11:00 - 11:50 A.M.
State of New York: Breaking down IT Complexities and Risk Vulnerabilities
Shawn Surber, Tanium
Every 11 seconds, there is a ransomware attack. Yet organizations are spending over $160B on cybersecurity this year alone. While security budgets are rising every year, the vulnerability gap isn't improving - it's only getting worse. In addition, the network and end point landscape has become overly complex. Managing risk is one of the top responsibilities of any elected official in the public sector. But they can only manage the risks they know about. And with silos that often plague public sector agencies of all types, from the state government to K-12 school districts, there can be many unknowns. Silos don't work in IT. The old model of unreliable tools, broken processes and incomplete outcomes is being disrupted. Public Sector organizations need unified data platforms to enable the flow of information across teams, agencies, and departments to surface critical data faster and more accurately. Identifying and remediating risk is mission-critical but the proliferation of data and devices has created a constantly morphing nad expanding network edge. Organizations need to unify tools and data, creating a system that acts as the backbone for all crucial interactions and IT decisions. A single control plane that functions as the nerve center of the domains in IT Operations, Security, Risk and Compliance Management. During this session, we'll discuss:
- Identifying and Remediating Risk
- Modernizing Legacy Platforms and Environments
- Ongoing Compliance and Regulatory Demands
- Converging IT Operations and Security to tackle challenges at one team - one fight
Approaches to Integrating Multi-organization Security
Jim Richberg, Fortinet
With New York creating a Joint Security Operations Center, government and critical infrastructure owners/operators receiving funding to refresh infrastructure and increase cybersecurity, and increasing serious cyber threats, producing shared cyber situational awareness and integrated response is a top of mind issue. The challenges of creating a federated/joint capability across organizations is different from building a Security Operation Center within a single enterprise. The session will explore the building blocks, alternative approaches, and some of the presenter's lessons learned from building and integrating these capabilities in the US Government.
What a Formula 1 Racing Crash Can Teach Us About Incident Response
Mike Semel and Rose Ketchum, Semel Consulting LLC
When it comes to cyber incident response, there's a lot to be learned from a Formula One crash. There's more in common than you might think between what it took for a driver to survive a high speed wreck and what you can do to survive a data breach or ransomware attack. I'll put you in the driver's seat to see what if you could have survived the crash, and if you are really prepared to survive a cyber incident. (Don't be so sure that you are invincible.)
Cryptocurrency & Cybercrime an Introduction
William Mendez, Friedman CyZen
The session will introduce participants to the world of cryptocurrency and its dual role in facilitating crime and as a victim of cyber attacks perpetrated by cyber criminals. The presentation provides a basic high-level introduction to block chain technology as it relates to cryptocurrency. It will also provide a general overview of why cryptocurrency is used by cybercriminals and discuss concepts of anonymity and laundering. As more people and organizations begin to dabble in cryptocurrency or blockchain general, it is important that they understand the emerging cyberthreats in this space. As such, the presentation will discuss current cyberattacks against legitimate cryptocurrency organizations and their clients. The ultimate goal is to provide the participants with a basic knowledge of cryptocurrency, its ability to facility criminal activity, and current threats that may affect anyone thinking of investing in cryptocurrency.
Be better, listen to a hacker
Tyler Wrightson, Leet Cyber Security
There are common challenges with every cybersecurity program. To effectively lower risk from Hackers you must understand them, think like them and most importantly communicate about them. Join Tyler (a pure red teamer) to understand strategic and tactical things you can do tomorrow to increase the efficacy of any cybersecurity program or position.
Verizon 2022 Data Breach Investigations Report
Neal Maguire, Verizon
Dive deep into the latest publication of the Verizon Data Breach Investigations Report - the most widely read security research report in the world. The session will cover the most notable and actionable shifts in the cybersecurity threat landscape along with key insights from Verizon's Insider Threat Report. Attendees will learn from real world investigations regarding threat actor tools, techniques, and procedures along with a walkthrough of a recent case study. The report leverages dozens of contributing organizations from around the world in order to provide the best possible cross-sectional view of the threat landscape.
