Workshops & Summits
InfoSec World offers a variety of pre- and post-conference Workshops and Summits giving attendees even more tactical and hands-on learning for the opportunity to earn additional CPEs. With our all-inclusive World Pass, you'll save more on registration when you sign up for multiple workshops and summits.
Saturday, September 24th
Summit • 9:00 AM - 3:00 PM
Zero Trust Summit

This summit will explore the Zero Trust framework and the need for users and access requests to be authorized, authenticated and validated before access is granted.

Here is the summit agenda:

9:00 AM - 10:00 AM: Demystifying Zero Trust
Speaker: Don O'Neil, Client Partner, ISTARI
Understanding the true value of Zero Trust and weeding through the “Marketecture”. In this session Don takes you on the journey from theory to practical implementation, helping organizations understand what does and doesn’t work in the market today.

10:00 AM - 11:00 AM: Zero Trust for the Post Modern Era
Speaker: Spencer Wilcox, CISO - Senior Director, Cybersecurity & Technology Risk, NextEra Energy Inc
The remote workforce is here to stay and implicit trust is still at the backbone of most enterprise networks. In this session we’ll discuss where to leverage your existing investments and when to consider new solutions on your journey towards Zero Trust.

11:00 AM - 11:15 AM: Morning Break

11:15 AM - 12:30 PM: Zero Trust to Enhance Insider Risk Capabilities
Speakers: Brandon Leiker, Manager, Cyber Strategy, Optiv Security; James Turgal, Vice President, Optiv
Per incident, the average cost of an Insider Risk event is $645,996. The frequency and impact of these events continues to climb, accelerated by a shift to remote work and the COVID-19 pandemic. Businesses must implement a Zero Trust Architecture (ZTA) to enhance their Insider Risk capabilities. Insiders, by nature, have access inside of what is traditionally considered the perimeter. As such, to mitigate these risks, a ZTAâs concept of âNever Trust, Always Verifyâ, naturally serves the need to protect the internal environment. ZTA's key tenets align with and enhance these capabilities in a number of ways. Utilizing micro-segmentation, establishing an identity context for traffic, and continuous review of access are all pieces that can help reduce organizational exposure and impact of Insider Risks.

12:30 PM - 1:30 PM: Lunch

1:30 PM - 2:45 PM: How Can all These Vendors be "Zero Trust" Solutions?
Speaker: Vince Romney, Enterprise Security Architect, Nu Skin Enterprises
Seemingly every security vendor out there claims to be "zero trust". This presentation will break down NIST 800-207 into its functional parts, and then provide a method by which any vendor can be compared (and challenged) to determine where their claim of being a zero- trust solution really sits. Because zero trust focuses on protecting resources and not network segments, existing security solutions don't always apply, despite their marketing claims. Attendees will leave with a better understanding of NIST 800-207 zero-trust architectural principles, functional components, and methods of application. They will also have a model by which they can align the development of their own security solution features to those architectural principals to 800-207 and challenge the claims of vendors to ensure their limited Information Security Budget provides the highest possible value.

Workshop • 9:00 AM - 5:00 PM
Adversarial Attacks & Detection - Day 1 (Hands On)
Ben Mauch
Practice Lead, Defense & Countermeasures
TrustedSec

This two-day, hands-on workshop is designed for both red and blue teams to give participants a deeper understanding of how offense and defense can work together to refine an organization's security posture. There will be focus on the latest attack techniques and how to build a defense strategy around them. Attendees will learn about the tools and techniques they need to advance their cybersecurity strategy and execution in a way that allows them to have detection, deflection, and deterrence controls for an attack; regardless of an attack's initial vector.

Sunday, September 25th
Summit • 9:00 AM - 5:00 PM
Leadership Summit: Your Path to CISO: How to Get to the C-Suite
Gordon Rudd
Chief Executive Officer
Stone Creek Coaching

Cybersecurity is one of the hottest careers in the tech sector today. So, how do you get into the field? How do you advance your career in cybersecurity if you already have a job in cybersecurity?

