Workshops & Summits
InfoSec World offers a variety of pre- and post-conference Workshops and Summits giving attendees even more tactical and hands-on learning for the opportunity to earn additional CPEs. With our all-inclusive World Pass, you'll save more on registration when you sign up for multiple workshops and summits.
Saturday, September 24th
Summit • 9:00 AM - 5:00 PM ET
Zero Trust Summit

This summit will explore the Zero Trust framework and the need for users and access requests to be authorized, authenticated and validated before access is granted.

Workshop • 9:00 AM - 5:00 PM ET
Adversarial Attacks & Detection - Day 1 (Hands On)
Ben Mauch
Practice Lead, Defense & Countermeasures
TrustedSec
Larry Spohn
Practice Lead, Force
TrustedSec

This two-day, hands-on workshop is designed for both red and blue teams to give participants a deeper understanding of how offense and defense can work together to refine an organization's security posture. There will be focus on the latest attack techniques and how to build a defense strategy around them. Attendees will learn about the tools and techniques they need to advance their cybersecurity strategy and execution in a way that allows them to have detection, deflection, and deterrence controls for an attack; regardless of an attack's initial vector.

Sunday, September 25th
Summit • 9:00 AM - 5:00 PM ET
Leadership Summit: Your Path to CISO: How to Get to the C-Suite
Gordon Rudd
Chief Executive Officer
Stone Creek Coaching

Cybersecurity is one of the hottest careers in the tech sector today. So, how do you get into the field? How do you advance your career in cybersecurity if you already have a job in cybersecurity?

Today’s CISO is a hybrid. Part technician, part manager, part leader and a visionary. No wonder so many new CISOs fail. Unfortunately, failure isn’t an option for today’s CISO! This course will give you the tools and techniques you’ll need to get a CISO position.

This one-day workshop gives you everything you need to know to create a career in cybersecurity or if you’re already in cybersecurity to advance you cybersecurity career to the next level. Use this workshop to find out how to become a CISO. In this workshop you’ll learn what it takes to become a world class CISO. We will put you in contact with experts in the field of resume writing, interviewing, and of course, talent development.

LEARNING OBJECTIVES
Attendees who take this session will be able to:
1. Determine their mindset and define adjustments as needed.
2. Construct a plan to maintain a high-level of positive energy.
3. Survey their social media presence and adjust as required.
4. Understand the need for a coach or accountability partner.
5. Separate their EIQ from IQ
6. Quantify their current skill set, perform a gap assessment with the skill set of their desired career position.
7. Analyze an industry, company, department, and job.
8. Breakdown a job description
9. Write a professional resume, cover letter, and thank you letter.
10. Prepare the proper artifacts for their interviews.

Workshop • 9:00 AM - 5:00 PM ET
Adversarial Attacks & Detection - Day 2 (Hands On)
Ben Mauch
Practice Lead, Defense & Countermeasures
TrustedSec
Larry Spohn
Practice Lead, Force
TrustedSec
Mike Spitzer
Senior Security Engineer
TrustedSec

This two-day, hands-on workshop is designed for both red and blue teams to give participants a deeper understanding of how offense and defense can work together to refine an organization's security posture. There will be focus on the latest attack techniques and how to build a defense strategy around them. Attendees will learn about the tools and techniques they need to advance their cybersecurity strategy and execution in a way that allows them to have detection, deflection, and deterrence controls for an attack; regardless of an attack's initial vector.

Workshop • 1:00 PM - 5:00 PM
Ransomware Workshop
Kristy Westphal
VP, Security Operations
HealthEquity
Dr. Frans Schippers
Lecturer Cyber Security, HBO-ICT/Cyber Security, 
Amsterdam University of Applied Sciences
Alex Holden
CISO
Hold Security, LLC
Ken Fishkin
Information Security Manager
Lowenstein LLP

From Colonial Pipeline to JBS USA, every sector has seen a rise in ransomware attacks with increasing ransoms. Not only are these ransomware criminals stopping critical operations, they are stealing regulated data that they use to further blackmail their targets. Even when ransoms get paid, these stolen files appear on dark web trading sites, and vulnerability data on the target is often reused by new ransomware operators. Cyber insurance is not the answer. 