ASIA Session 1: Cyber Threats
Paper: FRUITY: Automated Behavioral Convert Channels on the Discord Application
Grant Bierly, and Daryl Johnson, Rochester Institute of Technology
Paper: Covert Channels in Poptropica
Duncan Brickner, Jake Edom, and Daryl Johnson, Rochester Institute of Technology
1:00 - 1:50 P.M.
Size Matters - Why Cybersecurity Fails for 99.9% of Us
Reg Harnish, OrbitalFire
When cybersecurity was invented some 60 years ago, it had a big job. Protecting cold war secrets from hostile state actors meant thinking through all possibilities and all threats - after all our lives depended on it. Fast forward 60 years, and cybersecurity has become even bigger and more complex. Today, most common frameworks have hundreds - even thousands - of controls. Perhaps this makes sense for Fortune 500 enterprises, but it's incomprehensible for 99.99% of the US economy: small businesses. If we have any shot at herd immunity, we're going to need to inoculate more than just the biggest organizations on the planet.
Join Reg Harnish, CEO of OrbitalFire, Founder and former CEO of GreyCastle Security and former EVP of the Center for Internet Security as we explore cybersecurity solutions that are more accessible, affordable, and applicable to the rest of us.
Star Power! Level Up Your Cybersecurity Program
Jeffrey Baez, Splunk
A Security Maturity Methodology (S2M2) is a security assessment tool that aligns the strategic and operational goals of a cyber security program, combining equal parts people, process, and technology, to help organizations mature their security program born out of several security best practices, frameworks, and industry standards. For SLED leaders to derive value associated with data, innovation requires visibility across the technology stack. Without access to ITOps, DevOps, or SecOps data, and the analysis to make sense of it all, it is virtually impossible to reduce overall risk effectively. This eloquently sums up the challenge executives face to protect their organizations from cyber attacks but often fail to prioritize preparation or assume a bevy of security products has them covered. The S2M2 assesses the maturity of a cybersecurity program using measures pertaining to the various cybersecurity frameworks and a guided journey to understand existing business operations and then provide guidance on how to mature their operations based upon business priorities. The outcome of the S2M2 provides a security roadmap that an organization can use to bring their security program maturity to the next level. The maturity model in the roadmap uses a multi-level model, signified by "Maturity Indicator Levels (MIL)", to assess the current state and to identify the areas that need to be worked on.
Key Benefits:
- Demonstrable decreased business risk
- High fidelity, contextual security alerts
- Discover true positives faster
- Identify and remediate gaps in SOC operations
- Proactively detect, investigate, and defend against threat actors
- Automations that decrease response time and team effort
- Achieve internal and external compliance
Digital Identity in Support of the Modern College Experience
Jeremy Anderson and Gagan Pall, Deloitte
In support of a modernized college experience higher education IT infrastructure is changing rapidly. Enabling future direction is the idea of marrying in-person and remote users with on-premise and cloud-based resources into a single hub. Then wrapping this virtualized student union in a frictionless identity centric blanket of security. Learn how colleges and universities are using digital identity to enable student experiences, promote collaboration and integration across institutions.
Adapting Your Security Program to Evolving Cyber Threats
Jennifer McLarnon and Manoje Nair, Accenture
In this session we will provide an overview of the global threat and information landscape, especially in light of Russia's invasion of Ukraine, subsequent cyber related events as well as threats from the Great Resignation. We will highlight industry specific threats and share universal, practical recommendations to help organizations increase their resiliency, mitigate risks and protect access to and counter rising costs of cyber liability insurance. We will focus on tactical measures and the benefits of targeted assessments, roadmaps, incident response retainers and the pros and cons of managed security services.
Security Awareness Training Isn't Working. But This Will.
