Sessions

20th New York State Cyber Security Conference

12th Annual Symposium on Information Assurance(ASIA)

June 7 - 8, 2017

Empire State Plaza - Albany, NY

Big Data

A Day in The LIFE of Securing Our DATA  

Wednesday June 7, 2017

11:00-11:50am

, Symantec

Hari Nanda, Symantec

, Westchester County

With over 500 AV/NGAV vendors and tens of thousands of other cyber security companies on the marketplace, figuring out what works is tough. The average company has technologies from over 61 different Cybersecurity companies. How do you future proof the public's money? The time is past to handle cost and deadline overruns. Budgets are tight and staffing is tighter.

The state is going through a massive consolidation to include a number of initiatives and technologies. This talk will walk through the life cycle of our most critical assets (data), and explore innovative strategies in which the state could align both on premise solutions with off premise to extend the protection of data.  A common term to know for this session is: CASB - Cloud Access Security Broker.  

Using Big Data for Security Analysis

Wednesday June 7, 2017

1:30-2:30pm

, AT&T

A fully connected network brings it all together.

Government is where innovation happens.  Delivering services to constituents where they live and work, agencies are using technology to strengthen community connections.  AT&T continues to spearhead the network revolution, driving innovation and investing more capital than any other US public company.  By bringing together solutions that protect, serve and connect - committed AT&T professionals are working with the public sector to identify and implement technology to transform the business of government.

Wednesday June 7, 2017

2:40-3:30pm

, Semel Consulting

, Semel Consulting

In 2016, HIPAA penalties exceeded $22 million, almost four times the 2015 total. In January, 2017, almost $6 million in new HIPAA penalties were announced.  Within these penalties there are (sometimes hidden) lessons for EVERY business owner, manager, or IT professional - even those not required to comply with HIPAA. Mike Semel and Rose Ketchum will go through case studies of data breach and compliance penalties so you can learn what to do, what not do do, and how you can find the cyber security and compliance lessons hidden in new penalties when they are announced. It's always better to learn from someone else's misfortune than to become a case study yourself.

Meeting the Department of Financial Service's Cyber Security Requirements, and What They Mean for Other Industries

Wednesday June 7, 2017

3:50-4:40pm

, Dealy Mahler Strategies, LLC

The New York State Department of Financial Services (DFS) has issued new cyber security requirements for financial services and insurance companies. The requirements raise the bar for companies' cyber security and impose deadlines for meeting the new standards. Meeting the requirements will be a challenge for many companies.    This session examines the DFS requirements and gives audience members concrete advice on how to meet the requirements. While the requirements are focused on financial/insurance companies, the session will also project what the requirements are likely to mean for other industries, and how companies in other industries should take action to get ahead of the curve. The session will also identify ways that the regulations are forward-leaning, for example their emphasis on governance and risk management rather than prescriptive technologies, and examine how they could become a model towards which other regulatory regimes will move.    The objectives of the session are to help audience members know about the requirements, understand the requirements, prepare to meet the requirements, and think ahead to how the requirements might have secondary effects on them in future.

Cloud

Securing Identities and Data in a Modern, Cloud Enabled Organization

Thursday June 8, 2017

11:00-11:50am

, Microsoft

The pervasiveness Office 365 makes Azure Active Directory (and your integrated on-premises Active Directory) a useful central identity store for public cloud-based applications, regardless of the vendor - Azure AD integrates with thousands of cloud applications.  Identity and data assets are targeted every day, and the increased reliance on and integration of cloud services means protecting them requires more than merely data center-based firewalls, intrusion detection, and a SEIM.  Organizations need visibility into cloud assets and remote data repositories leveraged by identities that can be accessed from anywhere and by a range of devices.  Learn how to secure and monitor your Azure AD infrastructure, as well as to securely integrate 3rd party cloud applications, collaborate with other organizations and vendors using B2B, and create B2C constituent directories with the ability to easily enable features like Multi-Factor Authentication for all users.    

