After the conference please join the ISSA Chapters at Nantucket’s Reef for a networking reception from 5:30 PM – 7:00 PM. All conference attendees are invited. Nantucket’s Reef is a short walk from Building II, located at 9755 Traville Gateway Drive Rockville, MD 20850.
Click a block to view session details
Potomac & Rockville
Gaithersburg & Bethesda
Mr. Randall Trzeciak
Since 2001, the CERT National Insider Threat Center has been collecting data on insider incidents and has amassed a repository of over 1600 incidents where insiders have caused harm to critical assets and from those incidents has developed models of insider incidents describing how incidents tend to evolve overtime. This presentation will provide multiple incident examples, describing the potential technical and behavioral risk indicators ; the financial, operational, and health/safety impacts to organizations; and provide actionable guidance on how to build an effective insider risk mitigation program.
REAN Cloud will share thought leadership in cybersecurity within federal space using real-life case study. There are multiple options, choices, and paths taken by the industry today. The glaring gaps present in most of the deployments can result in irreparable liabilities as well as a change in Mission outcomes. DISA SCCA, DoD CC SRG IL 2,3,4,5,6, FedRAMP, ITAR - how are these used and why are they important? Join REAN cloud in this short presentation to understand how to respond and be ready with proactive solutions to comply to different Compliance regimes.
AICPA SOC reports are being produced by service organizations at an all-time high rate. This presentation is designed to give security managers a general understanding of the different types of SOC reports, changes coming in 2018 for SOC reporting, what key elements to look for in the reports, and what some typical warning signs might be.
As IT security practitioners we seldom consider the security, reliability, and other issues associated with the power and HVAC support systems on which we depend. Beyond that, there are critical infrastructures responsible for production of community and backup power and major facility HVAC. Although many IT security tools and techniques can be applied to protect these critical support systems, there are also many that can cause delays, damage, accidents, and even death. This presentation will introduce the unique concepts of ICS security and reliability and begin to address the concerns with IT security tools and techniques.
Over the last two years, Fannie Mae undertook a journey to build out our Crown Jewels Protection Program. We want to share the process we used to identify the location of crown jewels, the steps taken to protect, the detection mechanisms implemented, how we're leveraging analytics to reduce access, and the challenges and opportunities we encountered along the way. It's a path to progress, not to perfection.
Our IT systems are more critical than ever. And we're building more of them, at higher speeds, using open source, cloud, APIs, and "software defined" technologies. We simply can't continue to rely on a small team of security experts to achieve security - it just isn't fast enough and it doesn't scale. DevOps has achieved amazing results for software speed and quality. But can DevOps techniques be translated and applied to security? Yes! In this talk, Jeff will introduce the basics of DevSecOps and help you establish a security pipeline using a variety of tools, including both IAST and RASP. You'll learn how to get your security work flowing, how to create continuous security feedback, and how to create a culture of security experimentation and learning.
Premise: - We've achieved full compliance - We now compliance and security are not the same - The better we are at threat protection the more difficult our job becomes - They're still getting in and data is still getting out Conculsion? - Our proximity to full protection fosters a flase sense of security - We missed something Hypotheses: - It's not a new avenue - It's been there the entire time - We just weren't paying attention
Visibility has always been a challenge for enterprise security, but as we move to a cloud first world, where employees can be productive at any time, from any location, on any device - traditional security strategies are crumbling. Today, an employee can be sitting at his desk within the confines of the corporate office and yet the enterprise may be completely blind. Why? Because he's chosen to jot down notes on his smartphone and they're synced to Evernote over a 4G network. Increasingly, we no longer control the device, the network or the data. Combine this with the explosion of encrypted communications and suddenly that expensive legacy security stack is relegated to protecting a small fraction employee Internet traffic. We can't protect what we can't see and it's clear that we need to rethink how we protect employees in a cloud first world.
Job Postings in Cybersecurity are up over 74% over the past five years 285,681 Cybersecurity job openings in the U.S. as of April 2018. The deficit of cybersecurity professionals is expected to grow to more than 1.8 million workers globally by 2022. Employment is projected to grow 28% from 2016 to 2026. It's a positive, and indicates that companies are hiring. But hidden behind the huge number of cyber job openings is the fact many Americans don't have the cyberskills to fill them. America needs to build a competitive cybersecurity workforce. Employers are facing complex workforce challenges in competitive domestic & global markets. Apprenticeship is a time tested model for recruiting training and retaining world class talent used by industry for decades. "Apprenticeship is the alternative university, except without the debt,"
Registered apprenticeship is a solution and can be integrated into existing education, training and human resources development strategies. An industry driven method proven to attract, train and retain a highly skilled workforce.
Security University is betting on apprenticeships to help bridge the cybersecurity job skills gap. The 1st Intermediary Sponsor Registered CyberSecurity Apprenticeship Program is Security University's Qualified/ CyberSecurity Registered Apprentice Program (Q/CyberSecurity RAP) approved April 2018. CyberSecurity apprentices now can leap the cybersecurity experiential chasm to fill thousands of cybersecurity jobs by 2020 as cybersecurity apprentices earning above average cybersecurity salaries while learning cybersecurity and earning a Qualified/ CyberSecurity Certificate of Mastery from an accredited school.