Sessions will include:

1:15 PM - 2:15 PM: Rescuing Yourself from Ransomware
Speaker: Kristy Westphal, VP, Security Operations, HealthEquity
Boom! You have ransomware. Now what? There are many steps you can take now, but could you have done more ahead of time? Let's take a deep dive into ransomware, both from a preparation and response perspective. What controls do you need in place? Who should be involved? What decisions need to be made ahead of time to best respond to a ransomware event. This session will look at the good, bad, and the ugly.

2:15 PM - 3:15 PM: Versioned Backup as Protection Against Ransomware
Speaker: Dr. Frans Schippers, Lecturer Cyber Security, HBO-ICT/Cyber Security, Amsterdam University of Applied Sciences
Backup is considered the most useful protection against data loss. However, the granularity of backups is usually not sufficient. To save space and time, incremental backups are used. Files that are constantly updated are difficult to backup consistently. This makes management of the process complicated. We address the requirements for fast backups, space optimization and easy recovery. By inspecting the actions carried out and inspecting the data, we can even detect indications of a ransomware attack. The presented solution is applicable for both small and large systems and also in a cloud environment. The solution can also attribute the data, so that the correct access and protection can be given to the files and objects.

3:15 PM - 3:30 PM: Afternoon Break

3:30 PM - 4:30 PM: Why I Go to the Dark Web Every Day
Speaker: Alex Holden, CISO, Hold Security, LLC
The Dark Web is a scary place. In order to deter the cybercrime, I feel confident exploring its dangerous grounds and know well how to use the Dark Web to defend the victims. I want to invite you on this journey of venturing far beyond your defense perimeter, where cyber criminals are just planning their attacks, and teach you how you can use this knowledge as defensive skills to prevent attacks from happening in the first place.

4:30 PM - 5:30 PM: Click Here to Enter a Ransomware Attack Simulation
Speaker: Ken Fishkin, Information Security Manager, Lowenstein LLP
While many companies have an incident response plan in place to address potential cyber attacks, oftentimes they are rarely tested,. Untested plans often result in making ad-hoc decisions, leading to riskier behaviors. During this session, we will be conducting an interactive simulated ransomware attack (aka tabletop exercise), that challenges your abilities to handle the internal and external pressures that a cybersecurity professional might feel in the midst of a data breach. During this scenario, you will learn how multifaceted an incident response plan needs to be and why periodically testing needs to be performed for it to be effective and efficient. Areas, such as roles and responsibilities, legal and regulatory obligations and communication strategies need to be discussed to appropriately manage this type of crisis.

Wednesday, September 28th
Workshop • 1:00 PM - 5:00 PM ET
Data Science for Cybersecurity (Hands On)
Dr. Thomas Scanlon
Senior Cybersecurity Engineer & Researcher
Software Engineering Institute - Carnegie Mellon University

The half-day workshop will provide attendees with an introduction to data science and machine learning, and demonstrate how these disciplines can be applied to cybersecurity. Attendees will receive classroom instruction and complete hands-on labs that exhibit application of data science to malware analysis, netflow analysis, and digital forensics. The outcome is that information security professionals will gain an appreciation and understanding of ways data science can enhance cybersecurity initiatives.

Workshop • 1:00 PM - 5:00 PM ET
Advanced Cubicles & Compromises (Hands On)
Ean Meyer
Associate Director, Security Testing & Assurance
Marriott Vacations Worldwide

What makes a great tabletop exercise? Many organizations run a tabletop exercise to check a box for compliance standards but don’t maximize the value of the time spent. Often they don’t engage the audience or force them to think enough about the problem to find areas of improvement. Further, they assume their decisions will always work during the exercise. In this workshop, we will not only discuss how to build a tabletop exercise that addresses real risk for an organization but how to make it fun and engaging for teams at all levels of an organization. The workshop will introduce attendees to the Cubicles and Compromises format as well as add new advanced elements. You will create a company with a budget, controls, and limitations then test those controls against a current real-world issue. You’ll roll dice, things won’t go as planned, and you’ll learn to what makes for for a great tabletop exercise you can take back and use at your organization.

Workshop • 1:00 PM - 5:00 PM ET
Cloud Native Application Architecture Threat Hunting
Richard Tychansky
Security Architect
Identity Dynamics Corp.

