Annual Discover Security Conference 2018 - ISSA Hawaii's 25th - Theme: Relevant InfoSec Solutions
←
→
Page content transcription
If your browser does not render page correctly, please read the page content below
ISSA Hawaii’s 25th
Annual Discover Security
Conference 2018
Attendee Packet
October 10 and 11, 2018
Theme: Relevant InfoSec Solutions
Relevant InfoSec Solutions
October 10, 2018
Aloha and Welcome to the 25th Annual Discover Security Conference.
Theme: Relevant InfoSec Solutions
Relevant InfoSec Solutions showcases some of the most advanced security
solutions in the market today. Learn about how these solutions can address the
2018 information security trends that matter. Use artificial intelligence and
machine learning to boost your cyber defense. Be proactive about preventing
ransomware. Appropriately secure the IoT and mitigate the rise of the botnet
risk. Augment your cybersecurity professional knowledge and skill
shortage. Develop a cybersecurity framework for your organization.
Operationalize patching and application testing. Learn how Relevant InfoSec
Solutions can help you address you and your organizations most pressing
challenges.
Sincerely,
The Board of Directors
Information Systems Security Association
Hawaii Chapter
Page 2 of 27
When: October 10 - 11, 2018
(Registration begins at 7:00 am)
Where: Pōmaika‘i Ballrooms at Dole Cannery
735 Iwilei Rd, Honolulu, HI 96817
http://pomaikaiballrooms.com
REGISTRATION FEE:
TIG
ISSA MEMBER: $50.00
NON-ISSA MEMBER: $100.00
Page 3 of 27Thank you to our Sponsors
Gold Sponsors
Page 4 of 27Beverage Sponsor
Material Sponsors
Page 5 of 27General Sponsors
Page 6 of 27JPNI
Page 7 of 27AGENDA Day 1 – Wednesday, October 10, 2018
October 10 Vendor Speaker Topic
0715 – 0815 Breakfast and Registration
0815 – 0830 ISSA Hawaii Jock Purnell Welcome and Announcements
0830 – 0900 Sailpoint Cullen Comprehensive, Intelligent Identity Solution
Landrum
0900 – 0930 Trend Micro Jim Unseen Threats, Imminent Losses
Montgomery
0930 – 1000 Checkpoint TBD TBD
1000 – 1030 Vendor Recognition, Break and Exhibition
1030 – 1100 Secure Eric Baum Increase confidence with resilience. How a
Technology network model improves your situational
Hawaii awareness and threat mitigation
1100 – 1130 ESET Drew Dodson Today’s threat landscape - Time for a
Ransomware reality check
1130 – 1200 Carbon Black Michael Marx The Real Authority: Staying Conscious in
Computing
1200 – 1230 Lunch and Exhibition
1230 – 1300 Gigamon Kevin Improving Security using Metadata
Peterson (in 2nd Ballroom)
1300 - 1330 Continue Lunch and Exhibition
1330 – 1400 Palo Alto Jon Friese Automation Wars
Networks
1400 – 1430 Direct Defense Jim Broome Fighting for the Fifth Place - How to Get the
Most From The Solutions You Need, And The
Solutions You Want
1430 – 1500 Sophos Chris Tackling the Challenges with Threat
McCormack Identification and Response
1500 – 1530 Break and Exhibition
1530 – 1600 VPLS Solutions Anthony Offense and Defense: It’s Good to Play Both
GiandomenicoSides
1600 – 1630 RSA Sean Ennis Orchestrating the Hunt: Using Automation to
Threat Hunt Faster and More Effectively
1630 – 1700 TBD TBD TBD
1700 – 1800 Announcements and Exhibition
Page 8 of 27AGENDA Day 2 – Thursday, October 11, 2018
October 11 Vendor Speaker Topic
0715 – 0815 Breakfast and Registration
0815 – 0830 ISSA Hawaii Jock Purnell Welcome and Announcements
0830 – 0900 Symantec / Chris D. Mobile Threat Landscape
Optiv Rowlands
0900 – 0930 World Wide Barry Jones / Building Sustainable Security Architectures
Technology Ken Westin
0930 – 1000 Netskope Bob Gilbert Forget the Dark Web Right under your nose,
there’s a place even riskier. Can you see the
Bright Web?
