Gaissa header

Speaker Bios & Presentation Abstracts

Sam Aiello
Verizon
"Effective Role of CyberSecurity Leaders"

1. "Learning to Speak the Language"
2. Challenges surrounding contextual information security
3. "Compliant does not mean secure"
4. Due care (action) and due diligence (research) on the part of Sr Mgmt.

Sam is an accomplished, industry-recognized, technology optimization, digital transformation and customer experience expert. His background is in: strategy & planning, governance, operations, and enterprise architecture. He’s worked in the industry for over 25 years, with roles in information technology, telecommunications and information security as executive, manager and practitioner.

He’s experienced in consulting across industry verticals, quantifying current and emerging risk, building internal cooperation and executive buy-in, and developing organizational strategies. He’s been involved in numerous convergence & software implementations, large scale rollouts of industrial and process control systems, and development of information security policy for many international and US enterprises.

Sam has guest lectured at Georgia State University, presented at ISACA conferences, and taught the Communications & Network Security domain of the CISSP exam review course. He’s a frequent speaker and session facilitator on the topics of IT risk management and corporate governance. He holds many industry and network certifications including CISSP. He is a member of ISACA, ISSA, ISC², AIMA. He holds an MBA in finance, BA in Industrial Education and working on an MSc in Information Security Leadership.

^ Top of page

Back to Agenda

 

Faisal Ansari
Trustmarq
"Today is May 24, 2018. Are you ready for tomorrow?"

Yet another set of compliance mandates, aka, GDPR, has been thrusted upon the global business community. But unlike the time of GLBA, SOX, PCI, FFIEC, this time, clear lines have been drawn on the financial impact of non-compliance.

Join Faisal Ansari with Trustmarq, as he debunks some of the myths regarding GDPR, describes some of the most effective first few steps to take (if you haven’t started or just getting around to it), engage in a roundtable-style dialog with other participants on how they are dealing with GDPR compliance, and learn how addressing GDPR can systemically help your Cyber Security cause.

Govern Your Data to Fully Capitalize on Your Cyber Security Investments. Get Your Money’s Worth for a Change. Pun intended.

Mr. Ansari is an experienced business leader and a technology practitioner, with a success record of establishing and operating globally recognized programs and operational capabilities for Fortune 500 businesses across numerous industry verticals.

Faisal's primary domain expertise include Cyber Security, Risk & Compliance, Business Resiliency, IT Strategy & Transformation, and Portfolio, Program, & Project Management. He has a proven track record focusing on Strategy, Baselining/Benchmarking, Enterprise Architecture, Service Transformation, and Process Improvement.

In his 20+ years of career successes, Faisal has consistently enabled businesses in fulfillment of their business imperatives. He has a proven ability to champion organizational change and sustained growth. As a skilled negotiator, relationship-builder, and an effective leader; Faisal is accustomed to engaging at all organizational levels.

Mr. Ansari has contributed to authorship of several industry standards and frameworks such as from ISO and NIST, and is an exam question writer for CISSP, CISM, CRISC, and PMP. He is a regular speaker and industry presenter.

^ Top of page

Back to Agenda

 

Nasir Bilal
Infinite Resources
"Leveraging MindMeid in the Palo Alto Networks Ecosystem"

In order to prevent successful cyberattacks, many organizations collect indicators of compromise (IOCs)from various threat intelligence providers with the intent of creating new controls for their security devices.
Unfortunately, legacy approaches to aggregation and enforcement are highly manual in nature, oftencreating complex workflows and extending the time needed to identify and validate which IOCs should beblocked.
Now security organizations can leverage MineMeld, an open-source application that streamlines the aggregation, enforcement and sharing of threat intelligence. MineMeld is available for all users directly on GitHub, as well as pre-built virtual machines (VMs) for easy deployment. With an extensible modular architecture, anyone can add to the MineMeld functionality by contributing code to the open-source repository.
In order to prevent successful cyberattacks, many organizations collect indicators of compromise (IOCs)from various threat intelligence providers with the intent of creating new controls for their security devices.
Unfortunately, legacy approaches to aggregation and enforcement are highly manual in nature, oftencreating complex workflows and extending the time needed to identify and validate which IOCs should beblocked.
Now security organizations can leverage MineMeld, an open-source application that streamlines the aggregation, enforcement and sharing of threat intelligence. MineMeld is available for all users directly on GitHub, as well as pre-built virtual machines (VMs) for easy deployment. With an extensible modular architecture, anyone can add to the MineMeld functionality by contributing code to the open-source repository.

