Embed Size (px)
Citation preview
Schedule
Hacking Classes
Provided By:
Technical Requirements:
Laptop with the resources to run multiple virtual machines o We recommend having your virtual machine host installed and ready prior to
sessions o We recommend this is a spare laptop which you may want to reimage after class
Willingness to learn some new tools
Speakers and Topics
Speaker Name: George Finney Bio: George Finney, J.D., has worked in Cybersecurity for over 15 years and is the author of the book No More Magic Wands: Transformative Cybersecurity Change for Everyone. He is currently the Chief Information Security Officer for Southern Methodist University where he has also taught on the subject of Corporate Cybersecurity and Information Assurance. Mr. Finney is an attorney and is a Certified Information Privacy Professional as well as a Certified Information Security Systems Professional and has spoken on Cybersecurity topics across the country.
Presentation Title: Between The Keyboard And The Chair – Cybersecurity’s Secret Weapon
Presentation Abstract: People are usually dismissed as Cybersecurity’s weakest link, but what if they weren’t? What if instead they could be a secret weapon? This session will focus on moving away from basic cybersecurity awareness toward building a comprehensive cybersecurity wellness program that uses communication, recognition, and incentives to build relationships with employees. In turn, the presentation will also examine the measurable return on investment for cybersecurity education as compared with the traditional investment in technology controls.
Speaker Name: Richard (Rick) Brunner
Bio: Rick has more than 40 years experience in information security and technology, specializing in secure systems/application design and development, system architectures, information risks and controls, testing, and strategy and program management. Rick’s past assignment was as an Assistant Vice President, Security Strategy and Architecture at GM Financial and has worked in Healthcare, Finance, Human Resources, Military, and Intelligence. Rick has 32 years of military service, both active and reserves, rising to the rank of Colonel (0-6). He holds an Executive Jurist Doctorate degree, concentration in Law and Technology from Concord Law School; Master of Science degree in Computer Science, concentration in Information Systems Security from James Madison University; and a Bachelor of Science degree in Mathematics and Computer Science from University of Texas at San Antonio. Rick is an Assistant Faculty member at Collin College, instructing courses in their cyber security program and is an active member of Collin’s Cyber Security Advisory Board. Rick holds the following certifications:
• Certified Information Systems Security Professional (CISSP) (Certification Number: 375658) • SABSA Chartered Security Architect – Foundation Certificate (SCF) (License SCF14020703) • ITIL Foundation Certificate in IT Service Management (Certification Number: 37823)
Presentation Title: What Should a College Information/Cyber Security Program Contain?
Presentation Abstract: Do you really know what you want to do? Cyber Security sounds like it has a bright future, but does it, is it right for me, do I require a certification, which certification, is college the answer, how am I going to pay for college, what should I look for in a program, or what should I do. These and many more questions that will be raised, discussed, and alternatives will be provided in this presentation.
Many schools offer an Associates, Bachelors, Masters, and Doctor of Philosophy degrees or Certification programs in Cyber or Information Security. Some of these programs are within the Computer Science department or within their Business School. Businesses and Government organizations talk about shortage of qualified candidates to fill security positions.
No one program is perfect, but one should understand the options available that meets a person’s particular interest.
This presentation is meant for anyone just starting out in high school, college, just starting in the work force, or looking to advance their horizons.
The objectives of this presentation are as follows:
• Discuss why you may want a cyber, information, or information technology security career • Discuss steps to know who you are and apply that to potential security focus areas • Discuss subjects, topics, items or characteristics that should be offered or included as part of a cyber or information security degree program • Compare/contrast different programs within the DFW area • Suggest recommendations or options that one should look at while in a program or when looking at entering a program
Speaker Name: Andy Thompson
Bio: Member of the Shadow Systems Hacker Collective, and Dallas Hackers Association, I’m active in the Dallas InfoSec community. Currently a Technical Advisor for CyberArk Software, I work with Fortune 500 companies assisting them in advancing their CyberSecurity Programs.
Presentation Title: Ransomware: History Analysis & Mitigation
Presentation Abstract: An hour long look at ransomware’s beginnings, ransomware in the news, variants throughout the years, cutting edge malware analysis, and mitigation techniques.
Speaker Name: Gordon MacKay
Bio: Gordon MacKay, CISSP, Software/Systems Guru with a dash of security hacking, serves as CTO for Digital Defense, Inc. He applies mathematical modeling and engineering principles in investigating solutions to many of the challenges within the information security space. His solution to matching network discovered hosts within independent vulnerability assessments across time resulted in achieving patent-pending status for the company’s scanning technology.
He has presented at many conferences including ISC2 Security Summit, Cyber Texas, BSides Detroit, BSides San Antonio, BSides Austin, BSides DFW, RSA and more, and has been featured by top media outlets such as Fox News, CIO Review, Softpedia and others.