1000 – 1030 Vendor Recognition, Break and Exhibition
1030 – 1100 Proofpoint Tage Wolters Rainbow of attacks: The new social media,
mobile, and email phishing
1100 – 1130 Forcepoint Dede Alexiadis Empowering Cloud Security with Cloud
Access Security Broker Technology (CASB)
1130 – 1200 Malwarebytes Cameron Cybercrime Tactics and Techniques Report
Naghdi
1200 – 1330 Lunch and Exhibition
1330 – 1400 Juniper Zach Forsyth Social Media, the Gateway for Malware
1400 – 1430 App Sec Ryan Hogan GDPR – Now What?
Consulting
1430 – 1500 Infoblox Bob Smiley DNS’s Role in Securing Your Network
1500 – 1530 Break and Exhibition
1530 – 1600 Cisco Jon Rutledge Securing Serverless Cloud-based Resources
with Flow Analytics
1600 – 1630 SecureWorks John Hollner Answering the C-Suite’s Toughest Cyber
Questions (to Get What You Want)
1630 – 1700
1700 Announcements and Adjournment
1730 - 2100 ISSA Hawaii Evening Reception
Page 9 of 27ISSA Discover Security Conference
2018 Speakers
LISTED IN ALPHABETICAL ORDER BY VENDOR NAME
AppSec Consulting
Speaker: Ryan Hogan, GCIH, GCWN, GCFE, CRISC, CIPM, CIPP/E, Director, Strategic
Advisory Services
Topic: GDPR – Now What?
European Privacy requirements are getting some BIG updates. The changes bring some
good news, bad news, and plenty of gray areas to get lost in. Learn the basic information
about EU Privacy and the GDPR to line up a bunch of “I told you so’s”, or maybe get real
lucky and leverage it to get a budget for the things that you need to do to get ready for EU
Privacy requirements.
Bio: Ryan Hogan is the Director of AppSec Consulting’s Strategic Advisory Services team.
Ryan is a risk management professional with more than 17 years of industry experience.
Ryan has served in key information security roles at large enterprises within the finance,
technology, manufacturing, and pharmaceutical markets. He has worked on all sides of the
security equation. Ryan has worked as an auditor reviewing security controls for SOC
reports, and as security manager at a service provider that is having its security controls
audited, as well as a security manager at customers reviewing the results of a service
provider’s security audit. He uses this perspective and experience to provide a balanced view
and a risk based approach to information security that meets business objectives. In addition,
his experience and expertise includes performing Enterprise IT Risk Assessments, preparing
for ISO27K implementation, Privacy Program management, Vulnerability Management, and
Security Strategic Planning. Ryan has a strong track record of interpreting and applying a
variety of information security-related frameworks and standards to meet an organization’s
business objective. His common sense approach, communication skills, and initiative elevate
him amongst his peers in the industry.
Expertise includes… IT Risk Assessment and Data Security Consulting (ISO27001:2013),
Vulnerability Assessment / Vulnerability Management, Privacy Program Management,
Service Organization Controls 1 & 2 – Audit Readiness, Strategic Remediation Consulting,
General IT Controls Specialist, Information Security Policy Development.
Page 10 of 27Carbon Black
Speaker: Michael Marx, Enterprise Sales Engineer
Topic: The Real Authority: Staying Conscious in Computing
With the rise of Automation , AI, and Machine Learning - we have been creating decisions out
of the now and setting them in other dimensions we do not understand, but can comprehend.
We tell the machine something and it does something. When the machine tells us something,
we do something. In this talk, Mike Marx will explore our decision pathways in information
security contexts to arrive at what is happening in the only time that matters, now.
Carbon Black (NASDAQ: CBLK) is a leading provider of next-generation endpoint security.
Carbon Black serves more than 4,000 customers globally, including 33 of the Fortune 100.
As a cybersecurity innovator, Carbon Black has pioneered multiple endpoint security
categories, including application control, endpoint detection and response (EDR), and next-
generation antivirus (NGAV). Leveraging its big data and analytics cloud platform – the Cb
Predictive Security Cloud – Carbon Black solutions enable customers to defend against the
most advanced cyber threats, including malware, ransomware, and non-malware attacks.
