RSAC USA 2016: My Agenda Day 4 Thursday

The RSA Conference USA for 2016 starts a week from today. This blog post will share with you my schedule for Thursday, my fourth day of the conference. As I did in my last posting, Wednesday’s schedule, my schedule for Thursday is followed by some alternate sessions that are my fall-back choices, all very interesting.

Thursday, March 3, 2016

08:00 a – 08:50 a – Thursday Track Session 1 | West 3008 | HUM-R02
Preventing Cyber-Exposure: You Say Criminal, I Say Intractable
David Porter, Special Advisor, Digital Shadows

Try preventing cyber-exposure and you risk focusing on the wrong areas. Most incidents arise by accident rather than criminality. We must unpick intractable socio-technical systems where incidents spring from nowhere. Understand why things normally succeed, not why they sometimes go wrong. That way we can contain cyber-exposure, identify critical functions and understand what risk really means.

09:10 a – 10:00 a – Thursday Track Session 2 | West 2007 | IDY-R03
Deconstructing Identity in Security [Panel]

Identity experts from Google, Microsoft and Ping Identity will tackle tough questions and offer unique points of view on the role identity plays in security. They will deconstruct what identity means to security by sharing how they are building identity into the most popular cloud services in the world and by showing what can be done to strengthen identity in a borderless world.
Moderator: Ariel Tseitlin, Partner, Scale Venture Partners
Panelists: Andre Durand, CEO, Ping Identity; Eric Sachs, Product Management Director, Identity, Google; Kim Cameron, Chief Identity Architect, Distinguished Engineer, Microsoft

10:20 a – 11:10 a – Thursday Track Session 3 | West 3003 | EXP-R04
Hacking Exposed: The Mac Attack
Dmitri Alperovitch, Co-Founder & CTO, CrowdStrike; George Kurtz, CEO, CrowdStrike

Windows attacks receive all the attention. However, Mac and Linux have gained in popularity with the adversary. This session will focus on common Mac attack vectors and other cross-platform hacks that are typically seen in enterprise intrusions. We will also cover practical counter measures to make these alternate platforms more resilient.

11:30 a – 12:20 p – Thursday Track Session 4 | West 3008 | HUM-R05
Securing the “Weakest Link”
Adam Shostack, CEO and Founder, Stealth Startup

Security professionals often call people “the weakest link.” We claim that they’ll always make mistakes, however hard we try, and throw up our hands. But the simple truth is that we can help people do well at a wide variety of security tasks, and it’s easy to get started. Building on work in usable security and threat modeling, this session will give you actionable, proven ways to secure people.

01:00 p – 01:50 p | South The Viewing Point at Gateway | FRM-R07
Safeguarding the Digital Frontier: Balancing “Security” and “Security”
Michael McCaul, Member of Congress, Chairman, House Committee on Homeland Security, US House of Representatives

Every day, our enemies are trying to wage war against the U.S., but those attacks are no longer confined to the physical battlefield in faraway lands and terrorists are no longer plotting using caves and couriers. How can we promote effective information sharing and ensure that the digital technologies that protect our nation and civil liberties are not exploited by those who seek to do us harm?

02:10 p – 03:00 p | West 2021 | P2P3-R08
P2P: Saying Goodbye: Managing Security for Departing Personnel
Kenneth Morrison, Principal, Morrison Consulting

Personnel departures are a daily occurrence, with resignations, layoffs, terminations, outsourcing, reorganizations and spin-offs. How do you plan for these? Have you removed all access? Who should manage the data left behind? What are the risks and the best frameworks for addressing this risk? In this session participants will discuss best practices for managing the off-boarding process effectively.

03:40 p – 04:00 p | South Live at Esplanade Ballroom | KEY-R13
Keynote: Not Lost in Translation: Building an Architecture to Reshape
Pat Gelsinger – CEO, VMware

Across the industry, there is pent-up demand for an architecture that can serve as a “Rosetta Stone” or translation layer between apps and data above and the IT infrastructure below. VMware CEO Pat Gelsinger will share a perspective on the opportunity to fundamentally rethink and reshape cybersecurity as we know it—at a time when enterprises and governments alike are aggressively seeking a new approach and a more effective path forward.

04:00 p – 04:40 p | South Live at Esplanade Ballroom | KEY-R14
Keynote: CSI: Cyber Panel: Security Dramas Arrive on the Small Screen [Panel]

The remarkable success of television’s CSI franchise continues with “CSI Cyber”, in which an elite team of FBI Special Agents is tasked with tackling cybercrime across North America. RSAC Curator Sandra Toms will interview “CSI: Cyber” show creator Anthony E. Zuiker, plus two cast members Charley Koontz (Daniel Krumitz) and Shad Moss (Brody Nelson). The panel will discuss how they develop the show’s plot, how they respond to any industry criticism and what they hope to convey to the average viewer who may not be familiar with the nuts and bolts of infosecurity. Don’t miss what will be a fun intersection of security and show business.
Moderator: Sandra Toms, Vice President and Curator, RSA Conference
Panelists: Anthony E. Zuiker, Creator/Executive Producer of the CSI Franchise, Technology Visionary; Charley Koontz, Actor, CSI: Cyber; Shad Moss, Actor, CSI: Cyber


08:00 a – 08:50 a – Thursday Track Session 1 | West 2007 | IDY-R02
Do Something Smart with All the Smart Things
Andrés Molina-Markham, Dartmouth College; Kevin Bowers, Manager, RSA Labs

Devices are increasingly becoming “smart”—connected and interconnected—but the extent of that intelligence is limited. Using a reinforcement learning approach, this presentation will show how the available information and computation in such devices can be coopted to provide both an increase in security and in usability, adjusting over time to find the optimal balance for each and every user.

