RSA Conference:Tanya Janca, Senior Cloud Developer Advocate, Microsoft
This talk will argue that DevOps could be the best thing to happen to application security since OWASP, if developers and operations teams are enabled to make security a part of their everyday work. We must build security into each of the “Three Ways”; if they are sprinting, then we need to sprint too. So put on your running shoes; it’s time for DevSecOps!Learning Objectives:1: Learn how to adjust DevOps to DevSecOps.2: Obtain a view of AppSec and SecOps.3: -
Attacking Machine Learning: On the Security and Privacy of Neural Networks
RSA Conference: Nicholas Carlini, Research Scientist, Google
Despite significant successes, machine learning has serious security and privacy concerns. This talk will examine two of these. First, how adversarial examples can be used to fool state-of-the-art vision classifiers (to, e.g., make self-driving cars incorrectly classify road signs). Second, how to extract private training data out of a trained neural network.Learning Objectives:1: Recognize the potential impact of adversarial examples for attacking neural network classifiers.2: Understand how sensitive training data can be leaked through exposing APIs to pre-trained models.3: Know when you need to deploy defenses to counter these new threats in the machine learning age.Pre-Requisites:Understanding of threats on traditional classifiers (e.g., spam or malware systems), evasion attacks, and privacy, as well as the basics of machine learning.
RSA Conference: Robert Joyce, Senior Advisor, National Security Agency
NSA has developed a software reverse engineering framework known as GHIDRA, which will be demonstrated for the first time at RSAC 2019. An interactive GUI capability enables reverse engineers to leverage an integrated set of features that run on a variety of platforms including Windows, Mac OS and LINUX and supports a variety of processor instruction sets. The GHIDRA platform includes all the features expected in high-end commercial tools, with new and expanded functionality NSA uniquely developed, and will be released for free public use at RSA.Learning Objectives:1: Understand the unique capabilities and features of NSA’s software reverse engineering platform.2: Learn about team collaboration on a single project using this reverse engineering tool.3: Where to download the tool suite, how to install it and where to speak to NSA experts about it at RSA.
Cyber-Influence: Cyberwar and Psychological Operations
RSA Conference: Lawrence Dietz, General Counsel, TAL Global Corporation
The real cyber-battlefield is for “hearts and minds.” Our enemies are good at this as shown by Russian voter influence and ISIS propaganda. US efforts don’t appear to be nearly as successful. This session will explore the fragmentation between cyberspace operations and Psychological Operations (PSYOP).Learning Objectives:1: Understand the difference between cyberattacks and influence operations.2: Learn why cyberspace operations with influence are combined to achieve operational objectives.3: Gain a basic understanding of classic military strategy fundamentals.Pre-Requisites:Basic understanding of cyberattacks and defense. Some marketing knowledge would be helpful.
RSA Conference: Roger Grimes, Data-Driven Defense Evangelist, KnowBe4, Inc.
Passwords are finally being left behind in favor of two-factor (2FA) and multifactor (MFA) authentication. Some vendors are promoting “unhackable” 5FA solutions. It’s all a lie. All authentication solutions can be hacked. Come learn at least 12 ways 2FA can be hacked, how 2FA really works behind the scenes, what the holes are, how to hack it and how you can defend against those attacks.Learning Objectives:1: Understand how 2FA really works behind the scenes.2: Learn how 2FA solutions are hacked.3: Learn how to defend against 2FA attacks.Pre-Requisites:Understanding of basic terms such as smartcard, USB key, password, PIN, etc. Everything else is explained.
The industrial control system threat is growing quickly. But ICS hackers do not start by disrupting electric grids. Instead, they mature predictably leading them from things that go bad, to things that go boom. Using ICS threat intelligence we’ve developed an ICS hacker maturity model enabling us to determine how much risk a threat poses and predict how long until they reach maximum risk.Learning Objectives:1: Understand and differentiate between risks in industrial control and critical infrastructure threats.2: Learn the different levels of threat maturity and how to map them to environment risk.3: Know how to estimate how long a threat will take to reach future maturity levels.
Top 10 Ways to Make Hackers Excited: About the Shortcuts Not Worth Taking
RSA Conference: Paula Januszkiewicz , CEO, CQURE
Designing secure architecture can always be more expensive, time consuming and complicated. But does it make sense to cut corners when hackers invent new attacks every day? Taking shortcuts will sooner or later translate to more harm and backfire. Come to the session and learn what mistakes were eliminated when working with customers.Learning Objectives:1: Learn how to eliminate mistakes.2: Learn how to not take shortcuts.3: Learn how to protect yourself.Pre-Requisites:Attendees should have good hands-on experience in the IT department, at least eight years in the field is recommended.
RSA Conference: Leonard Kleinman, Chief Cyber Security Advisor Asia Pacific Japan, RSA
Individuals and businesses can potentially be compromised using various intelligence gathering techniques including social engineering and social media data collection tools such as open source intelligence (OSINT). This highly visual interactive session will demonstrate just how easily this can be done and offer recommendations of how to best defend against it with a risk-centered orientation.
