I would like thank you for attending the 25th global edition of the Hacker Halted Conference!

We were very excited to be back to our Hacker Halted USA home, Atlanta, GA to continue the tradition of outstanding Hacker Halted events. EC-Council Foundation, our thriving non-profit, is thrilled to have partnered with our generous sponsors to bring you the best Hacker Halted in our long history. Our theme this year was, “The Butterfly Effect: How Small Mistakes Lead to Big Disasters,” and was selected to highlight just how important your efforts as infosec professionals are not only to the companies you work for but to the world we all live in. We recognize that the pursuit of security is incredibly daunting but the details of getting it right are so important.

To that end, this year we organized several new features for your edification and enjoyment. First, we partnered with local technology groups to bring you a job fair. We at EC-Council Foundation believe that one of the basic steps in unifying global cyber defense is to ensure the best professionals have the opportunity to grow their careers, their knowledge, and their networks within information security. By bringing companies who need to hire the best and the brightest to our conference, we know we will be successful in this goal.

We also addressed a global concern during our Privacy vs. Security debate in a rare instance of a joint session of the Global CISO Forum, our executive conference, and Hacker Halted. We felt this conversation between the public, commercial interests, privacy advocates, governments, and all other concerned parties must continue to take place in order for progress to be made.

We also held the championship round of the Global CyberLympics, our world-famous hacking game! Team Hack.ERS of the Netherlands took home the trophy after beating 11 teams from 6 different regions, including Asia, Australia, North America, South America and Africa. The winning team was recognized during the opening of Hacker Halted and we would encourage all our ethical hackers to participate in the competition next year.

We hope everyone had a great time while learning from your outstanding peers from all over the world, representing an entire network of professionals dedicated to security. EC-Council’s offerings now span the industry, from basic end-user training to highly technical deep dives to our executive program to graduate-level education – EC-Council is truly making a difference in the lives of information security practitioners around the world and the security of the world’s top organizations.

Thank you for being a part of our global initiative toward a more secure world. I look forward to next year!

Jay Bavisi,Co-Founder & President of EC-Council

Thank You for being a part of Hacker Halted

This year’s Hacker Halted theme was

the Cyber Butterfly Effect: When Small Mistakes Lead to Big Disasters. The goal of the conference was to discuss how organizations are often compromised through the smallest of mistakes and how implementing effective changes can have ripple effects throughout all departments of an organization.

With over 40 speakers, Hacker Halted examined cyber disasters through dozens of presentations:

• Wifi Data Leakage

• The Dark Side of PowerShell

• Defending against 1,000,000 Cyber Attacks

• Live Network Crypto Hacking and Exploitation

and many more!

Jack Daniel

Amar Singh

Steve Bongardt

Kurt Opashl

”

PRIVACY vs SECURITY DEBATE

The morning of Hacker Halted brought a group of notable speakers to the debate stage: Jack Daniel, Technology Activist; Steve Bongardt, Former FBI; Kurt Opsahl, Electronic Frontier Foundation; Amar Singh, Information Security & Data Privacy Practitioner.

Nice conference. Really pleased with the quality of the speakers.

Keynote Speakers

The morning of Hacker Halted brought notable speakers such as: Jack Daniel, Technology Activist and Founder of Bsides; Samy Kamkar, YouTube’s Favorite Hacker; Shelley Westman of IBM; Ingrid Centurion, retired Lieutenant Colonel who supported large scale operations with the Department of Homeland Security and Law Enforcement agencies; and Steve Bongardt, a former FBI agent involved in the 911 investigations.

Jack Daniel Samy Kamkar

Company: Tenable Network Security Independent Security Researcher

Shelley Westman Ingrid Centurion

Company: IBM Security Company: Centurion Technologies

Steve Bongardt

Company: The Gyges Group

Notable SpeakersIn the afternoon, the attendees can choose the sessions they want to attend. Notable speakers in these breakout sessions included: Chris Sistrunk of Mandiant who talked about how to get into ICS security to help protect your Critical Infrastructure; Keith Thomas of AT&T who gave us a tour of the Dark Web; Solomon Sonya of the United States Air Force who talked about WiFi Data Leakage and how your phone, laptop and smart device can reveal where you live, work and placed you’ve visited; Deral Heiland of Rapid 7 who gave an enlightening discussion of IoT automation security; and Kevin Cardwell and Wayne Burke, who taught attendees how to build a mobile assault rifle. These and many other presentations made it so hard for attendees to choose which to attend.

