Jen Easterly is the Director of the Cybersecurity and Infrastructure Security Agency (CISA). She was nominated by President Biden in April 2021 and unanimously confirmed by the Senate on July 12, 2021. As Director, Jen leads CISA’s efforts to understand, manage, and reduce risk to the cyber and physical infrastructure Americans rely on every day. She is a proud Mom, a mental health advocate, a Rubik’s Cube enthusiast, and an aspiring electric guitarist.
Before serving in her current role, Jen was the head of Firm Resilience at Morgan Stanley, responsible for ensuring preparedness and response to business-disrupting operational incidents and risks to the Firm. She also helped build and served as the first Global Head of Morgan Stanley’s Cybersecurity Fusion Center, the Firm’s center of gravity for cyber defense operations.
Jen has a long tradition of public service, to include two tours at the White House, most recently as Special Assistant to President Obama and Senior Director for Counterterrorism and earlier as Executive Assistant to National Security Advisor Condoleezza Rice. She also served as the Deputy for Counterterrorism at the National Security Agency.
A two-time recipient of the Bronze Star, Jen retired from the U.S. Army after more than twenty years of service in intelligence and cyber operations, including tours of duty in Haiti, the Balkans, Iraq, and Afghanistan. Responsible for standing up the Army’s first cyber battalion, she was also instrumental in the design and creation of United States Cyber Command.
A distinguished graduate of the United States Military Academy at West Point, Jen holds a master’s degree in Philosophy, Politics, and Economics from the University of Oxford, where she studied as a Rhodes Scholar. She is the recipient of numerous honors and awards, including the 2023 Sisterhood Award from Girls Who Code; the 2022 National Defense University Admiral Grace Hopper Award; the 2020 Bradley W. Snyder Changing the Narrative Award, and the 2018 James W. Foley Legacy Foundation American Hostage Freedom Award.
A member of the Council on Foreign Relations and a French American Foundation Young Leader, Jen is the past recipient of the Aspen Finance Leaders Fellowship, the National Security Institute Visiting Fellowship, the New America Foundation Senior International Security Fellowship, the Council on Foreign Relations International Affairs Fellowship, and the Director, National Security Agency Fellowship.
For many reasons (which I will discuss in my presentation), I have come to the conclusion that many/most security tasks, functions and roles can and should largely be distributed across the organization with support from a governance/oversight function. In short, fewer “security people” and more people “doing security.” My prediction is that in the future, there will be fewer dedicated information security staff members and a larger quantity of general staff who practice what have traditionally been information security functions. This requires a fundamental reassessment of how we look at managing security.
This presentation isn’t about general information security awareness training, but rather breaking down the elements and tasks of an information security program and dividing many of those elements and tasks amongst current staff.
For example, fewer application security people and more developers who are trained to write more secure code. And fewer Network Security Specialists, and more Network Admins that implement security controls.
This will lead to security taking on more of a governance and advisory role and providing direction rather than implementation. And for all but the largest organizations, many specialized security roles will end up being outsourced to specialists rather than being on the company payroll.
In this presentation I will discuss:
- The current information security professional “shortage.” Shortage in quotes, because in many cases this is more of a misalignment between expectations from hiring organization and reality.
- The role of specialization in all organizations/societies
- The current and ideal role for information security within an organization (Advise? Consult? Recommend? Test? Implement? Develop? Build things? Run things? Measure things (Existence and effectiveness)?
- Where information security should sit (Business? Technical? Risk Management?)
- How legal, privacy, audit, and general IT have been moving into what has traditionally been the realm of the security team.
- The importance of understanding business and risk to provide context and prioritization for information security.
- How distributed security functions can lead to better outcomes.
- And more!
Alex Hamerstone is the Advisory Solutions Director at TrustedSec, and has over a decade and a half of information security consulting experience. Alex has designed security programs for both large and small organizations and advised and assessed numerous Fortune 100 corporations, with experience that covers a broad range of industries, including retail, utilities, education, insurance, and healthcare. Additional areas of focus and expertise include program development, security process creation, documentation, regulatory compliance, cloud implementation, security awareness, standards adherence, and international information security regulations.
As a recognized industry expert, Alex is a regular presence in the local and national media, with appearances on Fox News, CNN, CBS News, MSNBC, Al Jazeera, Morning Dose, Cheddar, Huffington Post TV, Yahoo! Finance, and multiple local television and radio outlets around the country and world.
Alex is also a regular contributor to several national general and special interest magazines and a published author, having cowritten the 2012 Syngress book, “Wireless Reconnaissance in Penetration Testing”. He is a frequent presenter to national security conferences and boards and has keynoted at large conferences of the Information Systems Security Association (ISSA) and the Information Systems Audit and Control Association (ISACA), as well as for industry groups such as the American Banker’s Association, Institute of Financial Management, and at several Federal Reserve Branch Banks.
