NEACS

October 15, 2018
Trumbull Marriott Merritt Parkway
180 Hawley Lane, Trumbull CT 06611

A Security Conference for Business & Security Leaders


SESSION SUMMARY
  1. 9:00 - 9:30 AM
    Keynote - Arthur House State of CT CRO Pam Salon DEFG (Ball)
  2. 9:45 - 10:30 AM
    SESSION 1
Make the tables turn: Get the most of out of your IRP tabletop exercise - Peter Chang

As part of a world-class cybersecurity program, most organizations maintain a robust and thoughtful incident response plan (“IRP”) to support the organization in the event of a system or data breach. (You do have one, right?) While many of these plans are put in place in conjunction with other contingency plans, such as disaster recovery and business continuity plans, the plan’s effectiveness can only be verified through some form of testing. A tabletop exercise is a cost-effective way of validating the efficacy of the plan document, as well as identifying any unknown gaps to make the plan more robust and complete.

This session will cover the key aspects of a successful IRP tabletop exercise:

• Get the stakeholders’ buy-in: The importance and why having a tabletop exercise

• The objective of the tabletop exercise: Determine who should be involved, and key risks to be tested

• Develop scenarios that are relevant to the organization

• Summarizing findings, identifying gaps, and defining action plans

The session will also feature a case study from a tabletop exercise that contained 3 different breach scenarios, key takeaways from the exercise, and action plans that followed.

Right to be forgotten’ with Blockchain – GDPR and Beyond - Ravi Boppe,  Arun Ghosh

New regulations such as GDPR and State of California’s new privacy protection laws are designed to give users more control over their personal data. Companies collecting personal data should have the ability to disclose what is stored and how it used along with appropriate consent management for specific usage and period.  These reforms are essential to bring laws and obligations around personal data, privacy and consent for the highly connected environment we live in and prevent misuse. Complying with such regulation requires a major reassessment on how personal data has been collected, stored, used and shared between various organization with the ability to trace and audit various aspects of the personal data use.

Needless to say, this requires a comprehensive review of people, process and technology surrounding the collection, analysis and sharing of personal data and put in place appropriate governance to meet regulatory requirements of personal data. In this presentation we discuss the challenge, along with practical example of how one would go about putting the governance in place for enterprise users, and use a Blockchain based solution that can help track and audit usage of personal data. We also look at integrating this Blockchain based solution with an enterprise Identity management solution to remediate any requests from users to remove personal data that is stored.

Session 1A

Session 1B

Big data analysis and cyber warfare - Bill Mihajlovic, PhD 

Cyber warfare and cyber security are gaining significant attention as we witness daily reports of foreign governments conducting intrusive activities in the cyber space of the United States. The most recent attack originating from Russia targeting US presidential elections system has been modeled, evaluated and previously presented by the speaker on several international conferences and seminars. The fact that the most powerful nations or corporations present the most attractive and the largest attack target footprint will be discussed.

Facing the exponential growth in application and use of the Internet of Things (IoT) and potential power of the wide band 5G wireless communications, problems of mitigating risks and implementing defensive mechanisms will exponentially grow. Complex systems comprehensive security models and the layered architecture shown in Figure 1, will be presented. In addition some security solutions based on the application of the Software Defined Networking (SDN) technology will be discussed too. Rationalized approach to massive surveillance and the recommendations on how to regulate inevitable surveillance practice will be discussed.

The Security and Forensics of Virtual Reality: Where are we now, and where we need to go
- Ibrahim (Abe) Baggili PhD


This talk provides the audience with thought provoking research results related to Virtual and Mixed Reality Security and Forensics. The Principle Investigator on the project, funded by the National Science Foundation, Dr. Ibrahim (Abe) Baggili, will present how data can be reconstructed from Virtual Reality systems, including disk and memory artifacts, to aid in future investigations, as well as present some novel attacks against Virtual Reality systems that were tested in our laboratory, including being able to move people in the real world, to a location of our liking, without a VR player’s knowledge – which we term the human joystick attack.

The implications of this work will be discussed, providing awareness to the larger community about the viability of future attacks in Virtual Reality, and the type of evidence that may be reconstructed from them.  

Session 1C

Session 1D

  1. 10:30 - 11:15 AM
    SESSION 2
Deeper Trends in Cyber Security and how to manage them - Jeffrey Menoher

Stelling Cyber Systems will review case studies in Marine Management systems such as A Ship as Target Of Evaluation (TOE) for Cyber Security Assessment



Women in Security Panel Discussion
- Kelly O’Brien, Michelle Clark, Becky Reggero

According to a 2017 McKinsey study, companies in the top quartile for gender diversity on their executive teams were 21 percent more likely to experience above-average profitability than companies in the fourth quartile.  Not only that, but they also had a 27 percent likelihood of outperforming fourth quartile peers on longer-term value creation.  Yet, according to the 2017 Global Information Security Workforce Study, only 11% of the cybersecurity workforce is female and only 10% of those females are in leadership positions. 

