Click a block to view session details
Dr. Taylor Eighmy
Brigadier General Bernie Skoch (USAF, Ret.)
Sarah C. Moffat
There is a critical national shortage of skilled cybersecurity workers, and it's in part because we are failing to attract students early on to the field. As a nation, we need to promote cybersecurity job opportunities beginning in the K-12 level. With a shortage of 1.8 million information security workers predicted by 2022 , it's more important than ever to build an interest in cybersecurity careers and promote interest in the field for young students. Cybersecurity careers are a growing segment of the nation's workforce needs and provide great opportunities for students choosing their future occupations.
The Department of Homeland Security (DHS) is leading such efforts to build the national workforce through its Cybersecurity Education and Awareness Branch (CE&A). CE&A is positioned to address this shortage.
How San Antonio Developed the Foundation for a Thriving Cybersecurity Ecosystem
Abstract: San Antonio is home to our nation's second largest concentration of uniformed and civilian cybersecurity experts. The city's significant military presence, growing private cybersecurity enterprises and nationally recognized technology and research institutions have helped SA develop a large concentration of critical network security assets. In recognition of the city's tricentennial anniversary, hear top business, education and military leaders discuss:
- SA's technological and business development growth, and the city's role in changing the national cyber landscape;
- SA's innovative approach to cyber education and training;
- DOD's cyber-related enterprise growth and opportunities
Robert W. Heller
Roadway vehicles being manufactured today are produced with devices that connect them to the Internet. Manufacturers use these devices to provide a multitude of services including detection of emergency conditions, monitoring maintenance conditions, and providing over the air firmware updates to the numerous electronic control units. Vehicle users make use of the connectivity to stay in touch, provide entertainment, receive navigation aid (directions and traffic conditions), request information and request emergency help.
Similarly, our transportation professionals are expanding networks to the roadside. When combined with the cost of right of way, the impact of construction on current capacity and the cost of the roadway surface itself, the addition of lane miles is being cost prohibitive. By using information gathered from roadside devices, transportation professionals are squeezing more capacity out of the existing roadway system.
As the connectivity continues to expand, the exposure to cyberattacks does as well. The common press as well as the trade publications have related numerous stories of attacks on connected vehicles. Fortunately, the publicized attacks have been "white hat" attacks, but I believe it is only a matter of time before a less well intentioned attack takes place.
This presentation will cover examples of known vehicle attacks, the vehicle attack surface, and countermeasures that vehicle manufacturers can and are taking to mitigate vehicle vulnerabilities. Similarly, a survey of the roadside network will be provided with countermeasures that manufacturers, installers and operators can take to make the roadside network more secure. Strengthening the security of vehicles and the roadside network can provide a more reliant roadway transportation system.
This presentation outlines how to address the problem through a multi-business unit approach, while setting up controls to protect, detect, and respond to the insider threats. Concepts covered include: who insiders are and the most prevalent types; insider threat best practices; foundational procedures and technologies; detection indicators; and a few real world examples of insider activity.
Dr. Daniel Ragsdale
Come explore the past, present, and future of competition-based cybersecurity education! With cybersecurity being such a rapidly moving and changing target, learn about tactics to engage learns young and old through the use of interactive and engaging techniques designed around enabling student-learners to enjoy and want to actively participate in lifelong learning. Journey through the history of cybersecurity competitions, including taking a detailed look at the next generation of competitive platforms and technologies that are being deployed to engage all types of ages, interests, and abilities.
Featured Product: Source Code Management
The recent onslaught of cyber-attacks has left many organizations re-evaluating what's in their toolbox to help combat cyber-crimes. Having the right armor for pre- and post-cyber-attack strategies is the key to survival. Learn how these four innovative products can help you defend your network in real-time. Hear a panel of product development experts and technologists provide insight on next generation tools designed to protect business and personal assets.
Elizabeth A. Rogers
Dr. Richard Ford
R. Sean McCleskey
You're a proactive CEO or Board Chair and realize that a Cybersecurity professional needs its own swim lane in your company. Move over CISO, CTO and CIO. But, wait. How do you describe the position? What are the required skill sets? Where do you find professionals with the unique skillset of a CXO? This (panel) presentation will provide practical advice about the recruitment sourcing and selection of the candidate who will provide leadership in this critical role that is evolving on a global basis. Learn how to create the posting, how to screen and facilitate the interview process and how to ultimately select the ultimate candidate.
