Tuesday, November 19, 2019

2019 Archive


Date Posted:20191115 - Manufacturers Approach towards Cybersecurity Threats Targeting Healthcare

RSA Conference: Jonathan Bagnall, Sr. Security Manager, Product Security & Services Office (PSSO), Royal Philips, Phil Englert, Global Leader for Healthcare Technology, Deloitte, Roberta Hansen, Director, Product Cybersecurity, Abbott, Michael McNeil, Global Product Security & Services Officer, Royal Philips, David Nathans, Product Security Office, Siemens Healthcare
Motivated healthcare ransomware and malware attacks are increasing. Attacks can compromise networks, data, medical devices and services supporting critical patient care systems. A one-size-fits-all approach doesn’t apply to every medical device or healthcare organization. This session will focus discussion on a medical device manufacturer’s approach towards these major issues.Learning Objectives:1: Learn about efforts manufacturers are taking to improving medical device and services cybersecurity.2: Find out what manufacturers, medical device owners and regulators need to consider.3: Find out why the one-size-fits-all cybersecurity approach doesn’t apply to every medical device.
XXXXXXXXXXXX

Posted:20191115 - Measuring Cybersecurity Effectiveness in a Threat-Based World

RSA Conference:Jeanette Manfra, Assistant Director for Cybersecurity, Cybersecurity and Infrastructure Security Agency (CISA), Department of Homeland Security, Marianne Bailey, Deputy National Manager (DNM) for National Security Systems (NSS) and Senior Cybersecurity Executive, National Security Agency, Kevin Cox, Program Manager, Cybersecurity and Infrastructure Security Agency, Matthew Scholl, Chief, Computer Security Division, NIST
The panel will help increase understanding of how DHS, NSA and NIST are using threat data to help agencies protect information and detect and respond quickly to adversarial actions. They will examine how DHS CISA fuses threat intelligence with agency vulnerability data to improve info sharing and how efforts such as the .gov CAR initiative are helping create better threat models and solutions.Learning Objectives:1: Understand how DHS works closely with agencies to collect summary data and combine and centralize the data .2: Learn about ways the CDM dashboard and capabilities reduce the time to address a vulnerability.Pre-Requisites:Cybersecurity interest.
XXXXXXXXXXXX

Posted:20191112 - Rethinking Efficient Third-Party Risk Management
Date Watched:20191119
RSA Conference:Todd Inskeep, Principal, Cyber Security Strategy, Booz Allen Hamilton
The growth of third-party risk programs means every contractual relationship now includes security compliance requirements. Requirements verified by questionnaires, interviews and occasionally audits. Have these efforts effectively improved your security? What does an efficient third-party risk program look like? The presenter will describe cost-effective programs for Fortune 200-1000 companies.Learning Objectives:1: Understand why most third-party programs are ineffective.2: Learn ways to make your program more effective.3: Start innovating with your vendors to really reduce risk. Pre-Requisites:Risk management and policy understanding.
XXXXXXXXXXXX

Posted: 20191111 - Hacking and Hardening Kubernetes
Date Watched:20191115
RSA Conference: Jay Beale, CTO, COO, InGuardians, Adam Crompton, Senior Security Analyst, InGuardians
With microservices’ rise, Kubernetes gain adopters every day. It’s time for information security specialists to learn how to attack and defend container orchestration systems. This talk will demonstrate attacks on Kubernetes clusters, then defenses that break those attacks. Attendees will be able to download the cluster used in the demos, as well as the YAML files used to break the attacks.Learning Objectives:1: Understand how to attack Kubernetes and other container orchestration platforms.2: Understand how to defend Kubernetes, at a deep, hands-on level.3: Understand the Kubernetes attack surface and security features and those of Linux/Docker containers.Pre-Requisites:Attendees must have experience in using Docker or other Linux containerization systems. Attendees should have a passing knowledge of Kubernetes or another container orchestration system, such as Docker Swarm, CoreOS Swarm, Mesosphere Marathon, Cloud Foundry, the Borg, ACS, ECS or GKE.
XXXXXXXXXXXX