Robert Siciliano, ProtectNowLLC.com
Our philosophy is "all security is personal". Personal security is violence and theft prevention in the physical and virtual world. People don't want to think about, nor do they believe security incidents can or will happen to them, therefore they generally discount the realities or the vulnerabilities that they or their business might face. They function in denial that it can happen to them. As a result of this denial, they fail to engage in security functions in the workplace. We show them through a transformative process how security is easy, it's good for you, it's empowering and is a personal benefit to them, and how it enriches their lives and benefits their employers. We provide a very different and positive perspective. When teaching security awareness and making it personal, the student is more likely to take action in the workplace as it is first about them. Humans are selfish or self-interested creatures and their day-to-day activities need to benefit them first. However, "security awareness" is only a simple "acknowledgment" of various security issues and risks. Our goal is to elevate the attendees' experience and change their behavior to the level of "security appreciation" which is not simply an acknowledgment of security issues, but an action-oriented appreciation for the value that security provides. By doing so, the attendees no longer look at the function of security in the same way. Instead of denying security and thinking that it is an issue of "paranoia" they see it as a necessity that they need and want.
The Need to Improve Enterprise Resiliency to Combat Disasters and Cyber Attacks
Hector Rodriguez, Amazon Web Services
Disasters, whether human-made or natural are unavoidable, so planning for them is critical to ensuring your organization can continue to operate regardless of the situation. Most organizations are aware of and planning for high-profile data breaches and ransomware but many are not prepared for the most common types of disasters and human errors. Any IT downtime can impact data access and cause interruptions in operational performance system-wide. This session will outline common IT disasters, explore the need for organizations to be more resilient, and provide an overview of enterprise resilience and where it's needed. Differentiate between resiliency and disaster recovery. Discuss resiliency and explore more resilient options for preparing for and mitigating risks. Learn how a hospital has started its journey to be more resilient to disasters (use case).
ASIA Session 2: Cybersecurity in Healthcare
Paper: Security Breaches in Healthcare Organizations: An Exploratory Mixed Method Study
Arpan Jani, University of Wisconsin and Naren Peddibhotia, SUNY Polytechnic Institute
Paper: Impact of ransomware on health and safety of individuals: Reflections from recent breaches
Ashwini Kumar, SUNY-University at Buffalo, Manish Gupta, SUNY-University at Buffalo, Raj Sharman, SUNY-University at Buffalo, and Srikanth Venkatesan, Cal Poly Pomona University
2:10 - 3:00 P.M.
Assessing and Quantifying Cyber Risk
Asha Abraham, HubSpire Corp
Data, intellectual property, and other technologies drive market value today - these are the intangible assets that fuel our digital economy. The World Economic Forum's The Global Risks Reports, ranks cybersecurity failure as a significant global risk, for the last few years now. In an increasingly connected world where technology domains converge to create new and innovative digital business opportunities, cyber threat scenarios have the potential to challenge business viability if cyber risk management is not built into the business strategy. In this session we will talk about how to make cyber risk more measurable for your organizations and enable data-driven decision making.
The current cyber threat environment, Shields Up and CISA Cyber Security Resources
Michael Hastings, Cyber Security and Infrastructure Security Agency (CISA)
National Cybersecurity Policy: Prescriptive, Voluntary or Hybrid
Robert Mayer, US Telecom Association
The session will explore major cybersecurity policy directions and the expanding role of multiple entities including initiatives in Congress, the White House, regulatory agencies and at key cabinet agencies. Given the increasing threats from nation state adversaries and the reality that the vast majority of U.S. critical infrastructure is in the hands of the private sector, the session will draw on current research and developing government infrastructure to assess the viability of public-private partnerships, compliance regimes, and other emerging innovative hybrid models.