Deployed via the cloud, on premise or as a managed service, customers use Carbon Black
solutions to lock down critical systems, hunt threats, and replace legacy antivirus.
Bio: Who is the one that is architecting the change around us? Between Gen-X, Millenial, and
Gen-Z; If we read between the lines, we see why. For the past 20 years, Mike Marx has been
investing time into education, computing concepts, and helping others translate the
information that surrounds them in every moment. Mike holds a B.S. from The University of
Central Florida in Information Systems, has spent time consulting for Siemens Global, and
has also been selected to contribute to a risk study at Harvard Law. Having completed the
journey to all 7 Continents before the young age of 30, Mike's passions in life land in the
baskets of knowledge, exploration, and adventure. There is no destination, physically or
mentally, too far for arrival.
Check Point Software Technologies
Speaker: Check Point Software
Topic: TBD
Synopsis: TBD
Page 11 of 27Bio: TBD
Cisco
Speaker: Jon Rutledge, CSS Cisco Cloud Security, Cisco Systems, Inc.
Topic: Securing Serverless Cloud-based Resources with Flow Analytics
Topics of discussion will include the following:
Cloud Migration
Micro Services
Containerization
Serverless Computing
Our goal is to enable companies to improve their security posture in the evolving Multi-Cloud
hybrid landscape.
DirectDefense
Speaker: Jim Broome, President
Topic: Fighting for the Fifth Place - How to Get the Most From The Solutions You Need, And
The Solutions You Want
While working with investors from both sides of the negotiation, we hear the term “fighting for
fifth place.” But, what the heck does that mean? Because of compliance, the first four choices
for your budget have already been made. If your product from a vendor or creator standpoint
doesn’t fall into one of these first four categories, you are fighting for fifth place budgeting. In
this presentation you will learn the tools and technologies that are most beneficial from a
budget perspective, and from the hacker's perspective.
Bio: Mr. Jim Broome is a seasoned IT/IS veteran with 20+ years of information security
experience in both consultative and operational roles. Jim leads DirectDefense, where he is
responsible for the day-to-day management of the company, as well as providing guidance
and direction for DirectDefense’s security service offerings.
ESET Software
Speaker: Drew Dodson, Partner Sales Engineer
Page 12 of 27Topic: Today’s Threat Landscape - Time for a Ransomware Reality Check
Join us for an critical update on the evolving cyber threat landscape. We’ll give you an in-
depth look into infrastructure cyber criminals use to profit from your sensitive data.
Additionally, we will walk you through everything you need to know to stay ahead of
ransomware, the root cause of a data breach and how to prevent them both.
Bio: Drew Dodson is an AWS and Security+ accredited Sales Engineer with 10+ years’
experience providing cyber security solutions to organizations of all sizes. With
a strong background in technical support, Drew intuitively understands the multitude of
challenges customers face and solves them through joint
approach focused on education and innovative technology.
Forcepoint
Speaker: Dede Alexiadis, Principal Sales Engineer, Forcepoint
Topic: Empowering Cloud Security with Cloud Access Security Broker Technology
Come join Forcepoint at ISSA Discover Security 2018 to understand what threats are
introduced to organizations through cloud adoption. Many organizations are uploading
sensitive information to the cloud both knowingly and unknowingly. Forcepoint will talk
through the tools and strategies necessary to adopt cloud applications while maintaining
proper security controls necessary. Some topics on conversation will include:
Shadow IT – Users uploading sensitive data to cloud applications unknowingly to
Information Security Teams
Access controls around cloud applications
Compliance topics when storing data in cloud repositories as well as storing state,
federal, or International regulated data in cloud repositories.
Data Loss Prevention in the cloud
Centralized governance for multiple cloud applications
Bio: Dede Alexiadis is a Principal Sales Engineer at Forcepoint, specializing in cloud
security. She has worked in the areas of data security, encryption, and now assists
organizations to understand cloud adoption risks. Dede has spoken at numerous ISSA and
ISACA events around the country. She holds a MS in Computer Science with a
Concentration in Security from Boston University.
Page 13 of 27Gigamon
Speaker: Kevin Peterson, Sales Engineer, Gigamon
Topic: Improve Security using Metadata
Imagine what a security analyst could deduce if they had visibility into all the common
applications flowing through their network. They could optimize the data being sent to
security tools, correlate information across the various protocols to know who is talking to
whom and get visibility into malware and bad actors that may be hiding on the network.
