Keynote

Topic Title:
The Three Certainties of Life: Death, Taxes and Compromise.

Abstract:
This lecture will focus on the recent failures of companies to protect client information, and why these types of attacks will continue to be successful. Moreover, it will focus on the flawed responses and how each company could have minimized it data exposure. Topics that will be discussed include Advanced Persistence Threat impact, the Cyber Kill Chain methodology, and the failure of modern day solutions to stop these cyber-attacks.

Speaker Bio:
Anthony Reyes
President and Chief Executive Officer, The ARC Group of New York
Anthony Reyes is President and Chief Executive Officer of The ARC Group of New York, and a member of ARC’s Board of Directors. A visionary, decisive and results-oriented leader, Mr. Reyes is recognized globally for his work in the cyber security industry, establishing many of the industry standards currently in use today. With over 17 years of experience identifying, responding, and addressing cyber related issues, Mr. Reyes is an internationally recognized practitioner, trainer, and lecturer in the areas of technology and traditional investigations. His investigation topics include incident response, network forensics, intellectual property theft, identity theft, computer forensics, electronic discovery, cyber terrorism, network security, data encryption, steganography and malware detection. He is often asked to weigh in on events for new papers, publications, and television. He has appeared on CNN, MSN Money, Bloomberg, and other television and online broadcast, and has been quoted numerous times in publications like The Wall Street Journal, Washington Post, and Forbes, etc. Mr. Reyes has been intricate in winning hundreds of legal cases during the course of his career.

Mr. Reyes was a Detective, in the New York City Police Department’s Computer Crimes Unit, where he was responsible for handling complex cases on behalf of the NYPD, which involved terrorism, critical infrastructure, intellectual property theft, and complicated schemes to defraud. He participated in the review and revision of The National Institute of Justice Guide, “Electronic Crime Scene Investigation: A Guide for First Responders 2nd Edition”, and was the Training and Education Working Group Chairman of The National Institute of Justice’s Electronic Crime Partner Initiative. He served as an alternate member of New York Governor George E. Pataki’s Cyber-Security Task Force, and was the President of the High Technology Crime Investigation Association’s (HTCIA) International Executives Committee.

Mr. Reyes received his B.S. in Criminal Justice, and his Graduate Certification in Leadership from John Jay College of Criminal Justice in New York.

Speakers & Panels

CyBit – NYC June 11-12, 2015

ABSTRACT:  How to throw away your WAF in three easy steps!

BIO:
Israel Barak, Co-Founder, General Manager Sentrix Americas

Israel Barak is the co-founder of Sentrix, co-founding the company in 2011.  He currently functions as Sentrix GM business operations for the Americas.  Mr. Barak specializes in developing and assimilating innovative technologies and enhancing organizations’ capacity to withstand cyber-attacks.  Mr. Barak draws from his extensive background in various security and military bodies, including serving as the Head of the Israeli Defense Forces Cyber Red Team Unit for 5 Years.  Mr. Barak also founded one of Israel’s leading national cyber security consulting groups (now part of CITI Group).  He is an active member of OWASP, the Cloud Security Alliance, ISSA, and a member of the Boston Security Meetup.
First, extend your DMZ into the Cloud (4 hours) – fully automated.
Second, synchronize your new DMZ with your web systems—eliminating attack surfaces (1 hour) – fully automated.
Third, eliminate the need for any sort of learning mode and rule generation (1 hour) – fully automated.

Total Time: 6 hours
Turn off WAF!

Unlike traditional web security implementations (WAFs) that inspect all incoming traffic to your websites and can be very difficult to maintain, implementing a DMZ in the Cloud will eliminate more than 99% of your website’s attack surface.  As such, organizations with dynamic content are now able to implement a “fail close” web systems architecture transparently to corporate users and other visitors—no learning mode required.  Strong persistent whitelisting is now implementable.  In addition, zero-day and DDOS, become non-issue.  This session will explore new and highly efficient web system performance and security architectures only now made possible through leveraging newer cloud architectures such as AWS/Azure/IBM as the new point-of-presence for the organization’s Enterprise DMZ:  By extending the Enterprise DMZ architecture into the cloud, applications and system environments are protected regardless of code vulnerabilities, inadequate security controls, misconfigurations, or poor design.  A Cloud DMZ architecture enables continuous integration and a rapid time-to-market business model.  Extending your DMZ into the Cloud provides a means to deliver automated, continuous and fully synchronized security at speed of Cloud.

TRACK: 
IT Security – Data Security/Cloud Security
SESSION #: IT 2
DATE: Thursday June 11, 2015

TIME: 2:00 – 3:00 PM
SESSION TITLE: ” Benchmarking to Improve Software Security”
SPEAKER(S): John Dickson, Principal
ORGANIZATION: DENIM GROUP

ABSTRACT:
We all know that behind every breach story in the press is an organization that probably should have done more to build secure software. Yet, organizations struggle mightily to focus resources on building software securely from the outset and, as a result, software security remains a “nice to do” and not a “have to do” activity in many organizations. How can organizations determine the right sets of activities or appropriate resource allocation levels that it should undertake to adequately address software risk? How can security leaders know what other companies and competitors are doing to produce more secure software? This session will provide an overview of the Open Software Assurance Maturity Model (OpenSAMM) framework and illustrate how organizations can use it to improve their security “game” around software. John will provide case studies of how organizations are using comparative data and the OpenSAMM benchmarking tool to further the case of software security within the enterprise

SPEAKER BIO(S):
John Dickson is an internationally recognized security leader, entrepreneur and Principal at Denim Group, Ltd. He has nearly 20 years hands-on experience in intrusion detection, network security and application security in the commercial, public and military sectors. As a Denim Group Principal, he helps executives and Chief Security Officers (CSO’s) of Fortune 500 companies and government organizations launch and expand their critical application security initiatives. His leadership has been instrumental in Denim Group being honored by Inc. Magazine as one of the fastest growing companies in the industry for five years in a row.

A former U.S. Air Force officer, Dickson served in the Air Force Information Warfare Center (AFIWC) and was a member of the Air Force Computer Emergency Response Team (AFCERT). Since his transition to the commercial arena, he has played significant client-facing roles with companies such as Trident Data Systems, KPMG and SecureLogix Corporation.

Dickson is a popular speaker on security at industry venues including the RSA Security Conference, the SANS Institute, the Open Web Application Security Project (OWASP) and at other international security conferences. He is a sought-after security expert and regularly contributes to Dark Reading and other security publications. He also regularly contributes to the Denim Group blog where he writes about key security industry issues such as software security and cyber security policy. A Distinguished Fellow of the International Systems Security Association, he has been a Certified Information Systems Security Professional (CISSP) since 1998.

Dickson is currently the Chairman of the San Antonio Chamber of Commerce Cyber Security Committee where economic development, workforce and advocacy issues involving San Antonio’s growing cyber security industry are coordinated. Dickson is also a member of the prestigious Texas Business Leadership Council, the only statewide CEO-based public policy organization that serves as a united voice for the state’s senior executives to participate in the legislative and regulatory process. Most recently, he was the past Chairman of the Texas Lyceum, a leadership group that prepares leaders for the State of Texas and served as Chairman of the North San Antonio Chamber of Commerce. He also served as the local President of the Information Systems Security Association and was an honorary commander of the 67th Cyber Space Wing which organizes, trains and equips cyberspace forces to conduct network defense, attack and exploitation.