No More Firewalls! How Zero-Trust Networks Are Reshaping Cybersecurity
RSA Conference:Matt Soseman, Security Architect, Microsoft
Network firewalls are becoming irrelevant, and we can no longer assume that perimeter networks can be trusted. With adoption of bring your own device and bring your own cloud, we must evolve our defenses to devices and identities. Join this session to explore this new world via rich live demos. (No PowerPoint allowed!)Learning Objectives:1: Understand how the security state and trustworthiness contribute to overall security posture.2: Learn considerations for automated access to resources via device and identity conditions.3: Discover how to apply these conditions to line of business SaaS apps or on-premises web apps.Pre-Requisites:Attendees should be familiar with the modern challenges of protecting identity and information in the age of cloud and mobility. Attendees should understand fundamental concepts such as Software-as-a-Service and bring your own device (BYOD).
RSA Conference:Rohit Ghai, President, RSA Holly Rollo, Senior Vice President and Digital Transformational Leader, RSA
Digital investment accelerates business velocity, transforms constituent experiences and spawns new opportunities. But this formidable force for human progress also magnifies risk; it accelerates change and complexity, inviting new threats and devastating impacts. Security leaders are left reframing a new answer to an old question: Why? Managing digital risk is the new why for cybersecurity.
RSA Conference: Jeffrey Blatt, Of Counsel, Tilleke & Gibbins International
Every moment of every day connected persons, IOT devices and enterprises generate an unending stream of data. Virtually all of the data created is held and controlled by third parties. Who owns and/or has access to the data each of us generates? In 2019 what does ‘data privacy’ mean? We will explore data privacy, government access and commercial use in light of current issues and some recent regional legislation.
There is a popular and accurate narrative that AI and ML is more suited to offensive than defensive applications. There are few practical examples of the offensive use of AI and ML, however. This talk will demonstrate two attacks based on topic modelling to accurately map a network and to classify thousands of e-mails. The session will also examine defensive options today and into the future.Learning Objectives:1: Learn from practical examples of the offensive use of AI and ML.2: Discover how AI and ML could be used for the most powerful feature based attacks.3: Understand how AI modifies the threat landscape as we see it.
Unraveling Detection Methodologies: Indicators vs. Anomalies vs. Behaviors
RSA Conference: Joe Slowik, Adversary Hunter, Dragos
Cyber-defense centers on “what” a technology is designed to look for, with capabilities and limitations depending on method. Three distinct approaches have emerged: traditional IOCs, anomaly detection and behavioral analytics. Unfortunately, marketing has muddied these terms beyond recognition—this presentation will correct this by critically examining each approach and its capabilities.Learning Objectives:1: Gain understanding of defense detection methodologies.2: Evaluate the costs and benefits inherent to different detection approaches.3: Make decisions for the organization relevant to the organization's security needs.Pre-Requisites:General knowledge of detection methodology and technologies, awareness of current product types performing threat detection and alerting, and broad knowledge of general security incidents.
Live Adversary Simulation: Red and Blue Team Tactics
RSA Conference:James Lyne, Director of Research, SANS InstituteStephen Sims, Security Researcher, SANS Institute
Historically, penetration testers and cyber-defenders report to a separate management structure. This can hinder good communication between the two teams. We've all heard the saying “Offense Informs Defense.” This should be a bidirectional feedback loop where each side works together to run simulations and educate each other. This concept is often referred to as “Purple Teaming.”Learning Objectives:1: Learn how to perform adversarial threat simulation.2: Learn how to enable communication between red and blue teams.3: Understand how to map APT phases to a killchain life cycle.Pre-Requisites:A background in systems administration, incident response, forensics, network engineering, penetration testing or other similar disciplines..
Learn how OceanLotus, one of the most advanced and pervasive threat groups that is active today, manages its tracking, exploitation, and command and control operations around the world. There is a good chance you have been tracked by OceanLotus without even knowing it. This talk will show how a digital surveillance campaign can turn into a cyberespionage operation.Learning Objectives:1: Learn about an advanced threat group from a country you would not typically expect it from.2: Examine how APT groups are leveraging government and NGO websites to launch targeted attacks.3: See how legitimate cloud services are being abused by APT attackers to bypass security controls.Pre-Requisites:General understanding of what APT threats are, how exploits are used, what spear phishing is, etc.
In this session the presenters will share experiences monitoring the RSAC network. They’ll discuss changes over the years, informative/comical experiences from the trenches and what it likely means for our industry’s future. So if you’d like to see what a network looks like when its users know security, know its challenges, should know better and choose to ignore all of that anyway, join us for the RSAC SOC report.
The biggest threat to security today is our hyper-focus on threats. Most innovations have centered on finding and dealing with attacks. By contrast, very little has been done in how we shrink the attack surface. That domain needs to be a topic to achieve big gains in security. Join VMware CEO Pat Gelsinger and Intuit DevSecOps Leader Shannon Lietz, as they unveil the three things the industry needs to talk about to reduce the attack surface and shift the advantage to the defenders.
What Does Cyber-Insurance Really Bring to the Table and…Are You Covered?
