Cover6 will facilitate a Capture The Flag (CTF) event – stay tuned for more details!

The 2018 agenda will be posted soon. Below are a few of the speakers and topics that will be presentated at the ISSA Mid Atlantic Information Security Conference.

(click name for bio)
Merritt Baer
Cybersecurity as a Social Justice Issue
You might not think of cybersecurity as a social justice issue, but it is. From your cell phone to your shopping habits to your employer, you are inheriting a set of practices that the businesses you interact with have invested in their products and services. Each of us inherits cybersecurity as a function of our relative wealth, and there are important ways that it is reverberating through every aspect of our daily interactions. I think it is time for a national conversation about this reality. Link to the full article, the basis of the talk:
Amber Schroader
6 Keys to Conducting Effective Smartphone Forensic Investigations
As every investigator knows, smartphones have increasingly become a part of criminal investigations in both criminal and civil arenas. The good news is that additional insights and potential evidence is available on these devices that can be the key to finding the data needed to complete an investigation. The bad news is that investigators have an entire new set of challenges including encryption, acquiring a physical image, understanding the various file systems, Apps and all of their data, and the potential that the suspect may remotely wipe the data off the mobile device before it is examined. The headaches are endless, but so can the rewards. 1. App data and where it hides 2. Encryption barriers and options around them 3. Proper expectations of recovered data 4. Ability to include smartphone data in cyber investigations
Jeff Cook
Evaluating AICPA SOC Reports: A Security Manager's Guide to Understanding SOC Reporting
AICPA SOC reports are being produced by service organizations at an all-time high rate. This presentation is designed to give security managers a general understanding of the different types of SOC reports, changes coming in 2018 for SOC reporting, what key elements to look for in the reports, and what some typical warning signs might be.
Michael Misumi
Johns Hopkins University Applied Physics Lab (APL)
An Operational Cyber Security Perspective on Emerging Challenges
Because of the business they are in, or the data they maintain, some organizations draw significant attention from APT (advanced persistent threat) attackers. What does an APT cyber attack look like from a defender's perspective? What lessons can be learned-and applied-after a cyber attack that actually make a difference? Innovative ideas are not limited to new technology, but can occur in policy, concept of operations, process and other areas. For example, there is potential synergy between corporate IT/SOCs, cyber R&D, and the cyber security applied to critical mission systems. However, exploiting this synergy is not free, and many organizations struggle in applying the tools they develop to the real-life problems their SOC operators encounter on a daily basis. This talk will cover innovative ideas stemming from this cyber-related synergy, and where it has led to new approaches in malware analysis, network architecture, multi-organization collaboration, visualization of the battle space, and automated cyber response.
Claude Williams
Cybercrime Trends
Claude L. Williams will present a dynamic presentation regarding the latest cybercrime trends from the most recent results of surveys and studies. The data is astounding and will help the listener understand the threats and vulnerabilities that exists personally and in the workplace. This presentation is comprised of real-world scenarios and examples of data breach and cybercrime incidents.
Evgeniy Kharam
Herjavec Group
Securing outbound browsing traffic in the era of mobile workspace and SaaS applications
A modern user can conduct business from multiple locations and with many devices, whether in the office, on the go, or while not even using a company device. With the increase of cloud SaaS applications, it becomes harder and harder to achieve comprehensive security controls. When designing security controls, there is a need to consider how to limit what users can do while they access the internet (ie: DLP URL/Application filtering, data bandwidth limitations, quality of service, etc.). There is also need to provide secure connectivity (ie: providing authorized and auditable secure access to the internet, preventing malware coming into the organization and providing intrusion prevention filtering to the traffic flows exiting and entering an organization, etc). This session will provide a walkthrough of different practical security uses of technologies such as CASB and Cloud Security Gateways. Examples will incorporate security controls such as User Identification, SSL Inspection, URL/App Filtering, IPS, DLP, Sandboxing, ATP, and Logging.
