Secure Your Business Operations from Threats

 

The unprecedented Target breach and government spying scandal have put cybersecurity in the global spotlight. With cyberattacks on the rise, it is now even more important to learn how to identify weaknesses and protect company infrastructure from incursions. At the Rock Stars of Cybersecurity conference, well-respected cybersecurity authorities from leading companies will deliver case studies and actionable advice that you can immediately put to use.

September 24, 2014 - Austin, Texas


 

Cybersecurity Authorities from Leading Companies

Cybersecurity Badge

At the Rock Stars of Cybersecurity conference, you will learn:

  • Effective strategies for securing business operations
  • New and innovative approaches to responding to today's security threats
  • How government agencies are balancing cybersecurity threats and privacy
  • How to implement a secure enterprise architecture
  • Big data's implications for security analytics
  • Implications of the cybersecurity skills shortage on the ability to respond to attacks

Music, Food, Exhibits, and Collaboration

The Sept. 24 Rock Stars of Cybersecurity event in Austin drew nearly 200 attendees and 13 sponsors, and featured high-level and insightful presentations from more than a dozen speakers from government and industry amid a "rock star" atmosphere of music, food, exhibits, and collaboration.

"We heard a lot of positive feedback from our engaged audience of attendees," said Chris Jensen, IEEE Computer Society director of marketing and sales. "Not only did they get actionable insight and knowledge from our strong lineup of security innovators, but they also enjoyed connecting to others in their field."

Sponsors included some of the biggest names in the security industry. Gold sponsor QuickMobile provided the conference mobile app. Entrust, which offers software authentication platforms that strengthen security in a wide range of identity and transaction ecosystems, and eSentire, the leader in Active Threat Protection solutions and services, were event Silver sponsors.

View presentations and video from the action-packed day.

 

speakers


 
Peter Fonash
Fonash
Peter Allor
Allor
 
Joshua Greenbaum
Greenbaum
Sarath Geethakumar
Sarath
 
Gus Hunt
Hunt
Tim Helming
Helming
 
Brian Kenyon
Kenyon
Will Hurley
Hurley
 
Spencer Mott
Mott
Gary McGraw
McGraw
 
Brett Wahlin
Wahlin
David Rockvam
Rockvam
 

Peter Allor

Cyber Security Strategist - Federal
IBM

As a Security Strategist in the Critical Infrastructure Group, Peter Allor assists in guiding the company's overall security initiatives and participation in enterprise and government implementation strategies. He is responsible for security strategies, especially as they intersect with critical infrastructures and Central Government Operations / Strategy. He assists the IBM Watson and X-Force research and development teams with the collection, analysis, and dissemination of information regarding cyber vulnerabilities, exploits, incidents, threats, and early warning. This information is used to provide customers with information and resources to employ best practices to defend their domain from potential attacks. He is responsible for security strategies to align IBM's products and services with government, critical infrastructures, and networked protection requirements to protect against evolving sophisticated attack methodologies, providing integrated and simplified security operations based on customer input. Allor is a member of the Information Technology – Sector Coordinating Council (IT-SCC) Executive Committee, which works within the private sector on policy and strategy input to the US government. Allor is also Board Member of the Forum for Incident Response and Security Teams (FIRST), where he also serves as CFO/Treasurer.

Peter Fonash

Chief Technology Officer
US Department of Homeland Security

Peter M. Fonash is Chief Technology Officer for the Office of Cybersecurity and Communications in the Department of Homeland Security. He was previously Director of the National Communications System (NCS), Chief with the Defense Information System Agency (DISA) Joint Combat Support Applications Division, and was responsible for defense communications infrastructure policy and program oversight at the Office of the Assistant Secretary of Defense for Command, Control, Communications, and Intelligence. He was also chairman of the Office of the Secretary of Defense Information Technology (IT) Architecture Council. He wrote DISA's strategic plan and managed the development of the Technical Architecture for Information Management—the forerunner of today's Enterprise Architecture. Before joining the federal government, Fonash worked for AT&T and the Burroughs Corp. (Unisys). He holds a bachelor of science degree in electrical engineering, a master of science from the University of Pennsylvania, an MBA from the University of Pennsylvania Wharton School, and a PhD in information technology and engineering from George Mason University.

