InfoSec & Risk Management Track

The threat of cyber security breaches and compromises has become one of business’ greatest – and most unpredictable – risk factors. Understanding your attackers – their motivations, their methods of operation, and the exploits they create – is crucial to developing the right defenses and to measuring the risk that your organization faces.

The InfoSec and Risk Management Track offers a comprehensive look at the current threats posed by cyber attackers, the security vulnerabilities they exploit, and the potential impact of these attacks on your organization. Attendees will get firsthand descriptions of the latest exploits targeted at the enterprise, and recommendations on how to mitigate them. Attendees will also receive some common-sense guidance on how to quantify and measure the cyber risks they face – and how to use that risk measurement to build an IT security strategy that is both effective and affordable for the business. Attendees will get firsthand descriptions of the latest exploits targeted at the enterprise, and recommendations on how to mitigate them. They will also get a look at potential vulnerabilities and security issues created by today’s newest technologies – including mobile, cloud, and Internet of things – as well as a peek at next-generation security solutions.

Track Sponsors


Featured InfoSec & Risk Management Sessions
A CISO's Perspective: Measuring and Communicating Information Security Progress
Information Security is clearly a hot topic. It is top-of-mind not only for CISOs and CIOs, but also CFOs, CEOs and BODs. Many CISOs today no longer have to beg for resources and help. In fact, offers for additional funding from executive leadership are coming at times without asking. So how does a CISO know when he/she has sufficient funding? Is it ever OK for a CISO to not accept additional budget? CISOs need to be able to demonstrate how well information security risk is being managed. It is only then can they effectively understand and communicate to various stakeholders when they need more resources or when resources are being optimally managed. Being able to have this conversation is what differentiates CISOs. By communicating information security risk in a structured and non-technical manner, CISOs become thought leaders within their organizations - impacting not only security but also business strategy. Learn how Caterpillar uses a strategy, a capability maturity model, and a program management office to prioritize investments, communicate progress, and ensure alignment for its 5-year Information Security Transformation.
Speaker: Michael Zachman, CISO, Caterpillar Inc. 
 
Debate: Where are the Weakest Links in Cyber Security?
Security experts and vendors often spur fear and concern by stating that a particular vulnerability is the “weakest link” in enterprise security defense. The problem is that the “weakest link” differs depending on who’s talking. This makes life confusing for enterprise security professionals, who must prioritize their activities and seek to build comprehensive defenses. In this debate, a panel of experts will discuss the most troublesome vulnerabilities among enterprise defenses and choose the “weakest links,” aiding attendees to prioritize their upcoming security projects. Potential arguments could be made for: Insider threats, end users, applications, cloud vulnerabilities, mobile/endpoint devices, targeted/sophisticated attacks, next-generation malware, or other threats/vulnerabilities. Which should be the enterprise’s greatest concerns? You will hear the argument.

Ending the Tyranny of Expensive Security Tools: A New Hope
A long time ago, in a galaxy far far away, AV was invented. Then firewalls and IDS and SIEM and NAC and DLP and on and on. With all these products, it seems like a career in information security is really more about managing tools than defeating a galactic empire of hackers and miscreants. But like the Rebel Alliance, you can take back your enterprise, because many of our existing monitoring systems and network devices also have security functionality. Moreover, there are many excellent open source applications that work just as well as commercial ones.
Speaker: Michele Chubirka, Senior Security Architect, Postmodern Security
 
Five Mobile Computing Vulnerabilities You Need to Know
You’ve been researching mobile devices and security for years now – but so have the bad guys. Each day, black hat and white hat researchers are finding new security flaws in mobile devices, and not all of them have are widely known. We’ll examine five key weaknesses in Android and Apple devices, and offer an inside look on how attackers take advantage of them. We’ll also explore the strengths and weaknesses of these increasingly-popular devices, and how you can develop a strategy for protecting them that is compatible with your other endpoint security tools and practices.
Speaker: Eric Green, SVP, Business Development, Mobile Active Defense 
 
Friend or Foe: Risk and Security in the Information Supply Chain
The modern enterprise is often both the client and customer to many organizations. The use of third party vendors, service providers, and partners are a normal and growing part of many businesses' operations today and are a growing concern for information risk and security professionals. An organization’s security posture is only as strong as its weakest link. While many information risk and security organizations are effectively managing information risk they have direct control over, third parties often challenge them due to their limited governance and oversight capabilities. This session will focus on how to effectively navigate supply and execute supply chain security from both the customer and provider perspective. The speaker will explore industry-leading methods and practices of risk-based supply chain security approaches supported by case studies and real world examples.
Speaker: John Pironti, President, IP Architects, LLC
 