He holds a Bachelor’s in Computer Engineering from McGill University and is a Distinguished Ponemon Institute Fellow.
Presentation Title: Introducing the Vulnerability Management Maturity Model – VM3
Presentation Abstract: The information security landscape has evolved significantly during the last 5 years with the emergence and wider use of new technologies such as Cloud, BYOD, Mobile and the Internet of Things. Alongside this landscape, corporate organizations‰Ûª key defense leaders, CIOs, CSOs and CISOs, have evolved in their information security defense strategies, as well as in how they think and approach information security. This different and evolved landscape, combined with defense leaders new mindset, has influenced key information security processes and in particular, has resulted in a greater understanding of the process of Vulnerability Management.
This session presents a Vulnerability Management Maturity Model, referred to as VM3, and which identifies six different levels of vulnerability management maturity within which different organizations operate. Detailed findings and lessons learned from of a recent study on vulnerability management maturity are shared.
The session covers the six high level activities, as well as a surrounding business environment which characterize an organization’s execution of the vulnerability management process. Key challenges present within each of the six high level activities of vulnerability management, as well as challenges imposed by the organization surrounding business environment are identified and described. Attendees will learn and appreciate how these key challenges impede one’s ability to achieve higher levels of maturity, as well as strategies on overcoming these identified challenges. Attendees will learn how they may help their organization evolve to higher levels of vulnerability management maturity, with the goal of achieving lower levels of information security risk.
Speaker Name: Brian Mork Bio: Mr. Mork is the Chief Information Security Officer for Celanese, where he acts as a senior level executive reporting to the Chief Information Officer (CIO) and leading the strategy and operations of Information and Systems Security. His areas of responsibility include the Security Operations Center (SOC), SAP security, global security architecture, Industrial Control Systems (ICS) security architecture and governance, and the firewalls. He is responsible for establishing and maintaining an enterprise wide information security program to ensure that data information assets are adequately protected. Responsible for identifying, evaluating and reporting on information security risks in a manner that meets company needs, compliance and regulatory requirements. Mr. Mork oversees all technology risk management activities and acts as an advocate for all information security and business continuance best practices.
Presentation Title: A Brief History of Cryptographic Failures
Presentation Abstract: Cryptography is hard. It’s not hard in the way a challenging video game is, or hard like getting through War and Peace without falling asleep, or even hard like learning a new skill. Cryptography is hard because it’s both a system and a technical implementation, and failures in either part can have catastrophic (and sometimes existential) impacts. In this talk we’ll take a look at some of the many ways that cryptographic systems have failed over the years, from accidental design flaws like the Data Encryption Standard (DES) defeat so elegantly demonstrated by the Electronic Frontier Foundation to intentional design flaws such as the reported National Security Agency (NSA) backdoor in the Dual Elliptic Curve (EC) Deterministic Random Bit Generator (DRBG). This talk will be a high-level discussion… no PhD in mathematics is required!
Speaker Name: Mark Nagiel
Bio: SVP/CISO, PrimeLending (4th. largest mortgage company in the US) Director, Information Security (MetroPCS/T-Mobile) VP, Technology/VP Information Security (InCharge Institute – Financial Services) Co-Founder, Network Audit Systems, Inc. (Acquired by Armor Holdings (NYSE company) InfoSec Chief (Niagara Mohawk Power Corp.)
Presentation Title: A Day in the Life of a CISO
Presentation Abstract: The intent of this presentation is to present the diverse nature of being a CISO today within the context of a public, regulated and targeted organization. The content is to both inspire and warn those whose career choices may include the CISO destination.
Speaker Name: Yung Chou
Bio: Yung Chou is a Technology Evangelist in Microsoft US Developer Experience and Evangelism team. Within the company, he has had opportunities on serving customers in the areas of support account management, technical support, technical sales, and evangelism. Prior to Microsoft, he had established capacities in system programming, application development, consulting services, and IT management. His technical focuses have been on virtualization and cloud computing with strong interests in hybrid cloud, Windows Azure Infrastructure Services, and emerging enterprise computing architecture. He has been a frequent speaker in technical conferences, roadshow, and Microsoft events.
Presentation Title: Facing Increasing Malware Threats and a Growing Trend of BYOD with a New Approach
Presentation Abstract: The number of new malware threats realized every day is staggering. These threats are increasingly sophisticated and stealthy, while traditional threat resistance based on detection has turned into a losing battle. As hacking has become a business model and credential theft a practice, IT needs to take a fresh look on how to better and effectively protect corporate assets. This presentation highlights the lessons learned from the past, and examines a new approach to fundamentally secure a corporate or a personal computing device from power on to off, while facing increasing and on-going cyber threats and a growing trend of BYOD in the IT industry. The presented concepts are vendor agnostic, the demonstrations are nevertheless based on Microsoft Windows 10.