Posted:20191110 - The Trust Landscape
Date Watched:20191114
RSA Conference: Rohit Ghai, President, RSA Niloofar Razi Howe, Cybersecurity Strategist, Entrepreneur
We stand at a remarkable inflection point in our digital evolution, facing an unprecedented assault on trust. In a hyperconnected world, where malicious or manipulative activity can be spread to millions in an instant, information itself is a battlefield with the power to erode trust in society’s most sacred institutions. How can we tackle such a consequential challenge? The notion of risk must be properly defined in this modern digital context. Adopting the right understanding of risk not only restores our faith in what matters most but is ultimately the catalyst for human progress.
XXXXXXXXXXXX

Date Posted: 20191109 - Securely Deploying Micro Services, Containers and Serverless PaaS Web Apps
Date Watched:20191113
RSA Conference: Murray Goldschmidt, Chief Operating Officer, Sense of Security Pty Ltd
From blockchain to distributed ledger to self-sovereign identity, this panel will shed light on technology and governance concepts around blockchain-based identity. This panel will explore the business, legal and technical issues that sit in the messy space between blockchain technology’s promise and its current reality to gain a better understanding of blockchain’s ability to solve real-world needs.Learning Objectives:1: Understand what blockchain-based identity means in practice.2: Explore applied research to break through preconceptions.3: Separate blockchain-based identity promise from reality to reduce uncertainty toward adoption.Pre-Requisites:Identity management basic concepts must be understood. Blockchain and distributed ledger concepts must be understood. Governance, risk and compliance practices for information assurance should be understood.
XXXXXXXXXXXX

Posted 20191107: The EU’s General Data Protection Regulation: One Year Later
Date Watched:20191112
RSA Conference: Paul Rosenzweig, Senior Fellow, R Street Institute Francoise Gilbert, Shareholder, GreenburgTraurig, Harvey Jang, Global Data Protection and Privacy Counsel, Cisco Systems Inc Ariel Silverstone, External Data Protection Officer, Data Protectors. Mark Weatherford, Chief Cybersecurity Strategist, vArmour
In May 2018 the European Union implemented the new General Data Protection Regulation, governing how EU personal data is processed both within and outside the EU. This is disrupting settled expectations regarding data privacy and security. It has spawned new laws and regulations in the US, changed privacy conceptions worldwide, and threated trans-Atlantic data transmission.Learning Objectives:1: Understand implementation challenges of the EU GDPR from first year’s experiences.2: Review growing possibility of similar legislation being adopted in Asia, the US, and by the States.3: Recognize the possible threat to the US-EU Privacy Shield agreement and the disrption therefromPre-Requisites:Familiarity with GDPR would be helpful.
XXXXXXXXXXXX

Posted:20191107 Hacking Exposed: LIVE—Bypassing NextGen
Date Watched:20191111
RSA Conference: Stuart McClure, Chairman and CEO, Blackberry Cylance, Brian Robison, Chief Evangelist, Blackberry Cylance
In typical Hacking Exposed style, this session will deliver the latest and greatest hacks in live demonstrations that will illuminate the tools and techniques of the attacker. Attacks will include file-based, memory-based, fileless, living on the land, script-based, application-based and many others. And every single hack we demonstrate will bypass existing NextGen solutions available today.Learning Objectives:1: Learn from hacking techniques in live environment.2: Learn how to defend against the attacks demonstrated.3: Contribute back to attack techniques to the speakers.Pre-Requisites:Knowledge of basic programming and techniques of hacking.
XXXXXXXXXXXX

Date Posted:20191107 - Threat Modeling in 2019
Date Watched:20191108
RSA Conference: Adam Shostack, President, Shostack & Associates
Attacks always get better, so your threat modeling needs to evolve. Learn what's new and important in threat modeling in 2019. Computers that are things are subject to different threats, and systems face new threats from voice cloning and computational propaganda and the growing importance of threats “at the human layer.” Take home actionable ways to ensure your security engineering is up to date.Learning Objectives:1: Use provided models to make sense of a fast changing world.2: Understand how threat modeling fits into the agile world we all live in.3: Learn about new and emergent threats that engineers must start to address.Pre-Requisites:Some exposure to threat modeling will be helpful.
XXXXXXXXXXXX

