The quarterly ISSA Utah Chapter 1/2-Day security seminar. Includes breakfast and lunch.
1) Securing the Virtual Environment | How to Defend the Enterprise Against
Presenter: Matthew Wallace, Director of Product Development, ViaWest, Inc.
2) Best Practices, Audit and Control for an Enterprise Vulnerability Management Program
Presenters: Grant Johnson & Jeff Buzzella, Qualys
3) IT Risk Management: Because You Can Have Too Much Security
Presenter: David A. Nelson, Jr. CISSP, Founder of Integrity Technology Systems
The Future of Android Security
Presenters: Alex Geiger and John Gluth, Green Hills Inc.
The global enterprise Android mobility market is growing rapidly, yet Android security solutions are in their infancy. We’ll discuss emerging technologies to address secure boot, data-at-rest and in-transit encryption, user authentication, and dual persona (BYOD/EOD) in an Android environment that has proven fertile to hackers. We’ll also touch on the U.S. Government initiatives to build an ultra-secure smartphone using commercial off-the-shelf technology.”
Agenda:
3:00 Introduction of Speakers
3:05 Presentation
4:00 Question & Answer
4:15 Speakers Depart/ISC2 Chapter Business
4:30 Light Refreshments
5:00 Depart
Conference, September 16th
Keynote – Mark Weatherford, Principal, The Chertoff Group
Why Targeted ICS Threats Call for Intelligence? – Michael Assante, Director, ICS & SCADA, SANS Institute
Counterintelligence: A Seat At The Table – Ray Batvinis, Professor, The George Washington Unviersity, FBI Supervisory Special Agent (Ret.)
Why Building An Intelligence Team Is Important For Critical Infrastructure Asset Owners – Kristan Wheaton, Associate Professor of Intelligence Studies, Mercyhurst University
Situation Awareness: From Zero To Sector Scale – Ben Miller, Senior Cyber Security Specialist, ES-ISAC
Building Intelligence Infrastructure To Protect Your Critical Infrastructure – Meredith Wilson, Principal Consultant and Advisor, Emergent Risk International
Developing An Internal Threat Intelligence Function – Darin Olton, Principal, Threat & Vulnerability Management
Intel Analyst training, September 17th and 18th:
- Understanding the intelligence challenge for critical infrastructure
- Real time risk management
- Cyber defense competency model
- Intelligence and Situational Awareness
- Situational awareness and intelligence requirements generation and gap analysis
- Situational awareness and threat intelligence tools
- Using OSINT tools to satisfy intelligence requirements
- Getting inside the OODA loop
- Attack Planning and Targeting
- Attacker characterization
- Threat identification
- High value target identification
- OSINT targeting
- Targeting countermeasures
- Creating and Using Situational Awareness and Threat Intelligence
- Attack scenario generation
- Indicator list development
- Review of intelligence management tools
- Analyzing and actioning incoming intelligence
- Review of cyber intelligence providers
- Development of an internal security ontology
- Industrial Control Systems Cyber Threat Environment
- OSINT analysis using ICS knowledge
- OSINT walk-down for ICS-related threat information
- Information Sharing
- Comparison of information received through info-sharing organizations/initiatives
- Infrastructure I&A Competition