Chris Sistrunk Keith Thomas Solomon Sonya

Company: Mandiant

Deral Heiland

Company: AT&T Company: United States Air Force

Company: Rapid 7

Kevin Cardwell Wayne Burke

Hacker Halted attendees were joined with over 20 exhibitors that showcased their products & services both days of the conference.

Some of the vendors included were: IBM, BluVector, Saint, Simeio, CounterTack, Augusta Locksports, and Chiron, who held a Capture the Flag game that over 100 attendees participated in!

9:00AM Opening and Announcement of Winners of Global CyberLympics - Jay Bavisi & Eric Lopez

2:50PMBreakout Session 2Defending Against 1,000,000 Cyber Attacks- Michael Banks

4:30PMBreakout Session 3SWAT Style: Live Network Crypto Hacking and Exploitation - Wayne Burke

2:50PMBreakout Session 2False Flags - Erin Owens

6:00PMHacker Halted Networking Event with Dueling Piano bar

2:00PMBreakout Session 1It walks, It talks and it will conduct economic espionage - Greg Carpenter

4:30PMBreakout Session 3Out Go The Lights: An enlightening discussion of IoT automation security - Deral Heiland

3:50PMBreakout Session 3Charity: A Secret for Cyberspace- Jonathan Creekmore

2:00PMBreakout Session 1

Wifi Data Leakage: How your phone, laptop, and smart device can reveal where you live, work, and places you’ve visited via 802.11 inception - Solomon Sonya

10:30AMPrivacy vs. Security Debate – Steve Bongardt, Jack Daniel, Amar Singh & Kurt Opsahl

2:50PMBreakout Session 2Evolution of Malware and Attempts to Prevent- Michael Vien and Greg Hanis

4:30PMBreakout Session 3Hacker Quantified Security - Alex Rice

2:00PMBreakout Session 1The Dark Side of PowerShell - George Dobrea

11:30AMThe Shoulders of the InfoSec Project– Jack Daniel

3:50PMBreakout Session 3How to Get into ICS Security - Chris Sistrunk

3:50PMBreakout Session 3Lateral Movement: How attackers quietly traverse your Network - Xavier Ashe

AGENDA DAY ONE

9:00AMThe Less Hacked Path - Samy Kamkar

2:00PMBreakout Session 1All Your Base Still Belong To Us: Physical Penetration Testing Tales From The Trenches- Valerie Thomas & Harry Regan

2:50PM Breakout Session 2Building a Mobile Assault Kit- Kevin Cardwell & Wayne Burke

2:00PM Breakout Session 2Hallowed by thy Packets - Paul Coggin

11:45PMCybersecurity & Security: Concepts of Behavioral Profiling from the FBI’s first Cyber Profiler – Steve Bongardt

10:00AMSecurity in the Cognitive Era: Why it matters more than ever - Shelley Westman

2:50PM Breakout Session 2Tour of the Dark Web - Keith Thomas & Chad Hunt

2:00PMBreakout Session 1Exploring LTE security and protocol exploits with open source software and low-cost software radio - Roger Jover

11:00AMAcceleration using the Software Supply Chain Principles – Ingrid Centurion

2:50PMBreakout Session 2Beyond eXtreme Forensics Update 3Q / 2016- Alvaro Soto

3:30PMClosing Address & Raffle

AGENDA DAY TWO

Hacker Halted also added a new component to its annual agenda by bringing a career fair to conference goers and the Atlanta community. Over 200 attended as they networked with large corporations interested in hiring IT professionals at all levels. The career fair was hosted by TAG and TechFetch, two organizations dedicated to improving the information security industry and its professionals.

“The venue was great. The pre-conference training was also very nice, especially being in the same hotel as the conference.

Fascinating topic, demonstrated by the packed room. Unfortunately that made it almost impossible to hear the speaker. Hope that these more technical presentations will find their way to the web as videos.

Overall one of the better EC Council Events I have attended. What made it better was the higher quality of the speakers. Overall Best conference so far for me.