Sarath Geethakumar

Senior Director – Global Information Security
VISA

Sarath Geethakumar is Senior Director of Mobile and Product Security at Visa Inc. He specializes in mobile platform and application security and is actively involved in mobile security research. Sarath's research activities have been instrumental in uncovering numerous security weaknesses with mobile device management solutions and platform security capabilities that were disclosed to appropriate vendors. Sarath was co-author of "Hacking Exposed Mobile" and is an active member and contributor of the Open Web Application Security Project (OWASP) Web and mobile initiatives. He previously worked as a security specialist, security consultant, lead architect, and software developer. Before joining Visa Inc., he served as an Information Security Specialist and Red Team member at American Express. Sarath has also provided consulting expertise to various financial institutions and Fortune 500 companies. He has played a key role in shaping mobile security practices across various organizations and training security professionals on mobile security.

Joshua Greenbaum

Principal
Enterprise Applications Consulting

Joshua has over 30 years of experience in the industry as a computer programmer, systems analyst, author, consultant, and industry analyst. Josh regularly consults with leading public and private enterprise software, database, infrastructure, implementation, and hardware companies, and advises end users on technology infrastructure and applications selection, development, and implementation issues.

Tim Helming

Director of Product Management
DomainTools

Tim has over 13 years of experience in cybersecurity, from network to cloud to application attacks and defenses. At WatchGuard, he helped define and launch some of the best-selling SMB security appliances in the market. At Symform, he led definition and messaging efforts for that company's unique peer-to-peer cloud storage solution. Tim has spoken at security conferences, media events, and technology partner conferences worldwide.

Gus Hunt

Former CTO
CIA

Gus Hunt serves as president and CEO of Hunt Technology LLC, a consulting company focused on strategic IT planning, IT effectiveness and efficiency, cybersecurity, data-centric protection, and the cloud. Mr. Hunt served 28 years with the Central Intelligence Agency, most recently as the organization's Chief Technology Officer. As CTO, he set the IT strategic direction and future technology investment plan, and was the motivating force behind the agency's decision to acquire a copy of both the Amazon cloud and IBM's Watson. As CTO, he developed and implemented the CIA's process for expanding technology discovery and accelerating the adoption of new IT capabilities, enabling the CIA to keep pace with technology change in the commercial marketplace.

Will Hurley

Co-founder
Chaotic Moon Studios

William Hurley, commonly known as whurley, is the co-founder of Chaotic Moon Studios, an open source advocate and systems theorist. He is the recipient of several honors and awards. He is regularly interviewed by the press on technology and related topics. Whurley co-founded BarCamp Austin in 2006, a technology-related conference which took place around South By Southwest; and iPhoneDevCamp (or "developers camp"), which debuted in 2007 as an assembly of 200-300 developers and enthusiasts who were interested in finding new ways to use and hack Apple's iPhone. It has since expanded to include iOSDevCamp and iPadDevCamp. In the summer of 2013, whurley will be leading the inaugural GlassDevCamp, which will take place in San Francisco and will encourage the development of apps for the Google Glass platform. For more information, visit http://www.whurley.com.

Brian Kenyon

Vice President and Chief Technical Strategist
McAfee, a division of Intel Security

Brian Kenyon leads an engineering organization focused on developing comprehensive security and compliance for enterprise organizations. His team designs solutions and addresses crisis situations in support of some of the world's largest IT infrastructures. As former chief architect of Foundstone, which McAfee, a division of Intel Security, acquired in 2004, Brian oversaw the security operations center and played an integral role in designing and developing the company's hardware and software solutions, including the FS1000. Brian serves as a trusted advisor to industry and government organizations on key cybersecurity issues and best practices. He co-authored Security Battleground: An Executive Field Manual, was lead author for Security Sage's Guide to Hardening the Network Infrastructure, and contributing author of network architecture for Special Ops: Network and Host Security for Microsoft, Oracle, and UNIX.