Using DevOps to Achieve Better Application Development and Security in Modern Cloud Environments

Thursday June 8, 2017

1:00-1:50pm

, Quanterion Solutions Inc

, Quanterion Solutions Inc

Managing modern computing environments is becoming increasingly more complex.  Current cloud environments consist of different service models composed of a variety of virtualization technologies ranging from traditional virtual machines to containers and micro services. Recent advances with virtualization have given rise to new methods that facilitate automated provisioning of computing infrastructure.  Infrastructure as Code (IaC) is a DevOps principle that specifies the use of automation to achieve better application security by removing the tedious (error-prone) tasks associated with infrastructure management and application deployment.  However, utilizing automation effectively is challenging because of limited visibility and control brought about by the inherit boundaries and layers composed by most architected solutions. In this presentation, we seek to provide a basic overview of DevOps concepts with an approach that utilizes tools such as Chef and Puppet to illustrate the opportunities and the challenges associated with achieving better application security and management in modern cloud environments.

Blockchain and Cloud Data Chain-of-Custody

Thursday June 8, 2017

2:10-3:00pm

, Cyber Integration and Transition Branch, Air Force Research Laboratory

, NYS Technology Enterprise Corporation

Cloud computing has been adopted by the military as the environment to support data storage, on demand computing, and dynamic provisioning. Assurance of data transfer within intra-cloud and inter-cloud environments is very crucial; however, assurance of the ancestry of the data (where the data came from) is a challenge in cloud environments. Data provenance addresses the lineage of data based on detailed derivation of the data object. To achieve data transfer assurance in the cloud, there is a need for data provenance which will track changes to the data and identify the entity which caused the change. Blockchain technology has attracted interest due to a shared, distributed and fault-tolerant database that every participant in the network can share, ability to nullify adversaries by harnessing the computational capabilities of the honest nodes, and information exchanged is resilient to manipulation.    In this presentation, we present a cloud based data provenance framework using blockchain which traces data record operations and generates provenance data. We anchor provenance data records into blockchain transactions, which provide validation on provenance data and preserve user privacy at the same time. Once the provenance data is uploaded to the global blockchain network, it is extremely challenging to tamper the provenance data. Besides, the provenance data uses hashed user identifiers prior to uploading so the blockchain nodes cannot link the operations to a particular user. The framework ensures that the privacy is preserved. We implemented the architecture on ownCloud, uploaded records to blockchain network, stored records in a provenance database and developed a prototype in form of a web service.

Instrumentation Now! A Software Application Security Guide for Cloud and Hybrid Environments

Thursday June 8, 2017

3:20-4:15pm

, Contrast Security

With the move to cloud and hybrid models, the notion of drawing a traditional perimeter becomes impossible; there's no way to draw boundaries around your software anymore. The only way to secure these applications is to protect them from the inside with instrumentation. Of all the most complex things man has built, almost all of them are instrumented. From airplanes to power grids, we wouldn't even begin to think about operating these complex systems without instrumentation. The future is instrumenting everything. Unfortunately, software in and of itself has essentially no instrumentation built in, just retrospective logs and crash dumps. However, software instrumentation can enable a new level of application insight and control. In this talk, we will discuss how software instrumentation works, its huge advantage over traditional security techniques, and how to establish a real-time application security control plane that is compatible with the modern software development practices.

Critical Controls

Applying the 20 Critical Controls for Risk Asssessment

Thursday June 8, 2017

2:10-3:00pm

, Excelsior College

This session introduces attendees to the CIS Top 20 Critical Security Controls. Tools and techniques to implement the controls will be discussed. With the uncertainty and risks associated with IoT it is essential to understand how to assess a system or a business network and implement controls to eliminate, minimize, mitigate or manage risk. The top 20 is an industry accepted framework for cyber security managers to address all elements within and threats to a network. The incorporation of these controls provides learners with real world skills and experiences.