Date Posted 20191107 - Lessons Learned from 30+ Years of Security Awareness Efforts
Date Watched:20191107
RSA Conference: Ira Winkler, President, Secure Mentem
While the importance of securing the user has become obvious, efforts to improve user awareness have not generally improved as programs rely upon available tools, and not experience. Ira Winkler has three decades of experience in improving security behaviors, and details what consistently works and what does not. This session will dispel many commonly held beliefs about security awareness.Learning Objectives:1: Learn and apply what works consistently across hundred of organizational awareness efforts.2: Learn from research in other disciplines that improves awareness efforts.3: Learn how to create a security culture that drives individual security behaviors.Pre-Requisites:While most security practitioners will take away value in better understanding security awareness, attendees who have experience in managing or implementing security and security awareness programs will reap the greatest benefits and will be in a position to apply the materials.
XXXXXXXXXXXX

Posted:20191101 - Business Email Compromise: Operation Wire Wire and New Attack Vectors
Date Watched:20191106
RSA Conference: Anne Connell, Cybersecurity Engineer, CMU – SEI – CERT
The FBI (IC3) received 600,000 cybercrime and fraud complaints in 2017 with reported losses in excess of $12.5 Billion, and BEC was the number one cause of loss. This talk will analyze “Operation Wire Wire” to detail how targets are identified, methods for obtaining information, the new attack vectors—beyond impersonation, invoices and social engineering—and offers new defense techniques.Learning Objectives:1: Understand the new attack vectors BEC scammers use.2: Know how the BEC targets are identified and the methods to obtain information.3: Learn how to defend against the new attack vectors of BEC and stop the wire transfer.Pre-Requisites:Understanding basic attack vectors and techniques, leveraging social engineering tactics to identify targets, and a grasp of the cost that BEC has to an organization.
XXXXXXXXXXXX

Posted:20191101 4G to 5G Evolution: In-Depth Security Perspective
Date Watched:20191105
RSA Conference: Anand Prasad, CISO, Rakuten Mobile Networks
In this talk we will present 4G security and issues identified recently followed by in-depth explanation of security enhancements in 5G. We will also cover potential security implications from usage of technologies such as virtualization in mobile networks. Finally we will summarize 5G related security activities expected in near future.Learning Objectives:1: Get a refresher on 4G security, security issues and solutions.2: Learn in-depth regarding 5G security.3: Find out considerations for end-to-end 5G network deployment.Pre-Requisites:Attendees should have some background in mobile networks and security, especially 4G will be beneficial. It is assumed that the attendees have good knowledge of information security.
XXXXXXXXXXXX

Date Posted: 20191026: Hot Topics in Cyber-Law 2019
Date Watched:20191104
RSA Conference: Michael Aisenberg, Principle Cyber Policy Counsel, The MITRE Corporation: Kimberly Peretti, Partner and Co-Lead, Cybersecurity Practice, Alston & Bird: Lucy Thomson, Attorney, Livingston PLC: Stephen Wu, Shareholder, Silicon Valley Law Group
ABA attorney-SMEs kick off the Law Track with an annual theme-setting panel on critical emerging legal issues. Aim is a practical, useable snapshot of recent developments in cyber-policy, -law and -litigation. For 2019, topics include elections as critical infrastructure, GDPR compliance and privacy shield, new foreign tech investment rules / CFIUS, and new NIST guidance on security and privacy and SCRM.Learning Objectives:1: Gain exposure to key cyber-policy/legal issues, including breaking cases.2: Gain exposure to new concepts/vocabulary to be encountered elsewhere in RSAC Law Track.3: Gather research tools and direction to gain further knowledge about emerging/evolving topics.Pre-Requisites:Familiarity with the US legal, policy and regulatory structures impacting national policy generally and ICT/cyber-policy specifically will improve attendees’ appreciation, but is not required to understand the presentations or adapt information to their business environment.
XXXXXXXXXXXX

