Archives: Seminar

Architecting for the Agentless

  Presented by Gigamon

Today’s networks are swarming with IoT, OT, and virtual devices of every size and shape. As they have proliferated, and the security attack surface has likewise increased, the market has responded with a wide variety of technologies to help understand, manage, and secure just what is on your network. This is the rise of the technologies classified as “agentless” and there is a good chance you will be looking, now or in the future, at a project that comprises such technologies. While much of what is fundamentally required to enable these technologies is not new, organizations struggle with trying to implement these on an “ad hoc” basis, with little thought to future considerations or scale. This presentation will take about a more strategic approach to handling these implementations, what a visibility fabric is, and how today’s organizations can architect their environments for their future needs.

Zero Trust and the Flaming Sword of Justice

  Presented by Cisco

Security breaches pervade the headlines. What was seen as a rare instance just 5 years ago now seems to occupy the daily news cycle. A lot of these data breaches are made possible due to missteps and misconfigurations. There are many security issues introduced into website authentication mechanisms that further compound the security issues in addition to enforcing bad behavior by the end users. Security debt is a real problem for the vast majority of organizations in the world today and the attackers will utilize this to their advantage. In addition to keeping system hygiene at the front of the mind, defenders need to focus on proper network zone segmentation or, as it is a more popular term these days, zero-trust networks. The old conceptual style of a castle wall and moat to defend a network was deprecated several years ago. As a result of the dissolution of the traditional perimeter, a stronger focus has to be placed on the strength of authentication, authorization, and trust models for the users.

The antiquated notion of an information security practitioner running through the office brandishing their flaming sword of justice above their heads screaming “thou shall not pass” has at long last reached the denouement. Whether you are responsible for the security in a financial organization or one that makes teddy bears it is necessary to adapt and learn to trust, but verify.”

Automating the Analyst

  Presented by Darktrace

Alongside the rise of today’s dynamic workforce, the speed and scale of sophisticated cyber-attacks is rapidly increasing. As the cybersecurity industry continues to endure an ongoing skills shortage, over-worked and under-resourced teams urgently need augmentation in order to defend against evolving, sophisticated threats.

For over three years, Darktrace experts have been working to meet this challenge, investigating whether they could teach AI to think like a cybersecurity analyst. It takes subtle, nuanced skills and implicit knowledge for an analyst to detect genuinely threatening activity, and the creation of the world-first Cyber AI Analyst took analyzing over one hundred of the world’s top threat analysts and complex machine learning algorithms.

Shifting from ITSM to ESM as a Way to Enable and Transform the Enterprise

  Presented by ServiceNow

As a member of IT, have you found yourself doubting your relationship with the rest of the organization as you’re perceived as a cost center rather an equal part stakeholder with a common goal? Do you find yourself struggling to collaborate with the rest of the organization as the tech debt in your organization has created seemingly insurmountable silo’s? If you feel any of this describes your work environment and how IT may be perceived, please join the discussion in how the concepts of IT Service Management need to shift to a more inclusive Enterprise Service Management strategy. Ultimately, driving more effective technology purchasing, collaboration across the enterprise and re-branding of IT as an organizational enabler.

Putting AI to Work to Help Fight Cyberattacks

  Presented by Palo Alto

Hackers are increasingly automating their attacks, enabling them to exploit vulnerabilities more quickly. Cybersecurity software vendors are responding by turning to machine learning technology, a subset of artificial intelligence (AI), to try to stay one step ahead of the bad guys. This presentation will talk about how machine learning is used to help identify variations of known threats and patterns in attacks in order to predict the next stages of an attack, then automatically create and implement protections for customers in near real-time.

Software Implementation, Governance and Emotional Intelligence (EQ)

  Presented by Puget Sound PMI

Join President of the Pacific Northwest Organization Development Network (www.PNODN.org), Chris Crosby, as he shares the governance strategy that he created as the Change Management lead on a global ERP implementation.

Mr. Crosby developed and executed the change strategy for the largest software implementation (Oracle) in the history of Alcoa CSI spanning 18 locations throughout USA, Mexico, Costa Rica, Spain, Hungary, and Germany. Each location reached stability in one month, five months faster than any previous Alcoa Business Unit. Chris’s plan was recognized as the benchmark change plan in Alcoa by the Project Management Office. He then repeated his success in 2010 in Guadalajara, Mexico, 2011-2012 in Asia-Pacific (China, Korea, HK, and the Philippines), and 2013 in South America (Peru and Columbia).

What does EQ have to do with it? Chris will weave throughout the conversation various core Organization Development principles and talk about their relationship with Emotional Intelligence.