Many enterprises aggregate information from various sources, such as events and logs from
DNS servers, web servers and security tools to hunt for threat events and indicators of
compromise. But these are not reliable sources; logging can be turned off inadvertently or for
performance reasons. Raw network data is the ultimate source of truth – but sending it all to
a SIEM can become very expensive.
The bottom line is visibility into your application traffic is elemental to security – if you can’t
see it, you can’t secure it. What’s needed is deep insight into your applications:
Identify which applications are contributing to network traffic.
Use application metadata to gain more context of potential threat events and to more
easily enforce corporate compliance.
Lower tool cost and improve tool efficiency by filtering out low-risk, high-bandwidth
traffic.
Send suspicious traffic to a tool on-demand when an anomaly is detected.
If you need to monitor, identify, and filter application traffic so you can more easily identify
anomalies and lateral propagation of threats, please attend.
Bio: Kevin comes from an enterprise transmission and network engineering background and
has over 20 years of experience in Information Systems and Cyber Security. During his
career he has been responsible for conducting and supporting traffic engineering, information
assurance and cyber security activities for federal, state, and commercial organizations in the
defense, law enforcement, media, utility and healthcare industries. Kevin has lived in and
supported customers in both North America and EMEA. Areas of specialization include Smart
Cities, Federal & DOD Network Architectures, and IIOT. Kevin is an active member of ISSA,
ISACA, AFCEA, and IEEC, and holds certifications Security+, VCP, CNE, SPX, and GSEC.
Infoblox
Speaker: Bob Smiley, Presales System Engineer, Infoblox
Topic: DNS’s Role in Securing Your Network
When it comes to your business, your network is the gateway to the world. Unfortunately,
protecting your network from evolving threats is more difficult than ever. Device proliferation,
BYOD, Internet of Things, virtualization, hybrid cloud adoption—all are crucial trends that
Page 14 of 27enhance business performance. But they also add complexity and increase the attack
surface. DNS is an essential component of network connectivity, but it has emerged as the
number one threat vector for malware command and control, DDoS attacks, and data
exfiltration. Even as your network modernizes and gains valuable new capabilities, threats
multiply exponentially. During this session, learn more about threats to DNS infrastructure,
and how to use DNS as an integral defense mechanism in your overall security ecosystem.
Bio: Bob is a Presales Systems Engineer at Infoblox
Juniper Networks
Speaker: Zach Forsyth, Security Architect, Juniper Networks
Topic: Social Media, the Gateway for Malware
Social Media is typically outside of enterprise control, extremely easy to access, and widely
used on your networks, and while you were opening up access, and looking the other way,
cybercriminals have honed their craft, and are weaponizing Social Media platforms to launch
devastating attacks that are breaching even seemingly hardened Security Architectures.
To safeguard your evolving network and cloud environment from today’s advanced threats,
you need security solutions that can automatically identify and analyze threats, and then
respond at machine speeds to utilize the entire network to provide rapid protective measures.
Bio: Zach Forsyth is a security specialist with over twenty years of experience and thrives on
solving complex security problems. His primary love is cyber security and advanced malware
prevention; but he fully understands in order to be successful at securing an organization,
you must have a detailed understanding of firewalls, networking, malware delivery and
weaponization, intrusions, exploits, social engineering and related fields.
Zach has appeared on the AT&T ThreatTraq show, and as a speaker and panelist at leading
security conferences such as RSA, Interop, Blackhat, and Secureworld. In addition, he has
been published by CNN, DarkReading, Defend Magazine, SC Magazine, CSO Online,
Technewsworld and Infosecurity Magazine.
Malwarebytes
Speaker: Cameron Naghdi, Malwarebytes
Page 15 of 27Topic: Cybercrime tactics and techniques: State of Malware
New ransomware, VPNFilter attacks, compromised routers, and increases of zero-day
attacks are all indicators that cybercriminals are redirecting their energy to more potentially
dangerous attacks. Learn how to counter these in our session; Cybercrime Tactics and
Techniques
Bio: Cameron Naghdi is the Systems Engineering Manager for US-West at Malwarebytes.