Speaker Name: Quentin Rhoads-Herra
Bio: Quentin Rhoads-Herrera is a security analyst for State Farm. In this position he is responsible for risk analysis and application security assessments. He is accountable for ensuring risks are identified and properly mitigated throughout the organization.
He previously served as the Information Security Director for Clearview Energy and Solarview. In this position he oversaw all information security activities. These included development of company-wide cyber security standards, development of layered defense approaches and the hardening and defense of all company systems.
Mr. Rhoads-Herrera has worked in the Information Security space for a total of seven years serving in roles ranging from Security Consultant to Information Security Director.
Presentation Title: The Art of Evading Anti-Virus
Presentation Abstract: There are estimates that security analysts, to include penetration testers, are approximately 5 years behind malicious actors. Anti-virus by itself isn’t enough to stop a malicious individual from gaining access to your servers or computers anymore. In fact many of them have devised ways to evade anti-viruses. We as security professionals should understand how these individuals are doing this, and what tools are available for us to replicate these attacks. Tools such as veil-framework assist us with this. This talk will go over this tool, and how malicious individuals evade anti-viruses with ease.
Speaker Name: Patrick Florer, Heather Goodnight-Hoffmann
Bio: Heather Goodnight-Hoffmann
Over 20 years as Global Sales and Business Development Consultant Cofounder and President, Risk Centric Security, Inc. Ponemon Institute RIM Council (Responsible Information Council) Business Development Manager at Navilogic, Inc. Cofounder and Partner, Cyber Breach Response Partners, LLC Co-author & co-analyst, NetDiligence® 2016 Cyber Claims Study
Patrick Florer
37 years in Information Technology 17 year parallel career in evidence-based medicine Cofounder and CTO, Risk Centric Security, Inc. Member, Ponemon Institute RIM council Distinguished Fellow, Ponemon Institute. Cofounder and Partner, Cyber Breach Response Partners, LLC. Co-author & co-analyst, NetDiligence® 2016 Cyber Claims Study
Presentation Title: Cyber Insurance – Did You Know?
Presentation Abstract: We present a brief discussion of risk and the ways that risk can be handled by an organization, one of which mechanisms is the transfer of risk via insurance.
We describe key terms and concepts related to business insurance generally and cyber insurance specifically.
These concepts will include brief descriptions of duties to indemnify, duties to defend, limits, sublimits, exclusions, and retentions, as well as different types of insurance, including CGL policies, Crime policies, E&O, D&O, PGL, and cyber policies.
We present an introduction to the domain of cyber insurance, discussing how cyber events may or may not be covered by traditional insurance products as well as by cyber insurance products.
We will talk about the role of “standardized” contracts supplied by the ISO (Insurance Services Office), how these are changing in the cyber age, and the need for customized contracts.
We will also present a general discussion of the cost of cyber insurance, the market penetration of cyber insurance in the US, and the cost of cyber events, citing data from public sources as well as reports from NetDiligence®
Speaker Name: Brian Kirkpatrick Bio: Brian Kirkpatrick is the founding shareholder of Kirkpatrick Law PC and a business attorney with a technology focus. He also serves as Of Counsel to Mullin Law PC for matters involving technology and information security.
His practice revolves around clients needing assistance in technology transactions, data privacy, cyber security, software compliance and audits, and general counsel related to business matters. Brian was voted 2015 Top Technology Attorney in Tarrant County by his peers as published in Fort Worth Texas Magazine.
Brian has published numerous articles and lectured nationally on legal topics such as software as a service, software licensing, contract negotiation, cyber security and legal considerations when starting a business. He is also featured in radio news interviews, as a conference panelist, a featured speaker, and is featured in an instructional video series about conducting negotiations. Before entering the legal profession, Brian was a Vice President commercial banker.
Brian is a graduate of Texas A&M University School of Law where he was inducted into the National Order of Barristers. He also has a Masters of Arts in Applied Economics from Southern Methodist University and a Bachelors of Science in Economics from Texas A&M University – Commerce where he was inducted into the Omicron Delta Epsilon International Economics Honor Society.
Presentation Title: How to Address Security in Vendor Agreements
Presentation Abstract: Providers of software, software-as-a-service, managed services, and professional services have varying degrees of sophistication in addressing security in their form contracts. Learn from an experienced technology attorney how to understand key clauses, or discover when they are missing, to ensure that the company’s vendors are compliant with the appropriate security measures before signing the deal.