This presentation is not just about increasing the presence of women in cyber security jobs as a way to “do the right thing” and “empower women” but rather to highlight the business value of women in technology.  With over one million open cybersecurity positions world-wide, it is an opportune time for companies to reap the benefits of a gender diverse security staff and leadership team.

This interactive panel discussion will explore what makes women ideal candidates for information security positions, why more women (including young women) should consider careers in information security, and what companies can do to attract more women into information security and other technology fields.  Panelists include women dominating their careers as cyber and information security professionals.  These women will provide the audience with an overview of their stories and what led them to careers in information security/cybersecurity. 

They will share their journeys of navigating this male-dominated field, how being a female has served them well in this space, and share insights on how to recruit more women into technology.  There will be an opportunity for Q&A and for audience members to share their experiences. 

Session 2A

Session 2B

Model Driven Security – The Next Gen Security Controls - Min-Hwei Liu

With the constant shifting in the security threat landscape, one thing that remains constant is that employees/consultants are often the source or inadvertent contributors of security incidents.

While traditional controls are effective in providing the baseline security protections to companies’ asset, unconventional controls are needed reduce employees/consultants risky behaviors that may lead to security incidents.

Aetna’s Global Adaptive Enablement (AE) Program is host to a set of unconventional controls and techniques, leveraging DLP, Proxy and including the use of User Behavior Analytics (UBA), tasked with reducing employees/consultants risky behaviors.

In this session, Aetna will walkthrough each use cases, techniques/ implementation, metrics and the lessons learned.  These include the Next Generation Controls using UBA to enhance traditional DLP and Proxy controls to reduce risky behaviors:
·  Leveraging UBA for workload prioritization
·  Monitoring for abnormal/risky events, extension of SOC
·   Adaptive controls base on risks

Cyber Risk "What it means to your company " An Eye- Opening Discussion on Emerging Threats to Your Business! - Marc Schein

This seminar will highlight What business leaders need to know about the cyber exposure their company's face.

• What are the cost associated with a data breach? •What are a company’s first-party legal responsibilities post breach?
• What are a company’s exposures to cyber risk and what are the cost associated with breach recovery?
• What’s trending in Cyber Insurance ?
• What makes each Cyber policy different?
• How to respond after a data breach?
• What new attacks should I be aware of?
• How does a cyber liability policy differ from other professional liability coverage?

Session 2C

Session 2D

  1. 11:20 - 12:00 PM
    The S in IOT stands for Security - Mario DiNatale
Screw-driving? Mirai? Connected Water Bottles? What are you going to do when your light bulbs start connecting to the Dark Web? How would you know if they were? Are they already? Come join us for a hilarious journey through epic fails in IOT and lets see what lessons we can learn along the way to help us develop better strategies for IOT moving forward.
  1. 12:30 - 1:00 PM
    Vendor Presentations - Solutions and Answers for Security
Lunch presentation by industry specialist Ondrej Krehel and the title is Avoiding Digital Death from Extortion and Ransomware

Cyber extortion became mainstream threat targetting Industires, Enterprises and Governments. At the edge of darn web reaching new proportions, including sixfigure ransomware payments, considering easy and quick payoffs, cybersecurity experts expect these attack to skyrocket. Understanding the tactics and techniques and procedures of threat actors and the the current landscape of malware. In turn you will learn how to defend yourself and what steps to take if you do get hit with an attack.


  1. 1:05 - 1:15 PM , 1:20 - 1:40 PM
    ClearArmor Presentation, Silverfort Presentation
  1. 1:50 - 2:40 PM
    Cyber Risk Panel
Interdisciplinary Perspective with CISO Synchrony, - Neeraj Sahini Towers Watson, Stephen Viña, Marsh and Pamela Gupta OutSecure

Managing risk perspectives from a financial company, cyber insurance provider, Cyber Broker and risk management.

Today, Cyber Insurance though not required has become essential for every company doing business in a digital world. With risk management services bundled with the policy, its proven to make companies a better risk during the policy period. The evolution of hacker, criminal and insider threats has elevated the need for companies to maintain cyber insurance coverage. In addition to this evolving threat landscape, data footprints of companies are growing with heavier adoption of cloud and other service providers.

With this expansion comes added risk - making cyber insurance a critical asset. This experienced panel will delve into several different areas of Cyber Insurance including business interruption, social engineering and crypto risks. Attendees will learn about insurance coverage types provided by a Cyber Insurance policy as well as extra value-added offerings in addition to the balance sheet protection that comes with partnering with the insurance industry.