Date Posted:20191026 - Risks and Results: Counter-Risks to the Nation’s Critical Infrastructure
Date Watched:20191101
RSA Conference: Christopher Krebs, Director, Cybersecurity and Infrastructure Security Agency (CISA)Frank : Cilluffo, Director, McCrary Institute for Cyber & Critical Infrastructure Security, Auburn University
DHS will detail the National Risk Management Center’s role in creating a cross-cutting risk management approach across the federal government and our private sector partners through three lines of effort: (1) identify and prioritize strategic risks, (2) integrate government and industry activities on the development of risk management, and (3) synchronize operational risk management activities.Learning Objectives:1: Learn about DHS’s national effort to reduce strategic risk.2: Understand how the NRMC breaks down silos and provides a holistic threat environment.3: See how the NRMC will lead a collective defense model for cyber- and physical risks.Pre-Requisites:Understanding of risk management and cross-sector coordination across government and the private sector.
XXXXXXXXXXXX

Date Posted 20191026: From Dystopia to Opportunity: Stories from the Future of Cybersecurity
Date Watched:20191031
RSA Conference:Keren Elazari, Analyst & Researcher, K3r3n3.com: Amit Elazari Bar On, Director, Global Cybersecurity Policy/Lecturer, Intel Corporation
The future of cybersecurity is not about protecting secrets; it’s about our way of life. Join us for a journey to the near future, told from the perspectives of a friendly hacker and a lawyer, who also happen to be sisters. Discover how evolving attack trends are impacting policy landscapes, why trust has become a feature and what hackers can do for you. Step away from today and embrace what’s next.
XXXXXXXXXXXX

Date Posted: 20191026: The Future of Data Protection: Adapting to the Privacy Imperative
Date Watched:20191030
RSA Conference:J. Trevor Hughes, President & CEO, IAPP: Kalinda Raina, Senior Director, Head of Global Privacy, LinkedIn: Ruby Zefo, Chief Privacy Officer, Uber
Organizations are grappling with complex ethical and competitive imperatives associated with getting privacy right, impacted by competing global regulations and high-profile incidents that have made consumers reconsider how much data they want to share with businesses. This session will explore the future of privacy, in which personal data has become a currency, exploring who owns the data and who controls its flow and use.Learning Objectives:1: Explore and understand the responses to privacy from major organizations.2: Learn the management processes used to mitigate privacy risks.3: Learn what future privacy issues are likely to drive organizational behavior in the coming months.
XXXXXXXXXXXX

Date Posted: 20191026: Humans Are Awesome at Risk Management
Date Watched:20191029
RSA Conference: Andy Ellis, CSO, Akamai Technologies
Humans are horrible at risk management! Have you seen the news about Florida Man? How are we even still around? And yet, we are still around. Humans are awesome at risk management; we’re now the dominant species on the planet. Why? How? Explore humanity’s advantages in making rapid, generally correct risk choices.Learning Objectives:1: Understand how risk choices that appear unreasonable from the outside may not be.2: Learn how to identify the hidden factors in someone’s risk choice that most influence it.3: Find out how to help guide people to risk choices that you find more favorable.Pre-Requisites:While attendees new to risk management will find this content approachable, an ideal participant will have cut their teeth on organizational risk management and experienced the frustration of being unable to communicate about risk in a fashion that meaningfully alters the trajectory of their client.
XXXXXXXXXXXX

Posted 20191026: NIST Cybersecurity Framework and PCI DSS
Date Watched:20191028
RSA Conference - Troy Leach, Chief Technology Officer, PCI Security Standards, Emma Sutcliffe, Senior Director, Data Security Standards, PCI Security Standards Council

This session will cover PCI SSC’s recent efforts to map controls between the NIST Cybersecurity Framework and PCI DSS, including PCI SSC’s experience working with NIST, similarities between the Cybersecurity Framework and PCI DSS, and how mapping provides benefits to those trying to comply with multiple frameworks or standards.Learning Objectives:1: Understand how the NIST Cybersecurity Framework has been mapped with PCI DSS.2: Learn about the similarities and the relationship between the Framework and PCI DSS.3: Find out the benefits to the community of these types of mapping efforts.
XXXXXXXXXXXX



