All Sessions

5 Things the C-Suite Needs to Understand about Protecting the Critical Infrastructure

While the typical CEO, IT director or plant manager feels quite confident that they have a security system that protects their information system (IT), many have no idea that there are a variety of threats to their unprotected plant, grid, refinery or other critical infrastructure where they deploy Operational Technology (OT). Why? Many aren’t aware that and how their control system innovations can be exploited on their Industrial Internet of Things (IIoT).

Learning Outcomes:

  1. Distinguish the dramatic differences between IT cyber security, the protection of data and OT security.
  2. Review the processes that reduce nightmares in operational technology (OT) cyber security.
  3. Identify how the Internet of Things produces additional data to guard in IT security which can impact both financial results to the organization and safety to its employees.
  4. Gain a view into the path ahead for the IoT market, including the key challenges and ideas for potentially overcoming them.
×

With attacks on the rise and assets at risk like never before, physical security is poised to make a necessary paradigm shift in how authentication works. Currently, identity credentials are authenticated based on a static payload; if it matches what is expected then the user, device or session is authenticated. This is the same whether it is single or multi-factor requirement.

The disappointing reality is that an experienced white hat will tell you that static authentication can be exploited, not just at the credential level but also by compromising back-end systems relying on or storing the payload used for the authentication. So what now? Authorization. The InfoSec community has long treated authentication and authorization as two separate layers which allows additional contexts to be analyzed before providing access that is requested. However, even InfoSec is still developing maturity in this area while the fraud industry has been applying it with increasing depth. The future of physical access security will become dependent on the intelligence of user behavior, risk profiles, and other custom-defined attributes to dynamically apply in real-time the authorization of access and transactions.

In this session, Kent will provide insight into how the fraud market has been developing, using and iterating these concepts for years and how they occur within milliseconds to not impact user experience. He will provide user cases and depth as to what types of behaviors can be defined and applied as well as outcomes in preventing fraud, abuse and malicious activities in real-time. Kent will then moderate a panel of physical security experts to discuss how these concepts will be applied to physical security and assess the likely journey the market will go through to get there.

Learning Objectives:

  • Distinguish between authentication and authorization and learn key concepts of behavior analysis models that can be used in these layers.
  • Learn how behavioral analysis has already been developed and successfully deployed to prevent fraud across finance, banking, and retail sectors.
  • Understand how these practices can apply to physical security to automate decisions and improve security beyond the current industry models.
Wednesday April 5, 2017
7:30am-8:30am

The Connected Security Operations Center

Speaker: Joel Fulton
Session Description Coming Soon
8:45am-9:45am

5 Things the C-Suite Needs to Understand about Protecting the Critical Infrastructure

Speaker: Tom Le, Executive Director, Engineering, Cyber, GE Digital
View Description
11:15am-12:15pm

Understanding the Evolution of End-User Requirements

Speaker: Jacques Bouchard
Session Description Coming Soon
2:30pm-3:15pm

Next Generation Authentication

Speaker: Kent Dahlgren, iovation Inc.
View Description

DDoS Threat Landscape & Defensive Countermeasures

October 2016’s attack on Dyn’s DNS infrastructure was a gloomy wake-up call to the online community at-large, depriving us access to some of the online destinations and applications we use every day, thereby confronting us with the stark reality of an old and ever-growing threat with which the InfoSec community has been grappling: DDoS Attacks.

As we look at the role that “Internet of Things” devices played in the attack against Dyn, as well as the attack against Krebs prior to it, we will dive into the DDoS attacks Threat Landscape: Symptoms, Motivations, Business Impact & Attack Vectors. Having thereby gained a better understanding of our exposure to these threats, we’ll then explore Defensive Countermeasures with a strong emphasis on preparedness ahead of these attacks, including:

Learning Outcomes:

  1. Reducing Attach Surface
  2. Monitoring: Availability, Performance & Search Engine Visibility
  3. DNS Redundancy Planning
×

