Event Day

7:30 am - 8:30 am
Registration & Breakfast/Vendor Area Open
8:20 am - 8:30 am
Ballroom Conference Welcome and Sponsor Recognition

Morning Speaker Schedule

8:30 am - 9:30 am
Ballroom Dave Shackleford AM Keynote: Cloud Security - New Risks, New Opportunities

Dave Shackleford

With the growing use of cloud services, security teams have a lot of work cut out for them. What changes? What new risks do we face? Could there be any benefits to using cloud? In this talk, Dave will outline his experience over the past 9 years working with cloud services and helping organizations design hybrid cloud architectures. This talk will cover the entire spectrum of cloud today, ranging from SaaS to IaaS and everything in-between.

Dave Shackleford is the owner and principal consultant of Voodoo Security, lead faculty at IANS, and a SANS analyst, senior instructor, and course author. He has consulted with hundreds of organizations in the areas of security, regulatory compliance, and network architecture and engineering, and is a VMware vExpert with extensive experience designing and configuring secure virtualized infrastructures. He has previously worked as CSO for Configuresoft, CTO for the Center for Internet Security, and as a security architect, analyst, and manager for several Fortune 500 companies. Dave is the author of the Sybex book Virtualization Security: Protecting Virtualized Environments, as well as the coauthor of Hands-On Information Security from Course Technology. Recently Dave coauthored the first published course on virtualization security for the SANS Institute. Dave currently serves on the board of directors at the SANS Technology Institute and helps lead the Atlanta chapter of the Cloud Security Alliance.

9:30 - 10:00 am
Networking Break/Visit Vendors
10:15 am
Wyndsor I Chris Ray, Optiv Vulnerability Management - Managing the Madness

Chris Ray, Optiv

Christopher Ray brings more than 20 years of technical and leadership experience to his current role. As executive director, executive advisory in the Office of the CISO at Optiv, and through the development and cultivation of trusted client relationships, Ray’s goal is to leverage his experience and expertise to help client security executives understand, define and mature their security programs.

Ray’s unique background spans multiple disciplines in both the technology and security space as well as across multiple heavily regulated industries. He developed software for military satellites while also running military cyber-warfare and terrorism exercises. He built and managed almost every aspect of a global enterprise information security risk management program including security strategy development, security operations, identity and access management, enterprise risk management (ERM), software change control, disaster recovery and business continuity planning, incident response, and compliance management. This experience spanned across the military and multiple industries, including healthcare, insurance, financial and services.

Prior to joining Optiv, Ray served as Epsilon’s first CISO, joining the company in November 2011 after it experienced a major security breach. Ray’s role was to restore customer confidence and develop and oversee all facets of information security and risk management. Ray was also the CISO at Aflac Corporation for six and a half years and was responsible for information security and software change management. He started the first information security department at HealthSouth Corporation for more than 20,000 employees and 2,000 remote medical facilities. Finally, Ray served as an active duty United States Air Force enlisted airman and then officer for 13 years with another 8 years in the active USAF Reserves. He retired in 2009 after more than 20 years of service. For over a decade, he worked military intelligence conducting global cyber-warfare and cyber-terrorism exercises to provide government agencies with information warfare tactics, techniques and procedures.

Ray holds a Bachelor of Science in computer science from the University of Texas at Austin and is a proud founding board member of the non-profit Security Advisor Alliance. He was the past winner of the 2011 ISE Southeast Security Executive of the Year and maintains the Certified Information Systems Security Professional (CISSP) and the Information Systems Security Management Professional (ISSMP) certifications.

Wyndsor II Panel on the Local Cyber Services Landscape Moderated by Rob Ferrill, CISO UAB Health Systems
Yorkshire Andy Givens, CyberArk Securing the Privileged Pathway – The Most Travelled Cyber Attack Route

Andy Givens, CyberArk

Andy has over eight years of experience in the security industry, with a focus in identity and mobility. He has architected privileged security solutions for Fortune 100 companies and advised customers on overall identity strategy. Andy received his BS in Electrical Engineering from Georgia Tech and currently serves as a Principle Engineer at CyberArk.

Traditionally, much of the focus of a corporation’s InfoSec efforts have been placed on ensuring that the perimeter is secure. Recent attacks have shown an alarming shift from perimeter-based attacks to ones that originate inside the corporate network using privileged accounts. During this session CyberArk will discuss growing trends in regards to attacks and what Security Leaders are doing to protect their organizations from these advanced attacks.  CyberArk will also walk through a typical attack that utilizes privileged accounts and how passwords may not even be necessary to break down the front door.