This talk discusses the results of an empirical analysis of around 700 pentest reports produced in 2023 by Black Hills Information Security. The results indicate a concerning series of trends that have not changed much over the past ten years. While the failures in the current "secure the infrastructure" model have not changed much, the speed of vulnerability discovery and exploit weaponization has. From a top ten list perspective, Jordan will discuss the findings, the faux pas, and the fixes.
Jordan Drysdale has been with the Black Hills Information Security (BHIS) tribe since December 2015. He is a Security Analyst, course author, quality assurance lead for internal and external penetration testing, as well as a member of the systems administration team. Jordan came to BHIS with a strong background, including many years in networking tech support and engineering for HP, UNi, and Managed Services — he never stops learning and sharpening his skills. His favorite part of penetration testing is demonstrating risk to his customers and explaining why it matters, as well as the family atmosphere that BHIS provides.
Colonel Victor Norris is a Cyberspace Effects Operations Officer in the U.S. Air Force. He is the Chief of the Information Warfare Division for Air Combat Command on Joint Base Langley-Eustis, Virginia. Col Norris also served as the Chair of the Strategy Field of Study at the National Defense University’s Joint Advanced Warfighting School (JAWS). He has experience in special operations, cyberspace operations, NC3, strategy, planning, personnel, and budgeting at Wing, Numbered Air Force, Major Command, Air Staff, Joint Staff, and multiple Combatant Commands.
In this talk, I’ll discuss some of the differences between red teaming, assumed breach testing, and purple teams. I will highlight the strengths and shortcomings of each, provide guidance to help organizations understand which test is right for them, and provide questions they should be asking themselves and their consultants during the initial contact and scoping phases.
Mike Saunders is Red Siege Information Security’s Principal Consultant. Mike has over 25 years of IT and security expertise, having worked in the ISP, banking, insurance, and agriculture businesses. Mike gained knowledge in a range of roles throughout his career, including system and network administration, development, and security architecture. Mike is a highly regarded and experienced international speaker with notable cybersecurity talks at conferences such as DerbyCon, Circle City Con, SANS Enterprise Summit, and NorthSec, in addition to having more than a decade of experience as a penetration tester. You can find Mike’s in-depth technical blogs and tool releases online and learn from his several offensive and defensive-focused SiegeCasts. He has been a member of the NCCCDC Red Team on several occasions and is the Lead Red Team Operator for Red Siege Information Security.
USTRANSCOM has a unique problem cyber security set as compared to the other ten Combatant Commands. Unlike the other combatant commands, commercial industry plays a vital role in how the command executes it’s mission making Cyber Domain Mission Assurance an imperative.
Carlos L. (CL) Alford is a Program Manager at SAIC who leads the $150M Managed Information Technology Services (MITS) Program in support of the United States Transportation Command (USTRANSCOM). He co-founded and serves as a Managing Partner at The Alford Group, a consulting firm that helps companies solve business challenges with cybersecurity informed hardware and software solutions. CL spent 25 years on active duty as a Cyberspace Effects Operations Officer in the U.S. Air Force. His culminating assignment was as the Commanding Officer of the 89th Airlift Support Group providing transportation support to the U.S. President, Vice President, national senior leaders, and foreign dignitaries.
Threat actors are one of the greatest threats to any organization and these threats are constantly changing their tactics techniques and procedures. Because of this constant change, a company needs to have a security team that can be agile and dynamic and be able to alert and respond to today’s cyber threats. With these emerging threats, a security team should be able to detect, react, mitigate, and hunt for any of this threat. They should also have the knowledge and tools to react to these threats.
Threat hunting is the practice of activity looking for cyber based threats that have potentially breached or compromised the organization’s environment. That includes investigating outside of known detections or cyber threats and discover any new potential threats or vulnerabilities.
Threat hunting is not a new concept and has been around for a while. Security teams have recently started focusing on performing threat hunts within their environments. This shift is because threat actors today have become more sophisticated and are able to bypass security controls and avoid detection. Threat Hunting can bring an organizations detection/response capability to a new level and should play a role in an organization detection practice.
With the shift to threat hunting, larger organizations have the money and resources to implement threat teams and utilize commercial tools to be able to hunt within their environment. Small organizations are still being targeted and compromised, but they do not have the financial resources to purchase tools needed for hunting within their environment. Their teams also tend to lack the proper training and knowledge to perform these hunts.
The speakers, Matt and Kat plan to share their threat hunt expertise, and present methods and tools that small businesses can use used with little to no cost. They will also present ways to help small organizations’ security teams become more knowledgeable in understanding threats and threat actors.