He holds a Bachelor of Science degree from Texas A&M University, a Master of Science degree from Trinity University and a Masters in Business Administration from the University of Texas in Austin. Dickson resides in San Antonio, Texas where he is married with two children.

TRACK: 
IT Security – Data Security/Cloud Security
SESSION # IT 2
DATE: Thursday June 11, 2015
TIME: 1:00 –2:00 PM
SESSION TITLE: ” Gaining Critical Visibility through the Cloud”
SPEAKER(S): Brandon Hoffman, Chief Technology Officer, Lumeta Corporation

ORGANIZATION: Lumeta Corporation

Presentation Title: Gaining Critical Visibility through the Cloud
Author: Brandon Hoffman, Chief Technology Officer, Lumeta Corporation

Keywords: Cloud Security, Cybersecurity Analytics, Recursive Network Indexing
Abstract: Gaining Critical Visibility through the Cloud
The benefits of virtualization technologies have led to increased deployment of private, public and hybrid clouds, but concerns linger about the security of the underlying technologies and protection of critical corporate and customer data on those infrastructures. The very benefits of cloud – near real-time deployment, disbanding of computer infrastructure and rapid time to availability of application services – means that cloud, network and security operations teams have less visibility and knowledge about how cloud activities are impacting overall enterprise network topology and risk to any critical data that rides on it. Yet, those teams are still responsible for the protection of critical enterprise and customer data assets.
This presentation is targeted to individuals who are responsible for (or are curious about) cloud, network and security operations.

Outline:
Cloud Market Overview
IaaS Cloud Adoption
Cloud Security Challenges
Cloud Deployment Use Cases (Hybrid, Private & Public)
Virtual Machine Asset Visibility
Cloud Infrastructure Visibility & Network Topology
Critical Alerts of Network Segmentation Policy Violations

Biography: Brandon Hoffman, Chief Technology Officer, Lumeta Corporation
As the CTO of Lumeta Brandon is largely responsible for technology integrations, alliances, and cloud/service providers with the goal of future proofing Lumeta’s cyber security platform. Prior to joining Lumeta, Brandon served as federal chief technology officer at RedSeal with responsibility for defining solutions and strategies that serve top government priorities. Prior to RedSeal, he held positions at KPMG, Chicago Mercantile Exchange, and Clear Channel. Brandon holds a B.S. in GIS from University of Illinois at Chicago, as well as a M.S. in Information Technology and Management from the Kellogg School of Management and the McCormick School of Engineering at Northwestern University.

Presentation Title: Threat Intelligence for Cyber Forensics
Author Name: Jessica Bair
Author Title: Sr. Manager, Advanced Threat Solutions
Company: Cisco Systems, Inc.
Speaker Contact Information: 1027 N Ogden Dr., W. Hollywood, CA 90046;
Abstract:
Cyber Forensics has long utilized some rudimentary threat intelligence to improve efficiency, leverage the collective experience of the community: white lists to filter out known good files on the endpoint and blacklists to identify known bad files. However, unknown threats continue to grow at an increasing rate.
In this presentation, attendees will learn how to apply threat intelligence context and correlation in cyber forensic investigations; understanding the WHY a file is “bad” or “malicious”; and for unknown threats, the WHAT it does in the form of behavior, so an informed decision can be made on remediation. Integrating threat intelligence into the cyber forensics workflow and processes is critical to effective and timely incident response and handling.
Biography:
Jessica Bair is the Senior Manager of Business Development, Advanced Threat Solutions at Cisco Security, where she manages OEM and alliance partnerships for the ThreatGRID unified malware analysis and threat intelligence solution.
Jessica was at Guidance Software for thirteen years; co-creating the EnCase Certified Examiner (EnCE) certification in 2001 and creating the EnCase Certified eDiscovery Practitioner (EnCEP) program in 2009. Prior to Guidance Software, Jessica served several years as a special agent/computer forensic examiner in the U.S. Army Criminal Investigation Command

TRACK: Investigations/Incident Management
SESSION #: DATE: Friday June 12, 2015
TIME: 2:00 –3:00PM
SESSION TITLE: “Roadmap to the Intersection of Security and Business Continuity”
SPEAKER(S): Caleb J. Crable, Sr. Malware Analyst
ORGANIZATION: The Media Trust
ABSTRACT:
In this day and age, we are all [mostly] fully aware how far signature-based antivirus detections go… not very far at all in regard to actual real-time protection. Users will get infected—there are no longer any IF statements in this equation. This session will focus on the gray area of post-infection and address the many different aspects of end-user and incident response frustration that occur after malware has penetrated and done its dirty work to a single system, network, or organization. Attendees will learn about various malware removal and mitigation techniques, tools of the trade, and general response and prevention guidelines in case this happens to you, and it will.

SPEAKER BIO(S): Caleb is a seasoned malware analyst and practicing dirty whitehat. As a frequent contributor to the information security community, Caleb supports both online and at technology security events. Recently, Caleb delivered recent presentations at BSides Tampa 2015 and CarolinaCon 11, where he shared information and best practices about how to respond, mitigate, and plan for malware breaches. He also founded and currently manages the CarolinaCon Shootout, in its 6th successful year of operation at the CarolinaCon security conference.

Tracks for CyBit:
IT Security – Governance, Risk & Compliance
IT Security – Data Security/Cloud Security
Cyber Security Secure Communications, Electronics, Critical Infrastructure
Cyber Security Command and Control, Readiness and Tactical Operations

Presentation title: Protecting Information Using Technology: Is that all there is?
Author: Lisa Berry-Tayman
Title: Sr. Privacy and Information Governance Advisor
Company: IDT911 Consulting
Address: Paramount Building
1501 Broadway, Suite 1616
New York, NY 10036
Keywords: information governance, data security, data breach risk, infosec, information privacy

Abstract: Every organization has some degree of concern about the risk of a data breach and exposing sensitive, personal, and private information. And technological safeguards aren’t always the end all be all to doing so. This session will be a practical discussion on the benefits of a multidisciplinary, layered approach to proactively protecting information assets for both your organizations and your clients. It will include practical takeaways so you can begin protecting your organization’s information, or advise clients about how to protect their own information.
Learning objectives:
• Understanding how the disciplines interplay
• Valuing how multidisciplinary layered approach protects information
• Identifying how to implement approach in your organization
• Knowing how to advise your clients on layered information protection and its benefits.

Biography: Lisa has vast experience assisting organizations in information governance and compliance, privacy, security and e-discovery. She speaks on these topics at corporate, legal, governmental and university events in the United States and Canada. Lisa is an adjunct professor at the School of Informatics at Indiana University-Purdue University Indianapolis (IUPUI). She is a former practicing attorney and former assistant attorney general. Her educational achievements include a Juris Doctorate with distinction from Mississippi College School of Law and a Certified Information Privacy Professional (CIPP/US) credential.