Cameron has worked for multiple endpoint technologies and has supported every vertical
from retail and healthcare up to Federal/Civilian agencies and the Department of Defense.
Beyond working for Malwarebytes, Cameron spends his time working on the technology
advisory board of 802Secure and is Co-Founder and CTO at FilecheckIO. Cameron also
gives presentations on the threats of today as well as solutions for tomorrow’s biggest
security challenges for both security contractors and corporations alike.
Netskope
Speaker: Bob Gilbert, Chief Evangelist and VP Product Marketing, Netskope
Topic: Forget the Dark Web. Right under your nose, there’s a place even riskier. Can you see
the Bright Web?
The Dark Web is a well-known part of the internet where many sites are not indexed by
search engines and can only be accessed if you know the site address, making them
effectively hidden. Accessing the dark web requires special software, like browsers
configured with Tor. Once inside the dark web, “dark net” markets exist that sell sensitive
data stolen in breaches (in addition to illegal products like drugs and firearms). The currency
of choice is the cryptocurrency Bitcoin.
But there is one area arguably more dangerous and much larger in scale, and that is the
Bright Web. We use the Bright Web every day, and it consists of tens of thousands of places
Page 16 of 27where sensitive data can be easily uploaded and shared publicly either with malicious intent
or on accident by unsuspecting perpetrators.
Join this scintillating discussion as we uncover the current state of the Bright Web, how it
affects you and your company, and how recent technology advances provide the visibility and
control you need to safely maneuver the Bright Web.
Topics discussed:
• New research that provides insight into how big and widespread the Bright Web is
• A look at dozens of cloud services that make it easy to share sensitive data publicly
• How the Bright Web wreaked havoc on three companies
• 5 best practices for mitigating risk and safely enabling cloud services in the Bright Web
Take a look into expanding the role of information security from a data protection exercise to
actually aligning security processes to data workflows. We will look at some practical and
some next generational methods to integrate practices in order to be able to articulate
security impact to outcomes. Take a journey through different Machine Learning, AI, Big Data
algorithms, all in efforts to improve the elusive “context” . This presentation will look into the
differences of those methodologies and provide recommendations on building scalable
platforms that can co-exist with existing data lakes to drive efficiency and context aware
security.
Bio: Bob heads up the product marketing efforts at Netskope, the leading cloud access
security broker (CASB). Bob is a prolific speaker and product demonstrator, reaching live
audiences in more than 45 countries over the past decade. His career spans more than 20
years in Silicon Valley where he has held leadership roles in product management
and marketing at various technology companies. Most recently he was the Chief Evangelist
at Riverbed where he was a member of the pioneering team that launched Riverbed from a
small start-up of less than 10 employees to a market leader with more than 2,800 employees
and $1B in annual revenue.
Palo Alto Networks
Speaker: Jon Friese, Senior Cybersecurity Engineer
Topic: Automation Wars
How the adversaries are using automation to attack our corporate environments. Understand
the adversary playbooks and how to the flip the tables by using automation to defend your
networks, employees, and data.
Page 17 of 27Bio: A Certified Information System Security Professional (CISSP) Jon Friese, works as a Sr.
Cybersecurity Engineer at Palo Alto Networks. Jon focuses on working with businesses to
develop security solutions that align with business needs and requirements. With over 20
years of experience working with customers, sales teams, and product teams he provides a
real-world, hands-on, perspective to the challenges that face many organizations. Security
has been a focus for him throughout his career, whether in service of the country, (Go Navy!)
or within a variety of technology organizations, ranging from Fortune 500, Value Added
Reseller, and manufacturing. Roles ranging from RF technician, system administrator,
network engineer, manager of information systems, pen tester, security engineer, solutions
architect, and cybersecurity engineer.
Proofpoint
Speaker: Tage Wolters, Sr Engineer, Proofpoint
Topic: Rainbow of attacks: The new social media, mobile, and email phishing
Criminal gangs and opportunists are expanding their attacks beyond simple malware and
account credential theft. They see financially and emotionally devasting rains, floods and fires
as opportunities to prey on people to steal account numbers or personal information and
that’s in addition to real estate funding scams. Their attacks have begun to mix social media,
email, mobile devices, and the dark web data to appear more convincing than ever in their
phishing. Join us in this session, where we’ll share case studies, impact, and practical steps
for identifying and dealing with these new attacks.