^ Top of page

Back to Agenda

 

James Bower
- Quantum Security-
"Pen Testing is Dead: Adapt or Demise"

The ROI provided by a typical penetration test continues to diminish year after year. This can be seen by an ever changing threat landscape where more and more successful breaches are beginning from malicious attachments and links. With these newer threats bypassing perimeter defenses, C levels need to begin looking at their security postures through a different lens.

James Bower is a Managing Partner at Quantum Security - a strategic Threat Hunting and Threat Intelligence consulting firm based in Atlanta, GA. He is also the creator of Engaged Threat, a counter deception technology that aids in the attribution of cyber criminals.

With over 15 years of hands-on Information Security experience, James’s versatility allows him to move seamlessly between the trenches and the board room giving him a truly unique perspective. He has applied his innovative and resourceful background across multiple sectors for a diverse list of Fortune 500 companies. When not consulting James maintains a steadfast focus on advancing various areas of InfoSec including, adversary hunting, threat intelligence, big data, and machine learning.

Since 2015, James has lead the Threat Intelligence and Threat Hunting Meetup Group, where he manages various events and workshops for the Atlanta cyber security community.

^ Top of page

Back to Agenda

 

Dan Christiansen
Splunk
"IS Siem Enough?"

In this day and age, a SIEM leveraging threat intelligence only catches many of the known threats. But insider threats and unknown threats can not be caught by traditional detection methods. Unknown threats require unsupervised machine learning to baseline user and device behavior and detect anomalous events. These anomalies can then be aggregated into actionable threats for the security team to review.

Daniel Christiansen has been in the security field since the late 90s.  Dan currently works for Splunk as the Southeast Regional Security SME and focuses on SIEM and User Behavior Analytics for Fortune 500 companies.  Dan also spent six years working on security projects with the Intelligence Community and DoD, focusing on secure mobility, MDM, as well as mobile VPN technology. 

^ Top of page

Back to Agenda

 

Meenaxi Dave
Gwinnett Tech
"CISO Challenges"

The role of CISO is changing, expected to have a professional toolkit of astute business leader, technical guru and an excellent communicator.  The increasing rate of high profile security breaches have accelerated the evolution of the role of the CISO from one of focusing primarily on the implementation and management of information security technologies, to one of a critical risk management consultant and business strategist.  The advent of game changers like mobile apps, social media, cloud computing to ever-growing list of new regulations and compliance, need are adding complexity to the environment.   Business wargaming is an adaptation of the art of stimulating moves and counter-moves in a commercial setting.  Here is the top 10 list that would help CISOs to carry out tactical and strategic functions to implement a high performance information security program.

Meenaxi Dave is an experienced Information Security educator with proven success developing, delivering and evaluating IT security training programs. She holds her Masters in Computer Science from the University of Memphis in Tennessee and a Diploma in Cybersecurity from Gwinnett Technical College. She also holds professional certifications in CCISO, CISSP, CEH, CEI, COMPTIA Security+, Network+, and Linux+. Currently, she works as an adjunct instructor for Information Security at Gwinnett Technical College and Kennesaw State Continuing Education.  She is on the board for the Technology Association of Georgia (TAG), the Information System Security Association (ISSA) and Infragard.

^ Top of page

Back to Agenda

 

Russell Eubanks
Federal Reserve Bank
"Now What? A Pragmatic Approach to Effective Breach Response for Leaders"

You read about it all the time and now it has just happened to you - the dreaded data breach. Fast forward to next Friday afternoon at 4:42pm. As a leader, your phone rings and your heart sinks as it is confirmed that you customer database has just been posted online for everyone to see. What intentional steps can a leader take in this moment to help ensure an effective breach response that has just now started!

Russell Eubanks is Vice President and Chief Information Security Officer for the Federal Reserve Bank of Atlanta. He is responsible for developing and executing the Information Security strategy for both the Retail Payments Office and the Atlanta Reserve Bank. Russell has developed information security programs from the ground up and actively seeks opportunities to measurably increase their overall security posture.

Russell is a SANS Certified Instructor, Handler for the SANS Internet Storm Center, Serves on the Editorial Panel for the Critical Security Controls and maintains securityeverafter.com. He holds a bachelor's degree in computer science from the University of Tennessee at Chattanooga along with numerous certifications.

^ Top of page

Back to Agenda

 

Mark Gelhardt
Elavon
"The White House and its Dependable Security"

Talk about The White House and its Physical Security and its Information Technology Security – what makes it DEPENDABLE and how can you transfer that same type of thinking to what you do in your business.

