1. Cloud Security - Presented by Eric Simmon, National Institute of Standards and Technology
Eric Simmon, Cyber Infrastructure Group subject matter expert at the National Institute of Standards and Technology (NIST), will be discussing the Cybersecurity considerations on the following publications he co-authored: NIST Special Publication (SP) 500-307 (Cloud Computing Service Metrics Descriptions), ISO/IEC 19086-1 (Cloud Computing - Service Level Agreement Framework – Overview and Concepts), ISO/IEC 19086-2 (Cloud Computing - Service Level Agreement Framework – Metric Model) and NIST SP 500-322 (Evaluation of Cloud Computing Services Based on NIST SP 800-145).
2. Tackling security in the world of containers and hybrid cloud - Presented by Lucy Kerner, Red Hat
Security teams are increasingly finding it challenging to keep up with the changing risks, compliance requirements, tools, and architectural changes introduced by new technologies - such as containers, kubernetes, software-defined infrastructure, and cloud technologies. As traditional infrastructure evolves to a mix of bare metal, virtual, cloud, and container environments, how can you maintain security, governance, compliance and reduce risk amid this growing complexity? Traditional perimeter-based network security does not work in this new world of containers and hybrid cloud. Security teams must rethink their approach to security in this new world with automation and DevSecOps, where security is built-in, continuously addressed, and continuously monitored across the entire application lifecycle, infrastructure lifecycle, and supply chain.
In this session, we'll discuss some prescriptive steps you can take to tackle security successfully in the world of containers and hybrid cloud. Specifically, we’ll:
• Discuss how developers, operators, and security teams can improve security and compliance and achieve DevSecOps across a hybrid environment through automation, standardization, everything-as-code, and automated security compliance.
• Share DevSecOps lessons learned, including best practices, techniques, and tools that can be used to improve security while reducing the workload of security professionals, developers, operators, and managers.
3. Cybersecurity and Prosilience - Presented by Sallie Sweeney, KPMG
Our adversaries hold the “upper hand.” There aren’t enough qualified cyber individuals and resources to successfully protect the enterprise. Organizations are constantly playing “catch-up,” and reactive responses do not adequately address the threat. The playing field needs to change by evolving defense from reactive to proactive resilience: Prosilience. Prosilience is “cyber resilience with consciousness of environment self-awareness and the capacity to evolve automatically”. Prosilience Reference Architecture incorporates new disruptive techniques in concert with preemptive threat intelligence to build the foundation for intelligent automation and cyber convergence. Prosilience delivers a powerful, cyber resilient enterprise that facilitates optimal mission outcomes.
4. Artificial Intelligence and Social Engineering – Presented by Deric Palmer, United States Army
The advancement in Artificial Intelligence, Machine Learning and Deep Learning presents new challenges to law enforcement and cybersecurity professionals. Social engineers can use AI to create convincing catphishing accounts, news articles, videos, and synthetic voice to enhance their social engineering tactics. Nefarious actors can use AI to create permutations of malware to bypass anti-virus software. This new development will be challenging for cybersecurity professionals as this has become a new emerging threat to users and network defenses.
5. Lessons Learned from the Cyber Audit Trail – Presented by Nick Marinos, Government Accountability Office, and Phil Moore, Kearney & Company
Since 1997, GAO has designated cybersecurity as a government-wide high-risk area. This discussion will highlight recent trends in cybersecurity and offer observations from federal government auditors on lessons learned when undergoing a cyber security based audit. The discussion will focus on each phase of the audit, to include the pre-audit, planning, testing, and reporting phases.
6. Understanding Vulnerability Scanning for Auditors – Presented by Eric Palmer, Mathematica
Vulnerability scanning is an important function for securing your organization but is your process effective? How do you know if you don’t understand how it works? How can you make any recommendations to improve the process if you don’t understand the constraints? This session will walk through the vulnerability scanning process using a common scanning tool as an example - Nessus. In addition to showing how the tool works, we will cover risks associated with the process in plain-language that auditors can relay to stakeholders.
7. Verizon Data Breach Investigations Report – Presented by Samuel Junkin, Verizon
The newest edition Verizon’s Data Breach Investigations Report (DBIR) is built from analysis of 41,686 security incidents, including 2,013 confirmed data breaches. Data sets for the report were collected from 73 different sources, spanning 86 countries, and including publicly-disclosed security incidents, cases provided by the Verizon Threat Research Advisory Center (VTRAC) investigators. We’ll walk through some of the major findings and provide an insightful perspective of today’s security threat actors and their methods of compromise.