  1. 3:00 - 3:45 PM
    SESSION 4
The Shape of the Web: Nation States, Corporations, Globalization and the search for cyber standards - Tom Eldering

This presentation looks at historic efforts to bring standards to bear to ensure the quality and security of data, software and systems. It examines the failed legislative attempts as well as consortium and independent efforts. The presentation then pivots to examine how the failure of these initiatives has resulted in competing efforts by nation states, corporations and independent entities and traces the recent fragmentation of the web into the various isolated webs and isolated standards. The leading standards are then summarized with an eye toward the future – including ideas about the ‘intelligent web’ and suggestions for consistent approaches on the local level.

Users will come away with an increased understanding of:

• How global initiatives could impact their investments in cyber security and software development
• How they can participate in national programs that tie into the overall health of the domestic cyber posture
• Which organizations are leading the way in cyber-security and cyber-defense
• Which standards are evolving with promise and potential adoption
• Which trends are key for future

Pragmatic CyberSecurity and Risk Reduction
- Bruce Hafner

In this rapid-fire session, attendees will understand the process of risk abatement through a pragmatic approach to CyberSecurity.

CyberSecurity programs are at a tipping point. Overwhelmed by cyber events and day to day operations, availability and abilities are exhausted. Multiple triggers compounding the problem, through deficient:

1. structure and standards
2. a risk-based approach
3. risk mitigation by implementing tool after tool, partially implemented, and consuming time and focus.

The result is an unsustainable program where Lights are kept on, but risk is not reduced. Organizations become dependent of their version of the wild west gunslingers, riding in to save the day, bet eventually failing.

Pragmatic CyberSecurity simplifies CyberSecurity. Providing clarity and focus to the program, structure and standards are adopted. Responsibility and accountability are assigned. Assessments are compared to a desired states and associated gaps. A mapping occurs that allows organizations to automatically understand risk with respect to effort, resources, organizational impact, etc. Clarity is arrived at by understanding the gaps and their impact to the organization. Focus is provided when gap remediation is tied to prioritized risks. Last, as the organization works to implement improvements, responses and responsibility is assigned in the event a risk impacting event.

By taking a pragmatic approach to CyberSecurity, organizations move from continuous busy work to continuous improvement. Reactive organization move to becoming proactive while retaining the ability to react when needed. The ability to identify, protect, detect, respond, and recover finally occurs.

In this pragmatic approach, real processes and technologies are adopted, with measurable results.

A corresponding PowerPoint and Excel Spreadsheet will be provided to NAECS allowing attendees to replicate the session. Organizations will be able to use the provided collateral as a starting point to move their organizations toward Pragmatic CyberSecurity.

Session 4A

Session 4B

Selecting the Best Value Cyersecurity Tools and Infrastructure with a Group Decision Support System, Data Analytics, and AI - Sam Adhikari

Cybersecurity tools and infrastructures are ever evolving, expensive and the same time indispensable. As managers of Information Systems Security we face a daunting challenge of providing the “Best” available cyber defense infrastructures while coping with financial budget constraints. In this session we demonstrate step by step through case studies, real implementation examples, and participant participation, how this is achieved in real world corporate environments.

Best value cyber tools and infrastructure are acquired through the group decision support system involving various subject matter experts, big data analytics and visualization of value, risk, threats, and levels of mitigation of the same. In addition deep reinforced learning based artificial intelligence methodologies are used in large enterprise level deployments to accommodate risk and threat mitigation.

The session planned is interactive with active participant involvement through discussion, interactive polls, and real time feedback during the session.

Cyber Risk – A Threat Based Approach to Risk Assessment - Glenn Siriano

Organizations are subject to a broad cross-section of Cyber threats – both from inside the organization as well as from outside the organization. Risk profiles will differ, based on the organization’s business model, and may differ between lines of business based on the line of businesses’ technology footprint.

This session will provide the attendees with an overview of an approach to perform a threat based cyber risk assessment. The session will explore the following threat scenarios and will discuss how to link to an organization’s technology control and business environment as well as to the associated threat actors.