In this workshop you will learn how-to build and refine your knowledge, skill, and capability to hunt for threats against enterprise cloud deployments. Through examples and practical exercises using AWS you will learn how to identify malicious activity, detect threats, and protect cloud native application architectures. We go beyond the traditional approach of examining network traffic and system logs to take a deep dive into layer 7 traffic that is associated with application microservices. Through practical hands-on training you will learn advanced techniques that can be applied to detecting attacks against: Kubernetes microservices, serverless functions, API gateways and mobile API endpoints. We also threat hunt for supply chain and insiders threats against CI/CD pipelines.

Workshop • 1:00 PM - 5:00 PM ET
Benefits of Deploying a Zero Trust Architecture

This session will be conducted by the security team responsible for the zero trust strategy and implementation at two Fortune 500 global enterprises, Adobe and Cisco, serving over 150,000 users. Instead of diving into specific vendors and products, we will break down Zero Trust into its fundamental technical components and show you how to connect them together to protect corporate assets and prevent lateral movement.

This training session will start by briefly covering the security & business benefits of deploying a Zero Trust Network Access (ZTNA) architecture in an organization. We’ll then spend the majority of the time focusing on breaking down all of the core components of a Zero Trust deployment, and how the pieces all work together. Finally, we’ll have a hands-on workshop using both commercial (Banyan Security) and open-source resources so attendees can create their own personalized Zero Trust demo environment.

Thursday, September 29th
Summit • 9:00 AM - 5:00 PM ET
Cloud Security Summit
Richard Tychansky
Security Architect
Vandana Verma Sehgal
Security Relations Leader
Synk
Dr. Gaimini Bulumulle
Solution Architect/Consultant
InfoTechnology, Inc.
Dr. Dexter Francis
Software Engineer Manager/Developer
CACI
Parul Khanna
Senior Consultant, Information Risk Management
Manulife Global
Karl Ots
Head of Cloud Security
EPAM Systems

Cloud Security continues to be a complex topic. From public/private/hybrid clouds to compliance issues, privacy and configuration concerns, organizations have a great deal to concern themselves with. This summit will dive into many of these issues.

Sessions will include:

Journey towards Secure Architecture in the Cloud
Speaker: Vandana Verma, Snyk
Organizations are moving to cloud due to ease of use, scalability, computing services and many more things that cloud has to offer. Tough times have changed the paradigm to a new level where organizations which were only in the planning stage are now on the cloud. However, when cloud offers the benefits, there are certain Risks that also come with it. The steppingstone while taking the step forward towards cloud is Architecture Review or Secure Architecture Review. We will be touching up various clouds. This talk will cover the following aspects around Cloud Services.

  • Basics of Cloud Security Architecture and why to need an Architecture Review
  • Architecture Review Methodology
  • How is it useful?
  • What the developers or admins have to keep in mind
  • Question and Answer
  • You Don't Know What You Don't Know Unless You Ask: Cybersecurity in Public Cloud IaaS Models
    Speakers: Dr. Gaimini Bulumulle, Solution Architect/Consultant at InfoTechnology, Inc. and Dr. Dexter Francis, Software Engineer Manager/Developer at CACI
    With efficiency, scalability, and manageability as key drivers in digital transformations, IaaS has become the most widely sought-after model to replace traditional datacenter architecture. While these benefits are frequently showcased in industry offerings, the potential cybersecurity impact of provider-managed upstream architecture (e.g. load balancers, metastructure) and capabilities (e.g. encryption management, exfiltration prevention) are often overlooked. This presentation explores cybersecurity considerations in the IaaS model to support informed decision-making and help business consumers “get it right”, while presenting several use cases.

    Modern Threat Modeling for Cloud-Native SaaS Multi-Tenant Applications
    Speaker: Richard Tychansky
    In this workshop you will discover, analyze, evaluate, and produce a report on the threats against a Cloud native SaaS multi-tenant application. We build skill and proficiency in threat modeling and hunting by applying advanced concepts, methodologies, and Open-Source tools & techniques. The journey begins with gaining an understanding of the benefits and risks associated with the digital transformation of Cloud applications to become Cloud native. We then deep-dive into: Kubernetes for orchestration and service mesh design patterns for secrets management and its applicability to authentication and authorization of microservices. We also learn to apply the MITRE ATT&CK framework and the CAPEC threat taxonomy as well as using Open-Source tools and techniques to discover and examine threats. We expose weaknesses in service mesh architectural decisions and configurations that are open to attack and finally produce a working threat model report that can be shared with application development teams and C-Suite executives.

