Loading…
This event has ended. View the official site or create your own event → Check it out
This event has ended. Create your own
This is the interactive agenda for Suits and Spooks Washington D.C. 2015. This a draft a agenda and subject to change. Online registration is available here.
View analytic

Sign up or log in to bookmark your favorites and sync them to your phone or calendar.

Wednesday, February 4
 

7:30am

Breakfast and Registration
Badge pick up and breakfast

Wednesday February 4, 2015 7:30am - 8:25am
TBA

8:25am

Welcome Address
Welcome address and remarks

Speakers
avatar for Jeffrey Carr

Jeffrey Carr

Principal Consultant, The 20K League
Jeffrey Carr is a cybersecurity consultant, the author of Inside Cyber Warfare: Mapping the Cyber Underworld (O’Reilly Media, 2009, 2011), and the founder of the Suits and Spookssecurity event series. He has consulted for Fortune 500 companies and U.S. and foreign government agencies and has spoken at hundreds of conferences around the world since 2009. Mr. Carr is widely published and frequently quoted on matters of... Read More →
ML

Mike Lennon

SecurityWeek
Michael Lennon is the founding publisher and Managing Editor of SecurityWeek. For more than 10 years, he has been closely monitoring and analyzing trends in the enterprise IT security space and the threat landscape. In his role at SecurityWeek, he oversees the editorial direction of the publication and manages several leading security conferences. He studied economics and computer science at Trinity College in Hartford, Connecticut.


Wednesday February 4, 2015 8:25am - 8:30am
Main Track

8:30am

WORKSHOP: Connecting More Dots: Breakfast Workshop with Carmen Medina

Carmen Medina spent her career at CIA making analysts better at their work. This 90 minute workshop will address many of the critical issues that cyber intelligence analysts face in trying to interpret a wide variety of data that may or may not be trustworthy including how they may recognize and overcome their own cognitive biases.

This very popular 90 minute workshop will kick off day one and include coffee, juice, and fresh fruit!


Speakers

Wednesday February 4, 2015 8:30am - 9:15am
Main Track

9:15am

PANEL: Restoring Trust One Handshake At A Time (Post-Snowden)

This panel of internationally-known experts will share their experiences in both the breakdown of trust experienced by U.S. allies and friends post-Snowden as well as how they work on restoring trust from the ground up one handshake at a time.


Speakers
avatar for Freddy Dezeure

Freddy Dezeure

Freddy Dezeure graduated as Master of Science in Engineering in 1982. He was CIO of a private company from 1982 until 1987. After joining the European Commission in 1987, he has held a variety of management functions in administrative, financial and operational areas, in particular in information technology. He has set up the CERT for the EU institutions, agencies and bodies in 2011 and he has been Head of CERT-EU since then.
avatar for Dave Piscitello

Dave Piscitello

Dave Piscitello has been involved in Internet technology for over 39 years. Dave serves as Vice President, Security and ICT Coordination at ICANN, where he collaborates with the information security, DNS, and law enforcement communities on a diverse range of security issues related to the Domain Name System and domain name registration processes, including phishing, pharming, DDoS attacks, domain hijacking and other... Read More →
avatar for Jeffrey Ritter

Jeffrey Ritter

External Lecturer, University of Oxford
Jeffrey Ritter has devoted his career of 35 years to navigating and building the legal and governance frameworks that enabled several generations of new information technologies--from fax machines to the security of mobile applications. As a practicing lawyer, ABA member, UN rapporteur, academic researcher, small business executive, and consultant, he has always been one to "push the envelope". Today, as an external lecturer at The University of... Read More →


Wednesday February 4, 2015 9:15am - 10:00am
Main Track

10:00am

Breaking News on The Sony Breach

Breaking news on the Sony breach, presented by Jeffrey Carr.


Speakers
avatar for Jeffrey Carr

Jeffrey Carr

Principal Consultant, The 20K League
Jeffrey Carr is a cybersecurity consultant, the author of Inside Cyber Warfare: Mapping the Cyber Underworld (O’Reilly Media, 2009, 2011), and the founder of the Suits and Spookssecurity event series. He has consulted for Fortune 500 companies and U.S. and foreign government agencies and has spoken at hundreds of conferences around the world since 2009. Mr. Carr is widely published and frequently quoted on matters of... Read More →


Wednesday February 4, 2015 10:00am - 10:25am
Main Track

10:25am

Morning Break
Morning break with Refreshments

Wednesday February 4, 2015 10:25am - 10:45am
Main Track

10:45am

Attacking a Network Defended with Continuous Monitoring

As the world moves towards continuous network monitoring, where all of our systems are patched, hardened against malware and monitored in near real time, we should expect attacker behavior to change. In this talk, Marcus Ranum will discuss a variety of scenarios attackers could use to exploit hardened networks,  including compromising SIEMs, network security monitoring devices, patch management systems, auditing systems and more.



Speakers
MR

Marcus Ranum

Marcus J. Ranum, Senior Strategist at Tenable Network Security, is a world-renowned expert on security system design and implementation. Since the late 1980's, he has designed a number of groundbreaking security products including the DEC SEAL, the TIS firewall toolkit, the Gauntlet firewall, and NFR's Network Flight Recorder intrusion detection system. He has been involved in every level of operations of a security product business, from... Read More →


Wednesday February 4, 2015 10:45am - 11:10am
Main Track

11:10am

PANEL: An Inside Look At BAE Systems Global Threat Landscape
Speakers
DB

Doug Bruns

Technical Director, Global Security Operations Center, BAE Systems
Doug Bruns is Technical Director of the Global Security Operations Center (GSOC), BAE Systems Inc. Cybersecurity. In this role, he is responsible for intrusion detection and incident response across six continents supporting BAE Systems business in over one hundred countries. He leads a team of senior analysts tasked with combating advanced cyber threats and reports directly to the Global CISO of BAE Systems. Bruns holds a bachelor’s... Read More →
avatar for Daniel Harrison