RSA Conference:Kara Owens, Managing Director, Markel Corporation,Shannon Groeber, Executive Vice President, Cyber/E&O Practice Leader, JLT Specialty USA. Sarah Knight, Senior Counsel, Privacy, Cybersecurity, and Information Governance, Gilead Sciences, Stuart Panensky, Partner, FisherBroyles, LLP
Today, cyber-insurance is no longer a “nice to have” but is a “must have” for every company doing business in a digital world. But how much coverage do you need and what’s really involved in getting cyber-insurance? People who attend this session will gain a clear perspective on what cyber-insurance can and can’t provide and where traditional insurance policies fall short.Learning Objectives:1: Understand what cyber-insurance does and does not cover.2: Learn how exposure is increasing with the use of third-party vendors.3: Gain knowledge of where gaps may exist in traditional insurance policies from varying viewpoints.Pre-Requisites:Attendees should have prior knowledge or interest in managing security and privacy risk for small-to-large companies.
RSA Conference: Dmitri Alperovitch, Co-Founder & CTO, CrowdStrike
George Kurtz, CEO, CrowdStrike
Real-world case studies of advanced intrusions on MacOS systems, with detailed breakdown of TTPs and artifacts. In the typical raw Hacking Exposed style, the session will demonstrate these attacks and provide relevant countermeasures for detection and response. Reprising their appearance again this year are also the must-see Adversary Oscars.Learning Objectives:1: Learn what the different attacker TTPs are on MacOS systems.2: Understand how the macOS process visualization trees can be used for forensics.3: Understand how both static and behavioral indicators are relevant to intrusions.Pre-Requisites:Understand basic hacking tools and techniques.
Bill Malik, VP Infrastructure Strategies, Trend Micro
Already a vital part of both the Internet of Things and the critical
infrastructure of the Internet, satellites are set to take on a more
significant role with the expansion of 5G and IoT. But many satellites
with primitive security could become threat vectors for cybercriminals.
Hear possible attack scenarios and discuss potential security solutions
to this growing threat.Learning Objectives:1: Hear specific attack
scenarios posed by the minimal security within satellites.2: Learn how
to determine whether your own network is at risk from these
connections.3: Understand which technologies can help to minimize this
threat.Pre-Requisites:Attendees must have a general understanding of how
legacy devices have rudimentary security vs. the next generation of
IoT. It is also helpful to have a basic understanding of what 5G is and
how it will accelerate IoT.
Min-Hwei Liu, Director, Information Security, Aetna
Maintaining focus in an ever-changing threat landscape: Global Security Top 10 Risks. How do we remain focused as a security organization in the ever-changing threat landscape? In this session Aetna will share the steps to the top 10 security risks, the key success factors and metrics, and the steps to kick off this program in your organization.Learning Objectives:1: Understand the importance of a top 10 security risks list to an organization.2: Develop a data driven top 10 security risks list.3: Learn how to leverage the data you are already collecting to generate a top 10 security risks list.Pre-Requisites:Individuals should have a broader understanding of a security organization, its diverse functions, operations and metrics. Enterprise view of a security organization is a plus, or outside-in view of a security function.
As we enter the 2020s, we will see a significant increase in the number and severity of unrecoverable attacks against our machines, infrastructure and data. Under this form of threat, the old security paradigm of confidentiality, integrity and availability (CIA) no longer applies. Instead, we need to consider a new paradigm that focuses on resiliency rather than security. In this webcast, we’ll explore new design patterns supported by three principles: distributed, immutable and ephemeral (DIE).
Manufacturers Approach towards Cybersecurity Threats Targeting Healthcare
RSA Conference: Jonathan Bagnall, Sr. Security Manager, Product Security & Services Office (PSSO), Royal Philips, Phil Englert, Global Leader for Healthcare Technology, Deloitte, Roberta Hansen, Director, Product Cybersecurity, Abbott, Michael McNeil, Global Product Security & Services Officer, Royal Philips, David Nathans, Product Security Office, Siemens Healthcare
Motivated healthcare ransomware and malware attacks are increasing. Attacks can compromise networks, data, medical devices and services supporting critical patient care systems. A one-size-fits-all approach doesn’t apply to every medical device or healthcare organization. This session will focus discussion on a medical device manufacturer’s approach towards these major issues.Learning Objectives:1: Learn about efforts manufacturers are taking to improving medical device and services cybersecurity.2: Find out what manufacturers, medical device owners and regulators need to consider.3: Find out why the one-size-fits-all cybersecurity approach doesn’t apply to every medical device.
Measuring Cybersecurity Effectiveness in a Threat-Based World
RSA Conference:Jeanette Manfra, Assistant Director for Cybersecurity, Cybersecurity and Infrastructure Security Agency (CISA), Department of Homeland Security, Marianne Bailey, Deputy National Manager (DNM) for National Security Systems (NSS) and Senior Cybersecurity Executive, National Security Agency, Kevin Cox, Program Manager, Cybersecurity and Infrastructure Security Agency, Matthew Scholl, Chief, Computer Security Division, NIST
The panel will help increase understanding of how DHS, NSA and NIST are using threat data to help agencies protect information and detect and respond quickly to adversarial actions. They will examine how DHS CISA fuses threat intelligence with agency vulnerability data to improve info sharing and how efforts such as the .gov CAR initiative are helping create better threat models and solutions.Learning Objectives:1: Understand how DHS works closely with agencies to collect summary data and combine and centralize the data .2: Learn about ways the CDM dashboard and capabilities reduce the time to address a vulnerability.Pre-Requisites:Cybersecurity interest.