Mark has over 35 years of experience in providing Executive Level management in the area Information Technology and Information Security fields as a CIO, CSO, and CISO.  

Mark started his working career in the Army and retired as a Colonel (select).  At the pinnacle of Mark’s career he was nominated and selection to work at the White House as the CIO/CISO equivalent, supporting President Clinton, the VP, the White House Staff, and the U.S. Secret Service managing all the classified automation and telecommunications for the Executive Branch.

Since retiring from the Army, Mark has held several executive leadership positions; CIO/CSO for World Airways/Global Areo Logistics (US largest long haul charter airline), Deputy CIO of Global Operations/CISO for InterCall/West (World’s largest conferencing company), CISO for TravelClick (SAS in the hospitality space), Acting/Interim CISO for the Georgia Lottery and NCR. 

Currently Mark is the AVP, Cyber Risk Remediation for US Bank/Elavon.  Mark has been with US Bank/Elavon for 2 half years.  Elavon is one of the top five Credit Card processor in the world

^ Top of page

Back to Agenda

 

Erik Goldoff
Symantec
"Evolving Methods to Secure High Risk Activities"

·        From the old frozen image/rollback software

·        To re-Ghosting drives,

·        To locked down terminal servers,

·        To locked down VDI,

·        To Bromium client based isolation,

·        To FireGlass Isolation Engine

·        To what’s next ?

One Real World Use Case :  Back last decade I was a sub-contractor (Malware SME) on a State of Georgia project, and the Director of the GA Department of Health kept having his laptop infected and external drive with data corrupted.  He had people on staff required to surf the porn sites to evaluate sexual behaviors as it related to public health, and they found ALL the malware as an unintended result.


Erik Goldoff is a Lead Technical Architect and Consultant on Symantec’s North American Enterprise Cyber Security Services consulting team, with over 20 years in the Information Technology Systems and Security fields. Besides internal Symantec certifications, he holds a current CISSP credential. Erik focuses his problem solving skills on anti-malware and security best practices, incorporating his knowledge of management and leadership skills, as well as business processes into providing security solutions to improve his customers’ security posture. The last six years working with Symantec he has successfully delivered consulting and residency services, resolving complex problems for a variety of large enterprise customers in Retail, Pharmaceutical, Telco, Finance/Banking, and Government. Prior to joining Symantec, Erik worked as an IT Systems Manager for a food retailer, an IRM Chief and Computer Specialist for the Centers for Disease Control and Prevention, an independent consultant in the SMB arena, and has provided lectures, webinars, and training on PCI compliance and other security practices.

^ Top of page

Back to Agenda

 

Malakondayya Gorantla
Wavestrong
"Crypto in the Enterprise"

Cryptography is a powerful tool that helps an enterprise to achieve its information security goals and meet the compliance requirements. While there are many read-to-use cryptographic solutions available, evaluating and choosing the right solution/product is a complicated task for information security practitioners. The goal of this talk is to provide an overview of enterprise –level cryptographic products and discuss how such a product should be evaluated against the vendor’s claims.

The talk will first outline typical enterprise cryptographic solutions, both hardware and software, that encrypt data at different layers and states. The best practices for key management will be discussed as well. The second part of talk will focus on a typical use-case for application level encryption in an enterprise and describe the development and deployment life-cycles of a security product that aims to satisfy the use case. As we look at each stage in these life-cycles, we will discuss what an enterprise security architect should look for when evaluating a security product that implements cryptography.

Dr. Malakondayya Choudary Gorantla is a Security Architect with WaveStrong Inc, where he primarily focusses on cryptography and key management solutions for enterprise. He previously worked as a Cryptography Architect at CipherCloud Inc, where he was responsible for continuous innovation and secure implementation of cryptographic protocols. Over the last 12 years, He worked in multiple roles in different organizations and has all-round information security experience in research, design, development and consulting. Dr. Gorantla has a PhD in Cryptographic protocols from Queensland University of Technology, Brisbane, Australia and CISSP from (ISC)2.

^ Top of page

Back to Agenda

 

Mike Gotham
RSA
"Evolved Requirements: A Business-Driven Security Strategy for Threat Detection & Response"

Security teams need to evolve to stay in front of attackers and the latest threats, but in recent years this has become much more difficult. Attackers continue to advance and use sophisticated techniques to target and infiltrate organizations while spending significant resources performing reconnaissance to develop techniques specifically designed to bypass the security tools being used. Complicating this, most organizations no longer have well defined perimeters as they shift to more modern IT infrastructures that include a variety of environments some on premise, some in the cloud. Finally, to add even more challenges, security teams suffer from a skills gap that make it difficult to fully staff a team and even more difficult when they add more and more security tools and devices that only add to the noise for the staff trying to find the truly significant attacks.