Tyrone Wilson
Performing Passive Reconnaissance
Join us to learn ways to gain information on a person or agency. The internet contains information about nearly every person and/or company. This information can be used by attackers to eventually gain access to a network or even your home. The identified information can also be used to determine what information is publicly available. In this session we will use various tools, with an attackers mindset, to gather information on a potential target without the possibility of getting caught. Based on our findings we will discuss ways an attacker would use them to develop potential attack vectors. All tools used in the session are FREE and publicly available.
Jack Oden
Introduction to ICS Security
As IT security practitioners we seldom consider the security, reliability, and other issues associated with the power and HVAC support systems on which we depend. Beyond that, there are critical infrastructures responsible for production of community and backup power and major facility HVAC. Although many IT security tools and techniques can be applied to protect these critical support systems, there are also many that can cause delays, damage, accidents, and even death. This presentation will introduce the unique concepts of ICS security and reliability and begin to address the concerns with IT security tools and techniques.
Jeff Williams
Aspect Security / OWASP
Getting Started with DevSecOps
Our IT systems are more critical than ever. And we're building more of them, at higher speeds, using open source, cloud, APIs, and "software defined" technologies. We simply can't continue to rely on a small team of security experts to achieve security - it just isn't fast enough and it doesn't scale. DevOps has achieved amazing results for software speed and quality. But can DevOps techniques be translated and applied to security? Yes! In this talk, Jeff will introduce the basics of DevSecOps and help you establish a security pipeline using a variety of tools, including both IAST and RASP. You'll learn how to get your security work flowing, how to create continuous security feedback, and how to create a culture of security experimentation and learning.
Frank Walsh
Vice President, Solution Architecture
In 2017, hackers had a huge impact on businesses with major outbreaks of ransomware like WannaCry and NotPetya. Join Malwarebytes Labs in our annual look back as we take a deep dive in what threats grabbed not only our attention but the world's attention. And hear our predictions for 2018.
Chris Porter
Fannie Mae
Building a Crown Jewels Protection Program
Over the last two years, Fannie Mae undertook a journey to build out our Crown Jewels Protection Program. We want to share the process we used to identify the location of crown jewels, the steps taken to protect, the detection mechanisms implemented, how we're leveraging analytics to reduce access, and the challenges and opportunities we encountered along the way. It's a path to progress, not to perfection.
Rich Friedberg
Capital One
Enabling the Business: Technology Transformation and Cloud Migration
Security teams exist to support and enable the business. Join us to learn more about Capital One's technology transformation efforts and cloud journey, and how security has transformed itself to support. We'll cover background context, dive into details of our core tenets, how our approach to security has evolved, and highlight tools that we've released open source.
Bob Stratton
Security Theory
Coming Soon
Bernie Nallamotu
Rean Cloud
DoD Practice Head
Cybersecurity at Scale
REAN Cloud will share thought leadership in cybersecurity within federal space using real-life case study. There are multiple options, choices, and paths taken by the industry today. The glaring gaps present in most of the deployments can result in irreparable liabilities as well as a change in Mission outcomes. DISA SCCA, DoD CC SRG IL 2,3,4,5,6, FedRAMP, ITAR - how are these used and why are they important? Join REAN cloud in this short presentation to understand how to respond and be ready with proactive solutions to comply to different Compliance regimes.
Jason Taule
FEI Systems
Chief Security and Privacy Officer
Supply Chain Management: The call is NOT coming from inside the house!
Premise: - We've achieved full compliance - We now compliance and security are not the same - The better we are at threat protection the more difficult our job becomes - They're still getting in and data is still getting out Conculsion? - Our proximity to full protection fosters a flase sense of security - We missed something Hypotheses: - It's not a new avenue - It's been there the entire time - We just weren't paying attention
Mr. Randall Trzeciak
National Insider Threat Center at CERT
Building an Effective Insider Risk Mitigation Program
Since 2001, the CERT National Insider Threat Center has been collecting data on insider incidents and has amassed a repository of over 1600 incidents where insiders have caused harm to critical assets and from those incidents has developed models of insider incidents describing how incidents tend to evolve overtime. This presentation will provide multiple incident examples, describing the potential technical and behavioral risk indicators ; the financial, operational, and health/safety impacts to organizations; and provide actionable guidance on how to build an effective insider risk mitigation program.