Posted 20191024: Live Adversary Simulation: Red and Blue Team Tactics
Date Watched: 20191025
RSA Conference
James Lyne, Director of Research, SANS Institute, Stephen Sims, Security Researcher, SANS Institute
Historically, penetration testers and cyber-defenders report to a separate management structure. This can hinder good communication between the two teams. We've all heard the saying “Offense Informs Defense.” This should be a bidirectional feedback loop where each side works together to run simulations and educate each other. This concept is often referred to as “Purple Teaming.”Learning Objectives:1: Learn how to perform adversarial threat simulation.2: Learn how to enable communication between red and blue teams.3: Understand how to map APT phases to a killchain life cycle.Pre-Requisites:A background in systems administration, incident response, forensics, network engineering, penetration testing or other similar disciplines.
XXXXXXXXXXXX


Posted 20191020: In the Wake of an Attack: Thoughts from a Seasoned CISO
Date Watched:20191024
RSA Conference: Hugh Thompson, Program Committee Chair, RSA Conference Bob Lord, Chief Security Officer, DNC
Bob Lord has had a front-row seat, security-wise, at many high-profile organizations. And in the process, he’s learned much. This fireside chat will explore topics including secure by default, the CISO’s role (hint: it’s not cheerleader), the art of communication, and much more. He’ll also share how he’s helping would-be US presidentials to be secure, with sage recommendations that can be useful for all.
XXXXXXXXXXXX

Posted 20191019: Cybersecurity Tips, Tools and Techniques for Your Professional Toolbag - CPE=1
Ron Woerner, President / Chief Trusted Advisor, RWX Security Solutions, LLC
Date Watched: 20191023
This rapid-fire presentation, an update from the hugely popular 2018 talk, will showcase apps used in cybersecurity testing, investigations, administration and just day-to-day work. You’ll experience advanced techniques using security tools such as Kali Linux, Windows SysInternals Suite, VMWare, Wireshark, NMAP and many more. You will get many tricks and techniques to optimize their use based on your need.Learning Objectives:1: Learn from demonstration of IT and security tools on Windows and Linux platforms.2: Analyze tips and techniques for using open-source tools in any environment.3: Learn how to leverage programs, applications and resources to build a better security program.Pre-Requisites:Understanding of operating systems, networking and security operations.
XXXXXXXXXXXX

Posted 20191019: Virtual Session: Assessing Site Security, Privacy Practices and Data Stewardship in 1,200 Websites CPE=1
Date Watched: 20191022
The Online Trust Audit & Honor Roll is the de facto standard for recognizing excellence in online consumer protection, data security and responsible privacy practices. In its 10th annual audit of more than 1,200 predominantly consumer-facing websites, the Online Trust Alliance (OTA) revealed record findings in many areas, including: the largest single year-to-year jump and overall Honor Roll achievement (52% to 70%) the highest levels of email authentication adoption (76% support SPF and DKIM at the top-level domain) the highest levels of Internet encryption (73% use opportunistic TLS for email and 93% encrypt all sessions to their website) But there are also some concerning trends, such as most organizations scoring less than 50% on the privacy policy portion of the audit. Improving security and privacy is a collective responsibility for all stakeholders, and we each need to fulfill our part to maintain trust in the Internet.
In this session, we’ll explore the good, the bad and the insecure, and the best practices that will ultimately help provide an open, trustworthy and secure Internet for everyone.
Dina Hackett Senior Director, Information Security at Symantec Corporation, Norton LifeLock- Jeff Wilbur Technical Director, Online Trust Alliance, Internet Society-Kenneth Olmstead Security & Privacy Analyst, Internet Society
XXXXXXXXXXXX

Jessica Fitzgerald-McKay
Security Automation Lead, National Security Agency: Date Watched 20191018 CPE=1
David Waltermire, Security Automation Architect, National Institute of Standards and Technology
In the global fight against network intrusion, the inability to communicate between network defense systems allows attackers the upper hand. Security processes cannot keep up against the onslaught of vulnerabilities and weaknesses available to attackers. Only through standardized posture information collection will defenders be able to automate security and harden the network to attack.Learning Objectives:1: Understand network security today and how separating defensive systems hinders network defense.2: Explore a vision of tomorrow’s network security.3: Learn how to move from standards to commercially available solutions.Pre-Requisites:An understanding of challenges facing network security professionals today, including recent high-visibility attacks. A background in information security, compliance reporting or systems administration is a plus.
XXXXXXXXXXXX

