Monday, March 23
10:00 AM - 11:00 AM
D1 Hacker vs. Hacker: Old-School Desktop vs. New-School Mobile INTERACTIVE SESSION
George Tubin, Sr. Security Strategist, IBM/Trusteer
Etay Maor, Senior Fraud Prevention Strategist, IBM/Trusteer
•
Learn the latest cybercrime techniques used to attack financial institutions
Learn the latest cybercrime techniques used to attack financial institutions•Understand how cybercriminals circumvent the defenses used by most financial institutions
Understand how cybercriminals circumvent the defenses used by most financial institutions•Learn about emerging mobile fraud approaches being introduced around the world
Learn about emerging mobile fraud approaches being introduced around the world•See how to most effectively bolster your institution's anti-fraud defenses
See how to most effectively bolster your institution's anti-fraud defenses 11:15 AM – 12:15 PM
Matt Robertson, Technical Marketing Engineer, Lancope
•Identify advanced targeted attacks
Identify advanced targeted attacks•Detect malicious insider threats
Detect malicious insider threats •Drive additional security value out of existing network infrastructure
Drive additional security value out of existing network infrastructure•Accelerate threat identification and incident response process
Accelerate threat identification and incident response process1:30 PM – 2:30 PM
Amol Sarwate, Director of Vulnerability Labs, Qualys Inc.
•Review a yearlong study of the most recent SCADA vulnerabilities in industrial control systems and critical infrastructure
Review a yearlong study of the most recent SCADA vulnerabilities in industrial control systems and critical infrastructure•In-depth explanation of SCADA systems components
In-depth explanation of SCADA systems components•SCADA protocols
SCADA protocols•Current state of SCADA vulnerabilities and analysis
Current state of SCADA vulnerabilities and analysis•Possible solutions to mitigate issues
Possible solutions to mitigate issues3:15 PM – 4:15 PM
Bill Dean, Director of Computer Forensics, Sword & Shield Enterprise Security
•Concerns about trust and disclosing too much privacy information tend to bog down initiatives
Concerns about trust and disclosing too much privacy information tend to bog down initiatives•Understand the value of threat intelligence
Understand the value of threat intelligence•Learn the rich sources to build your own program
Learn the rich sources to build your own program•How to "safely" share threat intelligence with others
How to "safely" share threat intelligence with othersTuesday, March 24
8:30 AM – 9:45 AM
Erez Liebermann, Vice President, Senior Counsel, Corporate Investigations at Prudential Financial
Andrew Pak, Assistant United States Attorney, United States Attorney’s Office for the District of New Jersey, Department of Justice
•An understanding of a Hacker’s motivation
An understanding of a Hacker’s motivation•Steps to protect a business pre and post breach
Steps to protect a business pre and post breach•Identifying soft points in the network from the mind of a hacker
Identifying soft points in the network from the mind of a hacker•An understanding of a prosecution’s timeline
An understanding of a prosecution’s timeline•The hacker’s steps to profit from each breach
The hacker’s steps to profit from each breach•The risks and benefits of cooperating with the Government
The risks and benefits of cooperating with the Government10:00 AM – 11:00 AM
Amol Sarwate, Director of Vulnerability Labs, Qualys Inc.
•In-depth explanation of point-of-sale system components
In-depth explanation of point-of-sale system components•The nuts and bolts of RAM scrapers and how they steal credit card data from POS systems
The nuts and bolts of RAM scrapers and how they steal credit card data from POS systems•Techniques used to compromise POS
Techniques used to compromise POS•Demonstration of how easy it is to create POS malware
Demonstration of how easy it is to create POS malware•Solutions and countermeasures to mitigate issues
Solutions and countermeasures to mitigate issues2:00 PM – 3:00 PM
Philip Lieberman, President and CEO, Lieberman Software
•Implement automated solutions to reduce or eliminate workload in password changes, administrative access controls and attestation
Implement automated solutions to reduce or eliminate workload in password changes, administrative access controls and attestation•Quickly find and fix lost privileged identities and their usages permanently
Quickly find and fix lost privileged identities and their usages permanently•Change privileged service account passwords without causing outages
Change privileged service account passwords without causing outages•Automate privilege management using escalation and proxied access
Automate privilege management using escalation and proxied access•Add multi-factor authentication to systems that don’t currently support it
Add multi-factor authentication to systems that don’t currently support it•Secure on-premises infrastructure, line of business, and cloud based application access in minutes
Secure on-premises infrastructure, line of business, and cloud based application access in minutes3:30 PM – 4:30 PM
Chris Nickerson, CEO, LARES Consulting
•A history of breaches and why even companies with massive awareness programs are still getting compromised
A history of breaches and why even companies with massive awareness programs are still getting compromised•Why phishing exercises and user awareness programs are not enough to stop the attacks
Why phishing exercises and user awareness programs are not enough to stop the attacks•How to effectively phish for relevant metrics
How to effectively phish for relevant metrics •Learn to analyze the real attack surface of phishing and social engineering attacks
Learn to analyze the real attack surface of phishing and social engineering attacks•How to stop pouring money on the fire and start empowering employees
How to stop pouring money on the fire and start empowering employees Wednesday, March 25
9:45 AM – 10:45 AM
Brian Varner, CISSP, Senior Manager, Cyber Security Group, Symantec Corporation
•Explore various insider threat scenarios
Explore various insider threat scenarios •Hear about tactics, techniques, and procedures to identify and reduce risk vectors
Hear about tactics, techniques, and procedures to identify and reduce risk vectors•Behind-the-scenes views into the anatomy and psychology of insider threats
Behind-the-scenes views into the anatomy and psychology of insider threats11:00 AM – 12:00 PM
Evan Uhl, Security Operations Center Manager, Neustar, Inc
•Common risks associated with DDoS attacks, and mitigation techniques
Common risks associated with DDoS attacks, and mitigation techniques•Why standalone technologies require complementary tools to lower organizational risk
Why standalone technologies require complementary tools to lower organizational risk•Critical techniques to protect service availability
Critical techniques to protect service availability •Baseline requirements that must be met to defeat DDoS
Baseline requirements that must be met to defeat DDoS •Case examples of how security models are protecting cloud services and blocking malicious behavior
Case examples of how security models are protecting cloud services and blocking malicious behaviorTHREATS
Top-notch training. Compelling speakers. Meaningful interactions.
Join the conversation using #InfoSecWorld
Contact Us
Registration/General Inquiries:
Customer Service
(508) 879-7999 ext. 501
Speaking Opportunities:
Katherine Teitler
Director of Content Development
[email protected] or (508) 532-3624
Exhibit Sales:
Vendors A-L
CJ Oliveri
Director of Sales, Conference Division
[email protected] or (508) 532-3609
Vendors M-Z
Howard Weinman
Director of Sales, Conference Division
[email protected] or (508) 532-3652