7 traits employers look for in the Qualified/ Cybersecurity Apprentice program candidates:
Perhaps you've read the books, taken all the classes, received the degree and have taken the time to network. There is nowhere near a shortage of cyber and info security positions available, so this is where the job hunt begins. However, you don't have experience. What if, through cybersecurity apprenticeship you can learn cyber while you gain the skills and experience at any level you choose. What traits are cybersecurity employers looking for from cybersecurity apprentice?
The truth is, tech capabilities can be taught. There are, however, a number of qualities that hiring InfoSec professionals are looking for; here are some of the top traits and needs:
Security teams exist to support and enable the business. Join us to learn more about Capital One's technology transformation efforts and cloud journey, and how security has transformed itself to support. We'll cover background context, dive into details of our core tenets, how our approach to security has evolved, and highlight tools that we've released open source.
The session will cover the evolving cyber threat landscape including the advanced persistent threats, targeted social engineering attacks on employees, zero day attacks as well as insider threats and identify common patterns in today's sophisticated cyber-attacks. Attendees will learn about the convergence of cyber and physical security and how the new big data solutions can take structured and unstructured data from multiple disparate sources and are able to correlate and provide real time actionable intelligence to effectively detect, respond, mitigate and prevent the advanced threats and risks. This track discusses high-impact cybersecurity approaches, best-practices and solutions to strengthen agency cyber posture, provide real-time continuous monitoring and build a next generation SOC (Security Operations Center).
Cyber-security is more than an IT-challenge, it is a mission imperative. In this presentation, attendees will learn:
• How to navigate the new cyber threat landscape which includes zero day attacks, advanced persistent threats, targeted attacks and insider attacks?
• How advances in machine intelligence, analytics-driven security and cognitive computing combined with hyper-converged web-scale infrastructure is helping agencies dynamically deal with new advanced malware threats, ransomware and anomalous behavior and stay compliant?
• How are the cyber and physical security solutions (including Facial Recognition & Biometrics) converging and how big data analytics solutions can be used to mine through volumes of structured and unstructured data such as logs, human data, authentication data from physical badges, biometrics, video analytics data etc. and be able to correlate in real-time to detect and mitigate threats, risks and vulnerabilities?
• What are the some of the newest perimeter and endpoint security solutions that enable you to build a true end-to-end dynamic security platform for continuous risk monitoring and transform your legacy SOC to a next-gen SOC?
A compromised privileged account can be the difference between a simple network breach and a cyber catastrophe.
When a single system is compromised, it is typically easier to mitigate, isolate, and eradicate the risk and restore control. When a privileged account is breached, it can lead to a major disaster. That's because when a privileged account gets hacked, it allows the attacker to impersonate a trusted employee or system and carry out malicious activity without being detected as an intruder. Once attackers compromise a privileged account, they can typically roam at will through an IT environment to steal information and wreak havoc.
Come to this session and learn:
-How cybercriminals target their victims;
-What you can do to reduce your risk and prevent abuse of your critical information assets;
-The anatomy of a privileged account hack.
Carter Schoenberg, CISSP
The cyber threat landscape continues to impose risk to businesses. While more Boards of Directors are taking guidance from CISOs, understanding how cyber risk is directly tied to fiduciary responsibility is critical. Recent court decisions are impacting how "harm" can be qualified and simply applying due diligence is no longer enough to prevent sanctions or litigation. In this session, attendees will learn how and why cyber is not just "an IT issue" but a business risk comparable with fire, theft or flood concerns. By the end of this session, attendees will be better positioned as to how to engage legal expertise in advance of an incident and how to convey methods to reduce the total cost of ownership to the C-Suite. This session will highlight recently disclosed cyber incidents and how taking legacy approaches to cyber risk are impacting corporate bottom lines.
In 2017, hackers had a huge impact on businesses, with major outbreaks of ransomware like WannaCry and NotPetya. Join Malwarebytes to look back as we take a deep dive in what threats grabbed not only our attention but the world's attention and hear our predictions for 2018.
Because of the business they are in, or the data they maintain, some organizations draw significant attention from APT (advanced persistent threat) attackers. What does an APT cyber attack look like from a defender's perspective? What lessons can be learned-and applied-after a cyber attack that actually make a difference? Innovative ideas are not limited to new technology, but can occur in policy, concept of operations, process and other areas. For example, there is potential synergy between corporate IT/SOCs, cyber R&D, and the cyber security applied to critical mission systems. However, exploiting this synergy is not free, and many organizations struggle in applying the tools they develop to the real-life problems their SOC operators encounter on a daily basis. This talk will cover innovative ideas stemming from this cyber-related synergy, and where it has led to new approaches in malware analysis, network architecture, multi-organization collaboration, visualization of the battle space, and automated cyber response.
Macro IT trends around cloud adoption and BYOD are greatly expanding the threat landscape faced by security organizations who can't keep hiring to cope with the increasing levels of exposure. Security organizations must evolve from a threat-centric reactive environment in order to offer more effective cyber-security. What if there was a solution which could adapt protection dynamically and apply monitoring and enforcement controls, offering protection based on the risk level of users and the value of data accessed? This could enable security organizations to better understand risky behavior and automate the enforcement of policies, dramatically reducing the quantity of alerts requiring investigation and providing more efficient cyber-security. Join in the discussion around the next generation of data protection.
Federal Business Council, Inc.
All rights reserved.