Implementing a continuous monitoring strategy is critical for improving system visibility and security. However, there are challenges in achieving visibility with widely diverse environments and endpoints. Additionally, using a disparate set of tools – in on-premises and cloud environments and with remote clients – has proven enormously difficult in the past several years. Fortunately, there are many more options available today th...

Do you ever run into problems with your vulnerability management program that you wished you had at your fingertips just one more little piece of information? To help conduct some prioritization, or to know who the business owner is, or to inform people this was an end of life system… All valuable and great to have readily available. But alas, we often are missing information, or it is not easy to access. Join Jonathan (MGT516 co-author...

For about 20 years, the Internet Storm Center has offered terabytes of data to the community to help you understand attacks you are seeing and assist you in augmenting your logs or, as we often put it, "add color" to your network logs. In this keynote, we will introduce some of our volunteer handlers who contribute their insight in daily diaries (you will also learn why we call it a "dairy" and not a "blog"). In addition, we will walk you thro...

There is sometimes a difference of opinion as to where the practice of digital forensics belongs in terms of occupational domains. Some say that it is a forensic science domain, other say that it is a cybersecurity domain. I believe it can be both, depending on what the end use of the digital forensic process is. Nowhere is this truer that in incident response. Incident response is generally a well understood process where organisations respon...

Amazon Web Services, Microsoft Azure, and Google Cloud Platform combined currently hold a bit over 50% of the worldwide cloud market. But what about the other half? Large corporations with a global presence or a local enterprise might find that a niche cloud provider better meets their needs. Alibaba Cloud's, IBM Cloud's, and Oracle Cloud's market share are not that far behind GCP, and you might find yourself on one of these platforms while yo...

We’ve all heard the buzz around pushing application security into the hands of developers, but if you’re like most companies, it has been hard to actually make this a reality. You aren’t alone – putting the culture, processes, and tooling into place to make this happen is tough. Join Scott Gerlach as he shares his triumphs and failures practices and tools at companies such as GoDaddy, SendGrid, and Twilio. Dig into spec...

The presentation draws attention to practical threat detection and incident response from dissecting advanced ICS adversary threat capabilities, tactics techniques and procedures. Dean will illustrate why the cyber weapons and the techniques may be more important than adversary attribution for tactical ICS incident response.

Why are ransomware attacks so prevalent?It's because they're effective and profitable for adversaries. We have all heard the horror stories of bad actors gaining access and deploying ransomware on an organization's network, encrypting their data, and then demanding payment to regain access to their systems. The victim organizations are often unprepared and unable to deal with a ransomware attack, leading to severe financial and operational dam...

The most comprehensive ICS security event of the year is back!The annual ICS Security Summit brings together the industry’s top practitioners and leading experts from around the globe to share actionable ideas, methods, and techniques for safeguarding critical infrastructures. At this year’s ICS Security Summit, you’ll have the chance to learn, connect, and share with thousands of cybersecurity professionals in attendance onl...

It’s well-documented and often discussed that diverse teams lead to better, more profitable outcomes, and the last couple years have seen a surge in long-overdue dialogue about the importance of equity, inclusion, and belonging. Much of this dialogue has focused on gender equity and including/amplifying voices of the BIPOC* community in cybersecurity. With this Summit, we turn our attention to the unique strengths, experiences, and chall...