Speaker Name: Dr. Chase Cunningham
Bio: Dr. Chase Cunningham (CPO USN Ret.) proactively seeks out cyber threat tactics and technical indicators of various threat groups. He is regularly cited as an expert on cyber security and contributes to white papers and other publications. He is also the co-author of The Cynja, a comic designed to educate children about security threats and online best practices.
He was the chief of cyber analytics for Decisive Analytics Corporation in Arlington, VA, where he acted as the principal lead on several research and development efforts. In this role, he led the authoring of a comprehensive paper on cyber workforce framework implementation that has been adopted by a partner nation as its cornerstone cyber future framework initiative.
He also was the lead computer network exploitation expert for the U.S. Joint Cryptologic Analysis Course in Pensacola, Fla. His work was critical in developing the newly founded cyber training curriculum now used by the Department of Defense and different intelligence agencies’ military subcomponents.
He is medically retired from the U.S. Navy in 2011. His time in the military was spent in direct operational support of U.S. Intelligence agency operations abroad. In his last assignments as a Chief Cryptologic Technician, Cunningham managed all research and development of cyber entities to assess threat vectors, network forensics, and methodologies of cyber actors across the intelligence community.
Dr. Cunningham also acted as the senior cyber/Digital Network Intelligence (DNI) analyst for many new mission threads. He handled all DNI reporting, analytics, coordination, and research. His analysis prompted action from various intelligence community agencies, including Federal Bureau of Investigation, Treasury, Central Intelligence Agency, Defense Intelligence Agency, Office of Naval Intelligence, Transportation Security Administration, Department of Homeland Security, and the National Security Agency.
Presentation Title: Evil 101…Stolen data, Criminal Forums, and Nasty Stuff from the Underground
Presentation Abstract: Cyber crime is an evil having its origin in the growing dependence on computers in modern life. In a day and age when everything from microwave ovens and refrigerators to nuclear power plants is being run on computers, cyber crime has assumed rather sinister implications. In this briefing Dr. Chase Cunningham will show audience members real data, screenshots, and other associated criminal actions collected during his daily operations in the cyber underground. If you are looking for a brief on the real stuff, without the hype and minus the buzzwords, this is the brief for you.
Speaker Name: Jeff Carrell
Bio: Jeff Carrell is Network Consultant at Network Conversions. He is a frequent industry speaker, freelance writer, IPv6 Forum Certified Trainer, network instructor, and course developer to major networking manufacturers. He is also a technical lead and co-author for the book, Guide to TCP/IP: IPv6 and IPv4, 5th Edition. Jeff focuses on IPv6 and SDN interoperability.
Presentation Title: imnurnet: Control of Your IPv4 Network with IPv6 Presentation Abstract: In networking, IP as we call it, is actually Internet Protocol version 4 (IPv4). Internet Protocol version 6 (IPv6) is the replacement for IP running in today’s networks. 17 years after the initial release of IPv6, we observe that most networks are not formally implementing IPv6, however, most modern desktop/server OS’s have had it enabled for 6-10 years. That means most IT departments don’t understand that IPv6 is in fact all over in their networks nor what the potential implications are.
This session will cover a few IPv6 basics and then dive into a real-world demonstration accessing a live network and the recon/exploit of an “IPv4 only” network, using IPv6.
Speaker Name: Dr. Branden Williams
Bio: Dr. Branden R. Williams has almost twenty years of experience in technology and information security, both as a consultant and an executive. Branden co-founded a technology services company that provided the foundation to a prominent e-learning company. He has vast
experience as a practitioner and consultant which included helping companies create user-centric security controls and models. His specialty is navigating complex landscapes—be it compliance, security, technology, or business—and finding innovative solutions that save companies money while reducing risk and improving performance. Along the way, he was a Consulting Director for VeriSign/AT&T, one of four CTOs at RSA, ISSA Distinguished Fellow, elected to the PCI Board of Advisors, and author of four books.
Presentation Title: Hacking Performance Management, the Blue Green Game – With a live demo!
Presentation Abstract: Assuming people are rational, we all do things to maximize our payoffs. It’s why things like Enron, and the Sub Prime mortgage crisis happen. This demonstration will show you a key element to designing performance management systems that employees will hack to their advantage.
Speaker Name: Laurianne Callaghan
Bio: Laurianna Callaghan currently serves as a security consultant for Ana Academy, a Dallas based security training company. Previously, Laurianna worked with Dell where she was the creator of security analytics for a major healthcare customer which were presented at the 2016 IASAP conference. In addition, Laurianna has more than 21 years experience in various IT domains. She has served as the Director of Systems Engineering for a telemarketing firm, the UNIX/MVS Manager for a major airline and has IT experience in the healthcare, communications, transportation, education, retail, and other industry sectors. Laurianna holds both the CCNA Security and CISSP designations.