RSA Conference
19.9K subscribers
Rajan Behal, Managing Director, KPMG
Karla Clarke, Manager, KPMG
Come and learn how “zero-knowledge (ZK) proofs” breakthrough in cryptography is enabling privacy-preserving authentication. Yes it’s possible to give back consumers the control of their personal data. Learn how zero-knowledge proofs are impacting blockchain and financial industry, and is this technology ready for mass adoption?Learning Objectives:1: Learn about “zero-knowledge (ZK) proofs.”2: Gain understanding of benefits and challenges associated with zero-knowledge (ZK) proofs.3: Understand the privacy benefits of adopting of zero-knowledge (ZK) proofs.Pre-Requisites:Audience needs to have very basic understanding of authentication process.
HackerSploit: pfSense is an open source firewall/router software based on the FreeBSD packet filtering program PF that can be used as a perimeter firewall, router, wireless access point, DHCP server and a DNS server.
Date Posted:20191115 - Manufacturers Approach towards Cybersecurity Threats Targeting Healthcare
RSA Conference: Jonathan Bagnall, Sr. Security Manager, Product Security & Services Office (PSSO), Royal Philips, Phil Englert, Global Leader for Healthcare Technology, Deloitte, Roberta Hansen, Director, Product Cybersecurity, Abbott, Michael McNeil, Global Product Security & Services Officer, Royal Philips, David Nathans, Product Security Office, Siemens Healthcare
Motivated healthcare ransomware and malware attacks are increasing. Attacks can compromise networks, data, medical devices and services supporting critical patient care systems. A one-size-fits-all approach doesn’t apply to every medical device or healthcare organization. This session will focus discussion on a medical device manufacturer’s approach towards these major issues.Learning Objectives:1: Learn about efforts manufacturers are taking to improving medical device and services cybersecurity.2: Find out what manufacturers, medical device owners and regulators need to consider.3: Find out why the one-size-fits-all cybersecurity approach doesn’t apply to every medical device.
XXXXXXXXXXXX
Posted:20191115 - Measuring Cybersecurity Effectiveness in a Threat-Based World
RSA Conference:Jeanette Manfra, Assistant Director for Cybersecurity, Cybersecurity and Infrastructure Security Agency (CISA), Department of Homeland Security, Marianne Bailey, Deputy National Manager (DNM) for National Security Systems (NSS) and Senior Cybersecurity Executive, National Security Agency, Kevin Cox, Program Manager, Cybersecurity and Infrastructure Security Agency, Matthew Scholl, Chief, Computer Security Division, NIST
The panel will help increase understanding of how DHS, NSA and NIST are using threat data to help agencies protect information and detect and respond quickly to adversarial actions. They will examine how DHS CISA fuses threat intelligence with agency vulnerability data to improve info sharing and how efforts such as the .gov CAR initiative are helping create better threat models and solutions.Learning Objectives:1: Understand how DHS works closely with agencies to collect summary data and combine and centralize the data .2: Learn about ways the CDM dashboard and capabilities reduce the time to address a vulnerability.Pre-Requisites:Cybersecurity interest.
Date Watched:20191119
RSA Conference:Todd Inskeep, Principal, Cyber Security Strategy, Booz Allen Hamilton
The growth of third-party risk programs means every contractual relationship now includes security compliance requirements. Requirements verified by questionnaires, interviews and occasionally audits. Have these efforts effectively improved your security? What does an efficient third-party risk program look like? The presenter will describe cost-effective programs for Fortune 200-1000 companies.Learning Objectives:1: Understand why most third-party programs are ineffective.2: Learn ways to make your program more effective.3: Start innovating with your vendors to really reduce risk. Pre-Requisites:Risk management and policy understanding.
XXXXXXXXXXXX
Posted: 20191111 - Hacking and Hardening Kubernetes
Date Watched:20191115
RSA Conference: Jay Beale, CTO, COO, InGuardians, Adam Crompton, Senior Security Analyst, InGuardians
With microservices’ rise, Kubernetes gain adopters every day. It’s time for information security specialists to learn how to attack and defend container orchestration systems. This talk will demonstrate attacks on Kubernetes clusters, then defenses that break those attacks. Attendees will be able to download the cluster used in the demos, as well as the YAML files used to break the attacks.Learning Objectives:1: Understand how to attack Kubernetes and other container orchestration platforms.2: Understand how to defend Kubernetes, at a deep, hands-on level.3: Understand the Kubernetes attack surface and security features and those of Linux/Docker containers.Pre-Requisites:Attendees must have experience in using Docker or other Linux containerization systems. Attendees should have a passing knowledge of Kubernetes or another container orchestration system, such as Docker Swarm, CoreOS Swarm, Mesosphere Marathon, Cloud Foundry, the Borg, ACS, ECS or GKE.