    Journey Info Realms of Cloud Security
    Speaker: Parul Khanna, Manulife
    Organizations are rapidly moving to cloud providers to reduce costs, pursue digital transformation initiatives, and improve the agility of business. This session provides an overview of the issues surrounding multi-cloud environment. It discusses prominent challenges associated with cloud computing and addresses security considerations for cloud service models. It delves into how data security is achieved within cloud environment and best practices for systems and applications to protect data. It reviews the risk associated with each of the deployment models and explains how organizations can effectively manage risk in cloud environment.

    Top Public Cloud Security Fails and How to Avoid Them
    Speaker: Karl Ots, Head of Cloud Security, EPAM Systems
    The most common cause for a cloud data breach is a misconfigured cloud service. Based on hands-on experiences from many cloud application development projects, Karl has compiled a list of top security pitfalls that are common across all application types and team sizes. In this session, he will share what these security pitfalls are, why do they matter and how to mitigate them.

    Summit • 9:00 AM - 5:00 PM ET
    Supply Chain Security & Third Party Risk Program Summit
    Chris White
    Vice Chairman, Security, Strategy & Solutions
    Blue Voyant
    Gregory Rasner
    SVP, Cybersecurity
    Truist Financial Corp.
    Willy Fabritius
    Global Head Strategy & Business Development Information Security Assurance
    SGS
    Dustin S Sachs, MBA, CISSP
    Senior Manager, GRC
    World Fuel Services

    Managing the risk to an organization’s supply chain can prove difficult for even the best staffed security department. This Summit will examine the myriad of risks to supply chains including external suppliers & vendor, including software and services.

    Sessions will include:

    Cyber Defense and 3rd Parties: Reducing Cyber Risks in the Supply Chain
    Speaker: Chris White, Vice Chairman, Security, Strategy & Solutions, Blue Voyant
    This presentation discusses the current state of the industry in Third Party Risk Management, with special attention paid to both the threats and risks stemming from modern Cyber Adversarial tactics. We'll examine what's working and what isn't, and present a framework for more effective ways to both identify risks to (and from) suppliers and how to mitigate these in a scalable manner.

    Cybersecurity and Third-Party Risk: Third Party Threat Hunting
    Speaker: Gregory Rasner, SCP, Cybersecurity, Truist Financial Corp.
    Based upon the book "Cybersecurity & Third-Party Risk: Third-Party Threat Hunting" (endorsed by ISC2), we will break the old way of thinking that third-party risk is a compliance, check-box activity into one that is innovative and forward-leaning into the risk. Billions of dollars have been spent by CISOs to secure their organizations and yet we've largely ignored our supply chain and third-party risk. From physical validation, contractual terms and conditions, fourth parties, due diligence optimization and predictive analysis, the methods will be explored to drastically lower this risk area with solid cybersecurity due diligence and due care.

    Build Information Resilience into your Supply Chain and Save a Ton of Money
    Speaker: Willy Fabritius, Global Head Strategy & Business Development Information Security Assurance, SGS
    Every organization relies and depends on a large number suppliers, most organization are struggling to properly address the issues related to supply chain vulnerabilities. This is one of the reasons Business Continuity Insurance premiums are increasingly getting more and more expensive. In this presentation we will explore proven tools and approaches to enhance supply chain resilience. The most important tool for any successful company is an effective Governance System that systematically, reliably, and repeatedly provides desired outcomes. A Management System based on ISO (International Organization for Standardizing) standards will provide a framework and set of requirements for such a Governance System. Business Continuity is not an option, it is an Imperative for survival.

    Is There Rust on Your [Supply] Chain?
    Speaker: Dustin S Sachs, MBA, CISSP, Senior Manager, GRC, World Fuel Services
    The past few years have been ripe with supply chain attacks. From SolarWinds to Log4j, the impact and importance of supply chain attacks have become mainstream news. With the globalization of the supply chain, the need for TPRM practitioners to consider the risks posed by the supply chain is vital. In this session, we will discuss the current state of supply chain attacks and the need for strong risk management processes. Attendees will also leave with a better understanding and awareness of how we currently make third-party risk decisions.