Daniel Harrison

Global Security Operations Center Lead, BAE Systems
Daniel Harrison has been the BAE Systems Global Security Operations Center Lead for the past three years. His technical background began with six years in the US Navy as an Electronics Technician working on radars, IFF and telecommunications equipment.  After that, Daniel moved into computers and networking, working for several firms in the DC area. Now specializing in Cyber Network Defense, Daniel spends much of his time training and... Read More →
avatar for Sara Jones

Sara Jones

Fusion Analyst, Global Security Operations Center, BAE Systems
Sarah Jones is a fusion analyst in the Global Security Operations Center at BAE Systems. She primarily focuses on malware families of advance persistent threats and specializes in distilling actionable intelligence from disparate, unformatted sources of information. She has a Bachelor’s degree in International Relations from George Mason University and a Master’s degree in Security Policy Studies with concentrations in Science... Read More →


Wednesday February 4, 2015 11:10am - 11:55am
Main Track

11:55am

OMG Cyber! Why Hype Makes For Bad Policy

Undefeatable APTs, advanced integrated cloud based zero-day proof shiny boxes, governments waging cyber war…OMG Cyber!  Vendors, governments, academics, and journalists have increasingly used hype to gain attention and raise the alarm concerning cyber threats. Individuals asked about this approach believe that the hype will help raise awareness, garner needed funding, and push the community towards security; but is that effective? In this presentation, based on an article by the same name published in RUSI, Thomas Rid and Robert M. Lee will argue that hype decreases security and makes for bad policy. The presentation will contain case studies and personal experiences from the authors to show specific examples in and out of the government where the hype has hurt security, Intelligence operations, and ultimately national security.



Speakers
avatar for Robert M. Lee

Robert M. Lee

Dragos Security, Co-founder
Robert M. Lee is a co-founder at the critical infrastructure cyber security company Dragos Security LLC where he has a passion for control system packet analysis, digital forensics, and threat intelligence research. He is a passionate educator having taught for various organizations including Utica College where he is currently an Adjunct Lecturer in the M.S. Cybersecurity program. Although Robert teaches digital forensics at Utica College and... Read More →


Wednesday February 4, 2015 11:55am - 12:20pm
Main Track

12:20pm

Lunch
Please join us for lunch!

Wednesday February 4, 2015 12:20pm - 1:00pm
Main Track

1:00pm

A Cyber War Taboo? The Evolution of Norms for Cyber Warfare

This project examines how constraining norms for cyber warfare are developing and will develop in the future. To do so, it develops a theory based on case studies on the evolution of norms for other emerging-technology weapons—specifically chemical and biological weapons, strategic bombing, and nuclear weapons. This project expands norm evolution theory, which is not specifically focused on warfare or emerging-technology weapons, and also contributes to nascent efforts to address the emerging cyber threat by developing a better understanding of norm evolution for cyber warfare. It argues that for emerging-technology weapons direct or indirect alignment of national self-interest with a constraining norm is the primary factor that leads to norm emergence and the extent to which it is aligned with key or powerful states’ perception of self-interest will determine how rapidly and effectively the norm emerges. Specific to cyber warfare, it predicts that while an increasing number of actors and organizational platforms are cultivating multiple candidate norms for cyber warfare, constraining norms will have trouble emerging and may never reach a norm cascade. In light of these findings, the project concludes by offering various recommendations for U.S. policymakers and identifies further research opportunities.


Speakers
BM

Brian M. Mazanec

Brian M. Mazanec earned his PhD from George Mason University’s Department of Public and International Affairs and also holds a B.A. in political science from the University of Richmond and a M.S. in defense and strategic studies from Missouri State University’s Department of Defense and Strategic Studies. Brian’s academic research has been published in numerous journals, presented at international conferences, and used as part of the... Read More →


Wednesday February 4, 2015 1:00pm - 1:25pm
Main Track

1:25pm

Russia: How Cyber Operations are a New Form of “Active Measure”
Russia: How Cyber Operations are a New Form of “Active Measure”

Speakers
avatar for Paul M. Joyal

Paul M. Joyal

Managing Director, NSI
Paul M. Joyal serves as Managing Director of NSI’s Public Safety and Homeland Security practice, where he helps clients to position their technology solutions for success at the international, federal, state and local government levels. Mr. Joyal also heads a small competitive intelligence group within NSI, and was deeply engaged in cyber forensic investigation for an overseas client. Mr. Joyal is a nationally recognized expert in... Read More →


Wednesday February 4, 2015 1:25pm - 1:50pm
Main Track

1:50pm

Big Pinocchio

A while ago I contacted my favorite living Constitutional lawyer and an under-the-radar AI researcher. I wrote: “With data analytic advances [corroborated today by the massive US intel gathering leaks], it is now straightforward to identify criteria that mediately & predominantly target any given cohort in the US. This means that any type of discrimination (good, bad, be it Affirmative Action, economic stimulus, health care allocations etc) can be surreptitiously encoded in innocuous measures that rely on seemingly neutral, objective criteria. The intended discrimination and decision ‘unwrapping’ is hidden in the correlations of the stipulated criteria  and can not be easily ascertained by end result inspection or even black box algorithm inspection. This was of course tried manually before, but now we have the data and the analysis power to do this at scale, systematically and 1, 2, 3 etc orders removed.”

This talk will give an accessible overview of possible next generation adversarial thrusts: Crafted poisoning attacks against Big Data and associated machine learning algorithms. I will give examples of real-world examples and implications for US citizens. I may discuss potential countermeasures.