Bio: Tage Wolters is a Sr. Engineer with Proofpoint’s Security practice. He has more than two
decades of experience working in the information technology, security and services industry.
He has a documented track record of successfully consulting and advising some of the
largest customers across the private and public sectors. He is an expert in defending against
Cyber threats targeting specific individuals in an organization, and extensive experience
helping businesses enhance their security postures to prevent future attacks. Tage holds a
Master’s in Business Administration from Middlebury College and multiple technical
certifications.
RSA
Speaker: Sean Ennis: Senior Principal Systems Engineer
Topic: Orchestrating the Hunt: Using Automation to Threat Hunt Faster and More
Effectively
Until our computer overlords become truly artificially intelligent, human analysis and insight
will continue to be a crucial part of the threat hunting lifecycle. But this dependence poses a
huge challenge to most organizations who are already struggling with resource shortages,
skill gaps, and tool fatigue with the result being very few organizations able to truly institute
an exhaustive cyber threat hunting program.
Page 18 of 27This session will talk about using the concepts of orchestration and automation to streamline
and programize threat hunting at scale.
Bio: Sean Ennis is a Threat Hunter & Principal Systems Engineer at RSA with ~14 years of
experience in the threat detection and incident response space. During that time he has
consulted on and helped build security operations, technology and threat hunting/response
programs for organizations across North America.
Sailpoint Technologies
Speaker: Cullen Landrum, Senior Sales Engineer, CISSP
Topic: Comprehensive, Intelligent Identity Solution
While the Aloha spirit is of warm welcome, information security professionals must work
tirelessly to close the door on bad actors trying to break into their IT network. But what do you
do if an unauthorized outsider manages to get inside? Or what if the threat originated from
within?
A central tenet of mitigating risk to information security should be the governance of digital
identities and their access rights to sensitive information.
Key Takeaways:
Discover how to govern all user identities (employees, contractors, vendors,
volunteers, etc.) to ensure appropriate access to sensitive information
Understand how an integrated identity solutions can help secure all applications as
well as data stored in files, whether on-premises or in the cloud
Gain insight into how fusing artificial intelligence with identity technology enables
better governance decisions
Learn how you can achieve greater operational efficiencies with automation of
provisioning processes
Bio: With 17+ years of experience in Identity and Access Management, Cullen Landrum is a
Senior Sales Engineer at SailPoint. Cullen specializes in the areas of Identity Management in
State/Local and Higher Education. Prior to joining SailPoint Cullen worked for several
startups including Aegis Identity, Symplified and Agiliance supporting Commercial, Federal,
State and Local and other government entities. Cullen worked for Sun Microsystems/Oracle
as a Senior Systems Engineer supporting telecommunications and Federal government
organizations. But it all started with a little consulting company based in Plano TX – EDS –
where Cullen spent 10+ years as a developer on everything from mainframes to Tandem to
Java. Cullen holds a Bachelor of Arts in Computer Science and Mathematics from the
University of Colorado, Boulder, is an ISSA member and a CISSP.
Secure Technology Hawaii
Speaker: Eric Baum. VP, RedSeal
Page 19 of 27Title: Increase confidence with resilience. How a network model improves your situational
awareness and threat mitigation
Digital resilience is an organization’s ability to continue to operate through an impairment,
while minimizing customer harm, reputational damage, and financial loss.
Resilient organizations:
Know their entire, as-built networks, including data paths within the network
Set targets, measurements, and goals for defense and response
Employ best practices in change management and prioritize risks and
intelligence for better decision-making
Respond rapidly to incidents – while maintaining operational readiness,
reducing the risk of losing data, and preventing additional harm
Learn how one model of all your network environments – public cloud, private cloud and
physical assets – can mitigate threats by improving your vulnerability prioritization, incident
investigation and segmentation.
Bio: Eric Baum is a Vice President with RedSeal, specializing in Cyber Security and Digital
Resilience. Prior, Mr. Baum was a Director for QinetiQ North America, Cyveillance Division,
focusing on Cyber Intelligence and Threat Mitigation. Past roles include Vice President for
the Insider Threat Business Unit for Raytheon, formerly Oakley Networks. Before joining
Oakley, Baum worked with PGP Corporation. Other notable experience includes an active
and inside involvement in an "Intelligent Sniffer" program originating from the Intelligence
Community and the U.S. Department of Defense with Raytheon. Throughout his 17+ years in
cyber security & intelligence, information assurance & operations, and insider threat
mitigation, Baum has developed quite an extensive list of relationships, accomplishments,
and a thorough understanding and passion for the industry.