Gary McGraw

Chief Technology Officer
Cigital

Gary McGraw is the CTO of Cigital, Inc., a software security consulting firm with headquarters in the Washington, DC area and offices throughout the world. He is a globally recognized authority on software security and the author of eight best-selling books on this topic. His titles include "Software Security", "Exploiting Software", "Building Secure Software", "Java Security", "Exploiting Online Games", and six other books; and he is editor of the Addison-Wesley Software Security series. McGraw has also written over 100 peer-reviewed scientific publications, authors a monthly security column for SearchSecurity and Information Security Magazine, and is frequently quoted in the press. Besides serving as a strategic counselor for top business and IT executives, he is on the Advisory Boards of Dasient (acquired by Twitter), Fortify Software (acquired by HP), Raven White, Max Financial, and Wall+Main. His dual PhD is in Cognitive Science and Computer Science from Indiana University where he serves on the Dean's Advisory Council for the School of Informatics. McGraw served on the IEEE Computer Society Board of Governors and produces the monthly Silver Bullet Security Podcast for IEEE Security & Privacy magazine (syndicated by SearchSecurity).

Spencer Mott

Chief Information Security Officer
Amgen

Spencer Mott is Amgen's Chief Information Security Officer, and Vice President, Information Systems. Prior to Amgen, Spencer spent six years at Electronic Arts, 15 years in the Metropolitan Police (London, UK), and five years in media and copyright protection for a major film copyright trade association. Spencer's experience in the Security industry includes Corporate Risk Management, IT security, Cyber Defence, Software Development Security, Law Enforcement and Intellectual Property Compliance.

David Rockvam

Vice President
Entrust

Rockvam joined Entrust in 1998 as a senior manager to help drive relationships with system integrators and consultants, and led marketing programs to increase professional services revenues. Rockvam guided Entrust through two successful branding campaigns and helped shape the focus, drive and execution of the marketing team in the fastest-growing areas in the information security space — mobile and cloud services

Brett Wahlin

Chief Information Security Officer
HP

Brett Wahlin is Vice President and Chief Information Security Officer (CISO) at HP. Brett is responsible for building world-class, extensible security capabilities that protect HP's assets and workforce, enable and extend business capabilities, and showcase HP's security solutions at work. Brett has nearly 30 years of experience leading large enterprise information security architecture, policy, operations, and development. Previously, he served as Chief Security Officer for Sony Network Entertainment International, Chief Security Officer at McAfee, Chief Information Security Officer at Los Alamos National Laboratory, Vice President of Security Architecture for Wells Fargo, and in various security positions at Intel. He started as a security professional in the US Army, specializing in the areas of linguistics and counterintelligence. Brett holds an MBA, a BA in Russian language, and a BS in criminal justice, all from Arizona State University.

agenda


 
Cybersecurity Badge

Peter Allor

Cyber Security Strategist - Federal
IBM

Security Frameworks, Strategies, & Mitigation Efforts

Governments worldwide are looking to secure not only their environments, and include critical infrastructures and the private sector supply chains that keep government domains operating. Needed is a focused approach on how to secure these entities via risk-management processes for business operations and moving Information Technology away from traditional best-of-breed point product approaches used to offset new attacks and vulnerabilities. This non-regulatory approach differs from traditional compliance checklists and helps focus on the strategy of the business, transforming security from a 'Doctor No' blocking to a security posture enabling business operations. I will discuss how security professionals can lead the business to a more secure process.

Peter Fonash

Chief Technology Officer
US Department of Homeland Security

Strengthening the Security Ecosystem

Strengthening the security and resilience of the cyber ecosystem requires reducing the number of vulnerabilities and the ability to automatically mitigate attack methodologies. A general consensus has been forming in the cybersecurity community that cybersecurity defenses must become more automated, less reactive, more distributed, and better informed. There have been a number of ongoing activities to enable automated collective action to strengthen the resilience and security of the cyber ecosystem in the face of the advanced cyber threat. These activities support a range of automated collective actions, including the sharing of indicators and information, the selection of courses of action, and the coordination of responses. This presentation will discuss the role of DHS in cybersecurity, summarize existing programs to improve cybersecurity, discuss cybersecurity challenges and then present initiatives to meet those challenges.