Building the Blueprint for Information Security Strategy

Thursday June 8, 2017

3:20-4:15pm

, DynTek Services

Join us for a discussion on how to simplify the risk management process through defined and prioritized security controls and policy and procedure templates that align with industry standards such as NIST and COBIT 5.  We will review creating security safeguards, incident response plans, and communication plans to enable organizations to avoid, detect and counteract security risks.  We will dive into a simplified blueprint to assess your current state, plan and architect for a future state, remediate and deploy new security controls to strengthen your security process.

Human Element

Close the Gap: Training and Preparing Our Cybersecurity Workforce for Tomorrow

Thursday June 8, 2017

11:00-11:50am

, Department of Homeland Security, Cyber Education & Awareness

The nation has an ever growing need for expert cybersecurity professionals that can protect our networks and infrastructure from ever increasing threats. However, building a skilled and agile cybersecurity workforce can be a challenge. To close the gap, it is critical for all communities - industry organizations, federal agencies, and academic institutions - to come together and take a holistic approach in coordinating cybersecurity education, training, and workforce development efforts. DHS is leading efforts to increase cybersecurity awareness and education through its National Cybersecurity Education and Training Program (NCTEP). NCTEP offers several free resources to support cybersecurity education, from providing cybersecurity course materials to middle and high school teachers; designating elite cybersecurity degree programs as Centers of Academic Excellence; building a public-facing training catalog of cybersecurity courses at institutions across the country; and offering free cybersecurity training to government employees and veterans (FedVTE). The backbone to these resources is the National Cybersecurity Workforce Framework, co-developed by DHS, and provides all communities with a common definition of cybersecurity, a comprehensive list of cybersecurity tasks, and the knowledge, skills, and abilities required to perform those tasks. By using this workforce framework along with other available resources, communities can work together to strengthen and build onto the pipeline of cybersecurity professionals. Support the cybersecurity workforce challenge by joining this session! Learn more about how to easily integrate these NCTEP resources into your communities. Equip the cybersecurity workforce with the right training, tools, and resources!

Of Phish and Prairie Dogs

Thursday June 8, 2017

1:00-1:50pm

, PhishMe

In the world of rapidly evolving technology it is easy to miss the opportunity to tap into people instead of technology.  In this session you'll learn about tactics to engage your co-workers, conditioning them to identify and report suspicious email attacks.  These efforts enable a workforce of phishing informants and accelerate your phishing incident response workflow allowing your security analysts to respond to attacks quicker and more efficiently.  In addition you'll learn some surprising facts about prairie dogs.

Cyber Security Inoculation

Thursday June 8, 2017

2:10-3:00pm

, Syracuse University - Burton Blatt Institute

, Syracuse University - Burton Blatt Institute

Cyber security inoculation?   We know the basics of cyber security awareness, the challenge is in real life execution and remaining vigilant. This presentation answers questions and provides new insights and suggestions on how we can keep people attentive to cyber security practices in an ongoing way; to keep our systems from getting "sick." This session provides guidance and examples of engaging, and successful strategies and best practices for improving cyber security policy awareness and compliance in organizations, supported by current research and practice. The greatest failure of these systems lies in human elements. Strategies and processes have been identified that improve the human performance and compliance in security related activities. The practice of "inoculation" as a way to keep workers up on information security is presented. In trials, groups that were inoculated presented a greater resistance to a "threat." This session will highlight the current work in this area so that organiations may implement effective policies and practices that will be more likely adopted.