Presentation title: Is your company expecting IT to take care of security?
Author: Deena Coffman
Title: CEO
Company: IDT911 Consulting
Address: Paramount Building
1501 Broadway, Suite 1616
New York, NY 10036
Keywords: Infosec, IT, data security, information security, security resources, security budgeting

Abstract: Equating IT and InfoSec is like equating your neurologist with your cardiologist – they may both deal with keeping part of your body healthy, but the disciplines are distinctly different. You wouldn’t blame your neurologist for a heart attack, any more than you can put your organization’s security policy in the hands of your IT team. Just because security has a large technology component does not mean it rests solely upon IT. Information Technology departments are tasked with finding applications that make the business faster, more productive, easier, etc. These goals often have to be balanced against the security for optimization. Asking one group to hold two different perspectives is neither practical nor fair to that organization, putting proper checks and balances in place will benefit both the IT and InfoSec departments and your organization as a whole.

In this session, attendees will understand the different needs of an IT and InfoSec department – and how they each contribute to the security of a business, as well as learn how to make the business case for dedicated security resources.

Biography: Deena has over 20 years of experience working with technology and data management programs in law firms, corporate law departments and major consulting firms. She has provided guidance to clients adopting technology or building programs relating to data privacy, data security, operational risk and electronic discovery. Deena is former COO of Kroll Cyber Security and Information Assurance, and also managed international projects with the Analytical and Forensic Technology group at Deloitte Financial Advisory Services, and held global responsibility as the Discovery Director for Johnson & Johnson. Her education background includes an MBA from Cornell University’s S.C. Johnson Graduate School of Management, an MBA from Queen’s University in Ontario, Canada, and a B.A. in Management from the University of Illinois. She also maintains certification as a CIPP, MCSE, and MCP+I.

Presentation title: Crafting a Practical Incident Response Plan
Author: Deena Coffman
Title: CEO
Company: IDT911 Consulting
Address: Paramount Building
1501 Broadway, Suite 1616
New York, NY 10036
Keywords: Incident response plan, data breach response, data exposure, breach planning, incident response

Abstract: An incident response plan is much like a fire safety plan in that it is something you never want to use, but you wouldn’t want to be caught without it. And, in order for different departments and individuals across the organization to move in concert, the plan must be carefully developed to fit a company’s environment and people AND it must be practiced. In this session, learn how to develop an incident response plan that is tailor-fit to your organization and how to practice and execute it.

Biography: Deena has over 20 years of experience working with technology and data management programs in law firms, corporate law departments and major consulting firms. She has provided guidance to clients adopting technology or building programs relating to data privacy, data security, operational risk and electronic discovery. Deena is former COO of Kroll Cyber Security and Information Assurance, and also managed international projects with the Analytical and Forensic Technology group at Deloitte Financial Advisory Services, and held global responsibility as the Discovery Director for Johnson & Johnson. Her education background includes an MBA from Cornell University’s S.C. Johnson Graduate School of Management, an MBA from Queen’s University in Ontario, Canada, and a B.A. in Management from the University of Illinois. She also maintains certification as a CIPP, MCSE, and MCP+I.

TRACK: Cyber Security, Secure Communications, Electronics, Critical Infrastructure
SESSION #: CS1/#4
DATE: Friday June 12, 2015
TIME: 3:00 –4:00 PM
Presenter: Patrick Upatham, Global Director, Advanced Cyber Security Group, Digital Guardian
Talk Title:
Data Loss Prevention…. Ten Reasons why you don’t and One Reason why you (should) do
Data Loss Prevention (DLP) is a term that can send down shivers down the spine of even the most accomplished IT professional. With a legacy of implementation failures where software is never fully implemented because projects got stalled out trying to classify every bit of data on a network, we can certainly understand why. But, we live in a different world now (call it Post-Sony Pictures Entertainment if you will) and technologies have progressed, so how can you bring up DLP in IT priorities meetings without being laughed at? Attend this session to see!
The reasons that will be presented in this session are:
Before protecting my data, I need to find out where it is and how it should be classified
DLP is something IT should lead; it’s a technology driven solution
DLP is the cherry on the sundae… First I need to address Anti-Virus, Intrusion Prevention, Identity & Access Management concerns
I already have DLP/Data Protection according to my email/web/backup solution vendor.
DLP is complex
DLP is simple
DLP blocks my business
Why would I secure my data, if it goes out to uncontrolled/unprotected 3rd party suppliers/partners anyway… Or… the Cloud…
The goal of cyber security is to keep the “bad guys” out
DLP violates all privacy laws and regulations and breaks the trust relationship between employer and employee.
Once those reasons are broken down, Patrick will present the reason to “do” DLP: because your company may not be able to overcome the impact (financial, regulatory, brand, partner) of a data breach. This will be supported from guidelines from Forrester, Gartner and Quocirca and evidence from companies recently impacted by data breaches. The presentation then will dive into upcoming legislation changes that will impact the way companies approach data protection and DLP.
Five Benefits to Delegates
The session will discuss 10 common reasons why IT professionals shy away from DLP—or why it has become a dirty word!
As part of each of these 10 reasons, Patrick will be able to show the truth/falsity of each reason as many of them have become legend.
These 10 reasons also include tips on how to alleviate some of these common frustration points.
Attendees will then learn about the most important reason to re-evaluate DLP—because they can simply not afford not to anymore. This is supported by data from many of the leading analyst groups about trends in data security.
In light of the recent data breaches, this talk will also provide a different perspective that looks at while breaches may be inevitable— losing data isn’t.
Bio
Patrick Upatham servers as the Global Director of Advanced Cyber Security at Digital Guardian. He is a former FBI cybercrime information security professional experienced in identifying, guiding and managing projects requiring combined technical expertise and an understanding of business impact across broad industries and audiences. He is skilled in incident response, forensic acquisition/analysis and leading and liaising between technical and business teams involving technical investigations with private institutions and federal law enforcement.

TRACK: 
IT Security – Data Security/Cloud Security
SESSION #: CS2
DATE: Friday June 12, 2015
TIME: 3:00 –4:00 PM
SESSION TITLE: “Data Loss Prevention…. Ten Reasons why you don’t and One Reason why you (should) do”
SPEAKER(S): Patrick Upatham, Global Director, Advanced Cyber Security Group
ORGANIZATION: Digital Guardian
ABSTRACT: Data Loss Prevention (DLP) is a term that can send down shivers down the spine of even the most accomplished IT professional. With a legacy of implementation failures where software is never fully implemented because projects got stalled out trying to classify every bit of data on a network, we can certainly understand why. But, we live in a different world now (call it Post-Sony Pictures Entertainment if you will) and technologies have progressed, so how can you bring up DLP in IT priorities meetings without being laughed at? Attend this session to see!
The reasons that will be presented in this session are:
1. Before protecting my data, I need to find out where it is and how it should be classified
2. DLP is something IT should lead; it’s a technology driven solution
3. DLP is the cherry on the sundae… first I need to address Anti-Virus, Intrusion Prevention, Identity & Access Management concerns
4. I already have DLP/Data Protection according to my email/web/backup solution vendor.
5. DLP is complex
6. DLP is simple
7. DLP blocks my business
8. Why would I secure my data, if it goes out to uncontrolled/unprotected 3rd party suppliers/partners anyway… Or… the Cloud…
9. The goal of cyber security is to keep the “bad guys” out
10. DLP violates all privacy laws and regulations and breaks the trust relationship between employer and employee.

