You and the past,
You and 2019,
You and the future.
Quickly! To the laboratory!!
Home labs are a powerful resource for the modern Cybersecurity professional. They provide a safe and extensible playground for numerous tasks such as malware analysis, exploit/vulnerability research, Capture the Flag events (CTF), learning new coding and scripting languages, and so on. Virtual Machine (VM) technology make it easy and affordable for anyone to set up a lab at home.
This presentation will outline the benefits of a home lab, discuss ways to build an affordable lab, and showcase ways to use a lab safely and effectively. I will discuss hardware platform options and software choices needed to meet the variety of requirements and goals of your lab. I will also include some examples of no cost, low cost, budget, and premium build suggestions to fit different lifestyles and preferences.
Cyber Threat Intelligence for Cyber/Physical Systems - Who, What, When, Where and How
Cyber/Physical Systems are increasingly ubiquitous and represent a range of increasingly complex risks. The talk will demonstrate a case involving a single board computer that exposed risks and data compromise to a national research entity. We will critical assess the importance of Computer Threat Intelligence as a emergent professional practice and community of expertise.
Formalize Your Risk Assessments or Risk? What Risk?
Risk-based Security is too often used as a buzzword and not formally followed. Formalized risk assessments are not just for regulated industries- they can be a tool for your risk-based security approach. This talk teaches what to include in a risk assessment, and how to make it useful to the business. I'll cover quantifying risk, identifying and testing controls, and lightly touch on threat modeling.
Crafting Your Career: Today's Cyber Market
Attracting and retaining key information security talent is critical to the success of every CISO. Yet, it remains one of the greatest challenges organizations are facing today and security talent is left feeling bombarded and burnt with the heat of the market. Domini Clark, Executive Recruiter dedicated to information security will share insights, best practices, tips and tricks for crafting your career and navigating the wilds of this candidate-driven market.
How to Deal with the Identity Chaos Paradigm
Ensuring accurate Identity of users in today's diverse IT environments is difficult, but can be extremely beneficial if done correctly. This talk will discuss techniques and technologies that provide a "Single Source of Truth" that is difficult to maintain as the use of Cloud services and SaaS applications grows exponentially.
The Cyber Cooperative: Learning Lessons From the Past and Brainstorming the Future.
This should be an interactive presentation where we take a trip to back to 1933. We will discuss the state of rural America with electricity, flooding, and jobs. How did the Tennessee Valley Authority solve these problems for the rural Tennessee Valley area? How do these lessons from the past relate to today's cyber security problems? What are areas of the country starting to do to solve these problems? What can we do in Idaho to solve our own cyber security problems?
Introduction to Memory Forensics
Memory forensics has become an important skill for practitioners of digital forensics and incident response (DFIR), as memory can contain a diverse set of artifacts that may provide valuable context to help move an investigation forward. This talk will not delve into operating systems internals or how memory management works. Rather, this talk will include a comparison of memory forensics vs disk forensics, when it might make sense to acquire memory, how to acquire memory in different types of environments, memory acquisition tools and considerations when using them, memory analysis tools (focusing on Volatility), and some related projects and resources for further learning.
50 Shades of Purple
A defenders guide to pleasurable submission. With all the confusion around Red Team assessments it is no wonder purple teams are getting even more confusion. This talk will outline the strategies needed to get the most out of your next engagement and how to both educate your blue team as well as adapt and understand the adversaries from a red perspective. This will apply to all industries such as ICS, financial, and online retail. Using advanced free tools and adapting the already prevalent TTPs, tools, and free resources defensive teams can adapt, overcome, and achieve a mature security program leveraging the offensive team's skills, and engagements to provide the most meaningful use of budget for all levels of advancement.
Non-proliferation of Cyber Weapons. Is it too late?
This talk is a discussion of the times we live in, the dangers of proliferation of cyber weapons and the current potential of cyber warfare, from the perspective of the efforts in the mid-twentieth century to control the proliferation of nuclear weapons. There are parallels to be drawn and lessons to be learned; but there are also many aspects of cyber-space that simply change the game and must be thought about in new ways. The primary example of what could go wrong can be summarized as follows: ETERNALBLUE / MS17-010 -> Shadow Brokers -> WannaCry -> Petya -> NotPetya (called "the most devastating cyberattack in history" ... so far).
How do we avoid catastrophe?
Is it too late?
14 Hours and an Electric Grid
Reporters are a chaotic force in the security industry. They rarely have the background or the time to cover an issue accurately. At the same time what upper management reads on the Internet shapes many of their choices. This is especially true when anything touches critical infrastructure. During the reporting cycle of a very average series of bugs that happened to be in an industrial control device, a reporter concluded both that these bugs were only useful to advanced attackers and that random people could easily take over pieces of critical infrastructure. Both of these conclusions were completely wrong, but I also couldn’t point to any raw research that someone could use as a measuring stick for an “average” attack.