Relevant and Understandable Cyber Security and Privacy for Executives, Managers and Board Members

Thursday June 8, 2017

3:20-4:15pm

, Twinstate Technologies, Inc

Many times the explanations about the threats today and antidotes or defenses to counter them are filled with geek speak or things that are not of interest to executives, managers and board members.  This session covers elements that typically are of interest to this vital group.  For maximum security and privacy today...we must have a great level of awareness, understanding and support to create an organization-wide culture of security and privacy first and it MUST start at the TOP. This session serves as a primer or additional development session to increase awareness for that target audience.  It is also a helpful for those who are trying to communicate with the intended audience.  How you get support for things you know your organization needs to increase security and privacy is dependent on a level of interest, awareness and buy in from those who determine what gets done, when it gets done and how it will be paid for.    Organization's people play a key role in effective cyber security and privacy.  Most breaches can be avoided if security operations, policies and procedures are appropriately defined and followed. In order for this to happen the organization must possess a culture that supports them with awareness and guidance regarding security and privacy, a culture that not just expects and requires employees to follow but hopefully a culture that creates the desire of employees to comply.  With consistent influence by the leadership in regards to security and privacy, this can be a reality.

Incident Response

Tying Cyber Attacks to Business Processes for Faster Mitigation

Thursday June 8, 2017

2:10-3:00pm

, AlgoSec

Time is not on your side when managing security for a global enterprise and facing down a relentless barrage of cyber attacks. So when confronted with multiple suspect alerts you need a way to easily sift through and identify the attacks that will most likely impact key business processes - and quickly take action.   This session will cover security best practices for introducing business context into your organization's incident response processes, and prioritizing and automating remediation efforts accordingly. This insight will give you the intelligence you need to reduce the time and cost of mitigating cyber attacks by orders of magnitude.   This technical session will cover how to:  augment incident triage with critical business context to assess the severity, risk and potential business impact of an attack; prioritize incident remediation efforts based on business risk; neutralize impacted systems through zero-touch automation; limit the lateral movement of an attacker in, out and across your network; and keep all stakeholders involved in the remediation process to reduce disruption to the business.

Incident Management: Moving from Computer Incident Response to Organizational Intelligence

Thursday June 8, 2017

3:20-4:15pm

, Sage Data Security

This session will question the common wisdom of basing incident response strategies and tactics solely around information technology assets and departments. We'll review the organizational skill-set required to effectively manage cyber security incidents and discuss how an organization can use this function to make itself smarter and more resilient. 

Legal

Top 10 Issues in Cybersecurity & Data Privacy Law

Thursday June 8, 2017

11:00-11:50am

, Albany Law School

Attorneys across all legal environments are responsible for taking the lead in identifying key cybersecurity issues. This CLE provides a timely update on the most pressing issues facing attorneys in the cybersecurity and data privacy arena. Key issues include whether an organization has complied with the standard of care for cybersecurity, whether an organization's leadership team has assessed its risk exposure, and whether an organization has prepared to respond to a cyber incident.

Legal Ethics & Technology

Thursday June 8, 2017

1:00-1:50pm

, Albany Law School

This session will cover: What risks do new technologies pose to legal service providers?  What is the standard of care for lawyer's understanding of technology?  What qualifies as "reasonable efforts" to protect client data? Is there a legal duty to encrypt client data?  How does metadata affect inadvertent disclosure?  How do lawyers preserve confidentiality in the cloud?  What is the duty to preserve client data?

Ethical Cybersecurity for NY Lawyers

Thursday June 8, 2017

2:10-3:00pm

, Absolute Software Corporation

Included in this session will be a detailed analysis of the recently-enacted New York Department of Financial Services Cybersecurity Regulations, recent amendments to the ABA Model Code of Professional Responsibility regarding a lawyer's ethical duty to be cyber aware, and the presenter's predictions of the role of the lawyer in protecting his/her client's critical data during the predictable changes (or lack thereof) during the Trump administration.

Contract Considerations for Cyber Risk Management

Thursday June 8, 2017

3:20-4:15pm

, New York State Office of General Services  

, New York State Office of Information Technology Services

, New York State Office of Information Technology Services

A panel discussion on mitigating risk and important legal considerations in drafting contracts.  Counsel will discuss types of contracts where cyber risk should be considered, review protections offered in standard contract resources,  evaluate additional terms and conditions that may be appropriate, and review general "best practices" in this area. 