The National Initiative for Cybersecurity Education (NICE) - a partnership between government, academia, and the private sector - is working to energize and promote a robust network and an ecosystem of cybersecurity education, training, and workforce development. This presentation will report highlights of a variety of NICE coordinated activities, and will discuss in greater detail NICE efforts and various opportunities for CyberTexas participants to be more involved and engaged with the NICE program. Be prepared to
*Explore how Texas cybersecurity education opportunities compare to other states,
*Explore free tools like CyberSeek, the Challenge Project, and the NICE Workforce Framework and learn how they can be used to design cybersecurity career pathways,
*Learn about the National Cybersecurity Career Awareness Week (NCCAW), a national celebration that focuses on increasing awareness about the plethora of careers in cybersecurity, what's in store for this year, and walk away with examples and suggestions of how you can participate and make a difference, and
*Start preparing for this year's NICE K12 Cybersecurity Education Conference to be held in San Antonio in December.
Mr. Bret Piatt
In today's digital world, it is more important than ever to ensure that your data is protected especially with the rise of machine learning also known as artificial intelligence (AI). Machine learning is a popular technology topic as it's becoming a part of our daily lives and can potentially have powerful implications for good and evil. Hackers are now using AI to automate time-consuming attacks with the use of hackbots, email phishing and social media phishing. The presentation will help attendees understand how AI and machine learning are being used for offensive and defensive cybersecurity activities.
Cyber-attack and exploitation are no longer about just stealing information like credit card numbers or identity. The recent events surrounding democratic elections in the U.S. and other nations, and the privacy revelations of how organizations broker personal information, demonstrate how data can be used by state and non-state sponsored actors to influence individuals, governments and businesses.
As more of our world is connected by cyber - even our appliances are now Wi-Fi enabled - we can expect a range of effects beyond what we've seen in the last decade in both scope and impact. Greater reliance on the global interconnected information ecosystem means potential collateral damage for people, government and businesses. In this session, David will share his perspective on what shifts lie on the horizon and thoughts on how we can deal with the disruption they bring.
More than a third of all companies are still approaching cybersecurity manually. This is not sustainable. As cybercriminals get smarter, the need for SOC operations to evolve becomes more important.
The next generation SOC is modular, open, and automated. Integration of data, analytics, and machine learning are the foundations of the advanced SOC. Human-machine teaming turns security events into actionable insights and act to confidently detect and correct sophisticated threats faster.
· Overview of the changing threat landscape and the most important, imminent risks
· An understanding of how to build a human machine teaming structure for maximum efficiency in cybersecurity
· Lessons learned from 3 phases of a state-of-the art SOC build out
During this session, the audience will engage in an in-depth discussion about the following topics:
1) Current State of Cybersecurity - The current attack profile and true segmentation of the attack groups
2) Common Errors and Misconceptions - Three fundamental things we are doing wrong because we are slow to adapt as cyber defenders
3) Good News On The Horizon - Emerging and disruptive cyber technologies and strategies
4) Things to Take Away - Three Relatively Simple Things You Can Do Now to Improve Your Defenses
The most significant risks that businesses today face is Cybersecurity. Security is a people problem, not a technology problem, which is why 95% of breaches are caused by the human element. Cybersecurity is a behavior, not a skill. Yet, we've taught cybersecurity awareness for years as though it were a skill to be learned like any other technology. To change behaviors, we need to understand the underlying habits that govern our responses. This presentation will explore nine key cybersecurity habits, and will look at how you can use those habits to focus on changing behaviors in your security training. Join this session to tailor your approach to awareness training and have the greatest impact for all of your employees.
Whenever a vulnerability becomes known to the public, an organization should ask the following questions in order to adequately understand the actions and urgency necessary to defend against it. Is the organization's technology affected, exposed, vulnerable, patched, exploitable, engaged? Often those questions cannot be fully answered due to a lack of security information their presentation to analyst. This demonstration and paper explore the innovative possibilities utilizing ingested data from numerous sources into a common group of open source capabilities. These capabilities can accept data in any format and allow search, analysis, and visualization methods to provide maximum cyber situational awareness in real time.
Learn about tested techniques and strategies used to seamlessly integrate incident response into information security programs and security operations center environments.
I. Fostering an open source mind set to incident response
II. Maximizing the talent and passion of information security team members
III. Conducting gap analysis without paying for consultants. Who doesn't like to save money?
IV. Leveraging incidents to truly attest to the information security budget.
V. Creating a work environment where professionals learn and sharpen their skill sets.
The latest Cybersecurity tools often tout data analytics, artificial intelligence and machine learning as solutions to help find the needle in the stack of needles, but most major incidents still occur because someone forgot to patch or there was excessive elevated privilege, etc. While there is a lot to be gained from new tooling and technologies, they need to be stood up on a solid foundation that includes getting the basic blocking and tackling done right. This intent of this talk is to remind us that nailing the fundamentals isn't just basic, it's strategic in today's fight against Cyber criminals.
Federal Business Council, Inc.
All rights reserved.