Baum sits on the Advisory Board for Cyber Security & Information Assurance at National
University and is also a participating member of the IT-ISAC and InfraGard. He is recognized
by the HTCIA (High Technology Crime Investigation Association) and ISSA (Information
Systems Security Association) as a speaker and trainer at the international and chapter
levels.
SecureWorks
Speaker: John Hollner, SecureWorks
Topic: Answering the C-Suite’s Toughest Cyber Questions (to Get What You Want)
Bio: Security Specialist John Hollner has been with Secureworks for over 7 years. For the
last 4 years, he’s covered Hawaii and Los Angeles, helping 100s of commercial businesses
use corporate risk to build a case for better cyber security while tackling various PCI, HIPAA,
Page 20 of 27FFIEC, ISO and NIST 800-171 compliance requirements. With 10 years of marketing-as-a-
service and sales training experience prior to getting into cyber security, he brings a
thoughtful C-Suite messaging approach to help you get project approval.
Sophos
Speaker: Chris McCormack, Sophos
Topic: Tackling the Challenges with Threat Identification and Response
Identifying and responding to cyberthreats is probably one of your biggest challenges… partly
because most firewalls and EDR solutions are either completely ineffective in providing
actionable information or drown you with data that requires a team of experts to sift
through. In this session, we’ll take a look at these challenges and how best to solve them -
it’s a lot easier than you might think.
Symantec / Optiv
Speaker: Chris D. Rowlands, Senior Product Specialist, Mobile Threat Defense
Symantec Corporation
Topic: Mobile Threat Landscape
Today’s modern operating systems, like iOS and Android, are designed for ubiquitous and
wireless access from anywhere in the world, and have very different use cases and security
requirements compared with traditional PCs and servers. Mobile devices are on and
connected 24/7, and often owned and managed by individuals, dramatically increasing the
attack surface relative to PCs. Malicious hackers have shifted much of their attention to
these new operating systems that may provide a direct link into large companies with
valuable assets worth stealing. Today, their methods are less focused on broad and annoying
attacks on consumers and more on targeted attacks on specific individuals in specific
organizations who have the right access levels to high-value assets. Well-researched social
engineering exploits, combined with system vulnerabilities, make these attacks highly
effective, even against smart and educated individuals. Solutions exist that protect
companies from mobile cyber-attacks by securing mobile devices, whether owned by the
company or the individual, from the entire landscape of mobile threats-including malware,
network-based threats, vulnerability exploits and other targeted attacks, without changing the
mobile user experience, compromising user privacy or adding extra burden to IT. Today we
will discuss the Mobile Threat Landscape, show an example of what a Mobile Threat looks
like, and discuss best practices to protect your Mobile Data.
Bio: Chris D. Rowlands is a Mobile Threat Defense expert who helps companies detect,
mitigate, and secure their Smart Devices and Tablets against Mobile Threats. He believes
that Mobile Devices are an easy way for hackers to gain access to your personal and
professional data and is on a personal and professional mission to educate people on how to
protect themselves. Chris has been in the Mobility Industry for over 20 years and began
Page 21 of 27specializing in Enterprise Mobile Applications with AT&T in 2009. He has also had roles with
MobileIron, Certes Networks, and Skycure (which was acquired by Symantec).
Trend Micro
Speaker: Jim Montgomery, Trend Micro Technical Advisor | TMSM | MCSE
Topic: Unseen Threats, Imminent Losses
During this presentation, we will review combined threat data from the first six months of
2018 to reveal trends in the threat landscape and the latest risks facing businesses. The goal
is to provide guidance to businesses globally, informing corporate security strategies and
align protection against today’s most impactful threats.
Traditional indicators of security risk have become unreliable, as many obvious tools, tactics
and procedures used by cybercriminals are not being followed. Instead, cybercriminal
attention has shifted from attention seeking ransomware attacks to more subtle and
subversive attacks. These include cryptocurrency mining, fileless malware, increased focus
on BEC attacks, and more sophisticated router attack payloads.
