InnoTech San Antonio is back again with another great conference coming up, and the CyberDEF Dojo has partnered up with them to provide a security track on April 11 and a Security Engagement Series event on April 12. If you would like to learn more about the event, our events page has all of the details, including an offer code you can use to get in for free on both days.
On April 11, there will be several security track sessions that you all should definitely check out if you want to learn more about the state of security innovation today. Here’s a list of them:
STRATEGIES ON SECURING YOUR BANKS & ENTERPRISES. (FROM SOMEONE WHO ROBS BANKS & ENTERPRISES FOR A LIVING!)
Presenter: Jayson Street
Most people who work on the defensive side of computer security only see the landscape from that perspective! In this talk Jayson will show how an attacker views your website & employees then uses them against you. We’ll start with how a successful spear phish is created. By using the information gathered from the companies own ‘about’ page as well as scouring social media sites for useful information to exploit employees. The majority of the talk will be covering successful counter-measures to help stave off or detect attacks. This discussion will draw on the speakers 15 years experience of working in the US banking industry on the side of defense. Also at the same time he’ll be drawing on over 6 years of doing engagements where he took on the role of the attacker. If everything turns out well everyone will have learned something new that they can immediately take back to their networks and better prepare it against attacks!
Autonomous Cyber Defense: AI and the Immune System Approach
Presenter: David Masson
From insiders to sophisticated external attackers, the reality of cyber security today is that the threat is already inside. Legacy approaches to cyber security, which rely on knowledge of past attacks, are simply not sufficient to combat new, evolving attacks, and no human cyber analyst can watch so much or react quickly enough. A fundamentally new approach to cyber defense is needed to detect and respond to these threats that are already inside the network – before they turn into a full-blown crisis.
Self-learning systems represent a fundamental step-change in automated cyber defense, are relied upon by organizations around the world, and can cover up to millions of devices. Based on machine learning and probabilistic mathematics, these new approaches to security can establish a highly accurate understanding of normal behavior by learning an organization’s ‘pattern of life,’. They can therefore spot abnormal activity as it emerges and even take precise, measured actions to automatically curb the threat.
Discover why autonomous response and machine learning is the future of defense and how the ‘immune system’ approach to cyber security provides complete network visibility and the ability to prioritize threats in order to better allocate time and resources.
Automating Security in the Cloud
Presenter: Aaron Lennon
The dynamic nature of cloud environments and increased importance on speed and agility bring new challenges with regards to security. In this presentation I will discuss methods that can be used to automate security control validation and incident detection & response activities to maximize effectiveness while minimizing the impact to development activities.
Incident Response Tabletop Exercise
Presenters: Rob Dodson and Jeff Reich (CyberDEF Dojo represent!)
In a very interactive session Jeff will facilitate an incident response tabletop exercise. You will see an incident from different perspectives, determine actions needed in these scenarios, respond to the injects and identify the gaps in the situation and how it relates to your organization. If you want to volunteer, contact Jeff or Rob via our Slack channel (cyberdefdojo.slack.com).
Smarter Security: Edge to Edge
Presenter: Chuck Jenson
With the Growth of the “Internet of Things device usage, your security trends in 2018 go from securing the perimeter to securing everything. In this session, we will talk about knowing your “Things”, controlling your “Things” and securing your “Things”.
The Paradox of Cyberthreats
Presenter: Ben Mungkornpanich
As environments become progressively interconnected, threats become increasingly complicated. The top security events of the past year make this apparent — and their repercussions make the implementation of smart protections all the more important.
The following sessions will be for CyberDEF Dojo Day on April 12. This is our Security Engagement Series extended event at InnoTech, and the theme for this series will be the future of security.
The Gathering Storm: CISOs as Transformational Leaders
Presenters: Shelly Carlin and Fred Ritch
In this presentation, you’ll get insight into the unprecedented opportunity that Chief Information
Security Officers (CISOs) have to transform their profession and make significant strategic
contributions to their organization. Starting with an analysis of how rapidly accelerating spending
on InfoSec programs will eventually threaten a company’s bottom line, we’ll illustrate how the
skills and capabilities CISO need to be successful are rapidly evolving – and how those who
make the transition from technocrat to business partner can more effectively help their
organizations address both the operational and financial impact of an accelerating threat
The presentation will examine four key capabilities that CISOs will need to deliver strategic
value to their organizations in the future: Financial Acumen, Risk Management, Collaboration,
and Communication. Examples of how each capability will be essential to the CISO of the future
will be used to illustrate the key Points.
How Quantum Computing Will Impact Your Present Identification Tools and Methods
Presenter: Dr. Jim Keeler
Quantum computing is a new initiative that will change computing forever. This talk will present an overview of quantum computing, how it works and how it may be used to bypass current authentication controls, steal your identity, and what you can do about it.
Defense in Depth is Dead – Evolving Your Security Approach
Presenter: Chris Gerritz
Reports of network intrusions have spiked in recent years resulting in millions in financial loses, theft of intellectual property, and exposure of customer information. The groups responsible for these attacks are organized and can persist in your organization’s systems and endpoints without detection for 6 months on average – sometimes years. The approach many organizations take to prevent these attacks is to simply layer on increasing numbers of defensive solutions – clearly this approach is no longer sufficient.
Learn why the current defense in depth model, as it is applied in many organizations, leaves critical gaps which allow attackers to remain undetected. Chris Gerritz, Infocyte’s Founder and the former Chief of Defensive Counter Cyberspace Operations for the U.S. Air Force AFCERT team, will discuss:
- The Defense in Depth model from an attacker kill chain perspective
- Why defense is important, but it is not the only factor to deliver security
- Where threat hunting and post-compromise detection fit in the model
Deep Dive into Blockchain Uses
Presenter: Kurt Kelley
Have you heard Blockchain is going to disrupt every industry? In this talk, I will give you real answers to what use cases and case studies are proving out. We will discuss use cases for IoT, Cybersecurity, Supply Chain, E-commerce, segments along with vertical case studies.
The Future Security Professional
Learn about what is coming next in security and what professionals need to know to be ready for it. We will be ending CyberDEF Dojo day with a panel discussion what the things you need to know to prepare for tomorrow. Expect to have a better idea of what to study next after this session.
Hope to see you all at InnoTech this year!