Today’s CISO is a hybrid. Part technician, part manager, part leader and a visionary. No wonder so many new CISOs fail. Unfortunately, failure isn’t an option for today’s CISO! This course will give you the tools and techniques you’ll need to get a CISO position.

This one-day workshop gives you everything you need to know to create a career in cybersecurity or if you’re already in cybersecurity to advance you cybersecurity career to the next level. Use this workshop to find out how to become a CISO. In this workshop you’ll learn what it takes to become a world class CISO. We will put you in contact with experts in the field of resume writing, interviewing, and of course, talent development.

LEARNING OBJECTIVES
Attendees who take this session will be able to:

1. Determine their mindset and define adjustments as needed.
2. Construct a plan to maintain a high-level of positive energy.
3. Survey their social media presence and adjust as required.
4. Understand the need for a coach or accountability partner.
5. Separate their EIQ from IQ
6. Quantify their current skill set, perform a gap assessment with the skill set
of their desired career position.
7. Analyze an industry, company, department, and job.
8. Breakdown a job description
9. Write a professional resume, cover letter, and thank you letter.
10. Prepare the proper artifacts for their interviews.

Agenda
1. Mindset Matters
2. Energy = Success2
3. Social Networking
4. Coaches & Accountability Partners
5. EIQ
6. Personality Inventories
7. Quantifying your skills
8. Know the Industry, Company, Department, and the Job
9. Job Description Analysis
10. Resume’s, Cover Letters, and Thank You Follow Ups

Workshop • 9:00 AM - 5:00 PM ET
Adversarial Attacks & Detection - Day 2 (Hands On)
Ben Mauch
Practice Lead, Defense & Countermeasures
TrustedSec
Mike Spitzer
Senior Security Engineer
TrustedSec

This two-day, hands-on workshop is designed for both red and blue teams to give participants a deeper understanding of how offense and defense can work together to refine an organization's security posture. There will be focus on the latest attack techniques and how to build a defense strategy around them. Attendees will learn about the tools and techniques they need to advance their cybersecurity strategy and execution in a way that allows them to have detection, deflection, and deterrence controls for an attack; regardless of an attack's initial vector.

Workshop • 1:15 PM - 5:30 PM
Ransomware Workshop
Kristy Westphal
VP, Security Operations
HealthEquity
Dr. Frans Schippers
Lecturer Cyber Security, HBO-ICT/Cyber Security, 
Amsterdam University of Applied Sciences
Alex Holden
CISO
Hold Security, LLC
Ken Fishkin
Information Security Manager
Lowenstein LLP

From Colonial Pipeline to JBS USA, every sector has seen a rise in ransomware attacks with increasing ransoms. Not only are these ransomware criminals stopping critical operations, they are stealing regulated data that they use to further blackmail their targets. Even when ransoms get paid, these stolen files appear on dark web trading sites, and vulnerability data on the target is often reused by new ransomware operators. Cyber insurance is not the answer. 

Here is the workshop agenda:

1:15 PM - 2:15 PM: Rescuing Yourself from Ransomware
Speaker: Kristy Westphal, VP, Security Operations, HealthEquity
Boom! You have ransomware. Now what? There are many steps you can take now, but could you have done more ahead of time? Let's take a deep dive into ransomware, both from a preparation and response perspective. What controls do you need in place? Who should be involved? What decisions need to be made ahead of time to best respond to a ransomware event. This session will look at the good, bad, and the ugly.

2:15 PM - 3:15 PM: Versioned Backup as Protection Against Ransomware
Speaker: Dr. Frans Schippers, Lecturer Cyber Security, HBO-ICT/Cyber Security, Amsterdam University of Applied Sciences
Backup is considered the most useful protection against data loss. However, the granularity of backups is usually not sufficient. To save space and time, incremental backups are used. Files that are constantly updated are difficult to backup consistently. This makes management of the process complicated. We address the requirements for fast backups, space optimization and easy recovery. By inspecting the actions carried out and inspecting the data, we can even detect indications of a ransomware attack. The presented solution is applicable for both small and large systems and also in a cloud environment. The solution can also attribute the data, so that the correct access and protection can be given to the files and objects.