Speakers
avatar for Daniel Bilar

Daniel Bilar

Director of Research and Senior Principal Scientist
Daniel is Director of Research and Senior Principal Scientist for a boutique R & D company specializing in offensive cyber-security supporting US DoD and IC. His wider areas are malware, data science, moving target defenses, operations research, adversarial dynamics, info ops and quantitative compositional risk analysis / management.  Daniel used to be an assistant professor of computer science; he holds a Ph.D. in Engineering Sciences... Read More →


Wednesday February 4, 2015 1:50pm - 2:15pm
Main Track

2:15pm

PANEL: The Art and Practice of Cyber Intelligence – Current State, Shortfalls, and the Way Ahead

Despite the tremendous investments made in cyber and threat intelligence by government and commercial entities, and the resultant growth of the cyber intelligence industry, the pace, breadth and frequency of attacks hasn’t abated.  If anything, it’s increased.  This state of affairs begs a hard look at what we know as cyber intelligence.  This panel, comprised of cyber intelligence professionals with experience working in both government and commercial intelligence organizations, takes an incisive look at the state of cyber intelligence today, analyzes the root causes of failures and shortcomings and posits a way ahead for improved performance and ultimate success.



Moderators
avatar for Adam Zoller

Adam Zoller

Director of Cyber Intelligence, GE
Mr. Zoller’s role at General Electric is to lead intelligence operations evaluating threats to GE (cyber and physical) and supporting mitigation activities for identified threats. These operations provide support to security staff at GE sites around the world, actionable intelligence to leadership to enable decision advantage, and­ intelligence support to network defense entities to protect GE’s information systems. Prior to... Read More →

Speakers
avatar for Eric Jaw

Eric Jaw

Security/ Malware Analyst, Kaspersky Government Security Solutions, Inc.
Eric Jaw is a home-brewed engineer in network and cyber security, and alumnus from University of Maryland. He has supported contracts across various federal government agencies; deploying and evaluating various security appliances, conducting malware research and analysis, and building team resources for continuous monitoring. His journey into the world of computing began in 1998 with thanks to Blizzard Entertainment and Valve. Also, there... Read More →
avatar for Cesar Lopez

Cesar Lopez

Brasidas Group AG
Winner of the MIT 35 award, Mr López has co-founded over a half a dozen technology companies in data analysis and data science related technologies.  He also served as General Manager of Gestión Jaibaná, a information management company from Bogotá, Colombia; and as General Manager of Enelar del Magdalena S.A. – a utilities provider that operates street lighting systems in Aracataca, Colombia. At the... Read More →
avatar for Hilary MacMillan

Hilary MacMillan

Vice President, Cybersecurity Intelligence Executive (CIX), Kaspersky Government Security Solutions, Inc.
Hilary MacMillan is Vice President, Cybersecurity Intelligence Executive (CIX) for Kaspersky Labs’ newest subsidiary, Kaspersky Government Security Solutions, Inc. (KGSS). In this capacity, Hilary is responsible for providing world class cybersecurity intelligence in support of systems engineering services and development of innovative product solutions to meet the needs of government, government contractor and national critical... Read More →
avatar for Christopher Reilley

Christopher Reilley

Lead Security Analyst, Kaspersky Government Security Solutions, Inc.
Christopher Reilley is the Lead Security Analyst at Kaspersky Government Security Solutions, Inc. He is responsible for providing world class cybersecurity intelligence and malware analysis solutions to meet the needs of government, government contractor and national critical infrastructure organizations. Chris leverages more than 12 years of experience in the defense, intelligence and government contracting industries. | | Prior to joining... Read More →
avatar for Brad Saul

Brad Saul

Senior Technical Advisor, Kaspersky Government Security Solutions, Inc.
Mr. Saul’s role at KGSS is to provide guidance and technical leadership across the organization. Prior to KGSS he was a Senior Lead Technologist in Booz Allen Hamilton's Strategic Innovations Group focusing on network and cyber-security architecture. He led the development of behavioral based cyber analytics platform to detect various forms of cyber intrusions, APT, Malware, Crime-ware and many other forms of anomalous network traffic. He... Read More →


Wednesday February 4, 2015 2:15pm - 3:00pm
Main Track

3:00pm

Afternoon Break and Exhibitor Demos
Please join us for refreshments and coffee and speak with exhibitors.

Wednesday February 4, 2015 3:00pm - 3:20pm
Main Track

3:20pm

Culture and Cyber Behaviors

Ghandi said, “Your values become your destiny.” These values can be used to categories users, thus putting the human in cyber behavior?

This talk examines what our value systems say about how we behave in cyberspace. Is it possible that we have certain default settings that reveal information about our identities? Our cultural values, act as default settings and this talk discusses the linkage between culture and cyber behaviors.

Our adversaries also have value systems, and accompanying behaviors. Because of these value systems, cyber warfare, espionage, and international actions are exceptionally well suited for connecting the human to their cyber behaviors. Traditional (kinetic) war behaviors vary by country, why would cyber be different?

This talk discusses the statistical relationship found between culture and cyber behaviors. The speakers will discuss the framework that they use for characterizing nation-state cyber actors and the statistical methods used to evaluate the relationship between culture and cyber behaviors. Finally, the speakers will also discuss the implications of their findings to date along with other possible applications.


Speakers
avatar for Dr. Char Sample

Dr. Char Sample

Research Scientist, CERT
Dr. Char Sample is an academically and professionally experienced cyber security professional with over 20 years experience in network security and software engineering. She is currently a research scientist at CERT.  Internet security experiences include expertise with firewalls, IDS, IPS, Anomaly Detection, DNS, DNSSEC, Mail, routing, authentication, encryption, secure network architectures, cloud computing (IaaS and PaaS) and Unix... Read More →


Wednesday February 4, 2015 3:20pm - 3:45pm
Main Track

3:45pm

Poisoning the Well: Evolution of Psychological Warfare

How the PsyOps Industry is Diffusing the Democratizing Power of Social Networks 

Modern psychological warfare has no need for chemical compounds or staged brothels. Our perception of current events is almost entirely shaped by social networks built on the premise of providing an accurate representation of what ordinary citizens are thinking and feeling. That authenticity has made social networks into an attractive platform for political speech and social activism capable of sparking entire revolutions overnight.

