Borderless Cyber Tracks

  •  TYPE: Track   DATES: October 08 - October 10, 2019
Conference Tracks

Moderators:

Tracks:

Cybersecurity Decision-Making Strategies

Sessions:

Opening Pandora's Box with FAIR + ATT&CK + SOAR = An Improved Cyber Security Response Strategy

Date: Tuesday, October 08, 2019 Time: 13:15-14:15 Location: Holeman Lounge

Opening Pandora's Box with FAIR + ATT&CK + SOAR = An Improved Cyber Security Response Strategy
When I meet with CISOs and Cyber Security Directors, they usually ask what use cases should they target first. I generally proceed with a few simple questions and immediately recommend going after general use cases or low hanging fruit or a strategy based on how mature their organization is. During this session, you’ll find out what questions I ask, what answers I get, and why I propose approaching a cyber security response using FAIR + ATT&CK + SOAR.

DODCAR Overview: Standardizing and Automating Cyber Threat Understanding for Threat-based, Cybersecurity Assessments
The DoDCAR performs threat-based, cybersecurity architecture assessments to ensure DoD leadership has the insight and knowledge to make well-informed, prioritized cybersecurity investment decisions to enable dependable mission execution on the unclassified and classified environments. This approach establishes a threat-based, analysis-driven, repeatable process to synchronize and balance cybersecurity investments, minimize redundancies, eliminate inefficiencies, and improve all-around...

Improving IoT Safety Using Standards to Improve IoT Security

Date: Tuesday, October 08, 2019 Time: 14:15-15:15 Location: Holeman Lounge

Improving IoT Safety Using Standards to Improve IoT Security
The Internet of Things (IoT) is growing faster than our ability to safeguard ourselves. As IoT becomes ubiquitous, it is important to consider the safety impacts of cyber-physical systems. In the interest of public safety, future cybersecurity systems will adapt to threats in real time based on the standards being developed today. This talk will cover identify several key industry standards and how they will contribute to IoT safety. It will conclude with a vision of how future IoT...

Making CTI Actionable: Closing the Feedback Gap
So you're receiving cyber threat intelligence (CTI) from outside sources. Great. Now what? How do you find the intelligence that's relevant to you and your organization? And how can you use that information to adopt a more proactive cyber defense posture? This presentation will outline a strategy that information security analysts and engineers should consider to help them isolate relevant intelligence and make it more actionable by using their existing infrastructure of sensors and...

Cybersecurity Automation Strategies

Sessions:

Rethinking the Future of Identity with Zero Trust

Date: Tuesday, October 08, 2019 Time: 15:45-16:45 Location: Holeman Lounge

Rethinking the Future of Identity with Zero Trust
As companies continue to move to the cloud and house more and more data online, the number of vulnerable endpoints for cybercriminals to target has expanded exponentially. We need a paradigm shift in cybersecurity, and that’s doable through a Zero Trust security approach, supported by machine learning and AI. In this session, Corey Williams will discuss the importance of Zero Trust security, backed by cutting edge AI and machine learning technology to make security postures truly...

Security Automation and Adaptive Cyber Defense Strategies for Success - Experiences from the Financial Sector
This presentation will examine the findings of a doctoral study into the strategies cybersecurity professionals need to reduce the gap between the attacker's time to compromise and the defender's time to detect and respond. This is an opportunity to learn from the experiences of cybersecurity professionals within the financial services industry who have implemented or are implementing security automation. The session will cover strategies to ensure success, challenges faced, use cases...

Is the Damage Already Done? Automating Vulnerability Investigation, and the Use of STIX-based Data Models for Both TI and IR Use Cases

Date: Tuesday, October 08, 2019 Time: 16:45-17:15 Location: Holeman Lounge

Is the Damage Already Done? Automating Vulnerability Investigation, and the Use of STIX-based Data Models for Both TI and IR Use Cases

Automated Cybersecurity Operations

Sessions:

The (r)Evolution of Cyber Threat Information Sharing: Past, Present, and Future

Date: Wednesday, October 09, 2019 Time: 13:00-14:30 Location: Holeman Lounge

The (r)Evolution of Cyber Threat Information Sharing: Past, Present, and Future
The sharing of cyber threat information can be traced back to the response to the Morris worm in 1988. We will discuss the history of cyber threat information sharing and give an overview of where we stand today. Recognizing a sense of disillusionment with today’s landscape, we will provide a vision of what the future of cyber situational awareness and defense can look like, and how cyber threat information sharing can help us get there.

Save the Threat Intelligence-based Workflow, Save the Cyber Analyst

What Really Means Actionable Threat Intelligence Today?