Once those reasons are broken down, Patrick will present the reason to “do” DLP: because your company may not be able to overcome the impact (financial, regulatory, brand, partner) of a data breach. This will be supported from guidelines from Forrester, Gartner and Quocirca and evidence from companies recently impacted by data breaches. The presentation then will dive into upcoming legislation changes that will impact the way companies approach data protection and DLP.

Five Benefits to Delegates
1. The session will discuss 10 common reasons why IT professionals shy away from DLP—or why it has become a dirty word!
2. As part of each of these 10 reasons, Patrick will be able to show the truth/falsity of each reason as many of them have become legend.
3. These 10 reasons also include tips on how to alleviate some of these common frustration points.
4. Attendees will then learn about the most important reason to re-evaluate DLP—because they can simply not afford not to anymore. This is supported by data from many of the leading analyst groups about trends in data security.
5. In light of the recent data breaches, this talk will also provide a different perspective that looks at while breaches may be inevitable— losing data isn’t.

SPEAKER BIO(S): Patrick Upatham servers as the Global Director of Advanced Cyber Security at Digital Guardian. He is a former FBI cybercrime information security professional experienced in identifying, guiding and managing projects requiring combined technical expertise and an understanding of business impact across broad industries and audiences. He is skilled in incident response, forensic acquisition/analysis and leading and liaising between technical and business teams involving technical investigations with private institutions and federal law enforcement.

TRACK: Electronic Discovery
SESSION #: ED5
DATE: Thursday June 11, 2015
TIME: 3:00 –4:00PM
SESSION TITLE: ” Data Security in Hybrid Cloud”
SPEAKER(S): Taffi Schurz, Vice President, Training-Hosted Solutions.
ORGANIZATION: LDiscovery, LLC
ABSTRACT:
How many times have you heard that IT is a cost center, a guzzler of resources, separate from the “real” business that your organization performs? “The IT Golden Rule: A Practical Guide to Gaining Support and IT Benefits Realization Through Governance,” will walk you through the pitfalls of the stereotypical executive paradigm. In this hour-long session, gain a deeper understanding of governance frameworks, IT evaluation techniques, and methods to garner support for enterprise governance within your organization.

SPEAKER BIO(S): Taffi Schurz has worked at LDiscovery, LLC, a leader in eDiscovery management solutions, providing end-to-end legal and technology consulting services since 2008. She has held roles as Director of Web Hosting, Vice President, Quality Assurance, and most recently, Vice President, Training-Hosted Solutions. Mr. Schurz is a certified Project Management Professional, Lean Six Sigma Green Belt, Certified Training Consultant, Relativity Certified Admin, and serves as the President of the Women in eDiscovery Chicago Chapter. Before her corporate career, Taffi served as the Director of Forensics at Clemson University.

TRACK: Electronic Discovery
SESSION #: ED11
DATE: Friday June 12, 2015
TIME: 3:00 –4:00PM
SESSION TITLE: “Training Predictive Coding Systems”
SPEAKER(S): Bill Dimm, Ph.D., Founder & CEO
ORGANIZATION: Hot Neuron LLC
ABSTRACT:
The ever-increasing volume of electronic data presents a significant cost when an organization is involved in litigation and is ordered to produce documents relevant to a discovery request. Predictive coding shows great promise for reducing expensive and time-consuming human review of documents to determine relevance. It uses supervised machine learning algorithms to predict which documents are likely to be relevant based on patterns detected by analyzing examples of relevant and non-relevant training documents. Proper training of the predictive coding system is critical to achieving success, and there is currently a great deal of debate about which approach is best. The approach chosen can have a significant impact on the quality of the result and the amount of human review required.

This presentation starts with some general tips on reviewing training documents, like how to handle near-duplicates or emails with attachments. It discusses the factors that determine the amount of training data needed, and how to know when the system is sufficiently trained. It describes training with random sampling, judgmental sampling, and various types of active learning, and examines the pros and cons of each approach in detail. Does theory support a particular approach? Which is the most efficient, and why? What impact does the training approach have on the rest of the workflow, like the use of control sets or cross-validation? How concerned should you be about the oft-misunderstood problem of bias? Does the approach affect the diversity of the relevant documents that are found? Finally, how do the circumstances of the case impact the training method you should use? Results from recent research will be presented to illustrate how performance is related to the training technique employed.

SPEAKER BIO(S): Dr. Dimm is the founder and CEO of Hot Neuron LLC. He developed the algorithms for predictive coding, conceptual clustering, and near-duplicate detection used in the company’s Clustify software. He is currently writing a book on predictive coding. He has over two decades of experience in the development and application of sophisticated mathematical models to solve real-world problems in the fields of theoretical physics, mathematical finance, information retrieval, and e-discovery. Prior to starting Hot Neuron, he did derivative securities research at Banque Nationale de Paris. He has a Ph.D. in theoretical elementary particle physics from Cornell University.

IP theft prevention, are you the victim or perpetrator, or both?

Abstract: Using the currently available body of academic work this presentation lays out the current battlefield in the war against IP theft. While there is significant focus on the sophisticated barbarians at the gate, this presentation focuses on the gravest threat; the employee tucked safely behind the castle walls. Attendees to the presentation will not only learn more about hidden threats to their business they will also be given high level strategy advice, point-by-point breakdown on how to make a case to other stake holders, and actionable steps they can take tomorrow to begin mitigating the threat of employee IP theft.
Background: We carefully lay out the case for why the most persistent, direct, and highest risk of IP theft is now or soon will be working right alongside you. Attendees will learn how to make the case for improved security to all stakeholders within their organization. (5 Minutes)

Break-Down the Complicated Problem: We explore the three phases of the employee from the enterprises perspective: Recruitment/screening, Employed, and Exit. (5 Minutes)

Recruitment/Screening: We list out the affirmative steps an organization can take to limit a lateral hire bring data with them. How they begin to create the culture of IP protection. (5 Minutes)

Employed: Policy level, implementation level, compliance monitoring. We walk though possible affirmative steps you can take to ensure compliance with policy. (5 Minutes)

Exit: Policy level, implementation level, compliance monitoring. Is there an exit process where by you audit file share, outside email log-ins, USB connectivity (if permitted), and other activities? (5 Minutes)

Choices, choices, choices: We explore the risk of ignoring the internal threat, go through the negative outcomes of not setting policy, setting implementation, and attempts to drive voluntary participation. (10 Minutes)

Heuristics: Let’s be totally candid. This is not a solvable problem. What forward thinking companies looking to avoid litigation need to do is establish a program that puts reasonable security methods in place, makes notice to employees, and defines reasonable cost limits. The audience will be able to get actionable items and practical advice on where major areas to cover. (10 Minutes)