The idea that a mob of concerned, politically-motivated citizens will organize through these networks and take to the streets to demand political involvement, representation, and a better overall political structure is a dream for countries invested in democratizing other nations. The mob’s wake provides a cover of homespun authenticity that invalidates talk of foreign interference or political cunning while creating favorable conditions for foreign operatives to act. Social networks are a free market coup.

The crowdsourced political power of these grassroots movements has not gone unanswered, as an industry of social network manipulation has risen to counteract it. Social bots, fake blogs, artificial viralization services and more are being sold to foreign governments looking to manipulate their population’s perception of current events. By exploiting the innate trust-relationship between social networks and their users, these companies disrupt opposition, bury content, and profile dissenters for further pursuit. To the delight of socialist dictators and oppressive regimes, mercenaries have entered the stage of information warfare

Just as espionage and surveillance have evolved under state patronage, we are now witnessing the evolution of psychological warfare. Gone are the days of MKULTRA, Facebook and Twitter will do just fine!  

Amateurs shut off the internet, professionals poison the well! 


Speakers
avatar for Juan Andrés Guerrero-Saade

Juan Andrés Guerrero-Saade

Senior Security Researcher, Kaspersky Lab
Juan Andrés joined Kaspersky Lab in 2014 as a Senior Security Researcher. His experience and research interests span Government Surveillance, Intelligence Analysis, Cyber Warfare and Cyber Espionage. Juan Andrés’s previous research focused on placing intricate philosophical systems and logic in a dialogue with specialized and often inaccessible topics in Computer Science and Information Security. Before joining Kaspersky Lab... Read More →


Wednesday February 4, 2015 3:45pm - 4:10pm
Main Track

4:30pm

Security Operations: Moving to a Narrative-Driven Model

The current security operations model is an alert-driven one.  Alerts contain a snapshot of a moment in time and lack important context, making it difficult to qualify the true nature of an alert in a reasonable amount of time.  This clouds the information security picture and inhibits organizations from attaining full awareness of the threat landscape they face.  On the other hand, narratives provide a more complete picture of what occurred and tell the story of what unfolded over a period of time.  Ultimately, only the narrative provides the required context and detail to allow an organization to make an educated decision regarding whether or not incident response is required, and if so, at what level.  This talk presents the Narrative-Driven Model for incident response.



Speakers
avatar for Josh Goldfarb

Josh Goldfarb

Chief Security Strategist, Enterprise Forensics Group, FireEye
Josh (Twitter: @ananalytical) is an experienced cyber security analyst with over a decade of experience building, operating, and running Security Operations Centers (SOCs). Josh currently serves as the Chief Security Strategist of the Enterprise Forensics Group at FireEye. Until its acquisition by FireEye, Josh served as Chief Security Officer for nPulse Technologies. Prior to joining nPulse, Josh worked as an independent consultant, applying his... Read More →


Wednesday February 4, 2015 4:30pm - 4:55pm
Main Track

4:55pm

The Evolution of the Insider Threat: Thousands of Years in the Making

Today, 53% of organizations have experienced an insider cybercrime incident, up significantly from 41% in 2004. Despite this upshot, one-third of organizations still have no formalized response plan. Many are still more focused on keeping up with external threats to protect assets rather than dealing with their own privileged users. In order to detect and prevent internal user incidents, tech departments need the support of their leadership to do what those plant managers did in the 1950s: Watch. Audit. Intervene. Prevent. However, what’s happening is organizations are frequently shirking off the potential for disaster, leaving them vulnerable to internal user-inflicted systems compromise (whether intentionally caused or not). Michael Crouse, Director of Insider Threat Strategies at Raytheon Cyber Products, will draw on a decade of experience to discuss what works and what does not work – and the future of effective insider threat mitigation. From this session, attendees will learn tactics organizations have used to block the insider, what has worked, what hasn’t and how to get a step ahead of the insider to protect your organization.



Speakers
avatar for Michael Crouse

Michael Crouse

Director of Insider Threat Strategies, Raytheon
Michael Crouse, Director of Insider Threat Strategies at Raytheon Cyber Products, oversees the execution of existing federal and commercial cyber audits/anti-malware requirements programs. He works closely with top government and commercial decision makers helping them develop new network security policies, specifically with regard to audit requirements and the detection and mitigation of insider threats. Michael brings nearly a quarter-century... Read More →


Wednesday February 4, 2015 4:55pm - 5:20pm
Main Track

7:00pm

VIP Reception Ritz Carlton Georgetown

Suits and Spooks will be hosting a dinner to benefit Warrior Dog Foundation.  The evening will kick-off on February 4th, 2015 with a VIP reception from 7-8pm at the Ritz-Carlton, Pentagon City in honor of former U.S. Navy SEAL and New York Times Best Selling author, Mike Ritland.  You will be able to meet Mike and his higly trained K-9.  Space is limited so we sugget you purchase your tickets before they sell out.  Mike Ritland will then be speaking during the main dinner program from 8-10pm.  Mike will share intimate stories of what it's like to be a Navy SEAL and how military working dogs keep our Special Operations Forces operators safe while they are downrange.  

The proceeded from all ticket sales will go directly to Warrior Dog Foundation and supporting the Special Operations community.  Tickest will be tax-deductable to all our guests.

Warrior Dog Foundation is a 501(c)3 charity founded by U.S. Navy SEAL Mike Ritland with the sole purpose of giving back to the Naval Special Warfare and Special Operations Forces commuities.  We transition military working dogs from the combat environment into retirement either at our state-of-the-art facilities or into loving private homes.  We ensure these heroes face retirement with dignity and grace.  Warrior Dog Foundation is also dedicated to assisting handlers and their families when they are either killed or injured in combat.  We are proud to be chosen as the charity of choice by Suits and Spooks.