Threat-Driven Network Defense

Sessions:

Automating Open-Source Zeek (Bro) for Threat Mitigation and Response

Date: Wednesday, October 09, 2019 Time: 15:00-16:00 Location: Holeman Lounge

Automating Open-Source Zeek (Bro) for Threat Mitigation and Response
This presentation describes how a common open-source tool Zeek (Bro) that has been used, until today, primarily for threat detection can be extended to provide threat response including mitigation of attacks including those aspects that can be tied to the MITRE ATT&CK framework.  Today Zeek/Bro has a large open-source and active community that contributes using Zeek/Bro scripts that include detecting attacks such as Heartbleed and many other behavioral (TTP) based detections....

CACAO: Insights on Cybersecurity Orchestration Cooperative Collaboration
To defend against threat actors and their tactics, techniques, and procedures, organizations need to manually identify, create, and document prevention, mitigation, and remediation steps. These steps when grouped together into a course of action (COA) / playbook are used to protect systems, networks, data, and users. The problem is, once these steps have been created there is no standardized and structured way to document them, verify they were correctly executed, or easily share them across...

Decision Automation: Teaching Machines to Hunt

Date: Wednesday, October 09, 2019 Time: 16:00-17:00 Location: Holeman Lounge

Decision Automation: Teaching Machines to Hunt
Threat Detection in today's environment requires Security Operational Center (SOC) teams to go beyond SIEM rules and simple correlation. Yet, "blackbox" AI systems often fall short by creating too many false positives and often missing true incidents. Decision Automation is the new paradigm that brings the power of expert root-cause analysis using the 5 Whys approach, coupled with Machine Learning and easily-configured automation platforms, enabling security teams to create powerful...

Making Threat Intelligence a Shared Resource for Network Defense
Can small to medium organizations use what the larger organizations learn about threats to take action in a prioritized, appropriate, and automated manner? Is there an incentive for an organization to share opinions and sightings about Indicators of Compromise (IOCs)? How can a service provider share the insight gained by all these contributors so organizations can directly use that insight? Bandura Cyber has partnered with the IACD team to demonstrate the potential value of: community...

Security and Trust

Sessions:

Insights for Secure API Usage in Conjunction with Security Automation and Orchestration

Date: Thursday, October 10, 2019 Time: 13:00-14:00 Location: Murrow-White-Lisagor

Insights for Secure API Usage in Conjunction with Security Automation and Orchestration
Organizations are expanding the use of automation and orchestration in their security operations. An indication of this is the sharp rise in the adoption of Security Orchestration Automation and Response (SOAR) platforms. The security of these platforms is a key concern, and in particular the security of Application Programming Interface (API) keys used by both the SOAR platform and Security Operations Center personnel. The exposure of APIs from security tools is crucial to permitting...

Signed Control System Firmware, Parts, and Documents—Opportunity or Pain?
Several years ago, aviation OEMs began creating crypto graphically signed parts (called Loadable Software Aircraft Parts-LSAP) to be installed onboard an aircraft; this was true not only for the latest e-Enabled aircraft such as the Boeing 737MAX/787 Dreamliners, or Airbus A220s, but also older aircraft such as the Airbus 319s, and includes software updates, configurations, and carrier-specific data such as thrust control, and navigation data. While understanding that maintaining the...

Threat Intelligence Ecosystem

Sessions:

Lessons Learned from Almost a Decade of SCAP

Date: Thursday, October 10, 2019 Time: 14:30-15:30 Location: Murrow-White-Lisagor

Lessons Learned from Almost a Decade of SCAP
The Security Content Automation Protocol (SCAP) provides a way to support automation of cybersecurity assessment activities in a standardized way. First published in 2011, the SCAP standards have seen significant adoption and use. However, time has also revealed numerous gaps and weaknesses in the SCAP 1.0 standards. This talk reviews lessons learned from almost 10 years of experience with the SCAP standards and briefly introduces a vision for the next generation of SCAP: SCAP 2.0.

Baby Steps: An Organic Formula for Maturing Your SOC with SOAR and Threat Intelligence

From Band Practice to SOC Symphony

Date: Thursday, October 10, 2019 Time: 15:30-16:00 Location: Murrow-White-Lisagor

From Band Practice to SOC Symphony

Quick Links

Stay Connected

Information

Washington, D.C. - USA

Conference

CyberNext Summit 2019

Language:
English
Registration fee:
€1000.00 $1250.00 S$1600.00 11000.00 kr
Mastercard Visa American Express PayPal INVOICE
Contact person:

Mr. Levent Kara
+49 211 23707710
lk@kuppingercole.com
  • Oct 08 - 10, 2019 Washington, D.C. - USA

How can we help you

Send an inquiry

Call Us +49 211 2370770

Mo – Fr 8:00 – 17:00