Wednesday, October 23, 2019

Scottsdale Cyber Conference
10-17-2019
Scottsdale Hilton
2pm-5pm


  • Small scale cybersecurity conference. I did arrive after classes in the afternoon, so I missed the morning presentations.  I did spend time on the exhibit floor before going to the 2 sessions left in the day, after vendor sessions.
  • 1/2 of the presentations were vendor based and ranged from conceptual to demonstrations
  • PANEL 2: Incident Response – What to do Before, During and After a Breach
    • most of the discussion centered on minimizing loss, but also contacting involved PPI owners. It was very nice to have a lawyer's perspective to see more sides of the issues.


Wednesday, May 15, 2019



Cyber security Summit notes and summary                    May 15, 2019

Steve Zylstra – AZ Tech council CEO
Sponsors
Frank J. Grimmelmann (ACTRA)
·         6th year
·         Executive Order
o   National Security
o   2018 Management agenda
o   American Cybersecurity workforce
o   2015-President Obama’s exec order
§  Private sector security percentages
o   Collective thinking and collaboration
§  Workforce development
§  Bridge private/public
§  Unified vision outside the state
o   Vendors
§  Phenomenal tools
§  Eliminating silos
·         Create a rich ecosystem for cyber security

First Panel
·         Governor’s executive – AZ (Ducey) ACT
o   Inability of CISO to protect Org perimeters
o   Rich ecosystems
o   ACT – Against Cyber Threats
§  Workforce development and Education
§  Information sharing Response
§  New technology
o   Supporting innovation
Why was ACT formed?
·         2017 – worst year for Cyber attacks
·         Improvement in technology and connected devices
·         22 Leading professionals in the field from all private/public sectors
·         Community engagement
·         Proactive measure
Composition of 22 primary individuals of ACT
·         Majority in private industry
·         Public/educational/enterprise at the “table”
Workforce/economic development and education
·         Identify cyber companies and attract to the state
·         Employers are searching for quality professionals
·         Working with educational institutions (K-12, Community colleges, and Universities)
·         Four subgroups
o   Research
§  Data-driven
§  15,000 employed (7,000 open position)
§  Training professionals
o   Marketing
o   Regulatory
§  Develop and recommend incentive-based behavior modification
o   Education
Creating Cohesion among committees
§  Two chairman – attorney general/private sect
§  Whitepaper development
§  GDP
o   Reverse GDP – Cyber attacker (increase cost)
§  IoT – number of possible infiltrations
o   Lack of instance reporting

Interdisciplinary crossover

Linda Medler, Principal, Medler & Associates (USAF, Retired Brig. Gen USCYBERCOM)
§  Viewing across the lines of all subcommittees
§  Reiteration of a collaborative effort
§  Moving from reactive to proactive
§  Prior military service approach
§  Different perspective in industry
§  Significant cyber event will be the catalyst for the “cavalry”
§  Influence the conversations
§  Stressing the importance of communication
§  Trust and cyber
§  Industry challenges
o   “…lost in the nation of universal capital is the greatest for our nation…”
o   Number of IoTs
o   Operating in “gray” space
o   Owning intellectual property?
o   Presidential decision on more cyber authority
o   Serious national security threat
o   Targeting the “person” on the network
o   Insider threat
o   Think differently – beyond IT
o   Malicious mindset with ethical background
o   Aligning with ethical means to capture industry support
§  Importance of regulatory environments
o   Compliance burdens
o   Protecting privacy
o   Force industry to invest on security
o   “…making your bed every morning…”
o   Collaborating and working together
Sandra Watson, President & CEO, Arizona Commerce Authority
§  IoT stats
o   Estimated 200 billion connected devices by 2020
§  Significant concentration of talent in AZ
§  Growing and effective programs at the universities
§  Workforce development in AZ
o   Embry-Riddle
§  Master’s Program Cybersecurity
o   GCU
§  Master’s Program Cybersecurity
o   ASU, UA, and NAU
§  Cyber security programs
o   Community colleges
o   Create awareness of these programs
o   Access and opportunity throughout the state
o   More than 450,000 students in post-secondary programs in AZ
o   International students
§  Cyber security across all industries
§  Tasking new products
o   “Sandboxes”
o   Autonomous vehicle testing
o   Startups
o   “…great to scale new technologies…”
§  Collaboration and partnerships
§  Attracting talents and companies
§   
Arthur Hansen, Principal Architect, World Wide Technologies
§  Government
§  Cyber movements
§  Skill attainment and time to completion
o   AI
o   Cloud
o   Block Chain
§  Offense vs Defense
§  Challenge for staffing
o   Rapid learners
o   Continuous learning – evolving set of tools
§  Duration (longtime) to build a cyber warrior
§  Continuous model
§  20% IT budget security
§  Medical IoT
o   Dignity
o   Banner
o   Mayo
§  Legal halting or slowing innovation
§  “…get it up through the systems…”
§  Government support
§  Increase cost to hackers as a lens
§  Leveraging cloud services (AWS, Google, Microsoft)

Cyber range => North American Cyber Alliance

Unified space command
5G
IoT
Education and training through grants
Drone usage
Electronic health records

Are we winning the war on cyber?


Q and A
War – cyber threats
What is our approach on Cyber war?
Protection of our way of life…
Linda
§  Full scale battle with hardware is still inedible
§  Cyber Trench warfare quietly growing)
§  Do what we are currently doing…
§  Recognition of US Cyber Command
o   Increased authority


Keynote: Michael McAndrews, Vice President, Network Security Services, WGM Associates
Darkweb
Augmentation and assessment
WGM PacketWatch

Dark Overlord
AV Vendors and taken down by Fxmsp

Special browser/application to access

Proxies
VPNs/VPSs
TOR/I2P
·         Layers
·         Providing anonymity and protection
·         Price in latency
·         Circumvents firewalls/proxies/censorships
·         Hidden services
·         .onion sites
·         TOR project .org
Telegram – the next chapter

Second Panel
1.      Anthony Dezilva (Moderator), PhoenixNap, GCU doctoral student
2.      Lester Godsey, CISO, City of Mesa
3.      Tonia Doley, Security Solutions Advisor, CoFense & National Cybersecurity Society
4.      Eli Woodward, Senior Security Analyst, Maricopa County Information Security
5.      Cynthia Madden, Intelligence Enablement Manager, FireEye, Inc
6.      Bob Franklin, Senior Consultant; Security, BIA, Business Continuity, Disaster Recovery, Cybersecurity

Threat intelligence
·         Identify
·         Marry the two “terms”
·         Constantly evolving
·         Actionable
o   Regulations
o   Controls
o   Tools
·         Knowing what the adversary is doing
·         How to respond
·         Not all made equal
·         Timeliness
·         Staying ahead
Sources of threat intelligence
·         Coincide with infrastructure investments
·         Evaluate with a lens of automation
·         ISAC
·         Open Source info
·         Be careful of “Free”
·         ACTA
·         Twitter feeds
·         Sharing IOCs
·         “Red” teaming
Automation
MSSP
Internal threats
·         Recording the good stuff
·         Masking as insiders
·         Spear Fishing
·         Credentials