Speakers

Chair

Vincent Gilcreest

Director of Data Services, Tenable.io

Vincent has worked in Tenable for the past two years. He is responsible for how Tenable processes, stores and ultimately uses data. This has involved developing a petabyte scale data science platform to facilitate the generation of insights and application of machine learning to tackle some of the biggest challenges facing our industry. His current focus is on how to develop models that capture a customer’s cyber exposure. Prior to Tenable, he worked in the Gaming industry for eight years applying machine learning to develop customer behavioural models. His educational background is in Chemistry (BSc), Physical Chemistry (PhD) and Statistics (MSc).

Presentations

Sille Laks

Cyber Security Expert, Clarified Security

Sille works for an Estonian company Clarified Security that is focused on delivering practical security services like red teaming on production and cyber range exercises, manual penetration testing and hands-on security courses. She is among other things responsible for “making magic happen” but mainly organizing and coordination of red team exercises and project management. She is also a trainer for the operational side of incident response.

Before joining the team, she was responsible for incident response and reporting on national and international level (including both large scale cyber attacks in 2017) and organizing both technical cyber security seminars and end user awareness raising campaigns at CERT-EE. Before operational incident response she worked on escalations and fraud prevention in a large international corporation.

She has participated in the largest live-fire cyber exercise Locked Shields as both Blue Team and Red Team member and as a Blue Team member at a large number of national and international cyber range and tabletop exercises.

Sille holds a MSc degree in Cyber Security from Tallinn Technical University and a BA degree in Business and Public Management from Tallinn University and is currently obtaining a MA in Communication Management.

Red on Blue: Infinity War

View Sille’s presentation

In 2019 very few companies can operate without Internet but there are still companies and institutions that operate without a team that defends the (critical) business assets. The Internet is full of mentions of different coloured teams from white to black. It is generally known that red depicts the tactical” enemy and in context of cyber defence the defending team is referred to as Blue Team. The presentation will cover red teaming on production cases from companies who have been brave enough to test out the real security of their systems, personnel and entire business assets from both sides.

Jasson Casey

Chief Technology Officer at SecurityScorecard

Jasson Casey serves as Chief Technology Officer at SecurityScorecard and is responsible for product management, engineering, research, and platform operations. Jasson has 20 years of experience delivering security and networking products to all markets and customer types, including global enterprises and carriers. He also serves as a Fellow in Cyber Security with the Center for Strategic and International Studies (CSIS), and as Advisor to IronNet Cybersecurity, a security startup founded by Gen. (Ret) Keith Alexander.

Prior to joining SecurityScorecard, Jasson was VP of Engineering at IronNet Cybersecurity and oversaw development of the vendor’s revolutionary collective intelligence platform and pioneered new approaches to total network observability, including limitless wirerate packet capture with truly elastic retention abilities, and a complementary stack of trusted streaming and batch data analytics. He also brings a long history of innovation advocacy for Software-defined Networks (SDN) through his work founding and leading Flowgrammable, and serving as a member of the Software Leadership Council at the Open Networking Foundation. Previously he held roles in product management, business development and engineering with CenturyTel (CenturyLink), Level3 (CenturyLink) and Alcatel (Nokia).

Jasson has a BSEE from the University of Texas at Austin and is a PhD candidate in electrical engineering at Texas A&M University.

The Evolution of Cyber Security Risk Ratings

View Jasson’s presentation

Cyber risk ratings have steadily evolved over the last six years, shifting from scoring approaches using off-the-shelf vulnerability scanners to frameworks built with machine learning. Jasson Casey shares the evolution of developing scores, including initial ideas, setbacks and breakthroughs.

This session will discuss the composition of a cyber security risk rating, how an enterprise IT team’s behaviour manifests itself to the outside world and ways in which behaviour translates to cyber security risk for the business.

Timothy Olson

Vice President of Cyber Risk and Breach Response, Symantec

Timothy Olson is Vice President of Cyber Risk and Breach Response for Symantec, a world leader in cyber security (www.symantec.com). Symantec helps organisations, governments and people protect their digital lives at home and across their devices.

Tim is responsible for Symantec’s global cyber risk and breach response practice leveraging its suite of Norton and LifeLock products. Operating one of the largest civilian cyber intelligence networks, a global community with over 50 million people, allows Symantec to see and protect against the most advance threats.

Tim is considered one of the foremost experts in breach response in the US and starting in 2004 he has personally supported thousands of organisations’ data breach events – many of the largest and most publicised in US history including Boeing, Bank of America, Target and The Walt Disney Company.

He has also assisted with many of US government related breach events such as the Federal Trade Commission, Internal Revenue Service, Veterans Affairs, State Department and the National Archives – to name a few.

Prior to Symantec, Mr Olson was Vice President of Experian (www.experian.com) where he launched Experian’s breach response practice growing it to become the dominate provider in the US and UK with over $150 million of annual revenue.

Tim also served as General Manager within Experian’s consumer business unit responsible for its strategic accounts including Google and Facebook. In this role, he developed new business channels that exceeding $500 million in annual revenue. Additionally, Tim spearheaded work for Experian in the emerging markets of Brazil and India.

Tim is a graduate of Brigham Young University, Provo, Utah where he attended the Marriott School of Management. He is fluent in German and is a FAA certified licensed private pilot. Tim has received numerous professional awards including finalist of the Ernst & Young Entrepreneur of the Year. He was also a member of the Board of Directors for the Maricopa integrated Health System.

Tim with his wife Kristen reside in Arizona and have six children and 16 grandchildren.

Tracked, Jacked & Extorted: Today & Tomorrow’s Threat Landscape

View Timothy’s presentation

Acknowledged or not, we’re all on a daily journey deep into cyber space. We think we know the path and perils ahead. But, if we’re honest with ourselves, we don’t have a clue.

The latest cyber security threats are impressive – supply chain attacks, ransomware, cryptojacking, form jacking and tax fraud. Responding to a data beach involves legal, compliance and notification obligations, all within an environment analogous to an emergency room visit.

As threat vectors widely vary – from nation-state sponsors to bad actors in basements – we think we know what a cyber-attack looks and feels like. However, attacks in the future will be a lot more personal.

Consider your home or office and how the number of devices has increased that touch everything imaginable. The proliferation of IoT devices is unlimited – all with their own IP addresses acting as a gateway for fraudsters.

What’s next? Simply everything. From toys to umbrellas, and the biggest endpoint of all – cars. All will have a chip that connects to the internet with extremely high bandwidth, especially with the roll out of 5G.

Admittedly, we are asked to make intricate technology choices every single day. Those choices are becoming more difficult – even for those who are technically savvy. But even sophisticated individuals have human tendencies and behave, well, like humans. That means mistakes are made and people become the critical linchpin of a successful hack.

Making daily cyber security decisions is the new normal. Everyone should comply with cause and clarity. Sadly, most don’t. These who rely on denial, hope or prayer far too often become the latest victims to be tracked, jacked or extorted.

To our passengers on this journey into cyber space, welcome to cyber crime. It’s going to be one hell of a ride.

Top