Through the Zero Day Initiative (ZDI), Trend Micro has insight into trends and predictive
analytics on what types of attacks will be seen in the wild next. In the first half of 2018, the
ZDI published more than 600 advisories, with significant growth in the number of Foxit and
SCADA bugs. This indicates we are likely to see more attacks coming soon that leverage
Foxit reader and SCADA systems, which are prevalent in critical infrastructure.
To combat these tactics, it’s more important than ever to have a complete, multilayered
defense strategy that protects against new and proven attack vectors. The latest attack types
require sophisticated detection capabilities, but traditional protections are also required to
stop often-overlooked methods of entry that may not be thought of as a risk.
Bio: Jim has been securing enterprise organizations compute environments for over 25
years. During this time he has worked with several Fortune 500 companies developing
unique and strategic solutions to provide a safe and secure environment for their digital
infrastructure. Jim currently works for Trend Micro as a Technical Advisor for their very large
enterprise accounts. In this capacity Jim serves as an integral liaison between customer and
product to ensure the security capabilities of the install base while assisting to implement new
and innovative ways to reduce their surface area of attack.
VPLS Solutions LLC
Speaker: Anthony Giandomenico, Team Lead CTI -- Senior Security Strategist and
Researcher, Fortinet (in partnership with VPLS)
Page 22 of 27Topic: Offense and Defense: It’s good to play both sides.
Successful attacks continue on many organizations despite the continued investments in the
latest technologies. To successfully defend our cyber assets whether from a Nation State
Actor or an Organized Criminal, companies need to understand both their adversary’s
tradecraft as well as how to ensure their security posture is properly designed to continually
resist their TTPs. With the limited skilled resources this can be difficult however with the right
foundational information it’s much more achievable. This talk will focus on how to effectively
leverage freely available information such as the Mitre ATT&CK Matrix to achieve better
situational awareness and to more accurately plan and prioritize future security
improvements.
Bio: More than 20 years comprehensive experience as an Executive, Manager, and Security
Consultant & Researcher for companies within information security across all industries.
Experience in security program and networking system development, including intrusion
detection, firewall and security incident and event management technologies, incident
response procedures, security risk assessments, and technology integration. In his current
position at Fortinet he leads a team of security analysis and researchers responsible for rapid
response to emerging threats and proactivity discovering new threats in an effort to update
customers both internal and external on the latest adversary tactics and techniques. He has
presented, trained and mentored on various security concepts and strategies at many
conferences, trade shows and media outlets including a weekly appearance on KHON2-TV
morning news “Tech Buzz” segment and Technology News Bytes on OC16, providing
monthly security advice.
World Wide Technology
Speaker: Barry Jones, Consulting Solutions Architect, World Wide Technology,
and Ken Westin, Senior Security Strategist, Splunk.
Topic: Building Sustainable Security Architectures
Security threats are evolving too quickly for traditional security architectures that focus on
perimeter defense and signature based detection to adapt. This evolving landscape requires
a shift in thinking that incorporates API-driven security tools that support analytics,
automation, and interoperability to rapidly adapt to new threats. In this presentation, we will
discuss building architectures that improve security efficacy while minimizing the burden
placed on the security organization.
Page 23 of 27Bio: Barry Jones is a Consulting Solutions Architect at WWT with a focus on helping
organizations develop strategies to align security, compliance, and regulatory goals.
Bio: Ken Westin is currently Senior Security Strategist at Splunk, helping organizations
aggregate, analyze and operationalize disparate security data sources to identify and mitigate
threats in various forms. In his past he has helped solve crimes with data, tracking stolen
devices, breaking up organized crime groups, recovered stolen vehicles, even solved a
violent carjacking, leading to the prosecution of dozens of criminals. He has at presented at
DEF CON, Black Hat, RSA and other security conferences around the world as well as
BSides and other security conferences around the world.
Page 24 of 27NOTES of SHOCK, of EDUCATION, of ACTION!
Page 25 of 27NOTES of SHOCK, of EDUCATION, of ACTION!
Page 26 of 27NOTES of SHOCK, of EDUCATION, of ACTION!
Page 27 of 27You can also read