Back By Popular Demand: If You Only Knew What Hackers Can Do

Computer misuse and computer enabled crime accounted for 53% of all crime in the UK in 2015, making it larger than all other kinds of crime. With BREXIT in progress, both trade and cybercrime will affect both the US and UK. The UK’s Office of National Statistics 2015 annual Crime Survey of England and Wales estimated that there were 2.46 million cyber incidents and 2.11 million victims of cybercrime in the UK. Examine the latest cybercrime reports in both countries and illustrate the most devastating trends in the protecting the Internet of Security Things: ransomware, bots and floods. For example, the Virtual Cyber Perimeter is defended against Distributed Denial of Service (DDoS) style attacks by locating vulnerable devices and getting them upgraded, patched and protected. The attackers typically move on. This was not the case with a recent DDoS Botnet took out an entire SMB chain and turned 25K cameras on their own network in one of the worst cyber floods the cyber security industry has seen. We’ll examine this case study and how your systems may be inoculated. The intensity and duration of the attack was a network of DVRs and cameras that experienced an unprecedented 35,000 HTTP requests per second executed initially from DDoS malware. The top flood areas were Taiwan, USA and Indonesia Hackers are also developing new, more sophisticated methods. through search engine optimization, which lists their malicious websites at the top of search engine results, and are also dispatching malware through messages on social networks.

Learning Outcomes:

  1. Gain insight into the latest cyber intelligence reports as applicable to Data Center Resilience.
  2. Define how converged logical and physical access control can alert on behavior and even alert on keystroke entry.
  3. Recognize how to use cyber intelligence to protect yourself from attacks.
×

How Hackers Attack Physical Access Control Systems

As physical access control system (PACS) technologies continue to advance, so does the attacker. While card cloning can be effective, entry isn’t always gained with this method alone. Attackers are beginning to move beyond the card to the technology that supports it. This session will discuss PACS components and their associated attacks. Additionally, we will discuss how these vulnerabilities can surface, and what you can do to prevent them. Attendees will also receive a download link for a free PACS Security Checklist to guide them in securing their implementations.

Learning Outcomes:

  1. Identify PACS attack surfaces
  2. Understand current attack methods and trends
  3. Obtain an attack prevention checklist
×
Thursday April 6, 2017
7:30am-8:30am

Mostly Cloudy with a Chance of Security

Speaker: Stuart Clark, Security Strategist, Premedian
Session Description Coming Soon
8:45am-9:45am Opening Keynote

DDoS Threat Landscape & Defensive Countermeasures

Speaker: Chris Holland, Founder, HiveWind, LLC.
View Description
10:00am-11:00am

Back By Popular Demand: If You Only Knew What Hackers Can Do

Speakers: James Marcella, Director, Technical Services, AXIS Communications
Kent Browne, Security Worldwide Advanced Technology (SWAT) Group, IBM
View Description
12:30pm-1:30pm

How Hackers Attack Physical Access Control Systems

Speaker: Valerie Thomas
View Description

What’s Your Threat Detection and Response Plan

  1. Understand the current cyber security threat landscape on real world breaches, forensics, analysis, and penetration testing engagements.
  2. Become familiar with the major tenets of a holistic threat detection and response capability.

Have some fun learning about some best practices and real world approaches to solve the complex problems associated with protecting an organization in today’s global workplace.

×

IoT Device Exploitations and Mitigations

The vast playground of IoT, and all its problems, will surely transfer from consumer homes over to the enterprise. Various studies have shown the effect of consumer IoT adoption in the enterprise, resulting in rouge connections into a trusted network. Items such as Smart TVs, drones, home security devices, and even connected vehicles are now being discovered in corporate networks. Industry professionals and board rooms are struggling to keep up with the growth of IoT due to the various interfaces introduced. This session will discuss the many IoT attack surfaces and provide proactive security controls that are easily implemented by consumers, enterprises, and manufactures alike.