Joining the Intelligence-Led Revolution
The market for cyber threat intelligence may be young, but the work of intelligence collection, analysis and dissemination is not – it dates back to the earliest days of human conflict and, realizing that we are in the midst of cyber conflict, our model involves the application of those approaches to cyber. These forward-leaning security practitioners realize that their adversaries gather intelligence on them on a daily basis, and they are turning to cyber threat intelligence in order to turn the tables. This discussion will focus on the core fundamentals of building the business case for implementing and sustaining a successful cyber threat intelligence program following the model executed by some of the largest and most sophisticated programs in the world.
Speaker: Stu Solomon, Vice President, iSIGHT Partners

Managing Insider Risks and Building a Culture of Security
Although media coverage of data breach incidents tends to focus on external malicious actors carrying out "hacking" attacks, it is insider-related vulnerabilities and threats that create the most serious risks for many organizations. Whether it is a trusted insider abusing authorized access for personal gain, or a well-intended but unaware employee falling victim to a social engineering attack such as spear phishing, insider risks cannot be overlooked. This session will detail some recent statistics that emphasize the role of insiders in creating cyber security risk and will provide practical guidance on how to transform your biggest potential liability into a key asset of your information security program. Achieving a true shift in attitudes and awareness and fostering a culture of security is not easy – but it can be done if there is commitment from the top.
Speaker: Jason Straight, Senior Vice President, Chief Privacy Officer, UnitedLex
 
Pull Up Your SOCs: Best Practices for Building and Operating a Security Operations Center
Today’s cyber security threats come from a wide variety of actors using an even wider variety of exploits. Identifying new attacks and launching a defense means having an effective command and control center that not only seeks out and manages information about potential attackers, but also ensures that end users are maintaining secure access to all essential corporate data and applications. In this session, experts will walk attendees through the process of building and managing an effective security operations center (SOC), including the tools and systems required to monitor and benchmark enterprise security posture. The speakers will also discuss the ways that the SOC can be linked to IT and network operations centers and help desks to create a more comprehensive and effective IT operations environment.

Social Engineering: Lessons From the Real World
Most of the major security breaches in the last few years have begun with a simple phishing email or social engineering attack. In general, people are easier to fool than computers and security systems. What are the methods that cyber criminals and other attackers are using today to trick users into clicking on an attachment or giving up their logon credentials? What do these attacks look like, and how can end users be trained to avoid them? In this unique session, social engineering experts will offer real-life demonstrations of these attacks and show you, step by step, how end users are fooled into downloading malware or giving away sensitive information. There will also be a discussion of how to defend against these attacks through both training and technology.

State of Cloud Security
Identifying specific tactics and malicious actors targeting the cloud has been a challenge because relatively little research has been done in tracking cloud attack vectors as a distinct category and a number of early cloud deployments have been done “off-the-books” from IT departments, leaving most security practitioners in the dark. How do you filter out the noise generated by the average script kiddie to find a legitimate attack against your environment. How do you use HoneyPot technologies deployed in large cloud providers to find targeted attacks against your infrastructure and data. What are the most prevalent attack vectors in the cloud? What commonalities are there in the malware being used? What networks are these attacks originating from? How are these malicious actors selecting their targets? Are cloud attacks materially different from those seen in traditional enterprise deployments? And Lastly, how do we defend against these attacks and profile our adversaries to build the proper defense in depth strategy to protect our cloud infrastructure.
Speaker: Stephen Coty, Chief Security Evangelist, Alert Logic 
  
Understanding Your Attackers
A few years ago, the primary concerns in cyber security were cyber criminals and a few teen hackers who were out for a joyride. Today, however, the threat has become much more complex. Hacktivists have attacked companies with a political agenda; competitors have been seen launching corporate espionage campaigns to collect information about their rivals. State-sponsored hacking appears to be at an all-time high, as government-backed entities seek out information that might give them an advantage in business or military conflict. Who are your attackers and how are they motivated? What different methods do each of these groups use to attack an organization? How do they define success and how can you build and prioritize your defenses against them? In this session, top experts will discuss the different types of threat actors out on the Internet, the differences in their methods and motivations, and how to tailor a cyber strategy that strengthens your defenses against your most likely adversaries.
Speaker: Dmitri Alperovitch, Co-Founder and CTO, CrowdStrike Inc.