Given these challenges, we see a mindshift occurring within the organizations running sophisticated security operations. Specifically a shift in focus on preventative controls that promise to keep the bad guys out to an increased focus on rapid detection and response, to shorten the dwell time and reduce or even prevent business damage when breaches occur. In simple terms, these organizations recognize it’s no longer feasible to think you can prevent all attacks from getting in.

In order reduce the impact of attacks, security operations needs to be able to tie critical asset and identity information into both the detection and response capabilities, so they can focus their efforts on the threats that matter most.

Mike Gotham is an Advisory Systems Engineer covering the RSA NetWitness Suite. Gotham holds multiple third-party security certifications and has worked with a range of customers in different verticals.  He is versed in both endpoint and network forensics as well as some of the latest attacker tools and techniques.  Prior to joining RSA, he worked as a Systems Engineer covering VMWare and Cisco portfolios.

^ Top of page

Back to Agenda

 

Joe Gray
Sword & Shield
"There is Hope in Defending Against It"

Ransomware is possibly the single greatest technical threat to an organization. New vectors are being used almost daily with new exploit kits and phishing campaigns abundantly enabling them. This talk discusses the various types and motives behind malware and takes a deeper dive into the infection vectors in terms of files types, patterns of attack, and characteristics. Emphasis is placed upon integrating with the Incident Response plans and two ransomware variants are deconstructed to show possible Indicators of Compromise that would enable security professionals to detect and prevent such infections.

The talk transitions into an interactive discussion as to whether antivirus is dead and then addresses mitigation strategies, both technical and non-technical in nature. The conclusion is a discussion about integration with training, culture, threat intelligence, and incident response, business continuity, disaster recovery, contingency, and continuity of operations plans.

Joe Gray joined the U.S. Navy directly out of High School and served for 7 years as a Submarine Navigation Electronics Technician. Joe is an Enterprise Security Consultant at Sword and Shield Enterprise Security in Knoxville, TN. Joe also maintains his own  Blog and Podcast called Advanced Persistent Security. He is also in the SANS Instructor Development pipeline, teaching SANS Security 504: Hacker Tools, Techniques, Exploits, and Incident Handling. In his spare time, Joe enjoys reading news relevant to information security, attending information security conferences, contributing blogs to various outlets, bass fishing, and flying his drone.

^ Top of page

Back to Agenda

Bruno Haring
PWC
"Navigating China Cybersecurity Regulations"

---

^ Top of page

Back to Agenda

Sean Henry
Bugcrowd
"How to Run a Successful Bug Bounty Program"

Sean Henry has a total of 11 years of experience in the cybersecurity industry. Sean is most known for his work at Rapid7 where he was a key sales leader tied to the explosive east coast growth. Originally, Sean started off in the staffing worked and ended up joining forces with Deidre Diamond to launch CyberSN in Boston. CyberSN is a national cybersecurity staffing company.

Sean is very connected in the security community and has a wide depth of experience building sales teams.

In the past Sean has presented at a variety of ISSA, ISC2 & OWASP events around the east coast. ISC's Portland chapter has recognized Sean for his contributions through the years.

^ Top of page

Back to Agenda

 

Barry Herrin
Herrin Healthcare Law
"Cyber-Risk, Cyber Insurance and Human Resource Issues in Cyber Space"

The Health Care Industry Cybersecurity Task Force in its June 2017 Final Report recommended a “holistic strategy” that supports both business AND clinical objectives within the healthcare industry. The problem most healthcare enterprises face in acting holistically is that cybersecurity is kept in its own silo, using a unique framework to analyze risk that does not easily translate into return in investment for the technology spend, while the rest of the risk management decisions almost exclusively use dollars saved or financial measurements of risk avoided. This seminar will explain how to apply the NIST Risk Management Framework to the healthcare system as a whole, utilizing people and processes (not just technology) to address both cybersecurity risk as well as other health care business and clinical risks – in effect, using the framework to apply to all risk management analyses and mitigation strategies in advance of unpublished Revision 5 to NIST SP 800-53, which purports to do exactly that.