Local Government

Cyber Security Resources for Local Government

Wednesday, June 7, 2017

11:00-11:50am

Peter Bloniarz, NYS Cyber Security Advisory Board

A review of resources and services available from state agencies and partner organizations.

It Can Happen to You!  Lessons Learned from Local Government Cyber Incidents

Wednesday, June 7, 2017

1:30-2:20pm

Terry Leonard, Village of Ilion

Ann Oot, Town of Manlius

Edmond Theobald, Town of Manlius

Allison Weber, Town of Manlius

This session will cover cyber security incidents experienced by local officials, the actions taken to remediate, and lessons learned from the events.

Security Risks in the Election Process

Wednesday June 7, 2017

2:40-3:30pm

The 2016 presidential election and the accompanying media coverage has raised concerns on the fairness of the election process which is the bedrock of American democracy. There are several points along the election process at which vulnerabilities can be exploited to compromise the election process, including, the voter registration system, voting machines, and information systems of political parties. This presentation aims to elucidate the election process and discuss its security vulnerabilities and threat actors. It also provides insight into what the NYS Board of Elections has been doing to ensure secure and private voting systems in the NY State. This presentation provides an analysis of risks to elections in the United States, followed by a deeper dive into technologies and processes within the NYS election systems and how they mitigate risks.

Overview of NYS Office of General Services IT Umbrella Contracts

Wednesday, June 7, 2017

3:50-4:40pm

, New York State Office of General Services

, New York State Office of General Services

An overview of the IT umbrella contracts, including:  what they are; what they cover (software, hardware, cloud, implementation services); how to use them (example template provided); recommendations for third party service provider selection; and links to available resources.

Mobile Security

How Billion Dollar Enterprises Manage Application Security at Scale

Wednesday June 7, 2017

1:30-2:30pm

, Security Compass

Security Compass recently completed a comprehensive research study by surveying companies across multiple industries with the goal of discovering how large, complex organizations address application security at scale.  The majority of respondents surveyed were multinational organizations who reported annual earnings greater than $1 billion USD.  Through this new research study, we have gleamed novel insights on how large organizations manage application security at scale.  Through this presentation, we will reveal aggregated insights, industry trends, and best practices that illuminate how organizations are addressing application security at scale, so that you may apply and compare these learnings to the state of application security at your own organization.

Policy and Privacy

2017 National Cybersecurity Policy Update

Wednesday June 7, 2017

11:00-11:50am

, US Telecom

This session will provide an overview of major initiatives taking shape under the new Trump Administration.  We will review the roles, responsibilities and projects set forth in a new Cybersecurity Executive Order and initiatives that are underway at the Department of Homeland Security, the Department of Commerce, and on the Hill.  We will discuss the status of current initiatives around information sharing, the Internet of Things, the NIST Cyber security Framework update, and incident response coordination around a catastrophic cyber event.

Blocking Big Brother: Protecting Your Privacy Online

Wednesday June 7, 2017

1:30-2:20pm

, NYSTEC

, NYSTEC

Have you ever purchased something online, then saw an ad for a related item in your social media feed? Do you ever wonder who, or what, is listening to your conversations when your intelligent assistant is waiting for your commands?    You give away a significant amount of indirect information about yourself every day, whether you are online or offline. The online services you use often have the freedom to decrypt and view your emails, photos, contacts, and documents. Something as innocuous as what you buy, or who you follow on social media, can be used by organizations and individuals to determine key facts about who you are and your personal habits. You don't even have to provide the information yourself--your family, friends, and colleagues are inadvertently sharing your information for you.    This presentation will help you to understand how companies find and share information about you. You'll learn how privacy policies affect you, and you will be able to make better choices about what information you share online and how you use electronic assistants. You'll also understand the technological and business reasons for companies to use your data. And finally, you'll learn basic strategies and tactics for protecting your online identity and data.