What's Next? Emerging Trends in Information Risk Management and Security
Information risk management and security never stay still. Attackers find new ways to exploit software, hardware and people. The security industry rolls out new technology to address the latest threats. Now add to the mix the troubling revelations about government surveillance (breaking SSL, watering down encryption standards, tapping into Web and service provider communications and so on). Where do we go from here? This panel discussion will highlight emerging trends in information risk management and security from a business and technology perspective.
Moderator: John Pironti, President, IP Architects, LLC  
 
Featured InfoSec & Risk Management Workshops
Go Hack Yourself: Offensive Security Tools for Enterprise Defenders
Offensive security tools aren’t just for penetration testers. Enterprise defenders can take advantage of the same tools and techniques to identify weaknesses in their networks and the humans contained within. Need to find your exposed vulnerabilities and get them fixed before the bad guys exploit them? Want to clean up the low-hanging fruit before a pen test so you can focus on more realistic, targeted threat scenarios? This class is a hands-on immersion in offensive security tools including tools like nmap, Metasploit, Arachni, recon-ng, and Phishing Frenzy. Participants will be provided a virtual machine pre-loaded with tools to use throughout the class. The focus will be on imparting practical skills that students will be able to apply immediately upon returning to work.
Instructor: John Sawyer, Senior Security Analyst, InGuardians

Integrating Risk and Security Into Your Organization’s DNA
Risk management practices and security controls are often perceived of as burdens or roadblocks by end users and executives. The goal of this workshop is to help you change those attitudes so that individuals don’t just comply with risk and security practices, but instinctively integrate them into everyday business activities. Adapting an organization’s DNA to effectively integrate risk and security requires a fundamental shift from authoritative and consequence-oriented approaches to consultative and benefit-oriented ones.  Instead of focusing on protecting the organization and its constituents from themselves, risk and security professionals will learn to empower individuals with information and insights to make business-appropriate decisions. This will ultimately make risk and security a business enabler instead of a roadblock to success. Topics will include information risk profiles, threat and vulnerability analysis, approaches to culture change, and risk and security considerations for the information supply chain.  Interactive discussions, examples, and cross-industry case studies will be presented throughout the workshop.
Instructor:
John Pironti, President, IP Architects, LLC
Dmitri Alperovitch, Co-Founder and CTO, CrowdStrike Inc.
Speaker: John Pironti, President, IP Architects, LLC

How to Register

The following passes will get you access to the Interop program:

Track Chair

Photo of John Pironti

John Pironti

President, IP Architects, LLC

John P. Pironti is the President of IP Architects, LLC. He has designed and implemented enterprise wide electronic business solutions, information security and risk management strategy and programs, enterprise resiliency capabilities, and threat and vulnerability management solutions for key customers in a range of industries, including financial services, insurance, energy, government, hospitality, aerospace, healthcare, pharmaceuticals, media and entertainment, and information technology on a global scale. John has a number of industry certifications including Certified in the Governance of Enterprise IT (CGEIT), Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM), Certified Information Systems Security Professional (CISSP), Certified in Risk and Information System Control (CRISC), Information Systems Security Architecture Professional and (ISSAP) and Information Systems Security Management Professional (ISSMP). John frequently provides briefings and acts as a trusted advisor to senior leaders of numerous organizations on information security and risk management and compliance topics and is also a member of a number of technical advisory boards for technology and services firms. He is also a published author and writer, highly quoted and often interviewed by global media, and an award winning frequent speaker on electronic business and information security and risk management topics at domestic and international industry conferences.

Photo of Tim Wilson

Tim Wilson

Editor-in-Chief and Co-Founder, Dark Reading.com

Tim Wilson is editor-in-chief and co-founder of Dark Reading.com, the IT industry’s most widely-read online community for computer security. In this role, Wilson is responsible for managing the site, assigning and editing much of the content, and writing breaking news stories. Wilson also directs the content behind Dark Reading's webcasts, digital issues, and the Dark Reading University program, and is a contributor to UBM’s Black Hat and Interop events. Wilson has been recognized three times as one of the top cybersecurity journalists in the U.S. in voting among his peers held by the SANS Institute. In 2011, Wilson was named one of the 50 Most Powerful Voices in Security in research conducted by SYS-CON Media. Prior to joining Dark Reading.com, Wilson was the business editor for Network Computing, one of the industry’s leading communities on IT infrastructure and networking. A veteran of the IT industry, Wilson has spent 20 years as a journalist, including eight years as a top editor and reporter for CMP Media’s InternetWeek (originally called Communications Week). As executive editor of DataTrends Publications Inc., a newsletter publisher, Wilson founded four industry newsletters on the subject of data communications, edited several others, and wrote a half-dozen books on the topic. Wilson also has served as an industry analyst with two globally-recognized IT consulting firms: Decisys Inc. (now part of Gartner) and Enterprise Management Associates.

 

Join the mailing list to get the latest news, promos.