Thu27Jul2017Black Hat USA - Mandalay Bay - Las Vegas
We are at war. But the battlefields are no longer distant deserts and jungles. This war is being fought on your newsfeed, in the comment section, on your TV, in your podcasts, and ultimately in your mind. It's easy to shrug off cries of "FAKE NEWS!" or "meme magic" but governments, militaries, and intelligence agencies have employed information operations techniques for hundreds, if not thousands, of years. And they are often devastatingly effective.
The internet decreases the barriers to entry for information operations to the point that even small non-state actors can use them, while sophisticated and well-funded organizations such as governments and intelligence agencies can dramatically increase the scale and scope of their existing efforts.
In this briefing, a former NSA intelligence professional will review the tactics, techniques, and procedures used in today's information war; along with case studies; and tips on how to identify and defend against these techniques in the wild.
Tue29Nov201611:20 amParis Port de Versaille
The session is aimed at CISOs and will go through the key actions/strategies that a CISO needs to cover in the first 90 days. This will include case studies and cover a series of security topics including : • IPS/IDS • firewall • incident response • endpoint protection • networking scanning • traffic monitoring. Furthermore, the session will give CISOs an insight into the latest security trends such as analytics, network behaviour analysis and advanced machine learning, as well as it will enable them to gain access to a security framework model.
Fri04Nov201610:45 amBusiness Design Center / London, UK
You are under surveillance. We all are. If you're targeted by a government, nothing you cando will save you. But even if you aren't, the metadata of your life is being gathered and stockpiled by collection capabilities that even Orwell couldn't have imagined, and it's not just being done by governments. The big data industry is rapidly growing and may soon be on par with NSA-style mass surveillance, but with a different goal: to learn everything they can about you in order to sell your information, and sell you the next new thing.
Encryption is only half the battle. Your metadata is often more valuable than your data. Every route you drive, every social media post you make, every aisle you visit in the grocery store, every email, every check-in, and every site you browse is being collected and correlated. The intelligence community calls this pattern-of-life analysis, and there's not much you can do to prevent it. Hiding behind seven proxies won't protect you from Google, the NSA, or the app on your phone with global permissions. This complete erosion of privacy impacts every one of us, and there is a complete lack of transparency around this.
In this talk, a former NSA professional will cover a variety of the techniques used by the mass surveillance industry to analyze an individual's metadata and develop a profile of you, your activities, your affiliations, and what you are likely to buy next. Techniques that can be used to prevent selected activities from being associated with your true persona will be covered, with a focus on making your true persona blend in with the masses.
Thu27Oct20165:00 pmWarsaw, Poland
Respectively the Wales Summit and Warsaw Summit brought crucial decisions for cybersecurity policy of the Alliance. Including cybersecurity into the system of collective defence and recognizing cyberspace as the operational domain, confirms strategic character of actions undertaken in cyberspace. Cyberthreats became an enormous challenge for international community which shall initiated broader engagement of the Alliance into directing its actions at cybersecurity. What are the practical consequences for NATO’s cybersecurity after the Warsaw Summit? What kind of actions shall be undertaken to improve cybersecurity of the Alliance? How the Member States should improve their national cyber capabilities?
Wiesław Goździewicz - Legal Advisor, NATO Joint Force Training Centre (confirmed)
Sven Sakkov - Director, NATO Cooperative Cyber Defence Centre of Excellence (confirmed)
Lior Tabansky - Director of Strategy, Cyber Security Group, Researcher, Tel Aviv University, Israel (confirmed)
David Venable - Vice President, Cyber Security at Masergy, Alumni 2015 NSL Program, USA (confirmed)
Andrzej Zybertowicz - Advisor to the President of the Republic of Poland (confirmed)
MODERATOR: Izabela Albrycht - Chair of the CYBERSEC Organising Committee, Chair of The Kosciuszko Institute, Poland (confirmed)
Wed03Aug201611:30 amMandalay Bay, Las Vegas, Nevada
A growing number of small and mid-sized businesses are creating centralized security roles, and are quickly discovering that it's no easy task. Many IT professionals typically own various security and risk functions without the needed background in security. Taking a disparate group of security roles and combining them into one security-focused role is a growing trend and as managers are discovering, it can be a difficult job to achieve the desired results in this age of increasingly sophisticated cyber security threats.
In this session, we will discuss how to create a 3-5 year security strategy and implementation plan that provides an integrated and comprehensive set of security solutions that address real-world risk, return on investment and an agile framework capable of evolving as your business needs change.