Wednesday February 4, 2015 7:00pm - 8:00pm
The Ritz-Carlton Georgetown, Washington, D.C. 3100 South Street NW Washington, DC 20007

8:00pm

Warrior Dog Foundation fundraiser dinner Ritz Carlton Georgetown

Suits and Spooks will be hosting a dinner to benefit Warrior Dog Foundation.  The evening will kick-off on February 4th, 2015 with a VIP reception from 7-8pm at the Ritz-Carlton, Georgetown in honor of former U.S. Navy SEAL and New York Times Best Selling author, Mike Ritland.  You will be able to meet Mike and his higly trained K-9.  Space is limited so we sugget you purchase your tickets before they sell out.  Mike Ritland will then be speaking during the main dinner program from 8-10pm.  Mike will share intimate stories of what it's like to be a Navy SEAL and how military working dogs keep our Special Operations Forces operators safe while they are downrange.  

The proceeded from all ticket sales will go directly to Warrior Dog Foundation and supporting the Special Operations community.  Tickest will be tax-deductable to all our guests.

Warrior Dog Foundation is a 501(c)3 charity founded by U.S. Navy SEAL Mike Ritland with the sole purpose of giving back to the Naval Special Warfare and Special Operations Forces commuities.  We transition military working dogs from the combat environment into retirement either at our state-of-the-art facilities or into loving private homes.  We ensure these heroes face retirement with dignity and grace.  Warrior Dog Foundation is also dedicated to assisting handlers and their families when they are either killed or injured in combat.  We are proud to be chosen as the charity of choice by Suits and Spooks.

Have questions about Suits and Spooks Dinner to benefit Warrior Dog Foundation?Contact Taia Global and Warrior Dog Foundation


Wednesday February 4, 2015 8:00pm - 10:00pm
The Ritz-Carlton Georgetown, Washington, D.C. 3100 South Street NW Washington, DC 20007
 
Thursday, February 5
 

7:30am

Breakfast and Registration
Badge pick up and breakfast

Thursday February 5, 2015 7:30am - 8:25am
TBA

8:25am

Morning Remarks
Welcome to Day 2 of Suits and Spooks and morning remarks

Speakers
avatar for Jeffrey Carr

Jeffrey Carr

Principal Consultant, The 20K League
Jeffrey Carr is a cybersecurity consultant, the author of Inside Cyber Warfare: Mapping the Cyber Underworld (O’Reilly Media, 2009, 2011), and the founder of the Suits and Spookssecurity event series. He has consulted for Fortune 500 companies and U.S. and foreign government agencies and has spoken at hundreds of conferences around the world since 2009. Mr. Carr is widely published and frequently quoted on matters of... Read More →
ML

Mike Lennon

SecurityWeek
Michael Lennon is the founding publisher and Managing Editor of SecurityWeek. For more than 10 years, he has been closely monitoring and analyzing trends in the enterprise IT security space and the threat landscape. In his role at SecurityWeek, he oversees the editorial direction of the publication and manages several leading security conferences. He studied economics and computer science at Trinity College in Hartford, Connecticut.


Thursday February 5, 2015 8:25am - 8:30am
Main Track

8:30am

WORKSHOP: Transitioning from Government to a Cyber Security Startup

This 45 minute breakfast workshop will be taught by a panel of intelligence agency veterans who have left their respective agencies and started their own cyber security companies and/or funded cyber security startups. The objective is to share lessons learned and respond to questions from the attendees.  Coffee, juice, and fresh fruit will be served.


Speakers
avatar for Rick Holland

Rick Holland

Principal Analyst, Forrester Research
Rick Holland is a principal analyst at Forrester Research, where he serves Security & Risk Professionals. Rick works with senior information security leadership, providing strategic guidance on security architecture, security operations, and data privacy. His research focuses on incident response, cyber threat intelligence, vulnerability management. Rick speaks at security events including the RSA conference and SANS summits. He is... Read More →
avatar for Barbara Hunt

Barbara Hunt

President and CTO, CuttingEdge CA
Barbara Hunt, President and CTO, CuttingEdge CA. Ms. Hunt is a retired Central Intelligence Agency (CIA) Executive Technical Expert and program manager with over 20 years of experience in the fields of cyber, information, and telecommunications technology and operations. She also served as Director of Capabilities, Tailored Access Operations Group at NSA.
AW

Alan Wade

Alan Wade retired from federal service at the end of 2005 after a thirty five year career in the Central Intelligence Agency. He retired as the Chief Information Officer, a position he held since 2001. Alan held a series of senior positions at CIA, including the Director of Communications, Director of Security, and Chief Information Officer. In his assignment as Chief Information officer, he was dual-hatted as the Chief Information Officer for... Read More →


Thursday February 5, 2015 8:30am - 9:10am
Main Track

9:10am

CERT-EU’s Continuing Encounters with KE3CHANG/VIXEN PANDA

Freddy Dezeure, the director of CERT-EU, will report on the ongoing activities of the threat actor Ke3chang/Vixen Panda, who has been very prolific in attacks against public institutions in the recent years. Little has been reported in open source, beyond the report issued by FireEye end of 2013. The presentation will provide an insight in their TTPs, by means of real incidents: the infection vectors used, the tools deployed, the agility of the actor and their reaction on the incident response as well as some indications on realistic detection methods.


Speakers
avatar for Freddy Dezeure

Freddy Dezeure

Freddy Dezeure graduated as Master of Science in Engineering in 1982. He was CIO of a private company from 1982 until 1987. After joining the European Commission in 1987, he has held a variety of management functions in administrative, financial and operational areas, in particular in information technology. He has set up the CERT for the EU institutions, agencies and bodies in 2011 and he has been Head of CERT-EU since then.


Thursday February 5, 2015 9:10am - 9:35am
Main Track

9:35am

How Digital Technology is Impacting Law Enforcement in Urban Environments

As criminals and criminal organizations take advantage of new digital technologies like social media and smart phones, police departments in large cities are struggling to catch up. Zachary Tumin is the Deputy Commissioner for Strategic Initiatives with the New York Police Department and he’ll brief attendees on some of the initiatives that the NYPD has started to help remediate that problem.


Speakers
avatar for Zachary Tumin

Zachary Tumin

Deputy Commissioner for Strategic Initiatives, New York Police Department
Zachary Tumin is the Deputy Commissioner for Strategic Initiatives with the New York Police Department. He is also the co-author with William Bratton of “Collaborate or Perish: Reaching Across Boundaries in a Networked World”.


Thursday February 5, 2015 9:35am - 10:00am
Main Track

10:10am

Q&A With an Assistant U.S. Attorney

Sabrina has been with the U.S. Attorney’s Office for the Southern District of California for over 7 years.  She is the Computer Hacking and Intellectual Property Coordination and her work focuses on cybercrime and national security cases.  Prior to joining the U.S. Attorney’s Office, she worked at two San Francisco law firms as a civil litigator. 

 


Speakers
SF

Sabrina Feve

U.S. Attorney’s Office, U.S. Attorney’s Office, Southern District of California
Sabrina has been with the U.S. Attorney’s Office for the Southern District of California for over 7 years.  She is the Computer Hacking and Intellectual Property Coordination and her work focuses on cybercrime and national security cases.  Prior to joining the U.S. Attorney’s Office, she worked at two San Francisco law firms as a civil litigator. 


Thursday February 5, 2015 10:10am - 10:25am
Main Track

10:25am

Morning Break and Exhibitor Demos
Join us for coffee and refreshments during this morning break and interact with Suits and Spooks Sponsors and Exhibitors.

Thursday February 5, 2015 10:25am - 10:45am
Main Track

10:45am

PANEL: Cryptocurrencies – What are the Challenges that Banks Face?

This panel will discuss some of the challenges that international banks must address with the growing use of Bitcoin and other forms of crypto-currency. Panelists include Ben Milne (the founder of Dwolla), Edward V. Marshall (V.P., Credit Suisse), and Wesley Bull (CSO of NVIDIA)


Speakers
avatar for Judith Grabski

Judith Grabski

President & CEO, Inali, LLC.
Judith Grabski currently leads Inali, LLC., providing innovation support services to commercial, non-profit, and government organizations.  She specializes in the creation and establishment of adaptive programs to solve challenges in the ever-changing global environment that we operate in.   Judith’s expertise stems from over twenty-five years of experience in the intelligence community developing and implementing creative... Read More →
avatar for Brian Hoffman

Brian Hoffman

Open Bazaar
Brian Hoffman is the project maintainer and community coordinator for the open source project Open Bazaar, a decentralized peer to peer marketplace, inspired by the powerful work started by the Dark Wallet team with DarkMarket. He has worked as an identity and access management security consultant supporting Fortune 500 companies including Boeing, Neiman Marcus and DuPont. Recently he has developed encrypted health messaging systems for Booz... Read More →
avatar for Edward W. Marshall

Edward W. Marshall

Vice President, Credit Suisse
Vice President, Credit Suisse


Thursday February 5, 2015 10:45am - 11:25am
Main Track

11:25am

Iran’s Cyber Warfare Machine: Dissecting Operation Pistachio Harvest

Iran’s cyber warfare capabilities stretch across a broad, deep and diverse ecosystem of assets. Some assets even reside within the United States – hiding in cloud service providers, enterprises and government organizations. This presentation dissects the details behind Operation Pistachio Harvest and shares how the intelligence was acquired, what was discovered and why it matters.


Speakers
avatar for Anthony Bargar

Anthony Bargar

Norse Advisory Board
Anthony Bargar served in senior positions within the financial sector, DoD and Intelligence Community. Bargar’s global customers include stock exchanges, banks, utilities, military/intel agencies, and critical infrastructure companies. He was on the team that developed the US’ National Cyber Initiative, supported Homeland Security CIP, Resilience, Business Continuity and National Telecom programs and was the lead rep to the White... Read More →
avatar for Scott Fitzpatrick

Scott Fitzpatrick

Security Specialist and Field Engineer, Norse Corp.


Thursday February 5, 2015 11:25am - 11:50am
Main Track

11:50am

PANEL: Securing the Supply Chain: Do You Know Where Your Code Came From?

As we have witnessed with hardware, the supply chain easily becomes a means to enter and attack an organization. The software supply chain is just as if not becoming more vulnerable to attack: more opportunities to exploit due to faster update cycles, less ability to test, more people involved in technologies, BYOD, etc. 

This panel will focus about the looming problem with software supply chains and various solutions and fixes that have been proposed to mitigate them. 


Speakers
avatar for Michael Hewitt - Rear Admiral (Ret)

Michael Hewitt - Rear Admiral (Ret)

Rear Admiral (Ret) Michael W. Hewitt previously served as deputy director for Global Operations, Operations Directorate, Joint Staff, the Pentagon, Washington D.C for the United States Navy. He was responsible to the director for Operations and the chairman of the Joint Chiefs of Staff for oversight and coordination of worldwide operational matters. This included Global Reconnaissance Operations, Cyberspace Operations, Military... Read More →
avatar for John Scott

John Scott

Selection Pressure, LLC.
John Scott is a leader in software supply chain domain and the commingled issues of cyber, software & technology development and deployment, software, intellectual property and acquisitions. He is focused now on automating and managing the enterprise cyber tools and the software supply chain. John drafted the U.S. Department of Defense policy for the use of open source software and is often called as an expert in this area. He founded... Read More →
avatar for Bill Shleton

Bill Shleton

Software Development Lead, Consumer Financial Protection Bureau
Bill Shelton is the Software Development Lead at Consumer Financial Protection Bureau
avatar for Dr. Michael Sulmeyer

Dr. Michael Sulmeyer

DoD Senior Policy Advisor, Department of Defense
Dr. Michael Sulmeyer is Senior Policy Advisor in the Office of the Deputy Assistant Secretary of Defense for Cyber Policy, where he focuses on strategy, planning, international, and legislative issues. Previously, he worked on arms control and the maintenance of strategic stability between the United States, Russia, and China. While on a Marshall Scholarship, Michael received his doctorate in Politics from Oxford University, and his... Read More →


Thursday February 5, 2015 11:50am - 12:30pm
Main Track

12:30pm

Linguistic Attribution: Identifying the Native Language of the Sony Hackers
Fast track presentation on using linguistic attribution to identify the native language of the Sony Hackers by Shlomo Argamon, Chief Scientist of Taia Global and both Professor of Computer Science and Director of the Master of Data Science Program at Illinois Institute of Technology. 