    Workshop • 9:00 AM - 5:00 PM
    Fundamentals of Critical Infrastructure Protection for Cybersecurity Professionals, Presented by INMA
    Andrew Sekela
    Special Agent
    U.S. Federal Bureau of Investigation
    Vikas Bhatia
    InfraGard National Members Alliance CISO Cross Sector Council
    Billy Sasser
    Supervisory Protective Security Advisor (SPSA)
    Jason Burt
    DHS Cyber Security Advisor (CSA)
    Bill Banks
    President
    Tallahassee InfraGard Chapter

    This 1-day workshop will provide cybersecurity professionals the knowledge and skills needed to understand what critical infrastructure protection is, the nature of the physical, cyber, and human (insider) threats to them, who is involved, what their roles and responsibilities are, and the tools and resources available to help them better protect our Nation’s Critical Infrastructure. Specific topics to be addressed include:

  • What is Critical infrastructure?
  • What are the threats to critical infrastructure? (physical, cyber, human)
  • How did Homeland Security come about and what is Critical Infrastructure Protection?
  • Who is involved in critical infrastructure protection?
  • Who should I have partnerships with to protect the infrastructure(s) I am responsible for?
  • What tools and resources are available to me to help me better protect the infrastructures I am responsible for?
  • Sessions will include:

    9:00 AM - 10:00 AM: Introduction/Overview and Opening Keynote

    10:00 AM - 11:00 AM: What is Critical infrastructure and What Threats does it Face?
    Speaker: Andrew Sekela, Special Agent, Federal Bureau of Investigation
    Utilities, industrial plants, and other facilities are vulnerable to a number of different types of threats, both physical and virtual in nature. This presentation describes what critical infrastructure is, the threats they can face, and discusses two specific incidents in which critical infrastructure was targeted. It offers suggestions on how to mitigate the threats, including minimizing control system exposure and implementing cyber-physical safety systems. It also discusses some of the resources that are available to help protect facilities, including government bulletins and other publications.

    11:00 AM - 11:15 AM: Morning Break

    11:15 AM - 12:15 PM: Student Activity: Critical Infrastructure Protection Self-Assessment
    Speaker: Vikas Bhatia, InfraGard National Members Alliance CISO Cross Sector Council
    Students be asked to complete a self-assessment of their agency/organization’s critical infrastructure protection program, looking across physical, cyber, and human threats, the partnerships currently in place, and the tools and resources currently employed.

    12:15 PM - 1:15 PM: Lunch

    1:15 PM - 2:15 PM: How did Homeland Security and Critical Infrastructure Protection come about?
    Speaker: Billy Sasser, Supervisory Protective Security Advisor (SPSA)
    • U.S. Code Title 18, Chapters 113B and 2339B, defines terrorism and material support to terrorists
    • Presidential Decision Directive (PDD), PDD-63 and infrastructure protection pre-Department of Homeland Security (DHS) – establishment of the FBI National Infrastructure Protection Center (NIPC) (May 1998)
    • 9/11 Attacks and Establishment of the Department of Homeland Security (Nov 2002)
    • Homeland Security Presidential Directive 7 (HSPD-7), Under George W. Bush, the directive establishes a national policy for Federal departments and agencies to identify and prioritize United States critical infrastructure and key resources. (December 2003)
    • Presidential Policy Directive (PPD-21) (February 2013), revokes HSPD-7
    • DHS National Infrastructure Protection Plan, https://www.cisa.gov/national-infrastructure-protection-plan
    • Guide to Critical Infrastructure Security and Resilience, November 2019

    2:15 PM - 3:15 PM: Who is Involved in Critical infrastructure Protection and Who Should I have Partnerships with to Protect the Infrastructure(s) I am Responsible for?
    Speaker: Billy Sasser, Supervisory Protective Security Advisor (SPSA)
    Understand the Federal, State, Municipal, and Tribal agencies involved in protecting critical infrastructure, their roles and responsibilities, and the nature of relationships/partnerships you should have to help protect your critical infrastructure.

    3:15 PM - 3:30 PM: Afternoon Break

    3:30 PM - 4:30 PM: What Tools and Resources are Available to me to Help me Better Protect the Infrastructures I am Responsible for?
    Speaker: Jason Burt, DHS Cyber Security Advisor (CSA); Billy Sasser, Supervisory Protective Security Agency (SPSA)
    Gain awareness of the tools and resources available to you as a partner in critical infrastructure protection.

    4:30 PM - 5:00 PM: Closing Remarks
    Speaker: Bill Banks, President, Tallahassee InfraGard Chapter

    InfoSec World
    presented by
    Stay Informed
    Join our mailing list for the latest news on InfoSec World 2022.