Presentation Title: RAG Status: The Human Dashboard
Presentation Abstract: This session will outline the importance of presenting actionable metrics for the Security Awareness program. Oftentimes security programs are presented while omitting the most constant threat to Information Systems: the human. From a security awareness perspective, we will review analytics that include key performance indicators that may already be available to you; they just need to be added to the new human dashboard.
Speaker Name: Shawn Tuma Bio: Shawn Tuma (@shawnetuma) is a business lawyer with an internationally recognized reputation in cybersecurity, computer fraud and data privacy law. Business leaders regularly trust Shawn to help solve problems with cutting-edge issues involving cybersecurity, data privacy, computer fraud and intellectual property law. He is a Cybersecurity & Data Protection Partner at Scheef & Stone, LLP, a full-service commercial law firm in Texas that represents businesses of all sizes throughout the United States and, through its Mackrell International network, around the world.
Shawn serves the Bar and Profession in many capacities and has been selected for several professional honors:
• Board of Directors, North Texas Cyber Forensics Lab • Board of Directors & General Counsel, Cyber Future Foundation • National Law Journal honored as a Cyber Security Trailblazers • D Magazine Best Lawyers in Dallas 2014 – 2016 (Digital Information Law) • SuperLawyers Top 100 Lawyers in DFW (2016) • SuperLawyers 2015 – 2016 (Intellectual Property Litigation)
• Council, Computer and Technology Section, State Bar of Texas • Board of Directors, Collin County Bench Bar Foundation • Chair, Collin County Bar Association Civil Litigation & Appellate Section • College of the State Bar of Texas • Privacy and Data Security Committee of the State Bar of Texas • Litigation, Intellectual Property, and Business Sections, State Bar of Texas • Information Security Committee of the Section on Science & Technology Committee of the American Bar Association • Social Media Committee of the American Bar Association • North Texas Crime Commission, Cybercrime Committee • Information Systems Security Association (ISSA) • International Association of Privacy Professionals (IAPP) • Advisory Board, Optiv Security (fka Accuvant + FishNet Security) • Contributor, Norse’s DarkMatters • Editor, Cybersecurity Business Law Blog
Shawn is an accomplished author with several published works on various legal-technology topics. He is a frequent speaker on business cyber risk issues such as cybersecurity, computer fraud, data privacy, and social media law. You can reach Shawn by telephone at 214.472.2135, or email him at [email protected].
A list of Shawn’s recent presentations and publications is available here: https://shawnetuma.com/about-the-author/presentations-publications/
Presentation Title: Cybersecurity Legal Issues Business Leaders & IT Should Know
Presentation Abstract: This presentation will focus on the legal aspects of cybersecurity covering preparation, legal and regulatory compliance, and incident response issues. Instead of the usual FUD, the presentation will provide specific action items that virtually all companies can implement and that are grounded in recent regulatory and legal decisions. It will also include a discussion of basic cyber insurance issues and clearly identify and explain the 3 pre-breach must-haves for every company.
Speaker Name: Grant Gilliam
Bio: Grant Gilliam is a Enterprise and Solutions Architect for CHRISTUS Health. Previously, Gilliam has been a security architect, senior security engineer and senior data security analyst. Industries worked in include healthcare, insurance, software and news media. Gilliam has also established and created his own business focusing in outsourcing non-competitive business tasks for allowing clients a strategic advantage over competitors by minimizing FTE and contractor headcount.
His educational background includes a Master of Science in Information Systems, focusing in Information Security, and Bachelor of Business Administration in Management Information Systems, both from Baylor University. The focus of his masters degree research was IT law and Intellectual Property. Gilliam also is a Certified Information Systems Security Professional, Certified Information Security Manager and Certified Information Systems Auditor.
Presentation Title: Business Geekdom: 1 = 3 = 5
Presentation Abstract: Each year a security team participates in several audits, meetings with the business and strategy meetings. Often times, security is seen as one imposing requirements that are either too difficult, impossible to manage or flat out ridiculous.
This is similar to a geek. A geek is defined, as, “an unfashionable or socially inept person.” Is this socially ineptness actually just the lack of the ability to translate the passion of the security professional to the business professional?
In this presentation, I would like to cover how to create, establish and evangelize a framework that has one backend with several frontends. The backend is a common security control framework (not the UCF) and the front end translates to the various business units, audits and business strategies encountered in a security professionals profession each year.
Speaker Name: Nathan Shepard
Bio: CISSP, CISM, CRISC, CISA 33 Years in IT. 21 Years in Information Security. Information Security consulting at the corporate governance level. Information Security management for outsourced InfoSec delivery.