Wrap, Time Delta & Q&A (15 Minutes)
Presenter:

Michael C. Dunn
President and Chief Operating Officer
e-Stet
Los Angeles and San Francisco California

Mr. Dunn joined e-Stet in 2011 and currently serves as the President and Chief Operating Officer. In this role, Mr. Dunn leads a dynamic team of attorneys, litigation support professionals, IT and computer forensics investigators, and eDiscovery experts. By way of background Mr. Dunn advises clients and staff on best practices, process management, workflow design, and deployment of cutting-edge technology to reduce eDiscovery costs and risks. Mr. Dunn has substantial experience managing these processes in both state and federal district courts, international trade commission investigations, meet-and-confer negotiations, and arbitrations. Over the course of building e-Stet’s practice Mr. Dunn has consulted with a wide variety of corporate law departments from startups to large multinational corporations and their outside counsel firms in order to help them manage complex eDiscovery issues.
Prior to joining e-Stet, Mr. Dunn spent more than ten years at Finnegan Henderson, where he managed teams of review attorneys, paralegals, IT analysts, and other litigation support professionals. Mr. Dunn holds a Bachelor’s degree in Political Science from Drew University in Madison, NJ.

TRACK: IT Security – Data Security/Cloud Security
SESSION #: IT2
DATE: Friday June 12, 2015
TIME: 11:00 –12:00PM
SESSION TITLE: ” Data Security in Hybrid Cloud”
SPEAKER(S): Ondrej Krehel, CISSP, CEH, CEI, Founder, LIFARS LLC; Paul Kubler CISSP, SEC+, CCNA, ACE; Digital Forensics and Cyber Security Examiner
ORGANIZATION: LIFARS LLC
ABSTRACT:
The presentation abstract should outline your presentation and what attendees would learn. Please remember that all the content must be strictly educational and marketing oriented papers will not be accepted. The presentation has to be oriented towards the intended audiences for each event.

The presentation will begin by outlining APT and the growing threat of advanced hackers. Then it will go into recent cases and trends in the industry. After the introduction it will then start the recognition, interception, and response phase to educate the users on how this is done, highlighting tips and pitfalls that are common.

In the ever evolving world of cyber threats we are no longer dealing with the bygone years of Nigerian prince scams but now dealing with trying to secure your network, including users and applications against advanced threats that know more about your businesses technology. Recent trends show more sophisticated and persistent threats that send long periods of time working on exploiting systems.

Responding to the incident requires preparation and procedures to be in place. If not this can delay a response or prevent evidence recovery. This process uses specialized techniques that will be highlighted to teach attendants on how to do it themselves.

SPEAKER BIO(S)
Ondrej Krehel is the Founder of LIFARS, a global Cybersecurity and Digital Forensics firm founded in 2014 with offices in New York City, Bratislava, London, Geneva, and Hong Kong. Mr. Krehel holds multiple professional designations and certifications, including that of Certified Information Systems Security Professional (CISSP), Certified Information Systems Auditor (CISA), Certified Ethical Hacker (CEH) and Certified Ethical Hacker Instructor (CEI), a most prestigious certification, as Mr. Krehel is one of ten people in the United States to hold such professional status. In addition, in 2012-2013, Mr. Krehel served as Adjunct Professor, St. Johns University, teaching a broad spectrum of cyber security issues and solutions.

Mr. Krehel anchors and directs LIFARS’ multi-faceted global team providing tailored cyber and digital security solutions ranging from emergency response, to assessment, to monitoring, to re-architecture, and re-building of multiple systems and networks.

Most recently, on Feb. 25, 2015, LIFARS, LLC, Mr. Krehel’s firm, announced that it was ranked #2 in New York City on the Cybersecurity 500, a directory of the hottest and most innovative cyber security companies to watch in 2015, as compiled by Cybersecurity Ventures. Overall, the company ranked at #101 out of 500, ahead of well-known companies such as Symantec and Trustwave, as covered by Bloomberg Business.

This directory’s ranking criteria included feedback from CISOs and decision makers, company growth, demos and presentations at conferences, media coverage, founder and management pedigree, problems solved, feedback from IT security evaluators & recommenders, customer base, feedback from VARS, SIs and consultants, corporate marketing and branding, and more.

Previously, Mr. Krehel served as the Chief Information Security Officer of Identity Theft 911 LLC from October 2009 until 2013. He has over a decade of network and computer security experience investigating intellectual property theft, massive deletions, defragmentation, anti-money laundering and computer hacking. Mr. Krehel has served as digital forensic examiner in the New York office of Stroz Friedberg, where he led computer security and forensics projects internationally and in the U.S., and was instrumental in detecting, investigating and combating intrusions and data breaches. Mr. Krehel also served as an IT technical security project leader at Loews Corporation, where he implemented technical security solutions, and was responsible for providing the first line of response for all cases involving the compromise of networking equipment, servers and end user machines. He began his career as a computer analyst at the government-owned utility company Slovenske Elektrarne A.S., in Bratislava, Slovakia, where he focused on information security and emergency security incident response for their nuclear, water energy and coal power plants.

Mr. Krehel is a member of the High Technology Crime Investigation Association (HTCIA), the Information Systems Security Certification Consortium (ISC) and the International Council of Electronic Commerce (EC Council). He has an M.S. degree in Mathematical Physics from Comenius University in Bratislava, and an Engineering Diploma from Technical University in Zvolen, Slovakia. He has also completed multiple courses in intrusion and forensics training, including Access Data Boot Camp and Niksun forensics training.

His professional work in cybersecurity and digital forensics has received media attention from CNN, Reuters, CNBC, Forbes, Bloomberg, The Wall Street Journal, and The New York Times.

Mr. Krehel is a Speaker at the world’s leading cybersecurity events for many years, including RSA in San Francisco, CEIC, HTCIA, RIMS, QuBit Prague, ICS South Africa, and is the Author of numerous cyber industry articles.

On October 22, 2014, Mr. Krehel delivered a keynote speech at Guidance Software’s Beyond Defense-in-Depth Security Seminar Series, entitled Today’s Threat Landscape and Data Visibility, focusing on the newest threats today’s cybercriminals are employing in the ongoing cyberwar. Mr. Krehel also focused upon the need to deploy solutions to keep sensitive data private.

Recently, on April 7, 2015, Mr. Krehel was interviewed in Forbes Magazine regarding the multiple challenges and essential job requirements of the CISO.

LIFARS is driven to provide cutting-edge solutions, in a variety of pre and post data breach enhanced services, including digital risk assessment, computer and networks forensic assessments, incident response, web and application security and penetration testing. Mr. Krehel and LIFARS have developed automated software tools for Malware Detection – allowing for safe and secure email, Threat Intelligence Monitoring – allowing for true visibility into systems and networks, and Network Assessment and Response – allowing for integrated and unified assessment security, so as to de-risk cyberthreats and incidents.