Hunting and Tracking Rogue Radio Frequency Devices Time = 49min (1 CPE)
Date Watched 20191018
Eric Escobar, Principal Security Consultant, SecureWorks
Rogue radio frequencies pose a substantial and often overlooked threat to both organizations and targeted individuals. This talk will explore the dangers of rogue radio frequencies and highlight tactics, techniques and tools which can be used to identify and locate potential threats.Learning Objectives:1: Understand the major ways rogue wireless frequencies can impact an organization.2: Develop a basic understanding of how to locate a rogue wireless signal.3: Gain a conversational knowledge of ways to identify and track a wireless signal.Pre-Requisites:Basic understanding of security principles. Basic understanding of wireless communication. Basic understanding of computer networks.p>
XXXXXXXXXXXX




A Cloud Security Architecture Workshop: Time = 52min (1 CPE)
Date Watched 20191017
Dave Shackleford, Sr. Instructor, SANS Institute
As more security and operations teams work to migrate and provision assets into the cloud, there’s a critical need to securely design and build cloud infrastructure. There are seven key concepts that need to be accommodated in a secure cloud architecture, and this session will break down each one to help attendees think about cloud security architecture design from a practical, repeatable perspective.Learning Objectives:1: Understand core cloud security architecture principles.2: Learn sound ways to build secure cloud infrastructure for PaaS and IaaS deployments.3: Observe security examples in AWS and Microsoft Azure.
XXXXXXXXXXXX


RSAC Think and Act Like a Hacker to Protect Your Company’s Assets: Time = 48min (1 CPE)
Date Watched 20191017
Paula Januszkiewicz, CEO, CQURE
The reality here is as follows: attacks happen and they will happen as long as there are humans on this planet. However, they should not happen if you protect your infrastructure properly. Is there a weakness right now in your IT security system? Wouldn’t it be better to find it before an untrusted source or hacker does? Even a small-scale security breach could leave your business in poor condition. Every day, you can apply some basic behaviors to protect your company from attack. It is really surprising how often a hacker can use the same paths to enter your system! In the end, information security is not an IT department’s problem, it is a business issue! Let’s put you into the hacker’s role and perform all the activities they would to better understand the threats.
XXXXXXXXXXXX


Virtual Session: How to Perform Ransomware Analysis: Time = 53 min

RSA Conference-Stephen Sims-Fellow,SANS Institute (CPE = 1)
Date Watched 20191017
According to an April 2nd ZDNet article, some 96 percent of Singapore companies admitted to experiencing a security breach in the past year, of which 28 percent said ransomware was the most frequently used attack mode. In this presentation, we will take a look at various types of ransomware and affected organizations. Demonstrations will be performed showing a ransomware infection and ways to perform behavioral analysis, as well as code analysis. This demonstration comes from the SANS SEC501: Advanced Security Essentials - Enterprise Defender course. https://www.rsaconference.com/videos/...
XXXXXXXXXXXX
CSA-104 Intro to Presentation Software:Shawn Soper CPE=5
This course develops the skills needed to develop presentations using computer presentation software. Upon completion of the course, students will have the skills needed to: develop a presentation, format a presentation, package the presentation, add and modify slide text, and animate using custom templates and custom animation. Prerequisite: basic computer knowledge including Microsoft Word?
Doane University
XXXXXXXXXXXX
Doane University - Intro to Research: Instructors Paschall, A: CPE=20
3/11/2019 - 5/11/2019
Course Description: The study of basic research methodology and the tools of research with instruction in principles and procedures applicable to all disciplines. Students are introduced to the concepts and skills necessary for data collection and analysis.
Doane University
XXXXXXXXXXXX


CPE
CPE CCNA



XXXXXXXXXXXX



CPE
CPE CISM

1 comment: