Carmen Medina spent her career at CIA making analysts better at their work. This 90 minute workshop will address many of the critical issues that cyber intelligence analysts face in trying to interpret a wide variety of data that may or may not be trustworthy including how they may recognize and overcome their own cognitive biases.
This very popular 90 minute workshop will kick off day one and include coffee, juice, and fresh fruit!
This panel of internationally-known experts will share their experiences in both the breakdown of trust experienced by U.S. allies and friends post-Snowden as well as how they work on restoring trust from the ground up one handshake at a time.
Breaking news on the Sony breach, presented by Jeffrey Carr.
As the world moves towards continuous network monitoring, where all of our systems are patched, hardened against malware and monitored in near real time, we should expect attacker behavior to change. In this talk, Marcus Ranum will discuss a variety of scenarios attackers could use to exploit hardened networks, including compromising SIEMs, network security monitoring devices, patch management systems, auditing systems and more.
Undefeatable APTs, advanced integrated cloud based zero-day proof shiny boxes, governments waging cyber war…OMG Cyber! Vendors, governments, academics, and journalists have increasingly used hype to gain attention and raise the alarm concerning cyber threats. Individuals asked about this approach believe that the hype will help raise awareness, garner needed funding, and push the community towards security; but is that effective? In this presentation, based on an article by the same name published in RUSI, Thomas Rid and Robert M. Lee will argue that hype decreases security and makes for bad policy. The presentation will contain case studies and personal experiences from the authors to show specific examples in and out of the government where the hype has hurt security, Intelligence operations, and ultimately national security.
This project examines how constraining norms for cyber warfare are developing and will develop in the future. To do so, it develops a theory based on case studies on the evolution of norms for other emerging-technology weapons—specifically chemical and biological weapons, strategic bombing, and nuclear weapons. This project expands norm evolution theory, which is not specifically focused on warfare or emerging-technology weapons, and also contributes to nascent efforts to address the emerging cyber threat by developing a better understanding of norm evolution for cyber warfare. It argues that for emerging-technology weapons direct or indirect alignment of national self-interest with a constraining norm is the primary factor that leads to norm emergence and the extent to which it is aligned with key or powerful states’ perception of self-interest will determine how rapidly and effectively the norm emerges. Specific to cyber warfare, it predicts that while an increasing number of actors and organizational platforms are cultivating multiple candidate norms for cyber warfare, constraining norms will have trouble emerging and may never reach a norm cascade. In light of these findings, the project concludes by offering various recommendations for U.S. policymakers and identifies further research opportunities.
A while ago I contacted my favorite living Constitutional lawyer and an under-the-radar AI researcher. I wrote: “With data analytic advances [corroborated today by the massive US intel gathering leaks], it is now straightforward to identify criteria that mediately & predominantly target any given cohort in the US. This means that any type of discrimination (good, bad, be it Affirmative Action, economic stimulus, health care allocations etc) can be surreptitiously encoded in innocuous measures that rely on seemingly neutral, objective criteria. The intended discrimination and decision ‘unwrapping’ is hidden in the correlations of the stipulated criteria and can not be easily ascertained by end result inspection or even black box algorithm inspection. This was of course tried manually before, but now we have the data and the analysis power to do this at scale, systematically and 1, 2, 3 etc orders removed.”
This talk will give an accessible overview of possible next generation adversarial thrusts: Crafted poisoning attacks against Big Data and associated machine learning algorithms. I will give examples of real-world examples and implications for US citizens. I may discuss potential countermeasures.
Despite the tremendous investments made in cyber and threat intelligence by government and commercial entities, and the resultant growth of the cyber intelligence industry, the pace, breadth and frequency of attacks hasn’t abated. If anything, it’s increased. This state of affairs begs a hard look at what we know as cyber intelligence. This panel, comprised of cyber intelligence professionals with experience working in both government and commercial intelligence organizations, takes an incisive look at the state of cyber intelligence today, analyzes the root causes of failures and shortcomings and posits a way ahead for improved performance and ultimate success.
Ghandi said, “Your values become your destiny.” These values can be used to categories users, thus putting the human in cyber behavior?
This talk examines what our value systems say about how we behave in cyberspace. Is it possible that we have certain default settings that reveal information about our identities? Our cultural values, act as default settings and this talk discusses the linkage between culture and cyber behaviors.
Our adversaries also have value systems, and accompanying behaviors. Because of these value systems, cyber warfare, espionage, and international actions are exceptionally well suited for connecting the human to their cyber behaviors. Traditional (kinetic) war behaviors vary by country, why would cyber be different?
This talk discusses the statistical relationship found between culture and cyber behaviors. The speakers will discuss the framework that they use for characterizing nation-state cyber actors and the statistical methods used to evaluate the relationship between culture and cyber behaviors. Finally, the speakers will also discuss the implications of their findings to date along with other possible applications.
How the PsyOps Industry is Diffusing the Democratizing Power of Social Networks
Modern psychological warfare has no need for chemical compounds or staged brothels. Our perception of current events is almost entirely shaped by social networks built on the premise of providing an accurate representation of what ordinary citizens are thinking and feeling. That authenticity has made social networks into an attractive platform for political speech and social activism capable of sparking entire revolutions overnight.