Learning Outcomes:

  1. Review the process of how to exploit common IoT flaws found in commercial and consumer devices.
  2. Summarize common IoT flaws.
  3. Describe the development of IoT devices over the past 5 years.
×

The Facility that Secures the "Phonebook" of the Internet

The presentation will describe the key management facility that secures the key for the Internet's Domain Name System (DNS)

Learning Outcomes:

  1. Learn about efforts to secure the Internet’s Infrastructure from the tide of cyber crime
  2. Learn how physical and information security work hand in hand
  3. Learn details about typically secretive key ceremonies
×
Wednesday April 5, 2017
7:30am-8:30am

What’s Your Threat Detection and Response Plan

Speaker: Dan Davis, Vice President, DARC Consulting Practice, Trustwave
View Description
8:45am-9:45am

IoT Device Exploitations and Mitigations

Speaker: Aaron Guzman, Principal Security Consultant, SecureWorks
View Description
11:15am-12:15pm

The Facility that Secures the "Phonebook" of the Internet

Speaker: Punky Duero, Cryptographic Key Manager, ICANN
View Description
12:30pm-1:30pm

The Growth of Managed Video Services

Speaker: James Connor
Session Description Coming Soon

An Encryption Primer: Protecting Your Data, Your Organization, and Yourself

It's a rare day when another data breach or system vulnerability that compromises personal and/or organizational information isn't reported in the media. Encryption is one of the most fundamental methods for protecting valuable information as well as safeguarding access to vital organizational resources. Despite this, it's often not implemented as part of an overall security solution infrastructure and there are widespread misconceptions and misperceptions about its usage. This discussion will arm the audience with a familiarity with fundamental encryption concepts and then build on this knowledge to create an understanding of how encryption can be integrated into daily activities and operations to create an improved and effective level of personal and organizational cybersecurity. Specific topics to be covered include using encryption to protect devices, email, stored data and databases, implementing secure real-time voice and data communications, generating and protecting the keys (to the kingdom) and commentary and insight with respect to how encryption powers the information economy and e-commerce and the current legislative debate on encryption technologies, backdoors, quantum computing and the way ahead.

  1. Identify the relationship between the building blocks of encryption technologies including primitives/algorithms, protocols and implementations.
  2. Review encryption mechanisms to implement within organizations rapidly and inexpensively to significantly improve the level of information security for both the organization and its customer base.
  3. Determine a greater degree of understanding with respect to the technical, economic and policy drivers behind the current legislative debate over encryption technology.
×

Converged Identity Issuance & Lifecycle Management

There has been a great deal of buzz around “convergence” of physical and logical identity credentials over the past decade, but its adoption (as proposed) has largely failed to succeed in the end user community. This results in a lot misconceptions and negative experiences related to convergence. Is convergence overall dead or just the way it was proposed and delivered?

First, Bassam contends that end users’ ability to secure support for moving forward with enterprise-wide initiatives are not driven by conceptual use-case benefits but rather the benefits of consolidation that reduces costs, resources and inefficiencies while improving controls that support core security objectives. In addition to technology, processes, policies and politics are a critical part of an Identity Access and Lifecycle Management project and need to be considered and carefully worked into the plan. This presentation will go beyond the hype to expose attendees to the real-world aspects of how convergence operates - before, during and after the credential is issued.

Trusted Identities require a holistic approach; from initial issuance of the credential to securely managing that credential over time. This includes being able to cost-effectively implement a mix of user credentials, identity assurance levels, and authentication levels and methods to address the needs of any population, and this is relevant for both Physical and logical Identity credentials.

When done right, organizations can realize significant operational cost savings, a simplified user experience for both employees and customers, as well as greatly improved security and compliance.

Learning Outcomes:

  1. Learn how to clearly identify the benefits of a converged program for your organization and position it to your executive management team.
  2. Determine and understand the effort and investment required for your organization and gain visibility in looking at (value vs complexity) to be able to make trade-offs for your organization.
  3. Develop a staged approach to mapping out an actual convergence program on the back-end, including best practices that help ensure success; and common pitfalls that undermine project.
×

Will Future Vehicles Be Secure?