Barry Herrin is the Founder of Herrin Health Law, P.C., a boutique law practice dedicated to the needs of health care providers.  He regularly represents health care providers in all segments of the industry and advises on a wide variety of regulatory and operational issues, including hospital and health care operations and compliance, medical information privacy and confidentiality, cybersecurity and data breach response, and the formation of provider collaborations for population health and managed care contracting.  He is admitted to the bars of Florida, Georgia, and North Carolina. Mr. Herrin is a Fellow of the American College of Healthcare Executives and a Fellow of the American Health Information Management Association. He also holds a certificate in cybersecurity from Georgia Tech.

Mr. Herrin received both his undergraduate and law degrees from Georgia State University in Atlanta, graduating each time with honors.  He has served as a faculty member for numerous state and national meetings and symposia across the country and has authored or co-authored numerous articles on health law compliance for regional and national publications. 

Mr. Herrin is an Eagle Scout and volunteers his time to the Boy Scouts of America, in which he serves as chair of the Religious Relationships Committee of the Northeast Georgia Council, and to The United Methodist Church, for which he acts as Coordinator of Scouting Ministries throughout the Southeastern Jurisdictional Area. For his community service and good works, he was commissioned as a Kentucky Colonel in 2012. He recently retired from the United States Air Force Auxiliary, in which he served as the Chief Judge Advocate for 6 years, at the rank of colonel.

^ Top of page

Back to Agenda

 

Charles Herring
Witfoo
"People > Machine"

Cybersecurity Incident Response has only been a part of human history for a couple of decades. Over the short course of time, industry leaders, analysts and vendors have put a heavy focus on the importance of technology solving problems within the craft. In this presentation, we will examine the preeminent importance of the craftsman over his tools and the role tools should play in making the world safer. Topics covered in the presentation are:- History of Incident Response- Algorithms, Machine Learning, Cognition and AI and their roles in successful IR- The importance of developed playbooks in effective response- Reducing noise using Playbook Automation (and it’s limits)- Adapting time tested approaches from Law Enforcement to improve success.

Charles’ dedication to maturing the craft of InfoSec is built on a diverse career path across the industry. He started his career in InfoSec in the US Navy in 2002 serving as the Network Security Officer at the US Naval Postgraduate School. After leaving active duty, he was a contributing product reviewer for InfoWorld magazine focusing on network security products. Charles spent 7 years running Herring Consulting, a company dedicated to process orchestration, data sharing, and marketing. In 2012, Charles joined the Lancope team as a pre-sales engineer, promoted to Consulting Security Architect and later as Strategic Account Manager. Charles founded WitFoo to address systemic issues in Incident Response in 2016. He speaks at security conferences around the country including GrrCon, BSides and ISSA.

^ Top of page

Back to Agenda

 

Mark Kerrison
NNT
"Change Control Vs. Change Management"

It is impossible to retain any sort of secure environment if changes are allowed to take place without some sort of control! Simply put, without ‘Change Control’ it is impossible to be certain that changes happening are not harmful. The problem with Change Control is it’s hard work. There are thousands of changes happening all the time and try as we might to introduce good Change Management, unplanned changes still seem to happen at a rate that makes it almost impossible to keep track.

Mark Kerrison has been the Chief Executive Officer of New Net Technologies since January 2008 & has been involved in assisting IT companies grow for the past 25 years. Mark has helped to grow organizations from start up to eventual trade sale & has held senior leadership positions at Cable & Wireless and Allen Systems group prior to helping launch New Net Technologies in 2005.

As the CEO at New Net Technologies, Mark works closely with all departments within the business to ensure NNT is optimized to continue to bring innovative cyber security solutions to market as well as ensuring that the correct process exists to facilitate successful deployments and ongoing superior solution value for all customers.

Mark has numerous interests, including his role as Director of one of Florida’s largest not for profit Youth Soccer organizations. In his spare time Mark attempts to keep fit by training for and participating in various running, swimming and cycling events including Triathlons.

 

^ Top of page

Back to Agenda

 

Herb Mattord & Michael Whitman
KSU
"CyberSecurity Workforce - Perspective & Trends"

In a constantly evolving threat landscape, it is an ever growing challenge to find and retain qualified cybersecurity staff. This talk will explore the size of the expected shortfall, review the critical skills needed in the future workforce, and talk about what is being done to deliver more qualified candidates for employers consideration.