3:15 PM - 3:30 PM: Afternoon Break

3:30 PM - 4:30 PM: Why I Go to the Dark Web Every Day
Speaker: Alex Holden, CISO, Hold Security, LLC
The Dark Web is a scary place. In order to deter the cybercrime, I feel confident exploring its dangerous grounds and know well how to use the Dark Web to defend the victims. I want to invite you on this journey of venturing far beyond your defense perimeter, where cyber criminals are just planning their attacks, and teach you how you can use this knowledge as defensive skills to prevent attacks from happening in the first place.

4:30 PM - 5:30 PM: Click Here to Enter a Ransomware Attack Simulation
Speaker: Ken Fishkin, Information Security Manager, Lowenstein LLP
While many companies have an incident response plan in place to address potential cyber attacks, oftentimes they are rarely tested,. Untested plans often result in making ad-hoc decisions, leading to riskier behaviors. During this session, we will be conducting an interactive simulated ransomware attack (aka tabletop exercise), that challenges your abilities to handle the internal and external pressures that a cybersecurity professional might feel in the midst of a data breach. During this scenario, you will learn how multifaceted an incident response plan needs to be and why periodically testing needs to be performed for it to be effective and efficient. Areas, such as roles and responsibilities, legal and regulatory obligations and communication strategies need to be discussed to appropriately manage this type of crisis.

Wednesday, September 28th
Workshop • 1:00 PM - 5:00 PM
Data Science for Cybersecurity (Hands On)
Dr. Thomas Scanlon
Senior Cybersecurity Engineer & Researcher
Software Engineering Institute - Carnegie Mellon University

The half-day workshop will provide attendees with an introduction to data science and machine learning, and demonstrate how these disciplines can be applied to cybersecurity. Attendees will receive classroom instruction and complete hands-on labs that exhibit application of data science to malware analysis, netflow analysis, and digital forensics. The outcome is that information security professionals will gain an appreciation and understanding of ways data science can enhance cybersecurity initiatives.

Workshop • 1:00 PM - 5:00 PM ET
Advanced Cubicles & Compromises (Hands On)
Ean Meyer
Associate Director, Security Testing & Assurance
Marriott Vacations Worldwide

What makes a great tabletop exercise? Many organizations run a tabletop exercise to check a box for compliance standards but don’t maximize the value of the time spent. Often they don’t engage the audience or force them to think enough about the problem to find areas of improvement. Further, they assume their decisions will always work during the exercise. In this workshop, we will not only discuss how to build a tabletop exercise that addresses real risk for an organization but how to make it fun and engaging for teams at all levels of an organization. The workshop will introduce attendees to the Cubicles & Compromises format as well as add new advanced elements. You will create a company with a budget, controls, and limitations then test those controls against a current real-world issue. You’ll roll dice, things won’t go as planned, and you’ll learn to what makes for for a great tabletop exercise you can take back and use at your organization.

Workshop • 1:00 PM - 5:00 PM
Cloud Native Application Architecture Threat Hunting
Richard Tychansky
Security Architect
Identity Dynamics Corp.

In this workshop you will learn how-to build and refine your knowledge, skill, and capability to hunt for threats against enterprise cloud deployments. Through examples and practical exercises using AWS you will learn how to identify malicious activity, detect threats, and protect cloud native application architectures. We go beyond the traditional approach of examining network traffic and system logs to take a deep dive into layer 7 traffic that is associated with application micro-services. Through practical hands-on training you will learn advanced techniques that can be applied to detecting attacks against: Kubernetes micro-services, server-less functions, API gateways and mobile API endpoints. We also threat hunt for supply chain and insiders threats against CI/CD pipelines.

Workshop • 1:00 PM - 5:00 PM
Benefits of Deploying a Zero Trust Architecture

This session will be conducted by the security team responsible for the zero trust strategy and implementation at two Fortune 500 global enterprises, Adobe and Cisco, serving over 150,000 users. Instead of diving into specific vendors and products, we will break down Zero Trust into its fundamental technical components and show you how to connect them together to protect corporate assets and prevent lateral movement.

