Tag: cybercrime

ABSTRACT

Malicious hackers and their malware creations are rampant on the Internet. Ransomware is taking down companies, hospitals, and even entire cities at will. Hundreds of millions of dollars are stolen, and millions of people’s accounts are stolen every day. A large portion of the Internet is just hacker traffic, phishing, and their malware programs. However, most people are unaware that we can significantly reduce Internet crime, making it nearly impossible for hackers and their malware creations to be successful. There is a way to make a far safer Internet for you, your children, your grandchildren, and your grandparents. We have most of the needed technology, we just need to make it more pervasive.

Attend this session to learn about:
The ONE BIG UNDERLYING COMPUTER SECURITY PROBLEM that underlies all other problems
How fixing that one problem will make the Internet a far safer place for the world to compute
Hear about the cool new Internet DNS-like service that will make it far harder for hackers to hide
Come learn what it would take and how you can help to one day make hackers and their malware creations something future generations learn about in history books
If you’re just tired about hiring about the problem, come learn how to SOLVE THE PROBLEM!

BIOGRAPHY

Roger A. Grimes, Data-Driven Defense Evangelist for KnowBe4, Inc., is a 36-year computer security consultant, instructor, holder of dozens of computer certifications, and author of 15 books and over 1,500 articles on computer security. He has spoken at many of the world’s biggest computer security conferences, been in Newsweek™ magazine, appeared on television, been interviewed for NPR’s All Things Considered™, the Wall Street Journal, and been a guest on dozens of radio shows and podcasts. He has worked at some of the world’s largest computer security companies, including Foundstone, McAfee, and Microsoft. He has consulted for hundreds of companies, from the largest to the smallest, around the world. He specializes in host and network security, quantum security, identity management, anti-malware, hackers, honeypots, Public Key Infrastructure, cloud security, cryptography, policy, and technical writing. His certifications have included CPA, CISSP, CISA, CISM, CEH, MSCE: Security, Security+, and yada-yada others, and he has been an instructor for many of them. His writings and presentations are often known for their real-world, contrarian views. He was the weekly security columnist for InfoWorld and CSO magazines between 2005 – 2019.

ABSTRACT

You are in your security operation center and every node on your network monitoring map starts to flash red.  You attempt to ping your domain controller and other key devices but nothing responds.  For those that have experienced a breach or a major outage, this scenario seems realistic.  Ian Moore will explain to you how to take actions now to help prevent this from happening. 

He will cover the differences between a few of the main cyber-attacking organizations and their methods, along with a typical attack process and timeline.

Along the same thread, Ian will explain and discuss the various techniques that attackers use, the common vulnerabilities that they exploit, and how you can employ some key mitigation strategies to protect your enterprise, and lastly, how to keep your leadership off the news and how to prevent you from having to update your resume.

BIOGRAPHY

Supervisory Cybersecurity Advisor (SCSA) for the State of Washington

Cybersecurity and Infrastructure Security Agency (CISA)

Ian serves as the Supervisory Cybersecurity Advisor for the state of Washington for CISA. He supports the Department of Homeland Security (DHS) mission of strengthening the security and resilience of the nation’s critical infrastructure.

His program coordinates cyber preparedness, risk mitigation and incident response, and provides cyber security resources, including assessments, to the state, local, tribal, and territorial government entities, and the nation’s sixteen critical infrastructure sectors.

Prior to joining DHS and CISA, Ian worked in both IT and cybersecurity for over 25 years. He started as an Intelligence Specialist in the U.S. Navy, right out of high school and then transitioned to the University of Washington, Bothell and earned his B.S. in Computing and Software Systems in 2002. Upon graduating college he earned a commission in the U.S. Air Force and worked as a Communication Officer at Offutt AFB in Nebraska. After separating from the Air Force in 2006, Ian took a civilian job doing cybersecurity, software development, and cyberspace planning for USSTRATCOM. During his time at USSTRATCOM, Ian earned his master’s degree in Cybersecurity from Bellevue University in Bellevue, Nebraska. Ian was the first student to graduate from Bellevue University’s Masters in Cybersecurity program in 2012. In 2015, Ian and his family decided to move home to the Northwest and took a job at the Puget Sound Naval Shipyard as a Cybersecurity Engineer. After a promotion and a year of working as the Platform IT (Operational Technology) Branch Manager, he accepted a Cybersecurity Advisor position within CISA. After a year of interviews, security checks and waiting, he was brought on as the Cybersecurity State Coordinator for the state of Washington in March of 2021. On July 1 st of 2024 Ian was promoted to the newly created position of Supervisory Cybersecurity Advisor for Washington state. This position will oversee the cybersecurity activities within the state, both public and private, and develop an overarching cybersecurity strategy for the state.

As the SCSA for Washington State, Ian works with the other three Cybersecurity Advisors and the State Coordinator to support state agencies, counties, and cities/towns and private industry partners to help them shore up their cybersecurity by partnering with them on assessments and offering CISA technical services. Through these partnerships he builds and cultivates relationships and trust throughout the state.

Ian maintains his Certified Information Systems Security Professional (CISSP) certification, since 2014.

ABSTRACT

Every day, our newsfeed is cluttered with news of ransomware, data exfiltration, stolen crypto, phishing, supplier attacks, and even DDoS. To us, there is no doubt that the cyber landscape is fraught with dangers. The organizations we are working so hard to secure are always only a hair away from becoming the next headline. As technology and security professionals, we know this. But what about the business? Are they just as aware of the threats? Are they prioritizing the organizations’ resources to fight cybercrime? If the answer is “No” to either of these questions, they are probably naive to the risk they face, and think that bad things can only happen to others, right? Certainly, they are negligent in their duties, and could care less about their organizations’ proprietary information, their customers’ PII, and their third parties’ information? Or are they simply arriving at the wrong conclusion despite having done their utmost due diligence?

In this session, we will consider the different frames of mind and explore potential solutions to correct the business’ view that cybersecurity deserves some, but not more attention. We will discuss how to steer them with effective operational and risk management approaches so they are just as vigilant as we are.

BIOGRAPHY

Elson Kung is the founder and consultant of Cactimo. He has hands-on and leadership experience in operational risk management, guiding businesses to implement effective controls to reduce a diverse array of risks including cyber security, third party, data privacy, financial reporting, regulatory compliance, resilience, and fraud. For over 25 years, he has worked in IT, various functions in the business, and the front-line of a company with $128 billion of assets and $2.5 billion of income in 2022.

A former president of ISACA Vancouver Chapter, he now serves on the board of BCG Counselling Group, the Provincial Security Advisory Council of BC, and is a Toastmasters area director. He also volunteers, runs, hikes and bikes.