Mike Whitman (Ph.D., CISM, CISSP) is a Professor of Information Security and Assurance in the Department of Information Systems, Michael J. Coles College of Business at Kennesaw State University, GA.  He is also the Executive Director of the Center for Information Security Education.  Dr. Whitman’s current teaching and research interests include information security governance, risk management and policy and computer-use ethics.  He has published over 50 articles on these topics, many in the top journals in his field.  He has delivered dozens of presentations on information security at national and regional conferences and has authored 10 textbooks on a variety of security topics.

^ Top of page

Back to Agenda

David Nolan
Aaron's
"Achieving Security Buy-in: Change the Approach Not the Culture"

We all have heard the ideal approach of “changing your company’s security culture;” however, many of us have experienced the pains of trying to instill a traditional information security program into a unique culture. So why not change your approach instead of focusing on the culture? In this talk we will cover the common information security pitfalls including becoming a “Compliance Hammer”, the “Chicken Littles”, and the “Approval Police.” You will be shown approaches to overcoming these pitfalls and shifting security to being a strategic partner and enabler. Through real-life examples, we will discuss aligning your information security program and organization with an agile company’s unique culture, risk tolerance, and industry norms. Attendees will leave understanding the short and long term payoffs of aligning your security program to your company’s unique culture.

As Director of Information Security at Aaron’s Inc., David is accountable for information security leadership, strategy, budget, and operational excellence. He is a servant-leader and mentor to a robust team of information security professionals and managers covering Application Security; Incident Response; Governance Risk and Compliance; and Endpoint/Information Protection.

David has more than 15 years in the information technology industry in various roles.  He has previously served as an Manager of the Threat, Attack and Penetration testing services team, Application Security Architect, deployment manager for SAP deployments, and various lead developer roles for Caterpillar Inc.  He has additionally held positions at companies including State Farm Insurance and the Central Intelligence Agency.

David is a regular speaker at colleges, corporations and industry conferences including the ISC2 Security Congress and ISACA conferences and various advisory boards.

^ Top of page

Back to Agenda

Calvin Nobles
- Independent -
"The Human Element of Cybersecurity"

The aim of this presentation is to emphasize the lack of scientific processes, frameworks, and models to capitalize on human factors in cyber security. The continuous integration of technology accompanied by (a) advanced persistent threats, (b) ransomware attacks, (c) data breaches, and (d) cyber-attacks increases and threatens the complexity of cyber security operations. The discourse surrounding human performance in cyber security remains a relevant topic; nevertheless, the scientific underpinning remains deficient. Human error is the primary contributing factor that leads to malicious activity in cyber security. Other domains such as aviation, healthcare, and nuclear power have capitalized on human factors to reduce accidents and to identify critical phases of operations; consequently, the cyber security sector trails behind the above-mentioned industries in leveraging human factors. Included are examples of conceptual processes, models, and frameworks to influence cyber leaders and professionals to mandate the integration of human factors in cyber security.

Dr. Nobles is a national security leader and educator with more than 15 years of experience. Culminating a career of military service at the national level in 2017, he is currently a cyber security leader and cyber consultant. He serves as an adjunct faculty at the University of Maryland University College (MBA Program) and Indian Wesleyan University (MBA and Cyber Programs). Calvin is actively involved in the cyber community volunteering with multiple professional associations conducting national security research. Calvin is the author of the book, Exploring the Implications of Implementing Technologically Advanced Aircraft in General Aviation.

As a national security expert, Dr. Nobles has fulfilled various operational and leadership positions. First he served as a Cyber and Cryptologic Planner, thereafter, he served as the Deputy Director of Operations, Deputy Director for Strategy and Governance, Director of National Operations, Chief Security Officer, Chief Cryptologic Officer, and Director Cyber Intelligence Support.

Dr. Nobles’ indispensable vision to achieve strategic business goals through high technical acumen, judicious use of resources, and technology integration initiatives enabled the achievement of organizational objectives. Calvin is known as an architectural change expert; he led three enterprise-level solutions and transformations by decoupling operational and policy management from technology development to improve coordination and the execution of national security operations. He planned and coordinated a national level prototype project that enabled the U.S. to gain the technological advantage, which established the precedent for leveraging emerging technologies on a global scale. Dr. Nobles served as an advisor to senior executives where he led efforts to optimize the utilization of cyberspace analysts, developed business continuity procedures and disaster recovery, improved information security management, and automated technology integration. Calvin displayed executive-level leadership that cultivated strategic change through a devised plan to leverage national, tactical, and cost-of-the-shelf technologies that increased threat warning and aided intelligence efforts.