Presentation Title: Layered Security Overview
Presentation Abstract: One area that I have found that even seasoned security professionals have a problem with articulating is layered security (defense in depth). Most are familiar with their area of expertise (servers, networks, pen testing, etc.), but have never viewed security as a heterogeneous process. In my presentation I use a layered diagram to highlight what controls are in what layers, what controls interact across layers, and what a complete layered security model would look like vs. what a more typical company security model does look like.
Speaker Name: Regan K. Edens
Bio: Mr. Edens serves as the General Manager of Hoplite Industries. Hoplite Industries provides VERY unique solutions that deny, disrupt, and defend large global enterprises across a broad spectrum, from F100 companies to the Federal government. We identify and pursue advanced cyber threats in order to create downside risk. Our combination of proprietary technologies and services restores, hardens, and improves the network defenses of your existing “best in class” security stack. We choose only the highest risk customers with the lowest risk tolerance for breach. ONLY RESULTS MATTER.
Repeatedly chosen in private and public sectors to develop and lead cross discipline organizations to achieve improbable outcomes through the most difficult challenges. Offering 23+ yrs leading and innovating through people, purpose, processes, products, & technology with senior executive experience in private and public sectors.
People, Purpose, Processes, Products & Technology: Establish, transform or reorganize dynamic organizations by rapidly integrating new methods, best practices in the most difficult operational environments, under-performing organizations, and high-growth opportunities.
• Established, led, & reorganized companies and programs with P&L responsibilities from $21MM to $250MM. • Leads vertical and horizontal integration of innovative and disruptive technology concepts, products, and practices: End to End adoption within markets, industries, and organizations ($1.5B+ technology integration). • Led organizations, corporations, and other special programs as a senior leader and C-Level executive in private industry and public service ranging from COO, Deputy Director for Operations, Vice-President, and as a Senior Intelligence Officer (two special appointments). • Specializing in rapid inextremis organizational cross-discipline systems, ops, product, and technology lifecycle development, manufacturing, deployment, integration, and sustainment in
high intensity, volatile, uncertain, complex, & ambiguous environments. • Led and consulted for rapid growth Defense Industry and DOD program start ups with high growth annual revenue and program budgets. • Led one the most decorated DOD Intel support teams in Afghanistan, OEF XIII (HTT). 4 Superior Civilian Service Awards, 2012. • Led one of the most decorated small units during in Afghanistan, OEF II with 14 Bronze Stars, 10 Army Commendation Medals, and 6 Army Achievement Medals. BS Awarded by LTG John Vines. (Team of 14) 2002.
Presentation Title: Cyber Security Maturity Level 6: Unifying the Network to Protect the Kingdom
Presentation Abstract: Is your company protecting the castle or the kingdom?
We live in an era of persistent network insecurity and business leaders are beginning to realize the significance of this systemic business risk. Your company is fighting a frustrating and resource draining battle at the gates and inside your own castle. Hoplite Industries sees momentum growing for another approach, leveraging a unified security strategy capable of pushing the fight to the farthest edge of your realm. Hoplite Industries proposes a new Level 6 in the NIST Cyber-Security Maturity Model principally based on the concept of a Federated IT Strategy. Federated IT Strategy is born of the necessity for large companies to assert self-governing authority and accountability regarding shared security standards, policies, analytics, and reporting beyond their company to their business essential third-party companies or business ecosystem. Level 6 emerging technologies should encompass the ability to support a “unified” defense, securing your network, and your essential third-party IT networks. Few companies can afford a revolution, but an evolution is necessary to reduce systemic business risk. No company can afford to ignore the persistent digital predatory pressures threatening their company, their partners, and their balance sheet.
Speaker Name: Ismail Gunedas
Bio: Ismail Guneydas. Ismail Guneydas is senior technical leader with over ten years of experience in vulnerability management, digital forensics, e-Crime investigations and teaching. Currently he is a senior vulnerability manager at Kimberly-Clark and an adjunct professor at Texas A&M. In Kimberly Clark Ismail built company’s first Global Vulnerability Management Program and he currently leads the program.He delivers and sustain the enterprise management strategy and solutions from a governance, process, discipline and technology standpoint, to support Kimberly-Clark’s global and enterprise environments.
Previously Ismail worked at Yahoo where he led complex digital forensics investigations. He also built and led incident response, and electronic crime investigations functions. He received Yahoo Hackovation and Excellence awards for his innovative work in successful operations against fake customer care centers. Before Yahoo, Ismail was with Rackspace Hosting and RLI Insurance. He has taught several computer science courses at Southern Illinois University.
Ismail completed his Master of Science in Computer Science at Southern Illinois University and holds degrees in Mathematics and Electronics Engineering. He has MBA degree at University of Texas at Dallas. He holds multiple security related certifications (CISSP, GCFA, GCIA, CEH, CCSK and CHFI).