Brian Kenyon

Vice President and Chief Technical Strategist
McAfee, a division of Intel Security

The Value of A Connected Architecture: Defending Against Targeted Campaigns

Brian Kenyon will expose the findings of ongoing research into sophisticated advanced persistent threat campaigns. Brian will discuss how the intelligence from these attacks can be utilized to make an enterprise's defenses stronger and more elastic to persistent threats. Join Brian as he breaks down the observed and derived intelligence from this campaign and demonstrates how multiple technologies can take defensive action on the date.

Gary McGraw

Chief Technology Officer
Cigital

Scaling a Software Security Initiative: Lessons from the BSIMM

Learn important lessons in scaling software security touchpoints, and making them work efficiently and effectively in a global software security initiative. The talk will focus on the top three touchpoints—code review with a static analysis tool, architectural risk analysis, and penetration testing—discussing the tools, technology, people, and processes for each. The issues will be addressed head on, using examples from the 70+ Building Security in Maturity Model (BSIMM) firms and many years of real-world experience. (Firms in the BSIMM include, Adobe, Aon, Bank of America, Box, Capital One, The Depository Trust & Clearing Corporation (DTCC), EMC, F-Secure, Fannie Mae, Fidelity, Google, Intel, Intuit, JPMorgan Chase & Co., Mashery, McKesson, Microsoft, Nokia, Nokia Siemens Networks, QUALCOMM, Rackspace, Salesforce, Sallie Mae, SAP, Scripps Networks, Sony Mobile, Standard Life, SWIFT, Symantec, Telecom Italia, Thomson Reuters, Visa, VMware, Wells Fargo, and Zynga.)

Sarath Geethakumar

Senior Director – Global Information Security
VISA

Building Security into Payment Systems and Applications

Rapid technology changes are forcing payment systems and solutions to constantly evolve. With global mobile adoption now at 91 percent, interconnected consumer devices and applications must perform faster and handle more complex and more critical functionalities. This evolution not only paves way for new and improved solutions but also makes them lucrative and easy targets for attackers. Security as a development afterthought is not a scalable or secure approach for supporting this rapidly evolving ecosystem. Security is no stronger than its weakest link. Hence, building security into development methodologies ensures that even the weakest links can be secured in a timely and cost-effective manner. This presentation explores how to build security into applications to ensure better, reliable, and scalable solutions. Secure software development, when tailored to integrate into new and evolving agile methodologies, ensures a better and more secure software assurance model as opposed to traditional post-development assurance approaches. 

Brett Wahlin

Chief Information Security Officer
HP

Security 2020: Predictable, Flexible, and Preemptive

Hardly a day goes by without yet another report of a security breach or cyberattack: they are increasing constantly in frequency, ferocity, and stealth. And they can result in significant loss of revenues and reputation for organizations and even destabilize governments. Brett Wahlin will deconstruct the current security paradigm vis-a-vis today's business risk-centric environments, articulate the precept of a predictive behavior-based capability, and, round it off with in-use discussion on HP's security solutions. He will end with a Q&A session aimed at answering your security concerns and apprehensions.

Joshua Greenbaum (moderator)

Principal
Enterprise Applications Consulting

Tim Helming

Director of Product Management
DomainTools

Gus Hunt

Former CTO
CIA

Will Hurley

Co-founder
Chaotic Moon Studios

David Rockvam

Vice President
Entrust

Panel: Is the Goal to Find a Cure, Prevention, or Both?

The problems that have created the need for increased cybersecurity have often been compared to a chronic illness that continuously mutates as it plagues businesses and consumers alike. And like chronic illnesses of all kinds, the question of focusing on prevention or cure looms large in the debate about what is to be done about cybersecurity. This panel will discuss what these two very different routes mean, and what needs to be done by consumers, businesses, Internet providers, and government and nongovernment agencies in order to provide appropriate levels of safety and security at home and at work.

sponsors


quickmobile
Entrust
Telesign
eSentire
F5 Networks
Cigital
Bit9 + Carbon Black
GMO GlobalSign
Sophos
DomainTools
Guidance Software
IBM Security
Kaspersky Lab
BAE Systems
LogRhythm
FierceCIO
IEEE Security & Privacy
IT Professional
 
 
 
 
 
 
 
 
 

 

Computing Now