Among his many interests is continuing as a strategic leader and the cyber community outreach. He works with several national level cyber councils and working groups to shape national policy. Dr. Nobles routinely attends cyber conferences and serves as keynote speaker, panel member, or present research. Calvin is highly sought by different organizations for consultancy support on cyber security topics.


^ Top of page

Back to Agenda

Joe Opacki
PhishLabs
"What Happened to The Business Model for Phishing"

After identifying nearly one million confirmed phishing sites in 2016, a transformative event can be identified which clearly identifies a significant deviation in threat actor motivations. The empirical evidence shows a shift in targeting that is solely based on the widespread adoption of email as a username and the prolific epidemic of password reuse. Further, of the nearly 30,000 phishing kits collected during mitigation operations during the last year showed that nearly one third of them utilized some form of anti-analysis and anti-crawling techniques. This presentation will focus on the analytic judgements that were a result of the empirical research which points to the transformation as well as a technical review of the new phishing tactics used by phishing threat actors and their use of anti-analysis techniques.

^ Top of page

Back to Agenda

Benjamin Powell
RiskIQ
"Understanding Your Digital Attack Surface and Detecting & Mitigating External Threats"

Organizations have spent massive amounts of money to protect the perimeter of their networks, but if your business exists on the internet, there really is no perimeter. In this presentation, we'll discuss Digital Footprints in understanding your company’s external attack surface. We will discuss social, mobile, web attacks and analyze and review lessons learned recently publicized attacks (Polish banking institutions, Apache Struts Vulnerability or WannaCry ransomware.  The speed of business and cybercrime isn't slowing down, so how can you be prepared to address and defend against these types of threats?  Attend our session to find out how.

Mr. Benjamin Powell is the Technical Marketing Manager at RiskIQ.  He has worked in IT for the last 30 years, focused on IT security for the last 13 years.  Prior to RiskIQ he was a founding employee at AccelOps a SIEM company where he ran Professional Services and Product Marketing.  Benjamin has worked and managed IT and cyber security teams in numerous industries (State government, international airport, port district, education, biotech, file encryption software, and financial services)

^ Top of page

Back to Agenda

 

Sarah Powers & Eileen Filmus
Versprite
"The Business of Privacy"

The privacy landscape changes constantly. With each generation sharing more and more personal information online, it can be a challenge for businesses in the e-commerce, retail, and information industries to understand why their sharing or handling of data could be a serious violation of privacy. What the business sees are limits and loss, not the liability. Running a security governance program is not just about protecting the company, associates, and employees from external threats and risks. Internal risks must be considered as well. To effectively run this program, an understanding between security and the business must be reached. The business needs to know and understand the risks that they could be introducing with their projects, and security must also understand how saying no, could limit the growth and potential of the business. A balance must be reached, both sides must be heard. With two different goals, how do you keep the company in agreement on what is or is not important for future growth?

Eileen has served as virtual CISO, conducted Privacy Impact Assessments, built robust governance programs, developed meaningful awareness training content, and formalized operational processes.

Eileen has developed expertise in a number of frameworks including PCI DSS, SOC-II, ISO 27001/2, Cloud Security Alliance’s CCM, and HIPAA. In addition to driving security programs, she also prepares clients for compliance audits by creating or enhancing policies and procedures, addressing contractual security obligations, as well as performing assessments to determine organizations’ security risk posture by evaluating the effectiveness of their information security management programs.

Sarah Powers is an information security consultant with many years of experience in the governance, risk, and compliance space. She has a strong background in Privacy, Compliance, and understanding the threats and needs that businesses face.

Serving as virtual CISO for clients, Sarah has shaped and directed the governance program of companies, improving upon their Incident Response practices, strengthening access controls, ensuring compliance with standards such as PCI, ISO 27001/2, and HIPAA, and improving overall security awareness by implementing training and exercises including around Incident Response.

By conducting compliance assessments, Sarah has been able to ensure that companies remain in compliance with HIPAA, PCI, and both national and international Privacy Regulations.

^ Top of page

Back to Agenda

Steven Rosing
SAP
"Are There Security Threats Lurking in Your Application Code?"

Learn why Application Layer Vulnerabilities can potentially be the single largest threat to the security of your data and the solutions and best practices for managing this critical security hazard.

Stephen Rosing is an Application Security Architect and a member of the Quality and Security Assurance team at SAP, Americas.  In this role he helps our customers learn about and leverage the SAP Quality and Security solutions.  Stephen has over 20 years of deep technical experience and is a subject matter expert in areas that include the Software Development Life-Cycle, Application Security, QA and Risk Management, Application Modeling and Performance and Scalability Testing.  Prior to joining SAP eight years ago, he held technical pre-sales, architect and director roles at Siebel, Segue, FocusFrame and Mercury Interactive.