Presentation Title: What Numbers Tell Us In The Vulnerability Management
Presentation Abstract: 2015 is in the past, so now is as good a time as any to get some numbers together from the year that was and analyze them. For this presentation, we’re going to use the numbers from the National Vulnerability Database and take a look at what trends these numbers reveal.
Why the National Vulnerability Database (NVD)? To paraphrase Wikipedia for a moment, it’s a repository of vulnerability management data, assembled by the U.S. Government, represented using the Security Content Automation Protocol (SCAP). Most relevant to our exercise here, the NVD includes databases of security-related software flaws, misconfigurations, product names, impact metrics amongst other data fields.
By pouring through the NVD data from the last 5 years, we’re looking to answer following questions:
• What are the vulnerability trends of the last 5 years, and do vulnerability numbers indicate anything specific? • What are the severities of vulnerabilities? Do we have more critical vulnerabilities or less? • What vendors create most vulnerable products? • What products are most vulnerable? • Which OS? Windows OSX, a Linux distro? • Which mobile OS? IOS, Android, Windows? • Which web browser? Safari, Internet Explorer, Firefox?
After this presentation you will know what security areas you need to spend your time to have safe and operational infrastructure..
Speaker Name: Marco Fernandes
Bio: I’m a Security Solutions Architect at Hewlett Packard Enterprise. Prior to that I worked in IT in the defense industry and security consulting in the commercial world. I’m also President of the North Texas Cyber Security Association. I was born in Dallas, TX, and I obtained my Bachelor of Science in Business Computer Information Systems from the University of North Texas. I’ve In my free time I enjoy card games, reading, fitness, watching WWE wrestling, & helping my community.
Presentation Title: Day in the Life of a Security Solutions Architect
Presentation Abstract: I’d like to present my “Day in the Life of a Security Solutions Architect” at Hewlett Packard Enterprise. In this presentation, I’ll go into detail of what exactly I do as a security architect, and my career progression which got me there. I’ll speak about my daily activities, successful client engagements, skills required, etc. I’m happy to answer any questions from the audience, share insights, what I wish I had done earlier in my career, etc.
Speaker Name: Ed Keiper
Bio: Ed Keiper is a senior systems engineer with Array Networks. His background includes 10+ years of experience in cloud computing, infrastructure and security.
Presentation Title: A Layered Approach to Web and Application Security
Presentation Abstract: Encryption creates the need for at least two levels of security. ADC’s provide high availability and a secure layer for SSL traffic termination, decryption, inspection and forwarding to advanced security appliances for further inspection.
Speaker Name: David Nelson, CISSP
Bio: Dave is a Certified Information Systems Security Professional (CISSP) with 20 years of experience and a Fellow with the Information Systems Security Association (ISSA). He has lead technology organizations in both the public and private sector. Prior to founding Integrity, he most recently was the Chief Information Security Officer for a leading health informatics company. He also managed an information security group for a top 5 U.S. banking organization, was the CIO for a higher education institution and served as the information security officer for one of the largest municipal governments on the East Coast.
Presentation Title: The Rise of Social Engineering — Anatomy of a Full Scale Attack
Presentation Abstract: In this presentation you will gain insight on how hackers use the human element to increase the success probability of their attacks. It will cover everything from dumpster diving to email phishing and pretexting phone calls. Learn what to look for and how to defend your organization from social engineering attacks.
Speaker Name: Mark Mandrino
Bio: Mark Timothy Mandrino GURUCUL Sales Director of User Entity Behavior Analytics at Gurucul Mark is an accomplished sales professional with over 25 successful years in the Security and Information Technology space. 5 plus years in sales management and 2 years in business development startup ownership venture. He runs the practice for Gurucul in a 7 state region educating Fortune 100 and up customers in the Identity Detection Intelligence and the UEBA market.
He is ITIL certified, has worked in the eDiscovery space, security services space and is associated with many of the top security vendors in the world. For fun Mark likes to hunt, fish, cook and spend time with his family. Loves sports and has coached little league baseball for 10 plus years before moving to Texas in 2015 from Boston, MA. Mark has traveled the world as a missionary’s son and lived in 22 states and 4 countries before he was 18. He enjoys the daily challenges of information security and IT. Loves helping his clients tackle the tough issues.
Presentation Title: Identity as a Threat Plane Leveraging UEBA and IdA
Presentation Abstract: User and Entity behavior analytics (UEBA) and identity analytics (IdA) created from behavior-based machine learning models are changing security methodologies and architecture in many domains. UEBA and IdA are converging with SIEM, IAM, DLP, CASB and EDR solution areas to impact security solution design and functionality. The shift includes moving from a declarative rules and roles-based environment into behavior-based risk scoring to determine intelligent roles, adaptive access, plus predicting and detecting insiders, account hijacking, data exfiltration and cloud access and abuse. We are surrounded by many uses of machine learning in our daily lives and until only recently are security solutions catching up to this force multiplier.