There is active work within the automotive community to build security into the future connected and highly autonomous vehicles and several organizations are working on cybersecurity standards. Is it going to be enough to secure future vehicles?

Join me to explore the intricacies of securing cyber-physical systems. Challenge the notion that today's tools and best practices are enough to protect connected vehicles and transportation infrastructure. Finally, discover what the industry can do to take security research to the next level and ensure a safe, secure future of transportation.

In the last few years there have been increasing interest in security of modern vehicles with several high profile demonstrations of controlling breaking and steering of a vehicle remotely across large distances. A modern vehicle already consists of up to 100 ECUs and has 100 million lines of code and the complexity is only expected to increase. There have already been suggestions that we will see 300 million lines of code in a vehicle in 5 years. With the growth in complexity we will also see growth of the attack surface. Comparing to other digital or digitized industries such as datacenters, PC, mobile, Industrial Control Systems, automobiles have not yet been actively exploited, however vulnerabilities already have bene demonstrated by security researchers and when that happens such vulnerabilities quickly get weaponized opening door to consistent exploits. With the vehicles that weigh several tons and move such proposition is very scary and there is pressing need to advance security technology to prevent malicious actors from endangering human life.

Learning Outcomes:

  1. Understand vehicle ECU and network architecture and challenges securing Highly Automated and Connected Vehicles
  2. Describe modern end-to-end security architecture for connected vehicles
  3. Understand evolution of the future security technologies
×

Closing the IT/Security Industry Gap: What Security Practitioners and Consultants Must Know and Do

It is clear that information technology advancements will continue to drive security technology improvements at an ever-increasing pace. Yet the security industry’s adoption of IT lags years behind in many critical ways. Additionally, we are adopting -- and Security is taking responsibility for -- IT-based security systems without having the experience and knowledge that IT managers and technical professionals have. We’re carrying forward a lot of 20th century thinking with 21st century technology, with a number of negative unintended consequences; including holding back the risk-mitigation benefits we get from 21st century security technology.

Fortunately, the situation is more easily addressed than it may initially seem, because company executives and their IT managers have learned many lessons the long and hard way, and we can learn from their experience more easily and more quickly. Additionally, other industries (such as automotive and medical) are ahead of the security industry in their adoption of information technology, and we can learn from them as well. As end users, we can re-calibrate what we require from the security industry (manufacturers and service providers) based upon what we know is possible because other industries have done it.

By obtain deeper insights into an organization’s risk scenarios, security practitioners can benefit from the highly-effective risk-mitigation capabilities of the arriving new, non-traditional security technologies.

Q&A is welcome throughout the session.

Learning Outcomes:

  1. During this session, attendees will gain an understanding of the three major technology paradigm shifts, how they will impact their existing deployments, and how to update their security technology strategies.
  2. After completing this session, attendees will understand how to obtain deeper risk insights and use advanced risk scenarios to benefit from the new, non-traditional security technologies.
  3. After completing this session, attendees will be able to brief management stakeholders about the importance of coming security technology advances, how Security/IT collaboration and security technology procurement will change.
×
Thursday April 6, 2017
7:30am-8:30am

An Encryption Primer: Protecting Your Data, Your Organization, and Yourself

Speaker: Adam Firestone, Senior Vice President, Solutions Engineering, Secure Channels, Inc.
View Description
10:00am-11:00am

Converged Identity Issuance & Lifecycle Management

Speaker: Bassam Al-Khalidi, Co-CEO & Principal Consultant, Axiad IDS
View Description
11:15am-12:15pm

Will Future Vehicles Be Secure?

Speaker: Alan Tatourian, Security Architect, Intel
View Description
12:30pm-1:30pm

Closing the IT/Security Industry Gap: What Security Practitioners and Consultants Must Know and Do

Speaker: Ray Bernard, President and Principle Consultant, RBCS, Inc.
View Description

We use cookies to operate this website and to improve its usability. Full details of what cookies are, why we use them and how you can manage them can be found by reading our Privacy & Cookies page. Please note that by using this site you are consenting to the use of cookies.