Thursday, March 8, 2018

First  Presentation: Privilege Account Management: A Sprint Approach

Speaker: TJ Adams, District Manager, CyberArk

Abstract: The session will cover best practices for the management of privileged accounts and why managing these credentials is a critical aspect in any layered security strategy. Finally, I will offer a sprint methodology for quickly reducing the risk of privilege misuse in an environment.

Bio: Through seventeen years in information technology and ten focused on information security, TJ Adams has become a trusted advisor for companies throughout the country. At CyberArk, TJ has spent the last 4 years focused on building privilege account programs with enterprises of all sizes.

TJ holds the CISSP certification and is GIAC certified in Windows, Incident Handling, Intrusion Analysis and Penetration Testing.

Second Presentation: Looking Under the Rock: Deployment Strategies for TLS Decryption

Speaker: Chris Farrell, Sr. Information Security Architect, Navient

Abstract: Attackers can freely exfiltrate confidential information all while under the guise of ordinary web traffic. A remedy for businesses concerned about these risks is to decrypt the communication to inspect the traffic, then block it if it presents a risk to the organization. However, these solutions can be challenging to implement. Existing infrastructure, privacy and legal concerns, latency, and differing monitoring tool requirements are a few of the
obstacles facing organizations wishing to monitor encrypted traffic. TLS decryption projects can be successful with proper scope definition, an understanding of the architectural challenges presented by decryption, and the options available for overcoming those obstacles.

Bio:A senior information security architect, Chris leads the incident response program for Navient, Inc., a leading provider of financial services in the education, healthcare, and government sectors. His daily responsibilities include security architecture, risk assessments, threat hunting, incident response, digital forensics, and reverse-engineering. He has a B.S in Computer Information Technology, an M.S. in Information Security Engineering, and over 10 years experience in information security. He holds many industry certifications including the GIAC Security Expert designation. Chris is passionate about getting something to do more than it was ever originally intended to do, and being able to come up with that perfect analogy at the right moment to help someone understand a tough topic.

Thursday, February 8, 2018

Primary Presentation: Foundations of Cyber Threat Intelligence

Speaker: A.J. Nash, Manager, Intelligence Services, Symantec

Abstract: In today’s highly interconnected world the threats posed in cyberspace are always evolving and expanding. Cyber criminals steal and sell personal information, compromise bank accounts,and hold networks hostage for ransom on a daily basis. Nation-state actors have stolen billions of dollars in intellectual property, remaining difficult to identify and even harder to deter. Hacktivists employ botnets to conduct distributed denial of service (DDoS) attacks that cripple corporate websites. Protecting against all of these threats requires a systematic approach that makes existing defenses smarter while maturing our overall defensive posture from reactive to proactive. That’s the value of cyber threat intelligence. My talk will explain the foundations of cyber threat intelligence, including differences between data, information, and intelligence, analytic standards and tradecraft, the intelligence cycle, and how to operationalize threat intelligence to improve an organization’s cybersecurity posture. Additionally, there will be a question and answer session where I will gladly discuss how to get started in threat intelligence, how to improve an existing intelligence program, or just about anything else I can help with.