Cybersecurity Decision-Making Strategies
- TYPE: Track START DATE: Tuesday, October 08, 2019 START TIME: 13:15 LOCATION: Holeman Lounge
Talks that offer insights into how organizations can implement threat-based prioritization, assessment, or other risk management techniques.
Date: Tuesday, October 08, 2019 Time: 13:15-14:15
Opening Pandora's Box with FAIR + ATT&CK + SOAR = An Improved Cyber Security Response Strategy
Tyler Rorabaugh, Demisto at Palo Alto Networks
When I meet with CISOs and Cyber Security Directors, they usually ask what use cases should they target first. I generally proceed with a few simple questions and immediately recommend going after general use cases or low hanging fruit or a strategy based on how mature their organization is. During this session, you’ll find out what questions I ask, what answers I get, and why I propose approaching a cyber security response using FAIR + ATT&CK + SOAR.
DODCAR Overview: Standardizing and Automating Cyber Threat Understanding for Threat-based, Cybersecurity Assessments
Karin Breitinger, Tensley Consulting INC. • Owen Sutter, DOD Cybersecurity Analysis & Review (DODCAR)
The DoDCAR performs threat-based, cybersecurity architecture assessments to ensure DoD leadership has the insight and knowledge to make well-informed, prioritized cybersecurity investment decisions to enable dependable mission execution on the unclassified and classified environments. This approach establishes a threat-based, analysis-driven, repeatable process to synchronize and balance cybersecurity investments, minimize redundancies, eliminate inefficiencies, and improve all-around...
Date: Tuesday, October 08, 2019 Time: 14:15-15:15
Improving IoT Safety Using Standards to Improve IoT Security
Duncan Sparrell, sFractal Consulting LLC
The Internet of Things (IoT) is growing faster than our ability to safeguard ourselves. As IoT becomes ubiquitous, it is important to consider the safety impacts of cyber-physical systems. In the interest of public safety, future cybersecurity systems will adapt to threats in real time based on the standards being developed today. This talk will cover identify several key industry standards and how they will contribute to IoT safety. It will conclude with a vision of how future IoT...
Making CTI Actionable: Closing the Feedback Gap
Michael Pepin, Celerium
So you're receiving cyber threat intelligence (CTI) from outside sources. Great. Now what? How do you find the intelligence that's relevant to you and your organization? And how can you use that information to adopt a more proactive cyber defense posture? This presentation will outline a strategy that information security analysts and engineers should consider to help them isolate relevant intelligence and make it more actionable by using their existing infrastructure of sensors and...
- Registration fee:
- Contact person:
Mr. Levent Kara
+49 211 23707710
- Oct 08 - 10, 2019 Washington, D.C. - USA