1.      Unintended data sharing.
2.   Unwanted/unauthorized data modification and deletion
3. Partner/supplier shares Organization’s proprietary data with 3d parties
4.    Theft of the Organization’s IP and sensitive information
5.    Physical loss of a computing/storage asset 6.      Workstation compromise
7.      Eavesdropping on sensitive information
8.      Supply chain compromise

The session will build out the aforementioned threats, discuss the mapping to threat actors and the business environment, and will offer a methodology and approach for performing and reporting the results of the assessment

Session 4C

Session 4D

  1. 3:45 - 4:30 PM
    SESSION 5
Protecting the Unprotectable with Next-Gen Authentication - Ron Rasin

Multi-Factor Authentication (MFA) solutions have been available for years, and proven to greatly strengthen security. Yet most enterprise assets remain unprotected. Why is that? Join Silverfort to examine MFA benefits and limitations, and learn about the advantages of Silverfort’s Next Generation Authentication Platform. (Hint: agentless MFA is only one of them)




Adopting AWS – Learn how to deploy AWS services securely - Jeremiah Sahlberg

Implementing new technologies without fully understanding their capabilities can lead to disaster, for your organization and your customers. Amazon Web Services (AWS) offers a plethora of services that provide companies and individuals large computing capacities quickly and easily. Unfortunately, we’ve recently seen major corporations sustain large breaches as a result of this practice.

How and why are S3 buckets getting compromised? How secure are serverless websites? In this presentation, we will take a deep dive into AWS and the shared responsibility you and Amazon have to protect your cloud assets. You’ll walk away with the necessary tools to safely and securely deploy solutions into AWS. (see tab 2 for more)

Session 5A

Session 5B

AI, Machine Learning and cybersecurity: Separating hype and tackling big opportunities - Brian Barnier

While artificial intelligence (AI) is playfully thought of as robots taking over the world, the hype and reality are much different. And, machine learning (ML) as a more basic form of AI is more widespread today. Cybersecurity pros can help their organizations in three ways. First, by separating data “black box” ML from solutions where people “clean and feed” data for ML.

Second, by learning 3 common causes of ML failures. Third, by focusing on the 2 steps of a data analytics/science project that are most prone to error leading to bad decisions and outcomes.

Yet, maybe the greatest challenge for cybersecurity pros is to learn how to take advise from people before they are reduced to “service humans” for robots. Learning these lessons can lead people to great professional opportunities.
AI and SIEM Trends – Best Odds on Catching Bad Guys - Mike Money


Monitoring for incidents is a lot like looking for a needle in a haystack. AI can help detect possible incidents before SIEMS or manual monitoring of activity. This session will get participate familiar with the most recent trends in AI and event monitoring and what the results are doing to not only detect incidents but improve performance and efficiency. This session will help you see why so many companies are moving towards AI for incident detection, what they are learning and techniques to help you develop a strategy for AI.

Session 5C

Session 5D

  1. 4:30 - 6:00 PM
    Training Sessions
Cyberrisk & the New Face of ERM• Impact of RPA, Blockchain, new business models on enterprise risk assessment - Donna Marie Howe, CFA

This session will cover three topics:

- Incorporating cyber risk intorisk appetite statements

- Impact of RPA, Bockchain and new business models on enterprise risk assessmet

- Stress testing and the IoT

The attendees will gain the following insights

• Understand how incorporating cyber-risk assessment impact both costs and revenues – and how to measure ROI
• Learn about alternative methods of measuring the impact of cyber-risks – and the mitigating strategies
• Examine different approaches in incorporating cyber-risk into scenario design and stress -testing.

Secure Content Supply Chain in Marketing, Advertising and Creative Content - Jonathan Bourke

Marketing, advertising and content creation have been traditionally creatively driven –prevalent practices, art and design driven practices have meant that there have been limited cyber, compliance and security protections.  While certain groups employed InfoSec and Risk methodologies – it was generally “Mad-Men” rules apply!

Marketing, Advertising and creative services have now evolved – marketing is mobile, digital, online, true omnichannel at scale.  Marketing is now reliant on technology for critical insight, customer touch and transactions are powered by databases, programs, algorithms driven by technology.  All online, all the time, with lots of very rich data that must be monitored, audited, curated, measured and protected.

Content is now Currency – movie studios launches, Superbowl ads, new product announcements, social content – and as such content is a high value, sensitive, fragile asset.

A cyber-attack, a data leak, a social media hijack can irreparably impact a brand, its share price and its very future.  No brand or stock price is immune to the impact data misuse or a breach, just look at Facebook. The Chief Marketing Officer, Chief Information Office and Chief Risk Officer are now the defenders of the brand, its health and longevity but cultural problems persist – justifying cost of compliance, measuring and communicating risk and changing behavior – because without organizational and behavioral change “The Work” is at risk.  

Jonathan will take us through key topics including:
-The evolution of the Brank/CMO, media, advertising and Content provision as it relates to cyber, InfoSec and compliance
-Challenges of the impact regulations such as GDPR, MPAA and other regulatory frameworks
- Secure Content Supply Chain as an unfired framework for compliance, cyber and risk management
- Working with the critical executives such as the Chief Marketing Officer, CRO and CIO and other executive management around implementation of critical systems, cost and margin while meeting marketing, creative needs
- High level solutions and roadmap considerations harnessing Big Data, Automation and Artificial intelligence platforms  

Session 1

Session 2