“

“

Great to get a law enforcement prospective for cyber security. Very interesting presentation on profiling hackers.

Best conference I’ve been to so far. Had some great conversations and met some great people, and the location was convenient.

Impressive and eye opening demo. I had imagined this sort of thing, but I was still amazed to see what his toolset could do.

Certified Ethical Hacker (CEH)

Certified Security Analyst/Licensed Penetration Tester (ECSA/LPT)

Computer Hacking Forensic Investigator (CHFI)

Certified Chief Information Security Officer (CCISO)

HACKER HALTED ACADEMY

This was a great conference. We will look forward to bringing our InfoSec people next year.“

”Very good material, very good delivery.

39%IT COMPUTING

INTERNET

34%GOVERNMENT& MILITARY

HEALTH &EDUCATION

8%

CONSULTANCY& BUSINESSSERVICES

7%OTHER12%

Participant Demographic By Industry:

Augusta UniversityCalhoun Community CollegeDaytona State CollegeFerris State UniversityGeorgia State UniversityGeorgia TechGwinnett Technical CollegeHouston Community CollegeKennesaw State UniversityLanier Technical CollegeMoraine Valley Community CollegeNational Cybersecurity Institute at Excelsior CollegeNew Charter UniversityNew York UniversityNorth Florida Community CollegeNorthwest-Shoals Community College

Oakland UniversityPiedmont Technical CollegeSoutheast Missouri State UniversityStamford UniversitySullivan College of Technology & DesignTechnical College System of GeorgiaThe University of Alabama at BirminghamUniversity of ArizonaUniversity of CaliforniaUniversity of ConnecticutUniversity of DallasUniversity of GeorgiaUniversity of Maryland University CollegeUniversity of PhoenixVincennes UniversityVista TechnicalWestern Governors University

Universities represented:

Hacker Halted is a global series of Computer and Information security conferences presented by EC-Council. The objective of the Hacker Halted conferences is to raise international awareness towards increased education and ethics in IT security.

I wish I could have attended all sessions - all were excellent and all the Global CISO forum sessions were excellent. ”

Over 1,000 IT security professionals attended

Amazon

American Cancer Society

AT&T

Bank of America

Bed Bath & Beyond

BluVector

Center for Disease Control

CenturyLink

Chase

CISCO

Dell

Deloitte

Equifax

FireEye

General Motors

Hewlett Packard

IBM

Infosecurity Magazine

Kaiser Permanente

Kaspersky Lab

KPMG

Leidos

LifeLock

Northrop Gumman

Oracle, Inc.

Rapid 7

Saint Corporation

Solutionary

State Farm Insurance

Time Warner Cable

US Bank

US Post Office

VISA

VMware

Wells Fargo

DELEGATIONBY JOB FUNCTION

IT PRO

FESSION

ALSEXEC

UTIVE C

LEVELO

THERM

ANAG

ERS & D

IREC

TOR

SC

ON

SULTAN

TSSTU

DEN

TS

36%21%15%12%10%6%

Nice conference. Really pleased with the quality of the speakers.

I love this event every year!

Some notable companies that were represented in this year’s Hacker Halted include:

HACKER HALTED IN THE PRESS

The conference served as a fantastic platform where some new and unknown security vulnerabilities were uncovered and discussed at length. Hacker Halted also hosted a Privacy vs. Security presidential style debate as representatives from the FBI, the Electronic Frontier Foundation, and advocates supporting the Hackers and CISO’s discussed where the line should be drawn between privacy rights and security. The two events held concurrently, Hacker Halted and the Global CISO Forum, came together to listen in on the topic that has such importance to both groups. Check out the debate and other topics covered by the media:

JACK DANIEL HONORS HISTORIC INFOSEC FIGURES

At Hacker Halted conference in Atlanta, Georgia on September 15, renowned industry expert Jack Daniel, introduced his project ‘The Shoulders of Infosec’

READ THE FULL ARTICLE

FORGET BACKDOORS, THE FREE MARKET SHOULD BREAK INTO PHONES FOR FBI

In a keynote panel on privacy vs security at Hacker Halted in Atlanta on September 15, panelists debate Apple vs FBI, the Government’s treatment of privacy, and employees’ right to privacy