Attendees will learn the following:
• The shift from declarative rules and roles to machine learning models • Understanding excess access risks, outliers and intelligent roles
• How machine learning models predict and detect unknown threats • The importance of dynamic peer groups in clustering and outlier machine learning • Migrating to adaptive access and risk-based access reviews • Driving deterrence and detection with self-audits for employees and partners
Speaker Name: Mark Overholser
Bio: Mark Overholser has been a lifelong technology enthusiast, and made his passion his career. After working for many years at a multi-billion-dollar medical supply manufacturer and distributor using technology to achieve business goals, he started to wonder about what sorts of controls were in place to help make sure technology would only do good, not harm. One thing led to another, and he then was one of the first members of the new information security team. After working hard to grow the team and build the information security practice, he left to take a breather and now is working to help information security teams everywhere understand threats and get the most out of their defensive technologies.
Presentation Title: Artifacts Are for Archaeologists: Why Hunting for Malware Isn’t Enough
Presentation Abstract: “Spoiler Alert: It’s because attackers can (and do) abuse legitimate software, administrative tools, and scripting environments which are considered benign and not caught by traditional antivirus software. Since attackers can use legitimate software to conduct their nefarious behavior, how do you catch them? It’s simple: Look for the behavior.
LightCyber’s Behavioral Attack Detection platform detects and highlights the network behaviors of attackers that have penetrated the perimeter. This provides visibility that allows security teams to locate and eradicate network intruders quickly, regardless of what tools the attackers are using to achieve their goals. With LightCyber’s Network-to-Process Association technology, attacker behaviors can be tracked back to the exact process that originated the behavior.
We will discuss the top tools that have been detected and associated with attacker behavior inside of LightCyber customer environments, all of which are legitimate software. There will also be an overview of how LightCyber Magna works.”
Speaker Name: James Muren
Bio: James is a strategist and delivers workshops in cyber security strategy, GRC and security architecture that are used to develop long-term strategies and tactical roadmaps for customers that addresses security for legacy and cloud architectures. As a strategic management consultant and having built fully capable cyber programs in the past, he helps mentor and lead teams for programs & projects in information technology & cyber security. James is primarily focused on the business benefits of cyber security, and the demonstration of those benefits through metrics that can be quickly communicated to executive leadership. By properly integrating security controls within a regulatory and policy context, security programs such as breach and incident response, data governance, forensics, etc. can properly demonstrate value, receive proper investment and adequately secure organizations.
James is also a researcher. His areas of research include: Continuous GRC, cyber analytics, Trusted Computing Group (TCG), Security Automation, Hardware & Software Security, ICS, SCADA, IOT, Malware Research, Full System Security Design Lifecycle and Leap Ahead technology.
James believes that recognition by a satisfied customer is the best accolade one can receive. He continually seeks to improve, challenge and outdo himself. James participates as a mentor at
UMUC (where he received his Bachelor’s in Computer Information Science) and for the University of Redlands School of Business (where he received his MBA), where he mentors the next generation of cyber warriors and business leaders respectively. He possesses security certifications (CISSP, CISM, CGEIT, CRISC), developer experience and is a SCRUM Master. He is a member of the International Leadership Association (ILA), American Statistical Association (ASA), and Whitehead Leadership Society & Banta Center for Business, Ethics & Society.
Presentation Title: Detecting and Catching the Bad Guys Using New Deception Technology
Presentation Abstract: Traditional controls are well known for their short comings in the face of modern cyber-attacks. Cyber security technologies will make use of signature based, behavioral, Next Generation capabilities or attempt to augment capabilities by leveraging cloud based or on premise cyber analytics warehouse and threat intelligence feeds via indicator of compromise (IOC) or other mechanisms. Although the later efforts have increased organizational cyber capabilities, they only do so with proper investments in people, process and technology. Additionally, as attackers adapt to defenses, these controls begin to experience decreasing marginal rates of defensive capability.
Deception programs, architectures and technologies endeavor to augment existing cyber security capabilities through the use of honeypots or honey net (decoys) or breadcrumbs or broken glass (deceptions).
Advanced deception technologies are differentiated by the use of distributed deception technology which features agentless, simple deployment capabilities with lightweight deceptions that leverage operating system objects deceive attackers into triggering alerts. Normal users would never trigger the deceptions as an attacker would, resulting in high fidelity alerting with near-zero false positives. Such technology consequently serves to not only augment cyber security capabilities post-breach but provides a new, highly effective post-breach cyber security capability along with precise real-time forensics.