The idea that a mob of concerned, politically-motivated citizens will organize through these networks and take to the streets to demand political involvement, representation, and a better overall political structure is a dream for countries invested in democratizing other nations. The mob’s wake provides a cover of homespun authenticity that invalidates talk of foreign interference or political cunning while creating favorable conditions for foreign operatives to act. Social networks are a free market coup.
The crowdsourced political power of these grassroots movements has not gone unanswered, as an industry of social network manipulation has risen to counteract it. Social bots, fake blogs, artificial viralization services and more are being sold to foreign governments looking to manipulate their population’s perception of current events. By exploiting the innate trust-relationship between social networks and their users, these companies disrupt opposition, bury content, and profile dissenters for further pursuit. To the delight of socialist dictators and oppressive regimes, mercenaries have entered the stage of information warfare
Just as espionage and surveillance have evolved under state patronage, we are now witnessing the evolution of psychological warfare. Gone are the days of MKULTRA, Facebook and Twitter will do just fine!
Amateurs shut off the internet, professionals poison the well!
The current security operations model is an alert-driven one. Alerts contain a snapshot of a moment in time and lack important context, making it difficult to qualify the true nature of an alert in a reasonable amount of time. This clouds the information security picture and inhibits organizations from attaining full awareness of the threat landscape they face. On the other hand, narratives provide a more complete picture of what occurred and tell the story of what unfolded over a period of time. Ultimately, only the narrative provides the required context and detail to allow an organization to make an educated decision regarding whether or not incident response is required, and if so, at what level. This talk presents the Narrative-Driven Model for incident response.
Today, 53% of organizations have experienced an insider cybercrime incident, up significantly from 41% in 2004. Despite this upshot, one-third of organizations still have no formalized response plan. Many are still more focused on keeping up with external threats to protect assets rather than dealing with their own privileged users. In order to detect and prevent internal user incidents, tech departments need the support of their leadership to do what those plant managers did in the 1950s: Watch. Audit. Intervene. Prevent. However, what’s happening is organizations are frequently shirking off the potential for disaster, leaving them vulnerable to internal user-inflicted systems compromise (whether intentionally caused or not). Michael Crouse, Director of Insider Threat Strategies at Raytheon Cyber Products, will draw on a decade of experience to discuss what works and what does not work – and the future of effective insider threat mitigation. From this session, attendees will learn tactics organizations have used to block the insider, what has worked, what hasn’t and how to get a step ahead of the insider to protect your organization.
Suits and Spooks will be hosting a dinner to benefit Warrior Dog Foundation. The evening will kick-off on February 4th, 2015 with a VIP reception from 7-8pm at the Ritz-Carlton, Pentagon City in honor of former U.S. Navy SEAL and New York Times Best Selling author, Mike Ritland. You will be able to meet Mike and his higly trained K-9. Space is limited so we sugget you purchase your tickets before they sell out. Mike Ritland will then be speaking during the main dinner program from 8-10pm. Mike will share intimate stories of what it's like to be a Navy SEAL and how military working dogs keep our Special Operations Forces operators safe while they are downrange.
The proceeded from all ticket sales will go directly to Warrior Dog Foundation and supporting the Special Operations community. Tickest will be tax-deductable to all our guests.
Warrior Dog Foundation is a 501(c)3 charity founded by U.S. Navy SEAL Mike Ritland with the sole purpose of giving back to the Naval Special Warfare and Special Operations Forces commuities. We transition military working dogs from the combat environment into retirement either at our state-of-the-art facilities or into loving private homes. We ensure these heroes face retirement with dignity and grace. Warrior Dog Foundation is also dedicated to assisting handlers and their families when they are either killed or injured in combat. We are proud to be chosen as the charity of choice by Suits and Spooks.
Suits and Spooks will be hosting a dinner to benefit Warrior Dog Foundation. The evening will kick-off on February 4th, 2015 with a VIP reception from 7-8pm at the Ritz-Carlton, Georgetown in honor of former U.S. Navy SEAL and New York Times Best Selling author, Mike Ritland. You will be able to meet Mike and his higly trained K-9. Space is limited so we sugget you purchase your tickets before they sell out. Mike Ritland will then be speaking during the main dinner program from 8-10pm. Mike will share intimate stories of what it's like to be a Navy SEAL and how military working dogs keep our Special Operations Forces operators safe while they are downrange.
The proceeded from all ticket sales will go directly to Warrior Dog Foundation and supporting the Special Operations community. Tickest will be tax-deductable to all our guests.
Warrior Dog Foundation is a 501(c)3 charity founded by U.S. Navy SEAL Mike Ritland with the sole purpose of giving back to the Naval Special Warfare and Special Operations Forces commuities. We transition military working dogs from the combat environment into retirement either at our state-of-the-art facilities or into loving private homes. We ensure these heroes face retirement with dignity and grace. Warrior Dog Foundation is also dedicated to assisting handlers and their families when they are either killed or injured in combat. We are proud to be chosen as the charity of choice by Suits and Spooks.