If you were to ask anyone where Kat is, they would say she's on her computer or taking a nap. Of corse, that isn't all she spends her time doing. When Kat isn't working on researching threat actors or playing a CTF, you might find her on TikTok, spreading the word of security to as many new people as possible. Kat's day to day activities include Threat Hunting and incident response, and dabbles in threat emulation from time to time. As someone who has been mentored and helped along in the path of cyber security, it's time for Kat to give back and help teach others what she has learned.
Threat actors are one of the greatest threats to any organization and these threats are constantly changing their tactics techniques and procedures. Because of this constant change, a company needs to have a security team that can be agile and dynamic and be able to alert and respond to today’s cyber threats. With these emerging threats, a security team should be able to detect, react, mitigate, and hunt for any of this threat. They should also have the knowledge and tools to react to these threats.
Threat hunting is the practice of activity looking for cyber based threats that have potentially breached or compromised the organization’s environment. That includes investigating outside of known detections or cyber threats and discover any new potential threats or vulnerabilities.
Threat hunting is not a new concept and has been around for a while. Security teams have recently started focusing on performing threat hunts within their environments. This shift is because threat actors today have become more sophisticated and are able to bypass security controls and avoid detection. Threat Hunting can bring an organizations detection/response capability to a new level and should play a role in an organization detection practice.
With the shift to threat hunting, larger organizations have the money and resources to implement threat teams and utilize commercial tools to be able to hunt within their environment. Small organizations are still being targeted and compromised, but they do not have the financial resources to purchase tools needed for hunting within their environment. Their teams also tend to lack the proper training and knowledge to perform these hunts.
The speakers, Matt and Kat plan to share their threat hunt expertise, and present methods and tools that small businesses can use used with little to no cost. They will also present ways to help small organizations’ security teams become more knowledgeable in understanding threats and threat actors.
Matt Pawelski received his first computer, a TRS-80, when he was 9 and has been hooked ever since. Matt is now a senior security analyst, and he leads a threat team and specializes in threat hunting and threat emulation, with a little sprinkle of threat intelligence and research. He is also a former lead instructor at a technical college where he still teaches network administration and cyber security. Several of his former students have gone on to be technology leaders in prominent companies across the region. Matt has been part of the security community for the last 15 years, including being a founding member of a local security group that researches trends and provides security presentations. Matt loves being in a field that changes by the second and is constantly keeping up on the latest security trends and techniques.
The rapid evolution of Artificial Intelligence (AI) poses a unique challenge reshaping the competitive dynamics across industries around the world. The talk is comprised two parts:
The first part aims to provide insights into how we adapt the innovation ecosystem in Sweden to ensure that conditions are optimal for industry to continue their legacy of innovation and adaptability, to ensure sustained leadership and growth in the AI era.
The second part focuses on the importance of developing capabilities in protecting AI systems from learning, doing, and revealing the wrong thing. We will introduce work in this area and show how AI Sweden has worked successfully with Dakota State University to explore new threats and mitigations to improve AI Security.
Dr. Mats Nordlund has spent most of his career in the industry, first as director of technology strategy and technology acquisition at Saab Group, and later 12 years as VP of R&D for Emerson Process Management – Level and Marine. He has a background from MIT where he after his graduate studies started the SDM program. During 2012-15 he was the Vice President of research programs at Skolkovo Institute of Science and Technology (Skoltech) – a new state-of-the-art university that was started in collaboration with MIT. Back in Sweden, he joined Zenseact (formerly Zenuity) as head of research and special projects. In this position, he conceived and defined AI Sweden (www.ai.se) – the national Swedish AI center. This was done in close collaboration with the Government and Industry partners. Dr. Nordlund is currently on leave from Zenseact and holds the position of Director of AI Labs at AI Sweden.
Back when I first heard the terms Fiber to the X (FTTx) and Passive Optical Networks (PON) my search engine fingers twitched faster than a fiber optic pulse! Unfortunately, even Kyle seemed unfamiliar with this tech and no one else I talked to at the time was familiar with the technology or its modern implementations.
Well, buckle up, because this session unravels the magic of FTTx and PONs, unlocking their potential for unparalleled bandwidth, rock-solid reliability, and a universe of next-generation services. These technologies haven't just been bringing gigabit internet to homes since the 2010s – imagine unleashing that same firepower inside buildings, directly to every user!
Join us as we explore how these revolutionary technologies are rewiring our future, one fiber at a time.
Nathan Harmer is a proud alum of DSU and currently serves as the Director of IT infrastructure & Operations and the Interim CISO at the North Carolina School of Science and Mathematics. He started his IT career pulling cat6 in high schools across SD and now designs and builds networks that keep everything running, from classrooms to labs, rolling out cutting-edge technologies like FTTE and PON to planning for future growth in an established traditional network. Nathan keeps the school connected and ready for anything!