TRACK: Cyber Security, Secure Communications, Electronics, Critical Infrastructure
SESSION #: CS1/#4
DATE: Thursday June 11, 2015
TIME: 3:00 –4:00 PM
SESSION TITLE: “Reap the Unexpected Results and Benefits of Properly Securing Your Organization against a Cyber Attack”
SPEAKER(S): Wes Withrow, IT GRC Subject Matter Expert
ORGANIZATION: TraceSecurity
ABSTRACT: It is becoming common knowledge that compliance does not equal security, and in the wake of recent data breaches, organizations by the masses are beginning to adopt formal information security programs and practices into their day-to-day IT and business operations. This session will give you real-world insight into some of the added value implementing a comprehensive IT GRC program and certain security initiatives can bring to your organization. Join Wes Withrow, IT GRC Subject Matter Expert, as he applies his more than 15 years of information security expertise to give concise examples of the unexpected benefits a risk-based approach to information security can bring.
In this session, you will gain the practical and useful knowledge to:
• Reduce 99% of the malware in your environment, resulting in increased productivity and visibility into problem areas
• Gain control over inventory of equipment your organization actually owns but may not be accounting for
• Create a process for continuous and proactive diagnostic and mitigation efforts that would have otherwise only been found once something actually broke
• Leverage your IT GRC program as the best way to institute organizational change through its systematic approach that provides the vehicle to communicate laterally and vertically across your organization

SPEAKER BIO(S): For more than 15 years, Wes has worked in IT and information security. He began his career as a systems engineer at Under Armour, the global leader in performance apparel. Wes then joined the nation’s largest university affiliated research center, The Johns Hopkins University Applied Physics Laboratory, which for over 70 years has provided our nation with critical contributions in the area of national security and space. Wes served in roles that included enterprise IT operations management, systems engineering, and information security, working closely with multiple branches of the Department of Defense. Wes leveraged the diversity of his expertise to become the CIO at a business and technology consulting group responsible for providing managed IT services to industries that include legal, finance, oil and gas, healthcare, and education. Wes obtained a Master of Science in Information Systems from The Johns Hopkins University and a Bachelor of Science in Computer Science from Davis and Elkins College. He holds 13 industry certifications, which include the CISSP, CompTIA Security+, CompTIA Network+, Six Sigma, and HIPAA from both The Johns Hopkins University School of Medicine and the U.S Department of the Navy and has first-hand experience responding to state-sponsored cyber attacks.

 

TRACK: Investigations/Incident Management
SESSION #: IT3
DATE: Friday June 12, 2015
TIME: 11:00 –12:00PM
SESSION TITLE: ” Advanced Threat Incident Response”
SPEAKER(S): Ondrej Krehel, CISSP, CEH, CEI, Founder, LIFARS LLC; Paul Kubler CISSP, SEC+, CCNA, ACE; Digital Forensics and Cyber Security Examiner
ORGANIZATION: LIFARS LLC
ABSTRACT:
The presentation will begin by outlining APT and the growing threat of advanced hackers. Then it will go into recent cases and trends in the industry. After the introduction it will then start the recognition, interception, and response phase to educate the users on how this is done, highlighting tips and pitfalls that are common.

In the ever evolving world of cyber threats we are no longer dealing with the bygone years of Nigerian prince scams but now dealing with trying to secure your network, including users and applications against advanced threats that know more about your businesses technology. Recent trends show more sophisticated and persistent threats that send long periods of time working on exploiting systems.

Responding to the incident requires preparation and procedures to be in place. If not this can delay a response or prevent evidence recovery. This process uses specialized techniques that will be highlighted to teach attendants on how to do it themselves.

SPEAKER BIO(S)
Ondrej Krehel is the Founder of LIFARS, a global Cybersecurity and Digital Forensics firm founded in 2014 with offices in New York City, Bratislava, London, Geneva, and Hong Kong. Mr. Krehel holds multiple professional designations and certifications, including that of Certified Information Systems Security Professional (CISSP), Certified Information Systems Auditor (CISA), Certified Ethical Hacker (CEH) and Certified Ethical Hacker Instructor (CEI), a most prestigious certification, as Mr. Krehel is one of ten people in the United States to hold such professional status. In addition, in 2012-2013, Mr. Krehel served as Adjunct Professor, St. Johns University, teaching a broad spectrum of cyber security issues and solutions.

Mr. Krehel anchors and directs LIFARS’ multi-faceted global team providing tailored cyber and digital security solutions ranging from emergency response, to assessment, to monitoring, to re-architecture, and re-building of multiple systems and networks.

Most recently, on Feb. 25, 2015, LIFARS, LLC, Mr. Krehel’s firm, announced that it was ranked #2 in New York City on the Cybersecurity 500, a directory of the hottest and most innovative cyber security companies to watch in 2015, as compiled by Cybersecurity Ventures. Overall, the company ranked at #101 out of 500, ahead of well-known companies such as Symantec and Trustwave, as covered by Bloomberg Business.

This directory’s ranking criteria included feedback from CISOs and decision makers, company growth, demos and presentations at conferences, media coverage, founder and management pedigree, problems solved, feedback from IT security evaluators & recommenders, customer base, feedback from VARS, SIs and consultants, corporate marketing and branding, and more.

Previously, Mr. Krehel served as the Chief Information Security Officer of Identity Theft 911 LLC from October 2009 until 2013. He has over a decade of network and computer security experience investigating intellectual property theft, massive deletions, defragmentation, anti-money laundering and computer hacking. Mr. Krehel has served as digital forensic examiner in the New York office of Stroz Friedberg, where he led computer security and forensics projects internationally and in the U.S., and was instrumental in detecting, investigating and combating intrusions and data breaches. Mr. Krehel also served as an IT technical security project leader at Loews Corporation, where he implemented technical security solutions, and was responsible for providing the first line of response for all cases involving the compromise of networking equipment, servers and end user machines. He began his career as a computer analyst at the government-owned utility company Slovenske Elektrarne A.S., in Bratislava, Slovakia, where he focused on information security and emergency security incident response for their nuclear, water energy and coal power plants.

Mr. Krehel is a member of the High Technology Crime Investigation Association (HTCIA), the Information Systems Security Certification Consortium (ISC) and the International Council of Electronic Commerce (EC Council). He has an M.S. degree in Mathematical Physics from Comenius University in Bratislava, and an Engineering Diploma from Technical University in Zvolen, Slovakia. He has also completed multiple courses in intrusion and forensics training, including Access Data Boot Camp and Niksun forensics training.

His professional work in cybersecurity and digital forensics has received media attention from CNN, Reuters, CNBC, Forbes, Bloomberg, The Wall Street Journal, and The New York Times.

Mr. Krehel is a Speaker at the world’s leading cybersecurity events for many years, including RSA in San Francisco, CEIC, HTCIA, RIMS, QuBit Prague, ICS South Africa, and is the Author of numerous cyber industry articles.

On October 22, 2014, Mr. Krehel delivered a keynote speech at Guidance Software’s Beyond Defense-in-Depth Security Seminar Series, entitled Today’s Threat Landscape and Data Visibility, focusing on the newest threats today’s cybercriminals are employing in the ongoing cyberwar. Mr. Krehel also focused upon the need to deploy solutions to keep sensitive data private.