08:00 a – 08:50 a – Thursday Track Session 1 | West 3006 | ASD-R02
Understanding HTTP/2
Nathan LaFollette, Trustwave SpiderLabs

A new HTTP protocol standard is here. This session will review the HTTP/2 protocol in depth—the good, the bad and the ugly. HTTP/2 will affect how we test for vulnerabilities and scale our applications.

09:10 a – 10:00 a – Thursday Track Session 2 | West 2004 | CXO-R03F
Managing Complex M&A Security Risks — A Detailed Case Study
Ahmad Mahdi, Director of Information Security & Risk Management, Microsoft

The focus of this talk will be walking through the step-by-step approach one information security organization took to secure a massive acquisition with a global footprint. This acquisition included thousands of new employees and a myriad of technical, geopolitical and financial considerations.

09:10 a – 10:00 a – Thursday Track Session 2 | West 2018 | LAW-R03
Not So Fast… Myths and Misunderstanding Surrounding Reactive Strikes
Gerry Stegmaier, Partner, Goodwin Procter; Shawn Henry, President, CrowdStrike

Is the best defense a good offense in cybersecurity, or is it a digital slippery slope? There are a lot of misconceptions circulating about “hacking back” to gather information about your attackers. Before you venture down that path, hear this presentation as the speakers unravel the truth from the hype and highlight the real implications of active defense.

10:20 a – 11:10 a – Thursday Track Session 3 | West 2009 | MASH-R04
Dissecting Bitcoin Security
Cassio Goldschmidt, Principal Information Security Leader, Cassio Goldschmidt

Bitcoin introduced a new form of organization and consensus. Activities that previously required central authorities can now be decentralized. This has profound implications for security. This presentation will review and dissect some of Bitcoin’s core components and their security controls. The speaker will analyze each control and how they could be used in other domains.

10:20 a – 11:10 a – Thursday Track Session 3 | South The Sandbox-ICS Stage | SBX1-R04
Sandbox: ICS Sec for n00bz: an Intro to ICS Defense by Defending the Death Star
Kara Turner, Critical Infrastructure Cybersecurity Threat Analyst, ISIGHT Partners

In a humorous and nerdy take on ICS security, Kara Turner will share basic ways to defend the Galactic Empire from Rebel attacks on the Death Star. Learn best practices and policies to address these issues and more in a memorable way that easily translates to your own ICS environment. Rebel scum are attacking the Death Star through the ICS networks—the Empire needs you!

10:20 a – 11:10 a – Thursday Track Session 3 | West 3014 | TV-R04
RSAC Studio: Privacy Perspectives: How It’s Lost and the Implications
Florindo Gallicchio, Director, Information Security, Office of the CISO, Optiv; Kelley Misata, Ph.D. Candidate, Purdue University

Privacy and security are not fixed points, but rather moving points we must continually assess and reframe.
10:20 AM: Gone in 15 Minutes: Losing Your Privacy While Standing in a Crowd; Florindo Gallicchio;
10:50 AM: Get Out of Your Comfort Zone: Redefining Privacy and Security; Kelley Misata

11:30 a – 12:20 p – Thursday Track Session 4 | West 2004 | CXO-R05
Data Breach Litigation: How to Avoid It and Be Better Prepared for Defense
Andrea Hoy, Virtual CISO, A. Hoy & Associates; Rondal Raether, Partner, Troutman Sanders LLC

With the law evolving, it is important for companies to understand what circumstances give rise to and sustain a lawsuit. Learn why some of these lawsuits die on the vine and others settle with very few making it to witness testimony or e-document production and what can be done before and after the event to shrink the target on your company and improve your chances of success in any lawsuit.

11:30 a – 12:20 p – Thursday Track Session 4 | South The Sandbox-IoT Stage | SBX1-R05
Sandbox: Tactical Survival Tips Building and Leveraging IoT Technologies
Brian Witten, Senior Director, Internet of Things, Symantec

In 16 months, cars were “hacked, tracked and stolen,” MRI and X-Ray machines infected, power grids crashed, and a steel mill blast furnace damaged, all via security mistakes building and leveraging IoT gear. This session offers advice on using IoT gear as safely as possible in these “buyer beware” years, and a framework to build security into IoT products that should be secure “by design.”

01:00 p – 01:50 p | West 3014 | TV-R07
RSAC Studio: Guiding Principles to Defending Organizations
Dawn Cappelli, Vice President, Information Risk Management, Rockwell Automation; Rick Howard, Chief Security Officer, Palo Alto Networks

Effective security principles come from an inside out understanding of the basic building blocks necessary for success.
1:00 PM: The Power of a Network Defender’s First Principles, Rick Howard
1:30 PM: Predictive Techniques to Catch Insider Threats Before they Become Criminals, Dawn Cappelli