Speakers
avatar for Shlomo Argamon

Shlomo Argamon

Chief Scientist, Taia Global, Inc.
Shlomo Argamon is the Chief Scientist of Taia Global and both Professor of Computer Science and Director of the Master of Data Science Program at Illinois Institute of Technology. He received his B.Sc. in Applied Mathematics from Carnegie-Mellon (1988) and his Ph.D. in Computer Science from Yale University (1994), as a Fannie and John Hertz Foundation Fellow, and was a Fulbright Fellow at Bar-Ilan University (1994-96).  Prof. Argamon’s... Read More →


Thursday February 5, 2015 12:30pm - 12:45pm
Main Track

12:45pm

Lunch
Please join us for lunch and networking.

Thursday February 5, 2015 12:45pm - 1:30pm
Main Track

1:30pm

WORKSHOP: China’s People’s Liberation Army Information Warfare Infrastructure

Attendees at this workshop will learn how the PLA is integrating Computer Network Operations into their military infrastructure and gain a deeper understanding of its organization, training, and capabilities.



Speakers
avatar for Mark Stokes

Mark Stokes

Executive Director, Project 2049 Institute
Mark Stokes is the Executive Director of the Project 2049 Institute. Previously, he was the founder and president of Quantum Pacific Enterprises, an international consulting firm, and vice president and Taiwan country manager for Raytheon International. He has served as executive vice president of Laifu Trading Company, a subsidiary of the Rehfeldt Group; a senior associate at the Center for Strategic and International Studies; and member of... Read More →


Thursday February 5, 2015 1:30pm - 2:10pm
Main Track

2:10pm

2:35pm

PANEL: IOCs and Attribution
Moderators
avatar for Ryan Naraine

Ryan Naraine

Director, Global Research & Analysis Team, US, Kaspersky Lab
Ryan joined the company in 2008 as a Security Evangelist. In March 2013, he was appointed the Head of Kaspersky Lab’s Global Research & Analysis Team in the United States. Ryan has extensive experience in computer security user education. He specializes in operating system and third-party application vulnerabilities, zero-day attacks, social engineering and social networking threats, and issues related to responsible vulnerability... Read More →

Speakers
avatar for Brian Bartholomew

Brian Bartholomew

Lead Technical Analyst, iSIGHT Partners
Mr. Bartholomew has over 13 years of experience in the Cyber Espionage field. He is currently the lead technical analyst for the Cyber Espionage Threatscape at iSIGHT Partners. He began his career as an incident response analyst at the US Department of State's Computer Incident Response Team (CIRT). From there, he moved into the penetration testing field and led the Red Cell team at the US Department of State. During this time, he also provided... Read More →
avatar for Kurt Baumgartner

Kurt Baumgartner

Principal Security Researcher, Global Research & Analysis Team, Kaspersky Lab
Kurt joined Kaspersky Lab in 2010 and is responsible for monitoring the malware landscape across the Americas and enhancing Kaspersky Lab technologies and solutions. Prior to joining Kaspersky Lab, Kurt was VP of Behavioral Threat Research at Symantec – PC Tools ThreatFire. Originally joining ThreatFire as a start-up in 2005 as their sole researcher, he built up and led their research efforts through two successful acquisitions. Before... Read More →
avatar for John Hultquist

John Hultquist

iSIGHT Partners
John Hultquist leads the intelligence analysis team that tracks cyber espionage threats for iSIGHT Partners' government and commercial clients. His team authored the NEWSCASTER report which uncovered a three-year Iranian campaign targeting US and Israel through social networks. He has over eight years experience in covering emerging threats in cyber espionage and hacktivism, working in senior intelligence analysis positions in the US government... Read More →


Thursday February 5, 2015 2:35pm - 3:15pm
Main Track

3:15pm

The Global Targeting of Corporations Using Social Media and SDR's.
The Global Targeting of Corporations and their Employees Using Social Media and SDR's.

One of the largest threats to any corporation is the leaking of critical information and the ease at which it can be monitored. It takes only a few seconds to filter out COMPANY X employees on social media with a few simple searches. Example: site:Facebook.com "COMPANY X" AND "employee."  You can replace Facebook with any social media site and be able to compile a list of targets. The key issue is few organizations are properly training their employees about how to sensor themselves on social media. If I know that a group of people are employees of a company the next step is to us key term searches to note when they are traveling. This will allow me to begin filtering when a trip is taking place and most likely where they are going. There are nosuper-secret security settings that lock down your social media. The key is education on Cyber Hygiene when traveling as well as on social media. The courses that Weathered Security provides show how easily social media can be tracked and gives key words that should be avoided to help hide business trips and secrets. We also teach how to protect your employees from cyber threats that are often over looked. Threats such as syncing your Bluetooth in a rental or plugging your usb cable into a public charging port.  