^ Top of page

Back to Agenda

John Rostern
NCC Group
"Assessing GDPR Compliance"

- An overview of the GDPR and the changes it will bring
- Things you can do now to prepare
- A closer look at the requirement for incident reporting
- Best practice advice for building a robust incident response plan
- The General Data Protection Regulation (GDPR) has now been confirmed so it is time for businesses across Europe to take stock and prepare.
- The GDPR will harmonise and replace all Data Protection laws across Europe. This focuses on giving new rights to individuals which will have a significant impact on businesses across all areas throughout the data lifecycle.
- A look at the forensics of an incident and how to protect evidence

John Rostern is the Vice President of NCC Group North America's Governance and Risk Management practice, providing security advisory services in the fields of risk and architecture, security management, due diligence and compliance to industry standards (PCI DSS, ISO 2700x series, NIST 800, etc.). John has more than 35 years of diverse experience in audit, information security and information technology. His areas of expertise include IT audit, technology risk assessment & management, IT strategic planning & governance, architecture, information security, operations, applications development, telecommunications, networking, data center design and business continuity planning. John is a subject matter expert in the areas of data loss prevention, intrusion detection, encryption and incident response and has published articles on a variety of topics related to technology risk.

^ Top of page

Back to Agenda

 

Mateo Valles
FBI
"Insider Threats"

The threats from those “already inside the fence” continue to exact significant damage to our companies, either through sabotage or the theft of trade secrets / classified information / PII.  Tailored to the specific audience, this PPT presentation will provide an analysis of prior cases, highlight the need for an Insider Threat Mitigation Program, and discuss what such a Program looks like.  Attendees will gain an appreciation for the need for an Insider Threat Mitigation Program and how to begin the process of initiating and /or improving an existing mitigation program.

Matteo Valles has been a Special Agent with the FBI for 30 years.  His office of assignments included Anchorage, AK;    Boston, MA;  Washington D.C.;  Gulfport, MS;  Vienna, Austria;   Nairobi, Kenya; and now Atlanta, GA. 

Matteo held leadership positions within the FBI, in both domestic and international offices, for 14 years.  Prior to Atlanta, he was stationed overseas for 5 years covering 14 countries throughout Central Europe and East Africa.  As the Attaché based in Nairobi, he was responsible for all FBI operations in Somalia, Kenya, Rwanda, and other East African countries.

Matteo has experience in all FBI investigative programs, with emphasis on Violent Crimes, Counter Intelligence, and Complex Financial Fraud.  He is currently the Strategic Partnership Coordinator for the FBI responsible for outreach efforts with private companies throughout Georgia.  His extensive and diverse experiences with the FBI around the world have positioned him to increase awareness within the private sector on matters such as the Insider Threat, Theft of Trade Secrets, Foreign Intelligence Recruitment Efforts, Counter Proliferation, and The Active Shooter.

Matteo is a Certified Public Accountant, and prior to joining the FBI he worked with a “Big-Four” public accounting firm focused on independent auditing and internal control evaluations.

^ Top of page

Back to Agenda

 

Keyaan Williams
ISSA International
"Perspectives from ISSA International"

This presentation opens the Metro Atlanta ISSA conference. Keyaan will highlight the value of ISSA membership and provide insight for the future of the ISSA from an international perspective.

Keyaan is a longtime member both the physical security and the information security community. His security career began with service in the US Army as a chemical weapons specialist. Afterward, he ran security programs at the Centers for Disease Control and Prevention (CDC), he led a CISO program that influenced the certification and training of hundreds of CISOs globally, and he currently works as a security consultant who helps clients solve their risk management and governance problems. His professional experience has been the foundation for his desire to be a champion for the for the ISSA and its mission to develop and connect security leaders globally. Keyaan is the past president of the Metro Atlanta ISSA, an ISSA CISO Forum, and ISSA Fellow. He continues to provide mentoring, coaching, and support to ISSA chapters and ISSA members who are the voice of the information security profession.

^ Top of page

Back to Agenda



 

Diamond Sponsor

Mission Critical Logo

Ruby Sponsors

24by7 Security

Rapid 7

Proofpoint

Phishline

Gigamon

SecureWorks

Infoblox

SANS Logo

Phishlabs Logo

DUO Logo

Cybereason Logo

Saltworks Logo

RSA Logo

Sparity Logo

Skybox Logo