XXXXXXXXXXXX
Posted:20191110 - The Trust Landscape
Date Watched:20191114
RSA Conference: Rohit Ghai, President, RSA Niloofar Razi Howe, Cybersecurity Strategist, Entrepreneur
We stand at a remarkable inflection point in our digital evolution, facing an unprecedented assault on trust. In a hyperconnected world, where malicious or manipulative activity can be spread to millions in an instant, information itself is a battlefield with the power to erode trust in society’s most sacred institutions. How can we tackle such a consequential challenge? The notion of risk must be properly defined in this modern digital context. Adopting the right understanding of risk not only restores our faith in what matters most but is ultimately the catalyst for human progress.
XXXXXXXXXXXX
Date Posted: 20191109 - Securely Deploying Micro Services, Containers and Serverless PaaS Web Apps
Date Watched:20191113
RSA Conference: Murray Goldschmidt, Chief Operating Officer, Sense of Security Pty Ltd
From blockchain to distributed ledger to self-sovereign identity, this panel will shed light on technology and governance concepts around blockchain-based identity. This panel will explore the business, legal and technical issues that sit in the messy space between blockchain technology’s promise and its current reality to gain a better understanding of blockchain’s ability to solve real-world needs.Learning Objectives:1: Understand what blockchain-based identity means in practice.2: Explore applied research to break through preconceptions.3: Separate blockchain-based identity promise from reality to reduce uncertainty toward adoption.Pre-Requisites:Identity management basic concepts must be understood. Blockchain and distributed ledger concepts must be understood. Governance, risk and compliance practices for information assurance should be understood.
XXXXXXXXXXXX
Posted 20191107: The EU’s General Data Protection Regulation: One Year Later
Date Watched:20191112
RSA Conference: Paul Rosenzweig, Senior Fellow, R Street Institute Francoise Gilbert, Shareholder, GreenburgTraurig, Harvey Jang, Global Data Protection and Privacy Counsel, Cisco Systems Inc Ariel Silverstone, External Data Protection Officer, Data Protectors. Mark Weatherford, Chief Cybersecurity Strategist, vArmour
In May 2018 the European Union implemented the new General Data Protection Regulation, governing how EU personal data is processed both within and outside the EU. This is disrupting settled expectations regarding data privacy and security. It has spawned new laws and regulations in the US, changed privacy conceptions worldwide, and threated trans-Atlantic data transmission.Learning Objectives:1: Understand implementation challenges of the EU GDPR from first year’s experiences.2: Review growing possibility of similar legislation being adopted in Asia, the US, and by the States.3: Recognize the possible threat to the US-EU Privacy Shield agreement and the disrption therefromPre-Requisites:Familiarity with GDPR would be helpful.
Date Watched:20191111
RSA Conference: Stuart McClure, Chairman and CEO, Blackberry Cylance, Brian Robison, Chief Evangelist, Blackberry Cylance
In typical Hacking Exposed style, this session will deliver the latest and greatest hacks in live demonstrations that will illuminate the tools and techniques of the attacker. Attacks will include file-based, memory-based, fileless, living on the land, script-based, application-based and many others. And every single hack we demonstrate will bypass existing NextGen solutions available today.Learning Objectives:1: Learn from hacking techniques in live environment.2: Learn how to defend against the attacks demonstrated.3: Contribute back to attack techniques to the speakers.Pre-Requisites:Knowledge of basic programming and techniques of hacking.
XXXXXXXXXXXX
Date Posted:20191107 - Threat Modeling in 2019
Date Watched:20191108
RSA Conference: Adam Shostack, President, Shostack & Associates
Attacks always get better, so your threat modeling needs to evolve. Learn what's new and important in threat modeling in 2019. Computers that are things are subject to different threats, and systems face new threats from voice cloning and computational propaganda and the growing importance of threats “at the human layer.” Take home actionable ways to ensure your security engineering is up to date.Learning Objectives:1: Use provided models to make sense of a fast changing world.2: Understand how threat modeling fits into the agile world we all live in.3: Learn about new and emergent threats that engineers must start to address.Pre-Requisites:Some exposure to threat modeling will be helpful.
XXXXXXXXXXXX
Date Posted 20191107 - Lessons Learned from 30+ Years of Security Awareness Efforts
Date Watched:20191107
RSA Conference: Ira Winkler, President, Secure Mentem
While the importance of securing the user has become obvious, efforts to improve user awareness have not generally improved as programs rely upon available tools, and not experience. Ira Winkler has three decades of experience in improving security behaviors, and details what consistently works and what does not. This session will dispel many commonly held beliefs about security awareness.Learning Objectives:1: Learn and apply what works consistently across hundred of organizational awareness efforts.2: Learn from research in other disciplines that improves awareness efforts.3: Learn how to create a security culture that drives individual security behaviors.Pre-Requisites:While most security practitioners will take away value in better understanding security awareness, attendees who have experience in managing or implementing security and security awareness programs will reap the greatest benefits and will be in a position to apply the materials.