Raiding the Piggy Bank: Analyzing E-commerce and POS Attacks

Wednesday June 7, 2017

2:40-3:30pm

, Trustwave

This session describes the different ways an attacker can compromise a server via external techniques, and how evidence of those techniques can be discovered. From malware-based spearphishing email to SQL injection to steganography, methods of infiltrating E-commerce web servers and back-of-house POS servers to exfiltrate credit card data, as well as techniques to identify CnC communication are covered.

A New Approach for Resiliency in Today's Cyber Threat Landscape

Wednesday June 7, 2017

3:50-4:40pm

, Splunk

It is not news that the threat environment is getting more complex - not only are there external threats from very determined and sophisticated attackers - nation states, cyber criminals, hacktivists - but the insider threats are also rising.  When it comes to breaches, the new mantra is 'it is not a matter of if but when.  Security technologies are getting increasingly complex and qualified professionals are hard to find, which leads to implementation and management challenges. Systems acquired over decades, are in siloes managed by teams that don't necessarily interact with each other.  So security teams don't have full visibility across the organization making it very difficult to identify and investigate threats - it takes them weeks if not months and is a very lethargic process, leading to significant costs without realizing comparable gains.  Combined with an increased drive to hire additional resources, this has led to an unsustainable spending outlook with evidence lacking on enhanced security posture.  This discussion will cover the new threat landscape and the fundamental shift in strategies necessary to combat them, and to be resilient in this new environment.  The speaker will also discuss best practices for risk management, and provide practical tips on implementing these strategies while overcoming the resource challenges that state and local government face when improving their security posture.

Ransomware

You Can Take the Sting Out Of Ransomware

Wednesday June 7, 2017

11:00-11:50am

, CGI

One of the leading concerns for 2017 is the increasing threat of Ransomware.  There are two ways to defeat Ransomware: easy and difficult.  In this presentation you will learn the easy way to remove the sting of Ransomware, keep your data, and implement a lasting process that will improve your organization's overall security awareness.  All for a very tiny (almost zero) budget.  How can your organization resist?

Ransomware:  All locked up with no place to go

Wednesday June 7, 2017

1:30-2:30pm

, Kaspersky Lab

Your screen freezes and a dialogue box pops up to tell you that your computer is locked and your files will all be  gone forever if you don't pay up. Since many victims are willing to pay the ransom, this type of cryptomalware is on the rise, netting millions of dollars for cybercriminals looking for a substantial return on their minimal investment.     During this session you will hear from Mark Villinski, Kaspersky Lab, on what they as a security vendor are seeing in this growing area of focus for both security vendors and cybercriminals.  Areas of focus will include: 

  • Common ransomware scenarios and delivery mechanisms
  • Trends in this growing form of cybercrime
  • Recommendations to help your organization avoid being a victim

And you Thought it Could Not Get Worse?

Wednesday June 7, 2017

2:40-3:30pm

, Annese & Associates, Inc.

In late 2016, there were murmurs of the decline of ransomware due to a late-year slowdown of the "Locky" ransomware variant.   These rumors are not only premature,  but ransomware continues to grow at geometric rates, and is the fastest growing economic crime of all time, slated to exceed $1B this year. Ransomware now accounts for between 3-4 of every 5 malicious payloads delivered via email or other exploits, like malicious browser extensions.  It is a global menace, now evolving from "crypto" and "locker" strategies of holding access to your files until you pay, to now incorporating additional weaponized dimensions, such as stealing personal or financial data from the target.  Sophistication of attacker code continues to progress, moving from encrypting files and file systems to the potential of infecting a server or endpoint to the degree of losing of paying or losing access to the entire system. How? According to Malwarebytes State of Malware Report 2017, attackers will leverage the infected computer's Master Boot Record, the part of the system which controls of booting of the operating system.  Once the attacker controls access to the main operating system, it is "game over" as the payment demand is not only to decrypt files, but also allow access to your system.    Let's examine what ransomware infections can be removed from your machines, why progress against ransomware has been slow despite industry efforts, why your HR department may be the next prime target, and how bitcoin and Block Chain have helped fuel the attack explosion.  Plus, a few tips on what you can do today to aid your organization's cause against the 200 plus new variants expected in 2017!