Software Bill of Materials (SBOMs) are revolutionizing the cybersecurity landscape by offering a detailed inventory of software components. This transparency equips both red and blue teams with powerful tools to enhance their strategies.
Chuck Woodraska is a software engineer with 10 years of experience in all facets of cybersecurity including red, blue, and purple team exercises. Chuck's interests include web development, machine learning, and data science. But most of all he loves Python and Guinness.
Dr. Bob Ross is the Innovation Hub Director for the Cyber Fusion Innovation Center (CFIC) located at the Georgia Cyber Center, Augusta, GA. As the Innovation Hub Director, Dr. Ross is responsible for supporting the Army Cyber Command in finding solutions to their most complex and time-sensitive challenges. He spent 30 years on active duty in the U.S. Army and holds a Ph.D. in Information Science from the Naval Postgraduate School in Monterey, CA. His culminating military assignment was as the Strategic Initiatives Group Chief for the Commanding General of Army Cyber Command. He advised her on cybersecurity, information age conflict, and information warfare strategy initiatives. He was is currently a Special Area Editor on Information Warfare for the Cyber Defense Review and adjunct faculty member of Augusta University’s Masters in Intelligence and Strategic Studies Program. He was also a Chief Research Scientist for the Army Cyber Institute, and U.S. Military Academy faculty member teaching in the Electrical Engineering and Computer Science Department.
The talk titled Locking Down the Lifecycle" emphasizes the importance of security in Continuous Integration/Continuous Deployment (CI/CD) environments. The presentation starts by giving an overview of typical enterprise CI/CD environments and their relevant systems. Next, we will discuss the standard controls such as SAST, DAST, SCA, and IaC technologies generally implemented inside of CI/CD infrastructure. These technologies will be compared to the critical vulnerabilities that exist in CI/CD pipelines, such as misconfigurations and third-party risks. To make it more relatable, real-world breach examples will be shared to illustrate the risks and consequences of these vulnerabilities. The talk then highlights the need to shift to more advanced practices, such as SBOMs and software provenance, as there is a current gap between the existing tooling and software supply chain best practices. Overall, the talk aims to shift the common perception associated with CI/CD pipeline security and provide the audience with a new line of thinking regarding the security of the software development lifecycle.
Joe Christian currently serves as the Engineering Manager for the DevSecOps Platform team at Paylocity. Previously, Joe led the Product Security team at Brex and the Security Risk Assessment department at Zappos, an Amazon subsidiary. Joe is also a Cyber Defense Ph.D. student at Dakota State University. Outside of security, Joe enjoys hiking across the many national parks in the United States.
Discover the Good, the Bad, and the Ugly of the LeaveHomeSafe app, a Hong Kong COVID-19 contact tracing app. Learn about the app's design and functionality, privacy and security issues, unique edge-case scenarios, disclosure process, press reaction and recommendations for improving app security.
After 16 years in itsec and 23 in IT Abraham is now the CEO of 7ASecurity (7asecurity.com), a company specializing in penetration testing of web/mobile apps, infrastructure, code reviews and training. Co-Author of the Mobile, Web and Desktop (Electron) app 7ASecurity courses. Security Trainer at Blackhat USA, HITB, OWASP Global AppSec and many other events. OWASP OWTF project leader, an OWASP flagship project (owtf.org), Major degree and Diploma in Computer Science, some certs: CISSP, OSCP, GWEB, OSWP, CPTS, CEH, MCSE:Security, MCSA:Security, Security+. As a shell scripting fan trained by unix dinosaurs, Abraham wears a proud manly beard. He writes on Twitter as @7asecurity @7a_ @owtfp or https://7asecurity.com/blog. Multiple presentations, pentest reports and recordings can be found at https://7asecurity.com/publications
Have you ever wondered how building redteam tooling differs from other development, well this is your lucky day. We'll be going over what are redteam tools, how they differ from other development, considerations for building them, lessons learned, specialization, and advice for college students who are considering getting into this field.
Kevin Haubris is an alumnus of DSU and a "Senior Research Analyst" at TrustedSec where he builds offensive capabilities for their redteam to assist with their engagements.
Cyber games are a gateway to those kinds of opportunities. Cyber games equip cyber athletes with applicable real-world cybersecurity skills and training. By fusing athletics, esports, and cyber games, we uncover an amazing volume of best practices that can cultivate a winning competitive team and a high-performing security operations team. CISOs and SOC managers can learn much from eSports and athletic programs regarding team composition, strategic planning, and upskilling. In our discussion, we will explore how blending what we know in esports with cybersecurity can unlock the potential of your team. Join Jessica Gulick, Founder and CEO of PlayCyber and Commissioner of the US Cyber Games, as she highlights the rise of cyber games in eSports and how that rise increases career opportunities for all ages.