XXXXXXXXXXXX
Posted:20191101 - Business Email Compromise: Operation Wire Wire and New Attack Vectors
Date Watched:20191106
RSA Conference: Anne Connell, Cybersecurity Engineer, CMU – SEI – CERT
The FBI (IC3) received 600,000 cybercrime and fraud complaints in 2017 with reported losses in excess of $12.5 Billion, and BEC was the number one cause of loss. This talk will analyze “Operation Wire Wire” to detail how targets are identified, methods for obtaining information, the new attack vectors—beyond impersonation, invoices and social engineering—and offers new defense techniques.Learning Objectives:1: Understand the new attack vectors BEC scammers use.2: Know how the BEC targets are identified and the methods to obtain information.3: Learn how to defend against the new attack vectors of BEC and stop the wire transfer.Pre-Requisites:Understanding basic attack vectors and techniques, leveraging social engineering tactics to identify targets, and a grasp of the cost that BEC has to an organization.
XXXXXXXXXXXX
Posted:20191101 4G to 5G Evolution: In-Depth Security Perspective
Date Watched:20191105
RSA Conference: Anand Prasad, CISO, Rakuten Mobile Networks
In this talk we will present 4G security and issues identified recently followed by in-depth explanation of security enhancements in 5G. We will also cover potential security implications from usage of technologies such as virtualization in mobile networks. Finally we will summarize 5G related security activities expected in near future.Learning Objectives:1: Get a refresher on 4G security, security issues and solutions.2: Learn in-depth regarding 5G security.3: Find out considerations for end-to-end 5G network deployment.Pre-Requisites:Attendees should have some background in mobile networks and security, especially 4G will be beneficial. It is assumed that the attendees have good knowledge of information security.
XXXXXXXXXXXX
Date Posted: 20191026: Hot Topics in Cyber-Law 2019
Date Watched:20191104
RSA Conference: Michael Aisenberg, Principle Cyber Policy Counsel, The MITRE Corporation: Kimberly Peretti, Partner and Co-Lead, Cybersecurity Practice, Alston & Bird: Lucy Thomson, Attorney, Livingston PLC: Stephen Wu, Shareholder, Silicon Valley Law Group
ABA attorney-SMEs kick off the Law Track with an annual theme-setting panel on critical emerging legal issues. Aim is a practical, useable snapshot of recent developments in cyber-policy, -law and -litigation. For 2019, topics include elections as critical infrastructure, GDPR compliance and privacy shield, new foreign tech investment rules / CFIUS, and new NIST guidance on security and privacy and SCRM.Learning Objectives:1: Gain exposure to key cyber-policy/legal issues, including breaking cases.2: Gain exposure to new concepts/vocabulary to be encountered elsewhere in RSAC Law Track.3: Gather research tools and direction to gain further knowledge about emerging/evolving topics.Pre-Requisites:Familiarity with the US legal, policy and regulatory structures impacting national policy generally and ICT/cyber-policy specifically will improve attendees’ appreciation, but is not required to understand the presentations or adapt information to their business environment.
XXXXXXXXXXXX
Date Posted:20191026 - Risks and Results: Counter-Risks to the Nation’s Critical Infrastructure
Date Watched:20191101
RSA Conference: Christopher Krebs, Director, Cybersecurity and Infrastructure Security Agency (CISA)Frank : Cilluffo, Director, McCrary Institute for Cyber & Critical Infrastructure Security, Auburn University
DHS will detail the National Risk Management Center’s role in creating a cross-cutting risk management approach across the federal government and our private sector partners through three lines of effort: (1) identify and prioritize strategic risks, (2) integrate government and industry activities on the development of risk management, and (3) synchronize operational risk management activities.Learning Objectives:1: Learn about DHS’s national effort to reduce strategic risk.2: Understand how the NRMC breaks down silos and provides a holistic threat environment.3: See how the NRMC will lead a collective defense model for cyber- and physical risks.Pre-Requisites:Understanding of risk management and cross-sector coordination across government and the private sector.
XXXXXXXXXXXX
Date Posted 20191026: From Dystopia to Opportunity: Stories from the Future of Cybersecurity
Date Watched:20191031
RSA Conference:Keren Elazari, Analyst & Researcher, K3r3n3.com: Amit Elazari Bar On, Director, Global Cybersecurity Policy/Lecturer, Intel Corporation
The future of cybersecurity is not about protecting secrets; it’s about our way of life. Join us for a journey to the near future, told from the perspectives of a friendly hacker and a lawyer, who also happen to be sisters. Discover how evolving attack trends are impacting policy landscapes, why trust has become a feature and what hackers can do for you. Step away from today and embrace what’s next.
XXXXXXXXXXXX
Date Posted: 20191026: The Future of Data Protection: Adapting to the Privacy Imperative
Date Watched:20191030
RSA Conference:J. Trevor Hughes, President & CEO, IAPP: Kalinda Raina, Senior Director, Head of Global Privacy, LinkedIn: Ruby Zefo, Chief Privacy Officer, Uber
Organizations are grappling with complex ethical and competitive imperatives associated with getting privacy right, impacted by competing global regulations and high-profile incidents that have made consumers reconsider how much data they want to share with businesses. This session will explore the future of privacy, in which personal data has become a currency, exploring who owns the data and who controls its flow and use.Learning Objectives:1: Explore and understand the responses to privacy from major organizations.2: Learn the management processes used to mitigate privacy risks.3: Learn what future privacy issues are likely to drive organizational behavior in the coming months.