This training session will start by briefly covering the security & business benefits of deploying a Zero Trust Network Access (ZTNA) architecture in an organization. We’ll then spend the majority of the time focusing on breaking down all of the core components of a Zero Trust deployment, and how the pieces all work together. Finally, we’ll have a hands-on workshop using both commercial (Banyan Security) and open-source resources so attendees can create their own personalized Zero Trust demo environment.

Thursday, September 29th
Summit • 9:00 AM - 3:00 PM
Cloud Security Summit
Richard Tychansky
Security Architect
Dr. Gamini Bulumulle
Solution Architect/Consultant
InfoTechnology, Inc.
Parul Khanna
Senior Consultant, Information Risk Management
Manulife Global
Karl Ots
Head of Cloud Security
EPAM Systems

Cloud Security continues to be a complex topic. From public/private/hybrid clouds to compliance issues, privacy and configuration concerns, organizations have a great deal to concern themselves with. This summit will dive into many of these issues.

Here is the summit agenda:

  • Architecture Review Methodology
  • How is it useful?
  • What the developers or admins have to keep in mind
  • Question and Answer
  • 9:00 AM - 10:00 AM: You Don't Know What You Don't Know Unless You Ask: Cybersecurity in Public Cloud IaaS Models
    Speakers: Dr. Gaimini Bulumulle, InfoTechnology & Dr. Dexter Francis, CACI
    With efficiency, scalability, and manageability as key drivers in digital transformations, IaaS has become the most widely sought-after model to replace traditional datacenter architecture. While these benefits are frequently showcased in industry offerings, the potential cybersecurity impact of provider-managed upstream architecture (e.g. load balancers, metastructure) and capabilities (e.g. encryption management, exfiltration prevention) are often overlooked. This presentation explores cybersecurity considerations in the IaaS model to support informed decision-making and help business consumers “get it right”, while presenting several use cases.

    10:00 AM - 11:00 AM: Modern Threat Modeling for Cloud-Native SaaS Multi-Tenant Applications
    Speaker: Richard Tychansky
    In this workshop you will discover, analyze, evaluate, and produce a report on the threats against a Cloud native SaaS multi-tenant application. We build skill and proficiency in threat modeling and hunting by applying advanced concepts, methodologies, and Open-Source tools & techniques. The journey begins with gaining an understanding of the benefits and risks associated with the digital transformation of Cloud applications to become Cloud native. We then deep-dive into: Kubernetes for orchestration and service mesh design patterns for secrets management and its applicability to authentication and authorization of micro-services. We also learn to apply the MITRE ATT&CK framework and the CAPEC threat taxonomy as well as using Open-Source tools and techniques to discover and examine threats. We expose weaknesses in service mesh architectural decisions and configurations that are open to attack and finally produce a working threat model report that can be shared with application development teams and C-Suite executives.

    11:15 AM - 12:30 PM:Journey Info Realms of Cloud Security
    Speaker: Parul Khanna, Manulife
    Organizations are rapidly moving to cloud providers to reduce costs, pursue digital transformation initiatives, and improve the agility of business. This session provides an overview of the issues surrounding multi-cloud environment. It discusses prominent challenges associated with cloud computing and addresses security considerations for cloud service models. It delves into how data security is achieved within cloud environment and best practices for systems and applications to protect data. It reviews the risk associated with each of the deployment models and explains how organizations can effectively manage risk in cloud environment.

    1:30 PM - 2:45 PM: Top Public Cloud Security Fails and How to Avoid Them
    Speaker: Karl Ots, Head of Cloud Security, EPAM Systems
    The most common cause for a cloud data breach is a misconfigured cloud service. Based on hands-on experiences from many cloud application development projects, Karl has compiled a list of top security pitfalls that are common across all application types and team sizes. In this session, he will share what these security pitfalls are, why do they matter and how to mitigate them.

    Summit • 9:00 AM - 3:15 PM
    Supply Chain Security & Third Party Risk Program Summit
    Eric Staffin
    Vice President, Strategic Development Group
    Blue Voyant
    Willy Fabritius
    Global Head Strategy & Business Development Information Security Assurance
    SGS
    Dustin S Sachs, MBA, CISSP
    Senior Manager, GRC
    World Fuel Services
    Carter Schoenberg
    VP, Cybersecurity
    SoundWay Consulting Inc.