11:10 am
Wyndsor I Mark Villinski, Kaspersky Unlock the Key to Repel Ransomware

Mark Villinski, Kaspersky

Mark Villinski brings more than 20 years of technology sales, marketing experience and channel leadership to Kaspersky Lab. As Director, Field Marketing, Mark is responsible for field marketing efforts in the United States and for increasing awareness of Kaspersky Lab as a thought leader in the online security industry. Prior to joining Kaspersky Lab, Mark served as Director Worldwide Channel Operations at Enterasys Networks.

Mark has presented at several industry conferences across North America addressing audiences on the challenges facing IT departments today and discussing ways organizations can protect themselves from the current threat landscape.

Your screen freezes and a dialogue box pops up to tell you that your computer is locked and your files will all be  gone forever if you don’t pay up. Since many victims are willing to pay the ransom, this type of cryptomalware is on the rise, netting millions of dollars for cybercriminals looking for a substantial return on their minimal investment.

During this session you will hear from Mark Villinski, Kaspersky Lab, on what they as a security vendor are seeing in this growing area of focus for both security vendors and cybercriminals. .   Areas of focus will include:

  • Common ransomware scenarios and delivery mechanisms
  • Trends in this growing form of cybercrime
  • Recommendations to help your organization avoid being a victim
Wyndsor II Jesse Trucks, Splunk Analytics: Future-Proof the InfoSec Arms Race

Jesse Trucks, Splunk

This talk delves into the parallels of information security and warfare. It outlines why historical approaches for defensive operations were useful and why the information security field must adopt modern approaches of profiling techniques from espionage, law enforcement, and military organizations using analytics based methods.

Yorkshire Paul Burbage, PhishMe BES & BEC: Tales of Payment Diversion Fraud

Paul Burbage, PhishMe

Paul Burbage is an avid network security enthusiast with over fifteen years of experience. He is currently a malware researcher at PhishMe where his passion lies in finding ways to break threat actors’ command and control infrastructure.

Business Email Spoofing and/or Compromise (BES / BEC) has become a major threat to organizations conducting wire transactions in the past couple of years. This presentation will examine these types of scams and how your organization can prevent them.

11:45 am
Ballroom Lunch Served

Afternoon Speaker Schedule

12:00 pm - 1:00 pm
Ballroom Bruce Schneier Lunch Keynote: The Challenge of IoT

Bruce Schneier

The Internet of Things will be the most extensive and pervasive surveillance network the planet has ever seen. Ensuring that it will be used for good and not evil will be a constant challenge in the coming years and decades.

Bruce Schneier is the author of 14 books — including the New York Times best-seller Data and Goliath: The Hidden Battles to Collect Your Data and Control Your World — as well as hundreds of articles, essays, and academic papers. His influential newsletter “Crypto-Gram” and blog “Schneier on Security” are read by over 250,000 people. Schneier is a fellow at the Berkman Center for Internet and Society at Harvard University, a fellow at the Belfer Center at Harvard’s Kennedy School of Government, and a board member of the Electronic Frontier Foundation. He is also a special advisor to IBM Security and the Chief Technology Officer of Resilient.

1:30 pm
Wyndsor I Creating a Culture of Security Panel

Creating a Culture of Security

Wyndsor II Phil Celestini, FBI FBI Cyber Division Overview

Phil Celestini, FBI

Section Chief Philip Celestini is a veteran Special Agent of the Federal Bureau of Investigation (FBI), currently assigned to the FBI’s Cyber Division as the Bureau’s Senior Executive Representative to the National Security Agency and U.S. Cyber Command. Mr. Celestini has excelled in a wide variety of FBI Headquarters and field office assignments, and was also detailed to the White House as the FBI’s Counterterrorism Liaison to the National Security Council staff from 2004 to 2006. Mr. Celestini earned numerous commendations and honors throughout his career as a field Agent, and in 2013 he was recognized with the FBI’s “Top 12 Knowledge Award” for his pioneering application of technology platforms to improve on-demand information sharing in complex, multi-jurisdiction cases – a reflection of his career-long focus on improving performance through collaboration and technical innovation. Prior to entering the FBI, Mr. Celestini served our nation while on active duty in the United States Air Force as an Intelligence Operations Officer. Mr. Celestini received his Bachelor of Science degree from the United States Air Force Academy, and also holds a Master of Science (with Distinction) in Public Safety Leadership

FBI Section Chief Philip Celestini will discuss the mission of the FBI’s Cyber Division and give an overview of the FBI’s cyber program. The presentation will cover the current cyber threat landscape, the FBI’s international and domestic presence, and current initiatives with the private sector. Celestini will discuss challenges the FBI faces as the cyber threat continues to evolve, and how the private and public sectors can protect their employees and organizations against a cyber intrusion.