XXXXXXXXXXXX
Date Posted: 20191026: Humans Are Awesome at Risk Management
Date Watched:20191029
RSA Conference: Andy Ellis, CSO, Akamai Technologies
Humans are horrible at risk management! Have you seen the news about Florida Man? How are we even still around? And yet, we are still around. Humans are awesome at risk management; we’re now the dominant species on the planet. Why? How? Explore humanity’s advantages in making rapid, generally correct risk choices.Learning Objectives:1: Understand how risk choices that appear unreasonable from the outside may not be.2: Learn how to identify the hidden factors in someone’s risk choice that most influence it.3: Find out how to help guide people to risk choices that you find more favorable.Pre-Requisites:While attendees new to risk management will find this content approachable, an ideal participant will have cut their teeth on organizational risk management and experienced the frustration of being unable to communicate about risk in a fashion that meaningfully alters the trajectory of their client.
XXXXXXXXXXXX
Posted 20191026: NIST Cybersecurity Framework and PCI DSS
Date Watched:20191028
RSA Conference - Troy Leach, Chief Technology Officer, PCI Security Standards, Emma Sutcliffe, Senior Director, Data Security Standards, PCI Security Standards Council
This session will cover PCI SSC’s recent efforts to map controls between the NIST Cybersecurity Framework and PCI DSS, including PCI SSC’s experience working with NIST, similarities between the Cybersecurity Framework and PCI DSS, and how mapping provides benefits to those trying to comply with multiple frameworks or standards.Learning Objectives:1: Understand how the NIST Cybersecurity Framework has been mapped with PCI DSS.2: Learn about the similarities and the relationship between the Framework and PCI DSS.3: Find out the benefits to the community of these types of mapping efforts.
XXXXXXXXXXXX
Posted 20191024: Live Adversary Simulation: Red and Blue Team Tactics
Date Watched: 20191025
RSA Conference
James Lyne, Director of Research, SANS Institute, Stephen Sims, Security Researcher, SANS Institute
Historically, penetration testers and cyber-defenders report to a separate management structure. This can hinder good communication between the two teams. We've all heard the saying “Offense Informs Defense.” This should be a bidirectional feedback loop where each side works together to run simulations and educate each other. This concept is often referred to as “Purple Teaming.”Learning Objectives:1: Learn how to perform adversarial threat simulation.2: Learn how to enable communication between red and blue teams.3: Understand how to map APT phases to a killchain life cycle.Pre-Requisites:A background in systems administration, incident response, forensics, network engineering, penetration testing or other similar disciplines.
XXXXXXXXXXXX
Posted 20191020: In the Wake of an Attack: Thoughts from a Seasoned CISO
Date Watched:20191024
RSA Conference: Hugh Thompson, Program Committee Chair, RSA Conference Bob Lord, Chief Security Officer, DNC
Bob Lord has had a front-row seat, security-wise, at many high-profile organizations. And in the process, he’s learned much. This fireside chat will explore topics including secure by default, the CISO’s role (hint: it’s not cheerleader), the art of communication, and much more. He’ll also share how he’s helping would-be US presidentials to be secure, with sage recommendations that can be useful for all.
XXXXXXXXXXXX
Posted 20191019: Cybersecurity Tips, Tools and Techniques for Your Professional Toolbag - CPE=1
Ron Woerner, President / Chief Trusted Advisor, RWX Security Solutions, LLC
Date Watched: 20191023
This rapid-fire presentation, an update from the hugely popular 2018 talk, will showcase apps used in cybersecurity testing, investigations, administration and just day-to-day work. You’ll experience advanced techniques using security tools such as Kali Linux, Windows SysInternals Suite, VMWare, Wireshark, NMAP and many more. You will get many tricks and techniques to optimize their use based on your need.Learning Objectives:1: Learn from demonstration of IT and security tools on Windows and Linux platforms.2: Analyze tips and techniques for using open-source tools in any environment.3: Learn how to leverage programs, applications and resources to build a better security program.Pre-Requisites:Understanding of operating systems, networking and security operations.
XXXXXXXXXXXX
Posted 20191019: Virtual Session: Assessing Site Security, Privacy Practices and Data Stewardship in 1,200 Websites CPE=1
Date Watched: 20191022
The Online Trust Audit & Honor Roll is the de facto standard for recognizing excellence in online consumer protection, data security and responsible privacy practices. In its 10th annual audit of more than 1,200 predominantly consumer-facing websites, the Online Trust Alliance (OTA) revealed record findings in many areas, including:
the largest single year-to-year jump and overall Honor Roll achievement (52% to 70%)
the highest levels of email authentication adoption (76% support SPF and DKIM at the top-level domain)
the highest levels of Internet encryption (73% use opportunistic TLS for email and 93% encrypt all sessions to their website)
But there are also some concerning trends, such as most organizations scoring less than 50% on the privacy policy portion of the audit. Improving security and privacy is a collective responsibility for all stakeholders, and we each need to fulfill our part to maintain trust in the Internet.