Speakers
DW

Dale Wooden

President, Weathered Security
Dale Wooden President/Founder of Weathered Security has 20 years of experience in Naval Special Operations. His experience with global deployments gives a unique insight into the physical and cyber threats that currently exist and how they evolve. This experience includes the development of electronic signature reduction and commercial off the shelf digital protection. The combination of operational and technical skills create a comprehensive... Read More →


Thursday February 5, 2015 3:15pm - 3:40pm
Main Track

3:40pm

Afternoon Break and Exhibitor Demos
Afternoon Break, sponsored by SecurityWeek

Thursday February 5, 2015 3:40pm - 4:05pm
Main Track

4:05pm

The End of Big Cyber: The Coming Collapse and the Emergence of Mature Cyber Security

Programmatically speaking, we are living through cybersecurity’s adolescence.  That is to say, in response to widespread recognition of the dangers posed in a hostile cyberspace, government and industry have embarked on a number of large, well-resourced and highly visible cybersecurity projects and programs.  These efforts are generally conducted alongside, and in a parallel manner to the ongoing operations or the acquisitions/development efforts they are intended to protect.  Unfortunately, they suffer from the same flaws as many other large, top-down reformation and improvement programs throughout history.  This talk will draw parallels between current cybersecurity programs and historical grand attempts to address other endemic, systemic requirements and problems.  It will follow up with a discussion of how these large programs will eventually collapse and see their solutions filter into the DNA of the programs they were originally intended to protect.  Finally, it will lead the audience on a path toward a supportable hybrid approach that merges top-down and bottom-up implementations.


Speakers
avatar for Adam Firestone

Adam Firestone

Kaspersky Government Security Solutions, President and General Manager
Adam Firestone is  President and General Manager of Kaspersky Government Security Solutions, Inc. KGSS provides world class cybersecurity intelligence and systems engineering services as well as innovative product solutions to meet the needs of government, government contractor and national critical infrastructure organizations. Adam leverages more than 20 years of experience in the defense, intelligence and government... Read More →


Thursday February 5, 2015 4:05pm - 4:30pm
Main Track

4:30pm

PANEL: Sony and the DPRK: A Question of Attribution

United States authorities say they’re certain that North Korea is behind the attack on Sony, but they haven’t provided any proof to back their claims, except for the fact that the attackers used IP addresses “exclusively used by the North Koreans.” Everyone agrees that attribution is tricky. Some believe US authorities are jumping to conclusions, but others say the FBI surely has other evidence, which they might never share with the public, to back their claims. This topic will be debated by a panel of experts and moderated by The Wall Street Journal's Danny Yadron.


Moderators
avatar for Danny Yadron

Danny Yadron

Reporter, The Wall Street Journal
Danny Yadron covers cybersecurity from The Wall Street Journal's San Francisco bureau. He usually writes about hackers, cybercops and what companies do (and don't do) to stay safe on the Internet. At the Journal, he also has covered tech policy, a presidential campaign, national politics and the Midwest – his home. Before that, he wrote for McClatchy, the Austin American-Statesman and The Buffalo News.

Speakers
avatar for Matthew Burton

Matthew Burton

Matthew Burton has been in the government technology world for 12 years. He was recently the Chief Information Officer of the Consumer Financial Protection Bureau. Prior to that, he consulted the U.S. Intelligence Community on issues regarding information sharing and virtual collaboration. He began his career as a C4I analyst at the Defense Intelligence Agency. | | In addition to working with government... Read More →
avatar for Jeffrey Carr

Jeffrey Carr

Principal Consultant, The 20K League
Jeffrey Carr is a cybersecurity consultant, the author of Inside Cyber Warfare: Mapping the Cyber Underworld (O’Reilly Media, 2009, 2011), and the founder of the Suits and Spookssecurity event series. He has consulted for Fortune 500 companies and U.S. and foreign government agencies and has spoken at hundreds of conferences around the world since 2009. Mr. Carr is widely published and frequently quoted on matters of... Read More →
avatar for Marc Rogers

Marc Rogers

Principal Security Researcher, CloudFlare
Marc is a whitehat hacker who has worked in the security industry for almost twenty years, including a decade managing security in the UK operator Vodafone, and five years as CSO for a real estate and asset management conglomerate in South Korea. Marc sees himself as a security evangelist, who has a positive outlook on how security should be implemented in today’s global organizations. It's this outlook that Marc used when he helped put... Read More →
avatar for Roel Schouwenberger

Roel Schouwenberger

Principal Security Researcher, Global Research & Analysis Team, Kaspersky Lab
Roel joined Kaspersky Lab in 2004 as a Senior Research Engineer for the Benelux region. Since 2008, Roel has worked as a Senior Researcher in North America where he is responsible for both monitoring the regional malware situation and in-depth analysis of cyber incidents. Roel focuses on targeted attacks - including those used in cyber warfare - and proactive technologies. In addition, Roel also investigates new platforms and... Read More →
avatar for Kurt Stammberger

Kurt Stammberger

Senior Vice President, Market Development, Norse Corp.
Perhaps best known as the "founder of the RSA Conference", Kurt Stammberger is a career startup marketer with special expertise in the crypto, security and threat intelligence markets. Stammberger joined RSA Security as employee #7 in 1990, leading their marketing organization, helped spin-off of VeriSign and created the brand for the technology that now protects virtually every electronic commerce transaction on the planet. Mr. Stammberger is a... Read More →



Thursday February 5, 2015 4:30pm - 5:30pm
Main Track

5:30pm

A Talk by former NSA Deputy Director Chris Inglis

Professor Chris Inglis is the former Deputy Director of the NSA, who retired on January 10, 2014. Details of his talk will be posted in the near future.



Speakers
avatar for John

John "Chris" Inglis

Retired Deputy Director and senior civilian leader of the NSA
Retired Deputy Director and senior civilian leader of the National Security Agency. | | As the Deputy Director and senior civilian leader of the National Security Agency, Mr. Inglis acted as the Agency’s chief operating officer, responsible for guiding and directing strategies, operations and policy. Mr. Inglis began his career at NSA as a computer scientist within the National Computer Security Center. His NSA assignments include... Read More →


Thursday February 5, 2015 5:30pm - 6:00pm
Main Track

6:00pm

Prize Drawing and Beer Bash

Please join us at the Diplomat Room on the lobby level from 6pm to 8pm for drinks and networking. Don’t leave before you find out if you’re the lucky person to win a free trip to Suits and Spooks London (air fare and hotel included). We’ll be giving away some other very cool gifts, plus enjoy the free beer and networking. 


Thursday February 5, 2015 6:00pm - 8:00pm
Diplomat Room Ritz-Cartlon, Lobby Level