READ THE FULL ARTICLE

CYBER SECURITY CONFERENCE HACKER HALTED WRAPPED UP ANOTHER YEAR WITH SPEAKERS AND ATTENDEES FROM ALL OVER THE WORLD

Hacker Halted, EC-Council Foundation’s largest annual information security conference of the year, attracted attendees from Algeria, Argentina, Australia, Brazil, Cameroon, Colombia, Ecuador, Egypt, France, Ghana, India, Jamaica, Mexico, Netherlands, Nigeria, Russia, Saudi Arabia, South Africa, Thailand, Trinidad and Tobago, United Arab Emirates, United Kingdom, and all over the United States, making it a truly global event.

READ THE FULL ARTICLE

EC-COUNCIL INFOSEC TECH AND EXEC AWARDS

EC-Council hosted the Info Sec Tech and Exec Awards gala at the Crowne Plaza on Sept 14th. In a black tie ceremony, EC-Council Foundation honored leaders in information security by recognizing finalists and winners in seven categories. The Awards Program was created to highlight accomplishments in information security including the technical experts making waves in their respective industries and the executives leading the way.

The winner of the Innovative Project of the Year is Chen Heffer! Heffer won for his work with the Douglas County, Colorado Government. His nomination was chosen because of the implementation of an automated incident response system that created a hybrid environment that combined human skills and technologies, significantly shortening the response time to a cyber event once it had been detected. By leveraging automation to help its cyber security and incident response team scale their efforts, Douglas County was able to im-prove their security stance while also generating significant taxpayer savings and a safer environment for its constituents.

For the Most Improved Security Program of the Year, the winner is Juan Gomez-Sanchez for his amazing work at Lennar, Inc. As the new CSO there, in his first year Juan created a new vision for the security program, implemented a highly customized security framework that aligned with the intricacies of the business, created executive buy-in, and has had some incredible, tangible results.

INNOVATIVE PROJECT OF THE YEARWINNER: CHEN HEFFER (NOT PICTURED)

MOST IMPROVED SECURITY PROGRAM OF THE YEARWINNER: JUAN GOMEZ-SANCHEZ

The CCISO of the Year is Dr. Luis O Noguerol. Dr. Noguerol was selected as the winner by the committee for his extensive work as Chief Information Se-curity Officer and Acting Chief Technology Officer for Latin America for the US Department of Commerce, where he reduced electronic fraud by 39% in less than 2 years, achieved company PCI compliance in one year, among many other acheivements.

The CISO of the Year is Medha Bhalodkar. Bhalodkar is the first ever CISO of Columbia University where she leads multiple teams of information se-curity professionals to manage Columbia’s IT policies, IT risk assessment, governance, application security, identity access management and network security across its 17 schools and 9 Global Centers creating a new Center of Excellence in Security analysis.

CCISO OF THE YEARWINNER: DR. LUIS O NOGUEROL

CISO OF THE YEARWINNER: MEDHA BHALODKAR

The Forensic Analyst of the Year was awarded to Yamikani Gogo Wilfred Hauya. He was picked for his work with the Malawi Revenue Authority in Central Africa, Malawi. He has been on the cutting edge of security in Malawi and EC-Coun-cil Foundation is proud to shine a light on the progress he has made.

FORENSIC ANALYST OF THE YEARWINNER: YAMIKANI GOGO WILFRED HAUYA

The winner of the Pen Tester of the Year is Basem Helmy. Helmy’s nomination won due to his work on the enterprise risk team in Deloitte Middle East. He specializes in offensive security services and his ability to provide adaptive pen-etration testing in highly secure environments - identifying real business weaknesses.

PEN TESTER OF THE YEARWINNER: BASEM HELMY (not pictured)

The winner of the Ethical Hacker of the Year is Ankur Chandrakant. Chandrakant is a technology enthusiast and evangelist and an expert in vul-nerability assessment and penetration testing. He has conducted more than 126 successful pentest projects and takes the time to teach his clients and the larger community about ethical hacking.

ETHICAL HACKER OF THE YEARWINNER: ANKUR CHANDRAKANT

Sponsors and Event Partners

®

the security awarenessC O M P A N Y

WITI PRIMARY LOGO-CMYK