In this session, we’ll explore the good, the bad and the insecure, and the best practices that will ultimately help provide an open, trustworthy and secure Internet for everyone.
Dina Hackett Senior Director, Information Security at Symantec Corporation, Norton LifeLock- Jeff Wilbur Technical Director, Online Trust Alliance, Internet Society-Kenneth Olmstead Security & Privacy Analyst, Internet Society
XXXXXXXXXXXX
Jessica Fitzgerald-McKay
Security Automation Lead, National Security Agency: Date Watched 20191018 CPE=1
David Waltermire, Security Automation Architect, National Institute of Standards and Technology
In the global fight against network intrusion, the inability to communicate between network defense systems allows attackers the upper hand. Security processes cannot keep up against the onslaught of vulnerabilities and weaknesses available to attackers. Only through standardized posture information collection will defenders be able to automate security and harden the network to attack.Learning Objectives:1: Understand network security today and how separating defensive systems hinders network defense.2: Explore a vision of tomorrow’s network security.3: Learn how to move from standards to commercially available solutions.Pre-Requisites:An understanding of challenges facing network security professionals today, including recent high-visibility attacks. A background in information security, compliance reporting or systems administration is a plus.
XXXXXXXXXXXX
Hunting and Tracking Rogue Radio Frequency Devices Time = 49min (1 CPE)
Date Watched 20191018
Eric Escobar, Principal Security Consultant, SecureWorks
Rogue radio frequencies pose a substantial and often overlooked threat to both organizations and targeted individuals. This talk will explore the dangers of rogue radio frequencies and highlight tactics, techniques and tools which can be used to identify and locate potential threats.Learning Objectives:1: Understand the major ways rogue wireless frequencies can impact an organization.2: Develop a basic understanding of how to locate a rogue wireless signal.3: Gain a conversational knowledge of ways to identify and track a wireless signal.Pre-Requisites:Basic understanding of security principles. Basic understanding of wireless communication. Basic understanding of computer networks.p>
XXXXXXXXXXXX
A Cloud Security Architecture Workshop: Time = 52min (1 CPE)
Date Watched 20191017
Dave Shackleford, Sr. Instructor, SANS Institute
As more security and operations teams work to migrate and provision assets into the cloud, there’s a critical need to securely design and build cloud infrastructure. There are seven key concepts that need to be accommodated in a secure cloud architecture, and this session will break down each one to help attendees think about cloud security architecture design from a practical, repeatable perspective.Learning Objectives:1: Understand core cloud security architecture principles.2: Learn sound ways to build secure cloud infrastructure for PaaS and IaaS deployments.3: Observe security examples in AWS and Microsoft Azure.
XXXXXXXXXXXX
RSAC Think and Act Like a Hacker to Protect Your Company’s Assets: Time = 48min (1 CPE)
Date Watched 20191017
Paula Januszkiewicz, CEO, CQURE
The reality here is as follows: attacks happen and they will happen as long as there are humans on this planet. However, they should not happen if you protect your infrastructure properly. Is there a weakness right now in your IT security system? Wouldn’t it be better to find it before an untrusted source or hacker does? Even a small-scale security breach could leave your business in poor condition. Every day, you can apply some basic behaviors to protect your company from attack. It is really surprising how often a hacker can use the same paths to enter your system! In the end, information security is not an IT department’s problem, it is a business issue! Let’s put you into the hacker’s role and perform all the activities they would to better understand the threats.
XXXXXXXXXXXX
Virtual Session: How to Perform Ransomware Analysis: Time = 53 min
RSA Conference-Stephen Sims-Fellow,SANS Institute (CPE = 1)
Date Watched 20191017
According to an April 2nd ZDNet article, some 96 percent of Singapore companies admitted to experiencing a security breach in the past year, of which 28 percent said ransomware was the most frequently used attack mode.
In this presentation, we will take a look at various types of ransomware and affected
organizations. Demonstrations will be performed showing a ransomware infection and ways to perform behavioral analysis, as well as code analysis. This demonstration comes from the SANS SEC501: Advanced Security Essentials - Enterprise Defender course.
https://www.rsaconference.com/videos/...
XXXXXXXXXXXX
CSA-104 Intro to Presentation Software:Shawn Soper CPE=5
This course develops the skills needed to develop presentations using computer presentation software. Upon completion of the course, students will have the skills needed to: develop a presentation, format a presentation, package the presentation, add and modify slide text, and animate using custom templates and custom animation. Prerequisite: basic computer knowledge including Microsoft Word?
XXXXXXXXXXXX
Doane University - Intro to Research: Instructors Paschall, A: CPE=20
3/11/2019 - 5/11/2019
Course Description: The study of basic research methodology and the tools of research with instruction in principles and procedures applicable to all disciplines. Students are introduced to the concepts and skills necessary for data collection and analysis.