Recently, on April 7, 2015, Mr. Krehel was interviewed in Forbes Magazine regarding the multiple challenges and essential job requirements of the CISO.

LIFARS is driven to provide cutting-edge solutions, in a variety of pre and post data breach enhanced services, including digital risk assessment, computer and networks forensic assessments, incident response, web and application security and penetration testing. Mr. Krehel and LIFARS have developed automated software tools for Malware Detection – allowing for safe and secure email, Threat Intelligence Monitoring – allowing for true visibility into systems and networks, and Network Assessment and Response – allowing for integrated and unified assessment security, so as to de-risk cyberthreats and incidents.

Paul Kubler is a Cyber Security and Digital Forensics Examiner at LIFARS LLC, an international cybersecurity and digital forensics firm. He’s a former employee at Boeing, in the Global Network Architecture division, the nation’s largest private cyberattack target. He previously worked at the Flushing Bank, in Network and Systems Infrastructure, protecting valuable financial data at various levels within the network and system. Paul has also performed forensic investigations into mobile devices aiding in the prosecution of criminals.

With several years of experience in cybersecurity and digital forensics, he conducted a wide range of investigations, including data breached through computer intrusions, theft of intellectual property, and computer hacking. He has worked on hardening the systems and deploying protection over an international organization. He has also created business networks with a defense in depth strategy and implemented firewalls on these networks.
He holds a B.A. Summa cum Laude in Computer Science, with minors in Networking and Cybersecurity, from St. John’s University in New York.
He belongs to several industry groups, including the High Technology Crime Investigation Association (HTCIA) and the Long Island Association of Information Technology Professionals (LI-AITP). He is a Certified Information Systems Security Professional, Certified Cisco Network Associate (CCNA), AccessData Certified Examiner (ACE) and a Kaspersky Labs Certified Sales Engineer. He also holds a Security+ certification from CompTIA.

TRACK: IT Security – Data Security/Cloud Security
SESSION #: DATE: Friday June 12, 2015
TIME: 3:00 –4:00PM
SESSION TITLE: ” Tipping the Scales Back in our Favor”
SPEAKER(S): Rene Aguero – Manager of Enterprise Security Architecture
ORGANIZATION: Rapid7
ABSTRACT:
The economics of attacks heavily favor the attackers. 0 day vulnerabilities and malware kits are coming with support and SLAs similar to legitimate software vendors. It is becoming increasingly difficult to stop even lower budget attacks because of this. International/Nation state cyberespionage and cyberwarfare fuels the fire of hactivists and cybercriminals by allowing the former bleeding edge tools and techniques to make their way down the chain once they are no longer deemed effective at the government level. Financial institutions were the first business sector to suffer persistent attacks because of the ease of monetization of the data that could be bought and sold on the black market. Large retail sectors quickly followed due to the prevalence and ease of access to credit card data that can quickly be turned into cash. Healthcare targets are next on the cybercriminals lists. Healthcare organizations have not been held to the same data security standards as financial institutions and payment card vendors, but their data is harder to change (SSN, healthcare data). This data can be used to spearfish, perform tax fraud and successfully execute identity theft. All of these events validate the increasing need for advances threat detection systems and ultimately faster and better forensics. Signature based AV is dead. Symantec has said so. Sandboxing can be circumvented with advanced malware that detects whether it is running within a VM. Polymorphic malware and exploits that run at the kernel level are almost impossible to stop. All of the data gathered breaches lead to better spear phishing attacks to the harvesting passwords. These passwords would allow legitimate access to data in networks and in the cloud. Password and stolen credential attacks are not only difficult to detect but also difficult to investigate. Attackers are starting to mine this data that will ultimately be used in future attacks. Forensics tools that focus on user credentials, stolen passwords and lateral movement make it easier to uncover threat actor movements within a network and the extent of the breach. Despite all of the threats heading our way, this is not a moment for despair. This is a time for action. Building security response teams, bringing on security response services and using tools that limit the extent of breaches and attacks are critical to start to tip the scales back in our favor.

SPEAKER BIO(S): Rene Aguero is currently the Manager of Enterprise Architecture at Rapid7. He has helped architect Rapid7 deployments and services ranging from Vulnerability Management, Penetration Testing, User Threat Actor Detection and Attribution. Prior to Rapid7, Rene worked in the financial sector in Southern California as an IT Manager where he designed networks and security solutions to keep PII and Credit Card data secure through the use of FWs, IPS/IDS and various encryption methods. Rene received a Master of Science in Business Administration with Emphasis in IT Security, IT Audit and Computer Forensics from California Polytechnic University Pomona. Rene has appeared on Associated Press and their consuming news agencies on topics like the End of XP and the Anthem healthcare breach.

TRACK: Legal Track A – Electronic Discovery
SESSION # ED5
DATE: Thursday June 11, 2015
TIME: 3:00 –4:00 PM
SESSION TITLE: “Digital Evidence Preservation and Monitoring of Social Networking Sites”
SPEAKER(S): Julie Lewis, President & CEO

ORGANIZATION: Digital Mountain, Inc.
ABSTRACT: According to Nielsen, internet users continue to spend more time with social media sites than any other type of site. At the same time, the total time spent on social media in the U.S. across PC and mobile devices increased by 37 percent to 121 billion minutes in July 2012 compared to 88 billion minutes in July 2011. Many technology thought leaders believe social networking will displace traditional email as the leading communication medium. This track will provide a practical walkthrough of preservation and monitoring of top social media sites and how to effectively utilize tools for evidentiary collection

SPEAKER BIO(S): Julie Lewis, President and CEO of Digital Mountain, has over 20 years of experience working in the high technology industry. Prior to Digital Mountain, Julie worked at VERITAS Software (now Symantec) with next-generation storage, security and search companies. Prior to VERITAS Software, she worked at several technology companies and in venture capital. Julie is a member of the High Tech Crime Investigation Association (HTCIA), Sedona Conference’s Working Group on E-mail Management and Archiving, Cloud Security Alliance and has received her EnCE (Encase Certification in Computer Forensics). Julie is founding Co-Chair of the Silicon Valley Chapter of Women in eDiscovery.

TRACK: Legal Track B – Records/Document Management
SESSION #: R/D Management #4
DATE: Thursday June 11, 2015
TIME: 2:00 –3:00 PM
SESSION TITLE: “Getting Employees to Stop Hoarding Electronic Documents”
SPEAKER(S): Mark Diamond, President & CEO
ORGANIZATION: Contoural, Inc
ABSTRACT:
Employee hoarding of e-mails, files and other types of electronic documents is burying organizations under mountains of data leading to privacy or IP breaches, increasing the cost and risks of eDiscovery, as well as sapping employees’ productivity who spend hours every week looking for information. Yet many company’s efforts at deleting are either ineffective or worse have the unintended effect of driving “underground archiving.” It will feature in-house counsel who have been successful in changing their companies’ cultures from a “save everything” to a “save smart.”