    Managing the risk to an organization’s supply chain can prove difficult for even the best staffed security department. This Summit will examine the myriad of risks to supply chains including external suppliers & vendor, including software and services.

    Here is the summit agenda:

    9:00 AM - 10:00 AM: Cyber Defense and 3rd Parties: Reducing Cyber Risks in the Supply Chain
    Speaker: Eric Staffin, Vice President, Strategic Development Group, Blue Voyant
    Cyber Defense and 3rd Parties: Reducing Cyber Risks in the Supply Chain
    This presentation discusses the current state of the industry in Third Party Risk Management, with special attention paid to both the threats and risks stemming from modern Cyber Adversarial tactics. We'll examine what's working and what isn't, and present a framework for more effective ways to both identify risks to (and from) suppliers and how to mitigate these in a scalable manner.

    10:00 AM - 11:00 AM: Supply Chain Risk - Its Worse Than You Know
    Speaker: Carter Schoenberg, VP, Cybersecurity, SoundWay Consulting Inc.
    Growing tension in Europe and Asia are increasing pressures on supply chains to the United States. The US Government estimates a supply chain base of over 300,000 companies, the majority of which are small to medium size businesses. Massive exfiltration of highly sensitive data resulted in the Government instituting the Cybersecurity Maturity Model Certification (CMMC). There remains significant confusion about what this actually means and the costs associated with conformance. In this session, the speaker will highlight common issues from over 25 assessments of government contractors resulting in dispelling the myths of what business owners believe verses material facts and findings. Furthermore, Managed Services Providers are now in scope for CMMC assessments, learn how to make sure you are properly covered.

    11:00 AM - 11:15 AM: Morning Break

    11:15 AM - 12:15 PM: IT Modernization – Are Supply Chain Security Programs AWOL?
    Speaker: Alice Fakir, Partner, Security Services, IBM
    As companies and government entities embark on their IT Modernization journeys, many are missing opportunities that secure cloud modernization can bring to their supply chain risk and security operations. Exploited supply chain risks are increasingly costly to organizations. How do you engage early to enable security by design and fortify your organization from supply chain risks?

    Building security into infrastructure, automating compliance, and leveraging micro-intelligence services are just a few disciplines that should be incorporated into cloud and hybrid cloud environments that can extend to not only protecting your enterprise from supply chain or third-party risks – but enable built-in monitoring for vulnerabilities they may introduce. We’ll explore methods for securing infrastructure by design and how the industry is evolving to use of managed services to protect organizations from supply chain and third-party risks.

    12:15 PM - 1:15 PM: Lunch

    1:15 PM - 2:15 PM: Is There Rust on Your [Supply] Chain?
    Speaker: Dustin S Sachs, MBA, CISSP, Senior Manager, GRC, World Fuel Services
    The past few years have been ripe with supply chain attacks. From SolarWinds to Log4j, the impact and importance of supply chain attacks have become mainstream news. With the globalization of the supply chain, the need for TPRM practitioners to consider the risks posed by the supply chain is vital. In this session, we will discuss the current state of supply chain attacks and the need for strong risk management processes. Attendees will also leave with a better understanding and awareness of how we currently make third-party risk decisions.

    2:15 PM - 3:15 PM: Build Information Resilience into your Supply Chain and Save a Ton of Money
    Speaker: Willy Fabritius, Global Head Strategy & Business Development Information Security Assurance, SGS
    Every organization relies and depends on a large number of suppliers, most organizations are struggling to properly address the issues related to supply chain vulnerabilities. This is one of the reasons Business Continuity Insurance premiums are increasingly getting more and more expensive. In this presentation we will explore proven tools and approaches to enhance supply chain resilience. The most important tool for any successful company is an effective Governance System that systematically, reliably, and repeatedly provides desired outcomes. A Management System based on ISO (International Organization for Standardizing) standards will provide a framework and set of requirements for such a Governance System. Business Continuity is not an option, it is an Imperative for survival.

    InfoSec World
    presented by
    Stay Informed
    Join our mailing list for the latest news on InfoSec World 2023.