Laz's Picks for RSAC 2017 - Aligning InfoSec to the Business and to Society

I’ve been asked a number of times - how to best align business drivers to security and compliance efforts.  This is one of the most difficult challenges we face as practitioners - how to align to the business while protecting the organization’s customers, employees, brand, and data.

With what appears to be advances in technology every six months, it’s like walking across a moving floor.  Further, by opening up data centers and cloud environments, InfoSec and compliance efforts become exponentially harder to manage, budget, deploy, and support.

This year at the RSA Conference 2017, I’ll be looking for sessions geared for pervasive computing, addressing how data analytics can solve some of the above-mentioned issues, and the continued growth of agile solutions.

Demetrios Lazarikos (Laz), InfoSec Strategist, Thought Leader, and Professor


Monday, February 13, 2017

Securing Diversity: Women in Cybersecurity

February 13, 2017 | 2:00 PM - 5:00 PM | Moscone West | 2024 SEM

One of our most critical national security issues is the negative unemployment we face in our industry, and yet we are regressive when it comes to diversity. We need diversity to solve the problem. This inaugural seminar explores the power—and opportunity—of women in security, as individuals and as part of effective teams. 

Speakers:

  • Dr. Uma Gupta, Consultant, UmaGupta.com
  • Mischel Kwon, Founder, MKACyber
  • Jennifer Minella, VP of Engineering and Security, Carolina Advanced Digital, Inc.
  • Valerie Plame, Former Covert CIA Operations Officer and Author, VEW, LLC
  • Leyla D. Seka, Executive Vice President, Salesforce AppExchange
  • Rachael Skillman, Computer Engineer, Intern
  • Jennifer Steffens, CEO, IOActive
  • Bobbie Stempfley, Director, Cyber Strategy Implementation, The MITRE Corporation
  • Dr. Chenxi Wang, Chief Strategy Officer, Twistlock
 

Cloud Security Alliance Summit 2017: Securing the Converged Cloud

This year’s Cloud Security Alliance Summit welcomes world leading security experts and cloud providers to discuss global governance, the latest trends in technology, the threat landscape, security innovations, best practices and global governance in order to help organizations address the new frontiers in cloud security.


Tuesday, February 14, 2017

Beyond Threat Detection and Takedown: Prediction, Analytics and Deterrence (Easy Solutions)

February 14, 2017 | 4:10 PM - 4:30 PM | South Expo Briefing Center

New techniques are needed to reduce the effectiveness of phishing attacks. Easy Solutions will demonstrate new technologies brought to the fight to successfully predict and triage true attacks from the noise, understand adversaries and to identify victims. These technologies are based on machine learning, advanced pattern recognition and automatic ticket generation to create a powerful deterrence.


Wednesday, February 15, 2017

The Seven Most Dangerous New Attack Techniques, and What's Coming Next

February 15, 2017 | 10:30 AM - 11:20 AM | Moscone West | Level 3

Which are the most dangerous new attack techniques? How do they work? How can you stop them? What’s coming next and how can you prepare? This fast-paced briefing provides answers from the three people best positioned to know the answers: the head of the Internet Storm Center, the top hacker exploits expert/teacher in the US and the top expert on cyberattacks on industrial control systems.

Moderator:

  • Alan Paller Research Director and Founder, SANS Institute

Panelists:

  • Michael Assante, Director of Industrials and Infrastructure, Lead for the ICS Curriculum, SANS Institute
  • Ed Skoudis, Instructor, SANS Institute
  • Johannes Ullrich, Dean of Research, SANS Technology Institute

 

Cyber, an Evolving Ecosystem: Creating the Road for Tomorrow’s Smart Cities

February 15, 2017 | 9:45 AM - 10:15 AM | Marriott Marquis | The Sandbox - ICS Stage

Today, cities across the globe are implementing ISO 37150 and looking to a future where they will have populations three to five times larger than today. This will require cities to plan decades in advance on how to provide services through future technologies. Here, in the City of San Diego, we are laying the groundwork, from a cybersecurity perspective, on how to manage this future risk.

Speaker:

  • Gary Hayslip, Deputy Director, Chief Information Security Officer, City of San Diego

Thursday, February 16, 2017

One million alerts: solving the major incident response challenge (Kaspersky Lab)

February 16, 2017 | 2:10 PM - 2:40 PM | North Expo Briefing Center

Incident response is the major challenge  of corporate security, caused by expansion of targeted cyberattacks and talent shortage. But what does this mean from a technical perspective? In this track we reveal the real challenge of identifying the latest APT in the white noise of thousands of security alerts from a typical system. Automation is the solution, but how to do it properly?


Friday, February 17, 2017

Business Folds: Security Doesn’t

February 17, 2017 | 11:30 AM - 12:15 PM | Moscone West | 2020

You are working for a company with over $2 billion in revenue. The company files for Chapter 11 bankruptcy with the goal of reorganizing. This fails and the company goes out of business. How do you securely shut down a company? Merlin Namuth lived this situation, as a security leader at the former Sports Authority. He will describe the technical and leadership challenges and the lessons learned.

Speaker:

  • Merlin Namuth, Director – Standards, Risk, Compliance and Security, Red Robin Gourmet Burgers, Inc.