War and Cyberwar Expert Panel
Chandra Whitley, Arctic Wolf
Bruce Cheney, Arctic Wolf
Jenny Holmes, Nixon Peabody LLP
Luke Emrich, Tetra Defense
Gas prices are at an all-time high. Nation state threat actors have crippled hundreds of corporations in recent high-profile breaches. Russia is at war with Ukraine raising fears of retaliation against US infrastructure, financial, and other segments.
This presentation is meant to unpack some of the behind-the-scenes geopolitical and cyber posturing that is happening across the world right now. After this event, you'll be better prepared to defend against and respond to cyber-attacks and to do so expeditiously.
Our experts have decades of combined experience in both offensive and defensive cybersecurity risk management and law. We've been a part of breaches including working with law enforcement agencies on a local and federal level.
Common Security Challenges and Best Practices in a Hybrid Cloud Environment
The NYS Forum Information Security Workgroup:
R. Grace Dillon, NYS Office of Information Technology Services
Jonathon Mahoney, Presidio
Andre Alves, Trend Micro
David McCurdy, Amazon Web Services
Stephen Clark, Fortinet
Please join the NYS Forum's Information Security workgroup for this fireside chat regarding Common Security Challenges and Best Practices in a Hybrid Cloud Environment. R. Grace Dillon, Executive Director of Revenue, Finance and Public Integrity Portfolio at the NYS Office of Information Technology Services, will moderate this engaging and interactive panel and pose questions to four experts in the field. Our expert speakers will answer questions such as: How are organizations handling the transition form on Prem, hybrid to cloud only applications; Is cloud-native security really fundamentally different than my already well established cybersecurity practice; What lessons did the CTO of Colorado learn after being subject to a state cyber attack; and, Why is there often a disconnect between the DevOps team and the traditional Security Team? Our experts will also be able to answer your questions on these and other questions.
Managing Digital Identity Threats Through Data-Driven Risk Decisioning
George Freeman, LexisNexis Risk Solutions
Identity fraud is impacting organizations globally resulting in endless data breaches, new threat vectors like supply-chain attacks, and user personally identifiable information (PII) harvesting through social engineering. A recent statistic confirms that approximately one-third of online transactions are from BOTs or fake identities. Add to that the exponential volume of stolen identity data, which is being bought & sold on the dark web, has fueled recent increases in identity fraud. As digital identity gradually replaces physical identity, online users are now facing a growing world of identity threats. Digital identity data-driven risk decisioning provides a robust workflow that addresses the rising threat of identity fraud utilizing multiple touch points. The differentiator in this design is a secure repository of global device and user-persona history data. Protecting organizations' portals from bad actors is accomplished by matching customer, citizen, or employee device/identity attributes to a data analytics-driven digital identity and its digital risk history. By processing this data through an intelligent rules-based policy, organizations can make split-second automated risk decisions on any device/identity before letting them through the front door. This workflow continues to evolve adding new attributes, additional identity proofing and authentication solutions to the decisioning engine. Emerging capabilities now include behavioral biometrics and advanced fraud analytics that provide organizations a powerful solution to stay ahead of emerging identity fraud threats.
ASIA Session 3: Invited Talk
Invited Talk: The Secure Remote Workforce That is Equal to Being In-the-Office
Antony K. Haynes, M.S., J.D, Associate Professor, Albany Law School, John D. Flory III, Chief Information Security Officer, Harbor Networks, and Paul Centanni, Cybersecurity Architect
3:20 - 4:15 P.M.
Cybersecurity Tsunami is Coming, Are You Ready?
Sanjay Deo, 24By7Security, Inc.
With increasing earth population and over 4.5 Billion humans connected to the Internet, everybody is leveraging the Internet connectivity for productivity increase and financial benefits. As the Internet is being used by companies and people alike for their benefits so are the bad actors using the Internet to perpetrate various crimes posing a huge risks to businesses and to each other. This level of connectivity and advancement have led to the rise of cyber crime which is focused on stealing of data, hacking in to IOT devices and stealing intellectual Property. US Government has implemented number of recommendations and regulations regarding Critical Infrastructure Protection and reporting. This presentation is focused on discussing the implications of privacy and security and how to manage the cybersecurity risks.