Have questions about Suits and Spooks Dinner to benefit Warrior Dog Foundation?Contact Taia Global and Warrior Dog FoundationThis 45 minute breakfast workshop will be taught by a panel of intelligence agency veterans who have left their respective agencies and started their own cyber security companies and/or funded cyber security startups. The objective is to share lessons learned and respond to questions from the attendees. Coffee, juice, and fresh fruit will be served.
Freddy Dezeure, the director of CERT-EU, will report on the ongoing activities of the threat actor Ke3chang/Vixen Panda, who has been very prolific in attacks against public institutions in the recent years. Little has been reported in open source, beyond the report issued by FireEye end of 2013. The presentation will provide an insight in their TTPs, by means of real incidents: the infection vectors used, the tools deployed, the agility of the actor and their reaction on the incident response as well as some indications on realistic detection methods.
As criminals and criminal organizations take advantage of new digital technologies like social media and smart phones, police departments in large cities are struggling to catch up. Zachary Tumin is the Deputy Commissioner for Strategic Initiatives with the New York Police Department and he’ll brief attendees on some of the initiatives that the NYPD has started to help remediate that problem.
Sabrina has been with the U.S. Attorney’s Office for the Southern District of California for over 7 years. She is the Computer Hacking and Intellectual Property Coordination and her work focuses on cybercrime and national security cases. Prior to joining the U.S. Attorney’s Office, she worked at two San Francisco law firms as a civil litigator.
This panel will discuss some of the challenges that international banks must address with the growing use of Bitcoin and other forms of crypto-currency. Panelists include Ben Milne (the founder of Dwolla), Edward V. Marshall (V.P., Credit Suisse), and Wesley Bull (CSO of NVIDIA)
Iran’s cyber warfare capabilities stretch across a broad, deep and diverse ecosystem of assets. Some assets even reside within the United States – hiding in cloud service providers, enterprises and government organizations. This presentation dissects the details behind Operation Pistachio Harvest and shares how the intelligence was acquired, what was discovered and why it matters.
As we have witnessed with hardware, the supply chain easily becomes a means to enter and attack an organization. The software supply chain is just as if not becoming more vulnerable to attack: more opportunities to exploit due to faster update cycles, less ability to test, more people involved in technologies, BYOD, etc.
This panel will focus about the looming problem with software supply chains and various solutions and fixes that have been proposed to mitigate them.
Attendees at this workshop will learn how the PLA is integrating Computer Network Operations into their military infrastructure and gain a deeper understanding of its organization, training, and capabilities.
One of the largest threats to any corporation is the leaking of critical information and the ease at which it can be monitored. It takes only a few seconds to filter out COMPANY X employees on social media with a few simple searches. Example: site:Facebook.com "COMPANY X" AND "employee." You can replace Facebook with any social media site and be able to compile a list of targets. The key issue is few organizations are properly training their employees about how to sensor themselves on social media. If I know that a group of people are employees of a company the next step is to us key term searches to note when they are traveling. This will allow me to begin filtering when a trip is taking place and most likely where they are going. There are nosuper-secret security settings that lock down your social media. The key is education on Cyber Hygiene when traveling as well as on social media. The courses that Weathered Security provides show how easily social media can be tracked and gives key words that should be avoided to help hide business trips and secrets. We also teach how to protect your employees from cyber threats that are often over looked. Threats such as syncing your Bluetooth in a rental or plugging your usb cable into a public charging port.
Programmatically speaking, we are living through cybersecurity’s adolescence. That is to say, in response to widespread recognition of the dangers posed in a hostile cyberspace, government and industry have embarked on a number of large, well-resourced and highly visible cybersecurity projects and programs. These efforts are generally conducted alongside, and in a parallel manner to the ongoing operations or the acquisitions/development efforts they are intended to protect. Unfortunately, they suffer from the same flaws as many other large, top-down reformation and improvement programs throughout history. This talk will draw parallels between current cybersecurity programs and historical grand attempts to address other endemic, systemic requirements and problems. It will follow up with a discussion of how these large programs will eventually collapse and see their solutions filter into the DNA of the programs they were originally intended to protect. Finally, it will lead the audience on a path toward a supportable hybrid approach that merges top-down and bottom-up implementations.
United States authorities say they’re certain that North Korea is behind the attack on Sony, but they haven’t provided any proof to back their claims, except for the fact that the attackers used IP addresses “exclusively used by the North Koreans.” Everyone agrees that attribution is tricky. Some believe US authorities are jumping to conclusions, but others say the FBI surely has other evidence, which they might never share with the public, to back their claims. This topic will be debated by a panel of experts and moderated by The Wall Street Journal's Danny Yadron.
Professor Chris Inglis is the former Deputy Director of the NSA, who retired on January 10, 2014. Details of his talk will be posted in the near future.
Please join us at the Diplomat Room on the lobby level from 6pm to 8pm for drinks and networking. Don’t leave before you find out if you’re the lucky person to win a free trip to Suits and Spooks London (air fare and hotel included). We’ll be giving away some other very cool gifts, plus enjoy the free beer and networking.