The Secure360 Conference is happening in Minneapolis next week from 05/15/18 to 05/17/18. It is the professional conference of choice for comprehensive security, risk management and collaboration education for your entire team. It focuses on the following areas: cybersecurity, governance, risk and compliance, physical security, business continuity management and professional development. I am attending for the third time because it only gets better every year and I desire to be a part of the solution. Here are my three top talk picks. I am presenting this year on 05/16/18 at 2:30pm. Hope to see you there.
1. BlockChains are Coming! Forewarned is Forearmed! 05/16/18 at 11:00am.
What is this blockchain thing and why is everyone losing their minds over them? The distributed ledger technology underpinning Bitcoin has an amazing ability to completely disrupt knowledge management where “consensus” is required. In this session, nationally-recognized blockchain expert David Duccini and Zach Robbins, a crypto-savvy securities attorney, will lay out the value proposition for the coming era when distributed ledgers aka blockchains will be used for everything from patch management, identity and reputation to making wall street obsolete. This isn’t your brother’s Bitcoin (well it is…but so much more)! Let’s slice through the hype and hyperbole and build criteria in preparation for the time when it makes sense to irrevocably replicate data, potentially forever.
Key learning points:
- What is a blockchain and why should I care?
- When does using a blockchain make sense?
- I need a blockchain! Which one should I use?
- Am I being scammed? Does my blockchain need a cryptocurrency?
2. Is Your Security Cyber-Secure? 05/15/18 at 1:00pm.
With the 20-year anniversary of the invention of the IP camera the IT industry and organizations around the world are becoming more aware of the vulnerabilities that these types of devices bring with them. From Mark Bonde this session will outline the vulnerabilities that exist within physical security solutions, the risks that these vulnerabilities pose to organizations and ways in which you can mitigate against these risks moving forward.
Key learning points:
- Identify risks associated with current physical security system.
- Strategies for improving the security of a physical security system.
- Strategies for ongoing monitoring of physical security system from cyber attacks.
3. Precursor Detection of Data Exfiltration: 05/16/18 at 2:30pm.
Presented by Jeremy Swenson. There are few proven tools and methodologies for reliable early detection of data exfiltration. Most organizations are likely to be breached in some way, and although there are many reliable indicators of compromise (IOCs), they are complex, constantly changing, and are not specific enough. These indicators have not been credibly tied to precursors to data exfiltration in an effective way. In fact, on average, it takes an organization 99 days to discover network penetration and 201 days for data exfiltration to be discovered.
In this session, we will identify and corroborate the precursors for early mitigation of the next large complex data breach using a 6-pronged approach to mitigation.
Key learning points:
- With a simple script or installed tool, external hackers or malicious insiders can quickly discover encryption keys.
- Split tunneling exploits can be ripe for DNS spoofing allowing a covert data exfiltration tunnel out.
- Poorly configured systems with web facing vulnerabilities happen very often during M&As (mergers and acquisitions) which is exacerbated by too much complexity.
To learn more about Abstract Forward Consulting contact us here.