Presenter:
Chris Crosby • President of the Board, Pacific Northwest Organization Development Network

Hacking Exposed: A Look Inside the Techniques of OceanLotus/APT32

  Presented by Cylance & Structured

Cyberattacks are among one of the most prevalent threats to organizations and individuals today. Understanding how cybercriminals operate is essential in defending leading organizations and governments against them. In a session facilitated by BlackBerry’s Chief Evangelist, Brian Robison, attendees will learn first-hand, the tools and techniques of real-world threat actors. This goal of this session is to understand some of the thought processes and techniques used by adversaries and to help CIOs guide their organization’s resources to defend against cybersecurity threats.

Master the Edge: How to Achieve Context-Aware, Zero Trust Network Access

  Presented by Aruba & Structured

Have you been tasked with implementing Zero Trust Network Access but are unsure of how to go about it? Are you confused about how to achieve “minimum access”? Are you struggling with employing “continuous adaptive risk & trust assessment” on your network? If so, attend this session. Learn how to deploy an open, multi-vendor Enterprise security framework that gives security and IT teams an integrated way to gain visibility, control, and advanced threat defense. See how security prioritization and machine learning helps organizations leverage existing third-party solutions to better protect investments and implement proactive risk controls.

SD-WAN Edge Transformation for the Cloud-First Enterprise

  Presented by Silver Peak & Structured

As cloud adoption and SD-WAN innovation hastens, global enterprises are transforming how they build and secure wide area networks. Leveraging automation, enterprises can deploy, connect and secure hundreds of sites per week, a feat not possible with a traditional device-centric approach.

During this session, we’ll discuss how the unification of SD-WAN, WAN optimization, routing and security in a single, centrally orchestrated platform:

  • Delivers superior application performance wherever apps are hosted
  • Increases the quality of experience for end users and for IT
  • Simplifies branch WAN edge architecture

Seizing the Castle: A Medieval Battle Technique Workshop

  Presented by Chris Roberts • vCISO, Researcher, Hacker – HillBilly Hit Squad

The cybersecurity industry is not at a loss when it comes to cheesy castle analogies or quoting Sun Tzu whenever it gets the chance (keys to the kingdom, crown jewels, the art of war); you name it we’ve butchered it. But what if we took some time to look at the whole medieval warfare a little differently. ARE there actually lessons we CAN learn from all those who’ve gone before? Do we have something to use today that was true on the battlefield of yesteryear?

I’d argue that taking some time to study the techniques used by the Vikings, Mongols, Huns, and so on IS something we want to do. From an adversarial perspective, as well as those charged with defending the enterprise and those most prized digital assets, we CAN learn something from our hairy warmongering ancestors.

Throughout the ages we’ve spent time, effort and plenty of money defending our castles from all manner of intruders, and arguably with each passing year new tactics, weapons and techniques were (and continue to be) employed against our efforts…unfortunately, often to good effect despite our best efforts.

Join me for an unconventional workshop where we’ll chat about new and emerging cyberattacks without actually talking about “cyber” at all. We’ll be making parallels between the Medieval world and our own to learn something, hopefully. Or, at the very least we’ll end up working out how far we can throw a Cisco or Palo Alto firewall with a trebuchet.

Chris is currently serving as a vCISO or advisor for a number of entities and organizations around the globe. His most recent projects are focused within the deception, identity, cryptography, Artificial Intelligence, and services space. Over the years, he’s founded or worked with a number of folks specializing in OSINT/SIGING/HUMINT research, intelligence gathering, cryptography, and deception technologies. These days he’s working on spreading the risk, maturity, collaboration and communication word across the industry. (Likely while coding his EEG driven digital clone that’s monitoring his tea and biscuit consumption!)

Since the late 90’s Chris has been deeply involved with security R&D, consulting, and advisory services in his quest to protect and defend businesses and individuals against various types of attack. Prior to that he jumped out of planes for a living, visiting all sorts of interesting countries and cultures while doing his best to avoid getting shot at too often. (Before that, he managed to get various computers confiscated by a number of European entities.)

He’s considered one of the world’s foremost experts on counter threat intelligence and vulnerability research within the Information Security industry. He’s also getting a name for himself in the transportation arena, basically anything with wings, wheels, tracks, tyres, fins, props or paddles has been the target for research for the last 10-15 years…to interesting effect.

As one of the well-known hackers and researchers, Chris is routinely invited to speak at industry conferences. CNN, The Washington Post, WIRED, Business Insider, USA Today, Forbes, Newsweek, BBC News, Wall Street Journal, and numerous others have covered him in the media.

And worst case, to jog the memory, Chris was the researcher who gained global attention in 2015 for demonstrating the linkage between various aviation systems, both on the ground and while in the air that allowed the exploitation of attacks against flight control system.