the install base while assisting to implement new and innovative ways to reduce their surface area of attack. VPLS Solutions LLC Speaker: Anthony Giandomenico, Team Lead CTI -- Senior Security Strategist and Researcher, Fortinet (in partnership with VPLS) Page 22 of 27
Topic: Offense and Defense: It’s good to play both sides. Successful attacks continue on many organizations despite the continued investments in the latest technologies. To successfully defend our cyber assets whether from a Nation State Actor or an Organized Criminal, companies need to understand both their adversary’s tradecraft as well as how to ensure their security posture is properly designed to continually resist their TTPs. With the limited skilled resources this can be difficult however with the right foundational information it’s much more achievable. This talk will focus on how to effectively leverage freely available information such as the Mitre ATT&CK Matrix to achieve better situational awareness and to more accurately plan and prioritize future security improvements. Bio: More than 20 years comprehensive experience as an Executive, Manager, and Security Consultant & Researcher for companies within information security across all industries. Experience in security program and networking system development, including intrusion detection, firewall and security incident and event management technologies, incident response procedures, security risk assessments, and technology integration. In his current position at Fortinet he leads a team of security analysis and researchers responsible for rapid response to emerging threats and proactivity discovering new threats in an effort to update customers both internal and external on the latest adversary tactics and techniques. He has presented, trained and mentored on various security concepts and strategies at many conferences, trade shows and media outlets including a weekly appearance on KHON2-TV morning news “Tech Buzz” segment and Technology News Bytes on OC16, providing monthly security advice. World Wide Technology Speaker: Barry Jones, Consulting Solutions Architect, World Wide Technology, and Ken Westin, Senior Security Strategist, Splunk. Topic: Building Sustainable Security Architectures Security threats are evolving too quickly for traditional security architectures that focus on perimeter defense and signature based detection to adapt. This evolving landscape requires a shift in thinking that incorporates API-driven security tools that support analytics, automation, and interoperability to rapidly adapt to new threats. In this presentation, we will discuss building architectures that improve security efficacy while minimizing the burden placed on the security organization. Page 23 of 27
Bio: Barry Jones is a Consulting Solutions Architect at WWT with a focus on helping organizations develop strategies to align security, compliance, and regulatory goals. Bio: Ken Westin is currently Senior Security Strategist at Splunk, helping organizations aggregate, analyze and operationalize disparate security data sources to identify and mitigate threats in various forms. In his past he has helped solve crimes with data, tracking stolen devices, breaking up organized crime groups, recovered stolen vehicles, even solved a violent carjacking, leading to the prosecution of dozens of criminals. He has at presented at DEF CON, Black Hat, RSA and other security conferences around the world as well as BSides and other security conferences around the world. Page 24 of 27
NOTES of SHOCK, of EDUCATION, of ACTION! Page 25 of 27
NOTES of SHOCK, of EDUCATION, of ACTION! Page 26 of 27
NOTES of SHOCK, of EDUCATION, of ACTION! Page 27 of 27
You can also read