Free Focus on Security October 4, 2019
FROM THE DESKTOP, TO THE SERVER, TO THE NETWORK, TO THE CLOUD
Learn from industry experts: • Current trends and patterns • Tools to keep yourself and your organization secure • Information to help identify risk • Network with attendees, security experts and security vendors • Take home critical information that can fortify your security posture.
Participants will get the most up-to-date information from subject matter experts, and will begin by learning directly from keynote speaker, Scott Schober, President/CEO Berkley Varitronics Systems, Inc. (BVS), a 45 year-old New Jersey-based privately held company and leading provider of advanced, world-class wireless test and security solutions. Scott has developed cellular test instruments used primarily for cellular buildout throughout the U.S. with a recent focus on security solutions for cell phone detection tools, Wi-Fi, Bluetooth and IoT used to enforce a ‘no wireless’ security policy enforced in government, corporate, military, educational, correctional and law enforcement facilities around the world.
Scott is a highly sought after author and expert for live security events, media appearances and commentary on the topics of ransomware, wireless threats, drone surveillance and hacking, cybersecurity for consumers and small business and emerging blockchain technologies. He is often seen on ABC News, Bloomberg TV, Al Jazeera America, CBS This Morning News, CGTN America, CNN, Fox Business and many more networks. His security advice can be heard on national radio networks including NPR, Sirius XM and Bloomberg Radio. Scott regularly presents at tech and security conferences discussing wireless technology and its role in breaches along with his vision for best practices to stay safe in the future. Scott is an advisor to BlockSafe Technologies
Throughout the day, there were multiple 50 minute presentations on current topics regarding information security - Participants will learn how to stay abreast of the most current threats, as well as how to defend against them.
AGENDA
Keynote:Scott N. Schober, President/CEO (8:30-9:20 am)
Berkeley Varitronics Systems, Inc.
Title: ‘Cybersecurity is Everybody’s Business’
Scott N. Schober is the President and CEO of Berkeley Varitronics Systems (BVS), a 45 year-old New Jersey-based privately held company and leading provider of advanced, world-class wireless test and security solutions. Scott has developed cellular test instruments used primarily for cellular buildout throughout the U.S. with a recent focus on security solutions for cell phone detection tools, Wi-Fi, Bluetooth and IoT used to enforce a ‘no wireless’ security policy enforced in government, corporate, military, educational, correctional and law enforcement facilities around the world.
Break Out Session 1
Classroom 1
Ram Forensics – Cindy Casey, Gwynedd Mercy University, Instructor and Program Coordinator, Computer Information Sciences
Random Access Memory (RAM) is a type of temporary storage traditionally defined as volatile. Volatile memory is only maintained while the device is powered on. Once the device is powered down, any data stored is lost. However, forensic analyses of RAM show that data stored in RAM is not always lost when the machine is powered down. Not only can data stored in RAM be retrieved during a live forensic analysis, but it may be recovered during dead-box acquisitions. Evidence recovered from RAM includes, but is not limited to, cryptographic keys, passwords, hidden data, images, open file and registry information, and even malicious code. This lecture will explain what RAM is, how to perform a RAM dump, and what types of information can be recovered. Memory-resident malware will also be discussed.
Classroom 2
Firewall Egress Filtering, Don’t Wait to Start - George Frazier, Director of Information Systems
Lower Merion School District, M.Ed., CISSP, GCIH, GSNA
Criminals and miscreants are circumventing the perimeter, however, defenders can use the perimeter to stop attackers’ outbound command and control communications. This presentation will examine the use of firewall egress filtering to reduce attackers’ ability to communicate with compromised end points. Tap placement, log collection, and port use will be examined to help defenders take away actionable steps to begin moving to a more secure network through the use of egress filtering.
Classroom 3
DHS Response to 21st Century Threats - Steven Long, Regional Protective Security Advisor, Cybersecurity and Infrastructure Security Agency, U.S. Department of Homeland Security
This presentation is an overview of the components of the Cybersecurity and Infrastructure Security Agency(CISA). It also highlights the major CISA efforts that are in progress in order to safeguard the United States against 21st century threats.
Break Out Session 2
Classroom 1
The Power of an Integrated Threat Defense - Kristy Patullo, Cisco Security Architect: Greg Girgenti, Cisco Security Sales Specialist
Learn how to leverage best-of-breed security tools in an integrated architecture to defend against the latest attacks and proactively find potential threats and vulnerabilities in your environment. Organizations of all sizes are now being targeted with ransomware, crypto-mining and other malware and it is critical to build a security solution that allows you to quickly detect and remediate this dangerous activity.
Classroom 2
Securing the DNS port 53 Highway to the Internet - John Leible, InfoBlox, Territory Account Manager
DNS is fundamental to all network communication from peer to peer on your intranet to communicating with the internet as well. This communication can easily be exploited for nefarious means. This session will cover the basics of the DNS protocol, why it is so well suited for exploits, common exploits and paths to protect a network against such exploits.
Classroom 3
Digital Forensics: Challenges and Cases - Professor Pamela King, Digital Forensics & Cybersecurity, Computer Science & Information Technology, Center for Data and Society, Chestnut Hill College
Digital forensics has changed over the last 2-3 decades and four cases (criminal) which hinged on digital forensics.
Break Out Session 3
Classroom 1
Red Hat Security, Supply Chain Security - KEITH CALLIGAN, SENIOR CONSULTANT, RHCSA, CISSP
Creating secure foundations, Enabling Hybrid Cloud Deployments, Automating Security Compliance
Classroom 2
What’s possible today Securing workloads across challenging environments with VMware.
Ramy Afifi, VMware Security Engineer
Topics could include:
• NSX-T Security Overview
• NSX-T Datacenter Distributed Firewall
• Workload & Policy Grouping Methodology & Consumption
• Container, Native Public Cloud Security
Classroom 3
Get Secure, Stay Secure - David Beidelman, SHI, Senior Solution Architect, Security - Enterprise Solutions Group
Presentation will focus on Data protections and 4 key areas of success.
- Know your data and threats
- Data centric security
- Tools
- Automation
Break Out Session 4
Classroom 1
Blockchain - Professor Chris Carroll, Associate Teaching Professor, BSCST Program Director, Information Science Department, College of Computing and Informatics, Drexel University.
Blockchain has been deemed by some people as the security silver bullet. This session will cover the encryption methods used by blockchains, mining coins for the cryptocurrency bitcoin, and other interesting applied uses for blockchain technology. As with all technologies, advantages and disadvantages with using blockchain will be discussed throughout the session.
Classroom 2
A Pentester's guide to compromising passwords and what you can do to stop it it - Nick Pier, Candoris
Topics covered are to include:
Public breaches, credential stuffing and their impact on your password policies.
Silent harvesting of passwords within a LAN and what can be done to stop it.
Why your passwords aren't strong enough*. The reversing of hashes and the importance of multi-factor authentication.
Classroom 3
Physical Security: An Overview from Deadbolts to Deathtraps - Cody L. Hofstetter, Founder & CEO, Sovereign Cyber Industries
We regularly interact with numerous forms of physical security from front door deadbolts, garage openers, cameras, RFID access cards, the security built into your car, and many more. In this presentation, we will be covering the various types of physical security devices available. How these devices function, how to improve or break them, and of course, if you can legally build that home deathtrap you have always wanted to deter burglars.