Interactive Training Sessions

Threat Hunting and Analysis

Dr. Peter Stephenson

Tuesday - June 7, 2016  9:00am-4:00pm*

*Please note this training occurs before the conference, Pre-Registration is Required.

Threat intelligence has become the coin of the realm in fighting cybercrime.  However, simply knowing who the bad guys are and what they do is not enough.  You must be able to dig for actionable intelligence and apply that explicitly to your environment.  Broadly speaking we call that threat hunting.  Once you have determined the nature and details of threats to you enterprise you must be able to disseminate them in a manner that is understandable by both humans and machines.

This full day hands-on lab workshop will introduce you to threat hunting techniques, tools - both free and commercial - that you can use and how to translate your findings to Stix for dissemination to a variety of audiences, as well as consumption by an increasing number of security devices such as IPSs and firewalls.  You will work in a virtual lab environment using tools and techniques to discover threats, research them in depth and create Stix profiles.  By the end of the workshop you will have compiled a list of tools that you can use, evaluated those tools in a lab environment, created a Stix profile of an actual cyber campaign and presented your profile to the rest of the class.

Visit the Center for Digital Forensic Studies' Training Portal to read the syllabus and other course related materials.

For this workshop you will need to bring your own Windows laptop and have the current version of the Chrome browser pre-installed.  All other tools will be available on a virtual lab machine to which you will connect remotely.



Nuts and Bolts of Cyber Security Risk Management

Deborah Snyder and the New York State Office of Information Technology Services, Enterprise Information Security Office (EISO), Governance Risk Management and Compliance Team

Tuesday - June 7, 2016 9:00am-12:00pm*


Wednesday - June 8, 2016 1:15pm-4:15pm

*Please note this training occurs before the conference.

Pre-Registration is Required.

Analyzing the information security risks in an organization is a fundamental task of security management in an organization. Yet, organizations continue to struggle to identify cyber risks and use this information to drive security investments in the organization.  This tutorial takes the students through an organization's risk management process. The tutorial provides a broad overview of risk management and then delves deep into the actual analysis process through cases and examples. The first part is the identification of assets, vulnerabilities, and threats. The second part involves determining the exposure of the organization to cyber security risks. The third, is identifying the controls to mitigate the risk to an acceptable level. The tutorial will bring the process to life and provide take away templates.

For this workshop you will need to bring your own Windows laptop and have a PDF reader, Microsoft Word and Excel pre-installed.

Cyber Wargame Simulation: Incident Response from the IT Team to Executives

John Gelinne and John Johnson, Deloitte & Touche

Wednesday - June 8, 2016 11:00am - 12:30pm

As society has become increasingly transformed through Internet-based communication and data exchange, cyber threats have increased in both sophistication and frequency. In many agencies and organizations, executives know that cyber incidents can lead to high-profile losses; rampant media exposure; and damage to client, customer, or investor confidence. State and business leaders have begun to acknowledge that, despite strong security controls, cyber incidents will occur. How heavily they impact an organization's reputation, bottom line, and market standing depends, in part, on how well-prepared the organization is to analyze and contain an incident as it unfolds, respond decisively, and manage the aftermath. Cyber threat war-gaming services help government agencies and organizations establish "muscle memory" and multi-function coordination to better manage the business crises that cyber incidents can cause.  Deloitte will be facilitating a "role-playing" cyber war gaming exercise where attendees participate in a simulated cyber breach and interact with various key players involved managing the risk and response efforts.