Learning Objectives: Executives will learn
- Cybersecurity Landscape and impact on various industries especially Financial Services
- Privacy and Security Regulations and various risks (Regulatory, Financial, Reputation)
- Cybersecurity Terminology to decipher what the CIOs and CISOs are talking about
- Ransomware mechanics - Roles, Responsibilities and To Pay or not to Pay?
Modern Threats, Modern Security Frameworks and Modern Approaches to Network Segmentation
Tom Buffton and Tommy John, VMWare
We will be talking about modern threat actors, their tradecraft and how to align security programs to the Zero Trust framework to provide a defense in depth model for the data center.
Mightier than the Sword: A Discussion of the New York SHIELD Act
Derek Boczenowski, Compass IT Compliance, LLC
Join us as we look at the Stop Hacks and Improve Electronic Data Security (SHIELD) Act. The act was enabled in 2019 to strengthen New York data security requirements. During this presentation, we will provide guidance on what the law contains, who is required to adhere to it, go over private information definitions (based on the SHIELD act), discuss the safeguards the law requires to be in place, and offer suggestions on steps to take both internally and technologically to achieve compliance and secure private information!
Demystifying Quantum Computing and Associated Risks: How do I Deal with a Threat That Has Not Emerged Yet?
Kiran Bhujle, SVAM International Inc.
Shahryar Shaghaghi, Quantam Exchange
Until a couple of years back, quantum computing was often seen as a technology that would emerge in the distant future. Since then, we have been seeing a significant push to bring quantum computers into the mainstream, which will have a transformative impact on organizations, businesses, and society. In this session, we will discuss the evolution of quantum computers, the timeline, and what can I do now?
The Fifth Dystopia: How AI Weaponizes Human Bias
Antony Haynes, Albany Law School
Without swift, decisive action, the promise that machine learning/artificial intelligence will bring about a more just and humane world will not simply be frustrated but permanently inverted. A world of unceasing and unchallenged inequity, permanently enshrined by invisible, ubiquitous, computer code would be a future closer to racial and genetic caste system of Aldous Huxley's Brave New World than anything resembling the ideals of liberal democracy. The world we are creating is a software algorithmically-enforced apartheid, where automated decision-making software enforce an eternally rigged status quo. Step by step, line of code by line of code, our smartest and most innovative organizations in technology and science are ensuring that all of the technology --from sink faucets to package delivery, from resume scanners to language translation, from face recognition to criminal sentencing-- all encode and perpetuate the gender, racial, and other biases present in human society.
Protecting Your Business in the Age of Ransomware
Steven Keys, Dell Technologies
Data is the lifeblood of business and other organizations in this digital age. Yet that data and the applications running the business are under constant attack. Nation states create cyber weapons that lock up data centers, sophisticated criminals employ the latest capabilities to gain access and encrypt data for ransom while destroying backups, and the threat of insiders becomes more critical as the stakes grow higher. In this session, learn the details about how sophisticated cyber-attacks occur; why cyber insurance isn't enough and why paying a ransom must be the option of last resort; and techniques and capabilities that can ensure your businesses' ability to recover safely and efficiently from even a sophisticated cyber disaster.
ASIA Session 4: Cybersecurity in Critical Infrastructure
Paper: Emerging Ransomware Threats: Insights from Recent Research
Shreya, SUNY-University at Buffalo, Vandana Mehra, SUNY-University at Buffalo, Qazi Sohae, SUNY-University at Buffalo, Manish Gupta, SUNY-University at Buffalo, Srikanth Venkatesan, Cal Poly Pomona University, and Raj Sharman, SUNY-University at Buffalo
Paper: Cybersecurity for Autonomous Vehicles: Attacks and Defense Strategies
James Gillanders, and Prinkle Sharma, SUNY - University at Albany