7 Secrets of Offensive Security

Wednesday June 7, 2017

3:50-4:40pm

, SnoopWall, Inc.

Miliefsky will share his 7 Secrets of Offensive Security which can be used as a stepping stone to defeat cyber espionage, cyber terrorism, cyber crime and even the latest threat - ransomware.

Risk

Vendor Risk; The Back Door You Can't Leave Unlocked

Thursday June 8, 2017

11:00-11:50am

, GreyCastle Security

As we've seen time and time again, cybercriminals take the path of least resistance. Based on recent high profile breaches, hackers have learned that contractors and other third-party providers can provide an opening into otherwise-secured corporate networks. You've spent time, money and energy securing your organization internally, only to have the back door wide open. How can you extend your internal security controls to your vendors and help reduce your organization's risk? Join GreyCastle Security for an in-depth look into vendor risk management. Learn what's working, what's not, and how your organization can better manage one of the most challenging security issues facing organizations today.

Managing End-of-Life Risk

Thursday June 8, 2017

1:00-1:50pm

, QED National

Reliance on IT operational and security assets/systems that are no longer supported by manufacturers may expose enterprises to critical risk. This is primarily due to the lack of available software patches (addressing known vulnerabilities in systems/application software), available BIOS and firmware updates, as well as the potential lack of available parts for the maintenance/repair of critical hardware.    The session will address methods for identifying, modeling, prioritizing, and mitigating risks associated with the use of IT operational and security assets/systems no longer supported by manufacturers.

Managing IT Risk beyond Core IT

Thursday June 8, 2017

2:10-3:00pm

, NCC Group Security Services, Inc.

, NCC Group Security Services, Inc.

More and more organizations are operating outside the purview of the CIO or ISO. This includes leveraging applications or microsites that represent risk to the organization but are not identified yet by the organization as something that needs to be protected. During this event we will discuss how to develop an effective Risk Management program for Shadow IT. This includes how to build  culture that allows this to happen and helping prioritize issues.  During the session attendees will learn: 

 -             Steps that can be taken to manage shadow IT

 -             Common strategies to building a shadow IR Risk Management Program 

-              How to gain visibility into rogue apps 

-              The importance of managing shadow IT

 -             Lessons learned from being in the trenches

 

Little fish in a big sea: Why Small to Midsized Businesses (SMBs) or Government Agencies are more vulnerable than Enterprises

Thursday June 8, 2017

3:20-4:15pm

, Infinite Group, Inc.

We know that any organization or institution--no matter the size--is at risk of a data breach. We read about breaches of large corporations, but let us not forget about the Small and Midsized Businesses (SMBs) or government agencies that face severe and potentially debilitating consequences to their finances, reputation and customer confidence following a data breach.

A recent Ponemon Institute study showed only 33 percent of SMBs say the technologies currently used by their organization can detect and block most cyberattacks. If your organization or government agency is in the other 67 percent, this session will lead you in the right direction to defend against data breaches and security vulnerabilities.

Edward Nadareski, IGI Chief Information Security Officer and VP of Cybersecurity, will give insight into SMB cybersecurity strategy, detailing the security policies and practices that are necessary to prevent a breach. He'll also discuss at a high level the types of services and solutions that are must-haves for SMBs to protect their data.

