The Delaware InfraGard Presents our 3nd Quarter Member Meeting

The Delaware InfraGard Members Alliance Presents our 3rd Quarter Meeting 

Sept 15, 2017

Register here: https://www.eventbrite.com/e/responding-to-the-threats-tickets-37060634355

Sponsored by:

“Responding to the Threats”

(This meeting is open to all with registration)

Note: When using the internet map locators to get to this facility, search for North Wakefield Drive, Newark, DE 19702 or South Wakefield Drive and zip code 19702. Do not use street numbers in your search

Agenda:

Light refreshments provided

8 am – 8:45 am Registration & Networking

8:45 am – 9 am InfraGard Announcements

9 am – 10 am Cyber Threat Landscape

10 am – 11 am Security Awareness & Training

11am – noon Physical Security Convergence

Presentation Details:

Cyber Threat Landscape: Responding to Ransomware

The Cyber threat landscape is evolving at an alarming pace. Ransomware & DDOS attacks are increasing in frequency, and are becoming highly profitable for the attackers behind them. These attackers are smart, well resourced, and motivated to steal money or information. Ransomware attacks are up 6,000% and driving the creation of a $440 billion-dollar industry.

Kevin Kelly comes to us with many years of cyber-security experience. He has worked in Banking Core Technology and security, with Polaris Financial Technology. With Identity and Access Management with IdenTrust and with EndPoint security with the global company, Kaspersky Lab. Kevin now works with enSilo, a security start-up, dealing with Post Infection Protection.

Security Awareness & Training: Best Practices, Future Directions, and what you can do NOW

Perry Carpenter currently serves as Chief Evangelist and Strategy Officer for KnowBe4, the world’s most popular security awareness and simulated phishing platform.

Previously, Perry led security awareness, security culture management, and anti-phishing behavior management research at Gartner Research, in addition to covering areas of IAM strategy, CISO Program Management mentoring, and Technology Service Provider success strategies. With a long career as a security professional and researcher, Mr. Carpenter has broad experience in North America and Europe, providing security consulting and advisory services for many of the best-known global brands.

Perry holds a Master of Science in Information Assurance (MSIA) from Norwich University in Vermont, is a Certified Chief Information Security Officer (C|CISO, and a board member for Arkansas InfraGard.

Physical Security Convergence: Attacking Physical Access Control Systems from the Corporate Network

Historically physical security and cybersecurity have been distant cousins. Increasingly, however, physical security systems such as physical access control systems (PACS) and video surveillance systems are taking advantage of networking and wireless technologies that are well known to the hacker community. This presentation examines the implementation topology of the typical PACS system and how the different components of the system can be compromised. Often this can even be accomplished from the corporate/enterprise network.

Harry Regan manages the Securicon commercial security consulting team and is responsible for overseeing the execution of commercial engagements and coordinating with sales activities. He also serves as a senior technical resource in the assessment and compliance consulting teams. He has been fundamental to the expansion of Securicon’s services into the Critical Infrastructure services arena, specializing on cybersecurtiy, operational and regulatory issues. Mr. Regan maintains an active presence in the Security community and has been a featured presenter at the RSA Security Conference, DEFCON, DerbyCon, Secure360, and a number of BSides around the country.

For more information about the Delaware InfraGard, and for the application to join, please visit: www.InfraGard.org

The Delaware InfraGard Presents our 2nd Quarter Member Meeting

The Delaware InfraGard Presents our 2nd Quarter Member Meeting

Sponsored by:

(This meeting is open to all with registration)

Date: Friday, June, 9, 2017

Time: 8:00 AM to Noon

Location: Delmarva Conference Center, 4100 South Wakefield Dr., Newark, DE 19702

Note: When using the internet map locators to get to this facility, search for North Wakefield Drive, Newark, DE

19702 or South Wakefield Drive and zip code 19702. Do not use street numbers in your search

Agenda: (Light refreshments will be served)

8 am – 8:45 am Registration & Networking

8:45 am – 9 am InfraGard Announcements

9 am – 10 am The Latest ICS Threats

10 am – 11 am Credential Theft as a Primary Attack Vector

11am – noon Security for Business Travelers

To Register: eventbrite link

Presentation Details:

The Latest ICS Threats

An overview of the latest ICS (Industrial Control System) threat intelligence. Detail Operation BugDrop, a cyber-surveillance operation leveraging DropBox that used PC microphones to “bug” critical infrastructure, scientific research, and media organizations in the Ukraine. Review Information learned about the evolution of industrial malware like BlackEnergy3 and KillDisk. Describe IIoT botnets operated by criminal gangs to deliver DDoS-as-Service. And discuss recently-announced zero-day vulnerabilities in widely-used industrial devices.

Phil Neray is currently the VP of Industrial Cybersecurity at CyberX. Phil began his career as a Schlumberger engineer on oil rigs in South America and as an engineer with Hydro-Quebec. He has a BSEE from McGill University, is certified in cloud security (CCSK), and has a Black Belt in American Jiu-Jitsu. Prior to CyberX, Phil held executive roles at enterprise security leaders including IBM Security/Q1 Labs, Guardium, Veracode, and Symantec. Credential Theft as a Primary Attack Vector – Detect and Respond to Privileged and Service Account Attacks Privileged accounts have been at the center of each recent high-profile attack. Moreover, attackers are leveraging Privileged credentials as their entry point to high value systems within the network. This session will explain how hackers that successfully exploit these credentials are able to gain a privileged foothold, allowing them unfettered access to elevate privileges and move about the network freely without detection. With a solid understanding of this well-used method of attack, attendees will learn how to properly secure and manage these powerful credentials. We will discuss growing trends in regards to attacks and what Security Leaders are doing to protect their organizations from these advanced attacks. And walk through a typical attack that utilizes privileged accounts and how passwords can be exploited to break down the front door. The session will touch on the growth and prevalence of privileged credentials. We will discuss how to securely store and manage credentials and how to reduce the attack surface, specifically attack surfaces favored by insiders and outsiders with insider credentials. We will also discuss detecting credential harvesting and blocking future attempts. All while maintaining governance and compliance standards.

Nick Dulavitz is a national director of engineering at CyberArk. He assumed the role in 2016 and is based in Boston, Massachusetts. Mr. Dulavitz joined CyberArk in 2013 coming from Sophos where he held a variety security focused positions specializing in encryption technologies. Since joining CyberArk he has focused primarily on how privilege is leveraged by attackers to accomplish their goals and the most effective ways to mitigate such techniques. Security for Business Travelers – Our Tools Betray Us. We will watch several insightful videos and participate in related discussions about how our tools and social media betray and endanger our business and our business travelers. This presentation will use recorded actual events to portray the dangers of using today’s technology and social media to support our businesses. We will also discuss the actions we can take to make us safer.

Mr. R. C. Smith is a professional security specialist with over 40 years of hands on experience in many aspects of security and intelligence. He has served in a wide variety of roles including program, personnel, physical and information security/assurance, OPSEC, Security Awareness/Security Education and counterintelligence. He has served on the Board of Directors for the Maryland InfraGard for two years, serves as the Programs Chief and Chairs the Insider Threat Special Interest Group. He has supported the National Classification Management Society as their technical advisor for the Education and Training Committee and has served on the board of the Industrial Security Awareness Council of Central Maryland. He serves as Sponsor Coordinator for the highly successful FBI Outreach program, Intelligence and Law Enforcement Training Seminar or INLETS. R.C. Smith was a recipient of the 2017 Governor’s Crime Prevention Award.

You must be registered to attend this event. Seating is limited

https://www.eventbrite.com/e/protecting-your-cyber-assets-tickets-34577255502