Yorkshire Derek Rush, LBMC How I Will Phish You

Derek Rush, LBMC

Derek Rush began his career in Information Security during the process of obtaining a degree from Purdue University in Information Security. He has worked in the telecommunications vertical, the healthcare vertical, and professional services during his career. Notable accomplishments include leading a company’s PCI program to successfully obtain compliance, completion of the Wharton School of Business Emerging Leadership Program, effective management of both onshore and offshore security teams, facilitating Sarbanes Oxley and PCI-DSS audits, and deploying numerous security centric technologies at an enterprise level. Currently, Derek is focusing on penetration assessments of enterprise environments and auditing clientele’s compliance with regulatory frameworks.

How I Will Phish You will educate listeners on the process that threat actors go through to conduct a successful phishing campaign. A successful phishing campaign can result in a compromise of an organization, so educating listeners on how threat actors usually gain their first foothold is critical in reducing the effectiveness of phishing attacks.

2:15 - 3:00 PM
Networking Break/Visit Vendors
3:00 pm
Wyndsor I Chris Baker, DYN IoTB: It’s Only the Beginning

Chris Baker, DYN

Chris Baker is a Principal Threat Analyst at Dyn, where his responsibilities include data analysis and research related to the DNS, endpoint classification, and Internet measurements. He graduated from Worcester Polytechnic Institute with a Masters Degree in System Dynamics and a Bachelors Degree in Management of Information Systems and Philosophy.

This talk will provide an overview of the internet of things (IoT) distributed denial of service (DDoS) landscape. The number of known vulnerable devices continues to grow and, with it, a potential platform for malicious activity is also expanding. At the end of October 2016, Dyn was the target of a DDoS attack fueled by compromised devices distributed around the world. By November, bot herders were already seeking new devices populations via TR-064 & TR-069 protocol vulnerabilities. In December, the Java API for Remote Method Invocation (RMI) was added to the mix. Vulnerabilities and devices, details aside, are the “how” and “what” of the threat surface and are changing quickly. The goal of this talk is to provide both a comprehensive mental model for IoT botnets, as well as share some insight into recent adaptations to network threat models.

Wyndsor II Brian Minick, Morphick Facing Cyber Threats Head On

Brian Minick, Morphick

Brian Minick is the Co-Founder and CEO of Morphick Cyber Security. At Morphick, Brian delivers products and managed services that enable Morphick customers to address emerging cyber risks. Brian brings over 15 years of diverse information technology and cyber security leadership and experience to this position. Before founding Morphick, he held the title of Chief Information Security Officer at General Electric’s Aviation, Energy and Transportation businesses where he was responsible for developing and implementing advanced cyber-security strategies. His approach was integral to protecting the strategy, growth and resources of a multi-billion-dollar, worldwide corporation.

For many, the 2013 data breach at Target stores served as an introduction to cyber threats. In reality, cyber attacks have a much longer and deeper heritage and this heritage will inherently drive the future of cyber security. Based on experiences on the front lines of the most advanced cyber attacks, Brian will deliver a brief history of how cybersecurity has evolved and offer insights into where the cyber security industry will be heading in coming years.

Yorkshire Steve Ellis, FireEye Next Phase Of Threat Intelligence

Steve Ellis, FireEye

Steve Ellis is a seven-year veteran of FireEye iSIGHT Intelligence. For more than five years at iSIGHT Partners, Steve managed two of the company’s threat intelligence analysis products. More recently, he joined the FireEye Intelligence Enablement team after iSIGHT was acquired by FireEye in early 2016.  In this role, Steve helps FireEye iSIGHT Intelligence subscribers maximize the value of threat intelligence. He serves customers in the finance, retail, transportation, gas & electric and food & beverage sectors.

Threat intelligence solutions proliferated following major cyber security events like Stuxnet, Operational Ababil and massive retail breaches. In this talk, Steve Ellis will discuss the tension between automated and manual threat intelligence creation, ingestion and distribution, and how that tension has led to the near saturation of various sub-niches of this already niche market.


4:00 pm
Closing and Raffle
4:30 pm - 5:00 pm
Networking at Hotel Bar