Secure Architecture

Software Defined WAN (SD-WAN) - Security Implications and Design Solutions

Thursday June 8, 2017

11:00-11:50am

, Cisco Systems

Software Defined WAN (SD-WAN) is transforming Wide Area Networks by providing a highly available Secure WAN Transport combined with Direct Internet Access in the branches. With SD-WAN, Enterprises can mix WAN service offerings from multiple providers (MPLS, Internet, Carrier Ethernet, 3G/4G,...) to optimize their bandwidth costs and dynamically balance applications across the various links. This session will discuss the security implications of this new architecture.  SD-WAN can be implemented either using a tunnel transport centralized security method which adheres to the current security design models where users still access the Internet centrally, or with Direct Internet access where users in each branch access the Internet directly from the branch.  With Direct Internet Access, enterprises can improve public cloud application performance and offload the private WAN of Internet bound traffic, which reduces the need for more private WAN bandwidth. This has security implications however, in terms of NG-Firewall, NG-IPS, VPN, encryptions suites, web secure gateway access for users, and advanced anti-malware placement and design. These security assets can be provided locally in the branch, centrally at the head end, or in the cloud. Security design pro's and con's for centralized tunnel transport and Direct Internet access will be laid out. The problem of how to intercept applications and dynamically redirect a small number of whitelisted ones only out the local internet connection is a difficult one currently to solve.  Possible solutions will be discussed.

From Botnets To Heart Attacks - why UNSAFE Software is a Danger to All of Us

Thursday June 8, 2017

1:00-1:50pm

, Brainlink International, inc.

"Software is eating the world." -Marc Andreesen    "If builders built buildings the way programmers wrote programs, then the first woodpecker that came along would destroy civilization." -Gerald Weinberg    Both of those quotes give us much to ponder. Software is eating the world...and shoddy software is caving in on us.    I think it's time we drew lessons from history and started agitating for software liability reform. It's 2017 and we're overdue for an overhaul. We need to apply existing consumer protection laws to software, revoke EULAs and uphold our right to buy only software that's fit for safe use.  In my mind, only two industries exist in the United States with zero consumer protection laws: illegal drugs and software. And both industries call their customers "users."

Security Programs

The Need to Revisit and Reengineer your Security Program

Wednesday June 7, 2017

2:40-3:30pm

, Independent Consultant

Business organizations, including IT, will review new technologies, marketplace, and customer needs, and will make changes to their business model.  However, many times security programs tend to just react to the latest issues that are making headlines.  Security professionals will buy new tools, hire a firm to do some penetration testing, and tell executives that they need to increase the security budget.  These actions are just band aids to a bigger issue, which is how you keep your security program relevant to an organization. In this session, the speaker will go over areas that need to be re-visited, changed, eliminated, and at times outsourced to others. A successful security program needs to run like a business, with a budget, success measurements, adequate headcount, and a strategy going forward. Without taking these actions, your security program is in jeopardy of being considered an unjustifiable expense, outsourced completely, or just becoming a low level entity in IT operations.

How to Teach Your Organization to Think Strategically About Security

Wednesday June 7, 2017

3:50-4:40pm

, Gartner

Most organizations approach security from a risk versus cost perspective. Security leaders need to change the conversation from risk mitigation to strategic value. Follow these four best practices to help your organization think more strategically about security and enable you to drive more business value.

Threat Landscape

Verizon DBIR

Thursday June 8, 2017

11:00-11:50am

, Verizon

MS-ISAC:  Cyber Threat Brief

Thursday June 8, 2017

1:00-1:50pm

, Multi-State Information Sharing and Analysis Center

, U.S. Department of Homeland Security

Cybersecurity has emerged as one of the most important issues facing public and private organizations today.  The worldwide reach of the Internet means that cyber threats can come from criminals both in the United States and from foreign countries.  In this session, Andrew Dolan and Eric Goldstein of DHS will speak about emerging cyber threats to the government sector and the steps we can take to minimize and mitigate these threats.