· Real-world strategies for changing corporate culture

· Building disposition program support from hoarding-prone business units such as engineering and sales

· Experiences from in-house counsel on what worked for them and pitfalls to avoid

· Which and where technologies can be applied successfully, and where they can’t

· Industry benchmarks on data retention and deletion

· Setting practical and realistic data deletion targets

SPEAKER BIO(S): Mark Diamond is one of the industry thought leaders in proactive litigation readiness, compliance, and records information management strategies. His company, Contoural, has helped 20% of the Fortune 500 plus many mid-sized and smaller organizations as well as public sector entities. As a trusted advisor he and his company help bridge legal, compliance and business needs and policies with effective legal and IT strategies and processes. Mark is a frequent industry speaker, presenting at numerous Legal and IT industry conferences as well as online venues. Additionally, Mark addresses more than one hundred internal corporate audiences each year.

Mark is founder, President & CEO of Contoural, Inc. Under his leadership, Contoural has grown to be the largest independent provider of litigation readiness and records and information management services. As an independent provider Contoural does not sell any products, provide any document review nor supply document warehousing services. Providing innovative approaches, these strategies help simplify complex issues, build consensus, ensure compliance, and reduce risks and lower costs.

He is recognized as a thought leader in litigation readiness and records information management. Mark is an online columnist for InsideCounsel Magazine, as well as an author of numerous white papers for both the legal and IT communities. He is a frequent speaker at the Association for Corporate Counsel Annual Meeting and other legal conferences. He also served as Chair of the Storage Networking Industry Association customer advisory board on data security.

Previously, Mark was co-founder of Symantec’s (OpenVision) Professional Services group. Additionally, he was founder and General Manager, Worldwide Professional Services for Legato Systems, as well as Vice President of Worldwide Professional Services at RightWorks, a provider of business application software to the B2B marketplace. Additionally he has worked as a management consultant. Mark sits on the board of advisors for high technology companies.

He has a Bachelors degree in Computer Science from the University of California San Diego. Mark is former President of the UC San Diego Alumni Association, and is currently a Trustee of the university’s foundation.

TRACK: 
Mobile Devices/ Mobile Risk Management
SESSION #: IT Mobile
DATE: Thursday June 11, 2015
TIME: 3:00 –4:00 PM
SESSION TITLE: ” Modern Mobile Attacks: A Seismic Shift in Cyber Security”
SPEAKER(S): Adi Sharabani, Co-Founder and CEO
ORGANIZATION: Skycure
ABSTRACT: Hackers are finding new ways to steal data and infiltrate corporate networks daily, with mobile devices rapidly becoming the easiest way for hackers to attack.

He will drive an in-depth discussion on modern mobile attacks to execute data theft, remote (distributed) DoS and device shutdowns. The presentation will spotlight:
• Automatic Connections: Learn about the evolving problems of WiFiGate and Karma attacks. Getting devices to automatically connect to an attacker-controlled network could propagate an attack across a large scale of devices.
• Captive Portal Handling: Learn how networks can trick users or Android/iOS devices into facilitating basic attacks (monetization and malicious profiles, privacy violations) and advanced attacks (launching apps with no user intervention, stealing credentials, HRH exploitation, cache poisoning).
• Newly Identified Vulnerabilities: Learn about new vulnerabilities for Android and iOS devices including technical details, attack flows and impacts. Also hear advanced concepts such as how WiFiGate and Karma attacks could exploit newly identified vulnerabilities to carry out repeatable DoS to a device.

SPEAKER BIO(S):
Adi Sharabani, Skycure CEO and Co-Founder, currently leads the team that uncovered iOS malicious profiles, WiFiGate and HTTP Request Hijacking.

Adi will be joined by the CTO of Skycure, Yair Amit, to provide live, on stage, demonstrations of several of the addressed mobile, data and cloud security attacks as well as recommended mitigation strategies. The team will also share real-world stats about WiFi network-based attacks pulled from millions of WiFi network tests conducted by Skycure around the world. Stats are supplemented by crowdsourcing and location intelligence to provide attendees with crisp data visualization.

CyBit 2015
Title: Modern Mobile Attacks: A Seismic Shift in Cyber Security
Author/Speaker: Adi Sharabani, Co-Founder and CEO
Company: Skycure
Keywords: Mobile Security, Enterprise Mobility Management, Mobile Device Management

Abstract:
Hackers are finding new ways to steal data and infiltrate corporate networks daily, with mobile devices rapidly becoming the easiest way for hackers to attack.

Adi Sharabani, Skycure CEO and Co-Founder, currently leads the team that uncovered iOS malicious profiles, WiFiGate and HTTP Request Hijacking. He will drive an in-depth discussion on modern mobile attacks to execute data theft, remote (distributed) DoS and device shutdowns. The presentation will spotlight:
Automatic Connections: Learn about the evolving problems of WiFiGate and Karma attacks. Getting devices to automatically connect to an attacker-controlled network could propagate an attack across a large scale of devices.

Captive Portal Handling: Learn how networks can trick users or Android/iOS devices into facilitating basic attacks (monetization and malicious profiles, privacy violations) and advanced attacks (launching apps with no user intervention, stealing credentials, HRH exploitation, cache poisoning).

Newly Identified Vulnerabilities: Learn about new vulnerabilities for Android and iOS devices including technical details, attack flows and impacts. Also hear advanced concepts such as how WiFiGate and Karma attacks could exploit newly identified vulnerabilities to carry out repeatable DoS to a device.

Adi will be joined by the CTO of Skycure, Yair Amit, to provide live, on stage, demonstrations of several of the addressed mobile, data and cloud security attacks as well as recommended mitigation strategies. The team will also share real-world stats about WiFi network-based attacks pulled from millions of WiFi network tests conducted by Skycure around the world. Stats are supplemented by crowdsourcing and location intelligence to provide attendees with crisp data visualization.

Speaker Bio: Adi Sharabani is a world-renowned security expert and the CEO and Co-Founder of Skycure. Formerly, Sharabani led the security of IBM software products. He came to IBM through the acquisition of Watchfire, a pioneer in the field of enterprise application security. Sharabani’s works have been presented at many known conferences such as BlackHat, RSA, OWASP and Innovate. Sharabani holds multiple patents and earned a BSc in Mathematics and Physics from Tel Aviv University.

TRACK: Mobile Devices/ Mobile Risk Management
SESSION #: MD12
DATE: Friday June 12, 2015
TIME: 3:00 – 4:00PM
SESSION TITLE: “An Introduction to the Microsoft exFAT File System”
SPEAKER(S): Robert Shullich, Enterprise Security Architect, AmTrust Financial Services, Inc.

ORGANIZATION: AmTrust Financial Services, Inc
ABSTRACT: As investigators and information security professionals, we have to constantly be aware of changing file systems to track data changes and accurately apply attribution to system changes.

In 2006 Microsoft released a successor to the FAT32 file system named the Extended FAT file system – labeled exFAT for short. exFAT was initially released for the Windows CE handheld device and in 2008 a version of exFAT was released for Microsoft Desktop and Server operating systems.

Today exFAT is licensed and supported on many devices and systems, including Unix/Linux systems. The SD card association, with the release of the Secured Digital Extended Capacity (SDXC) memory card, has adopted exFAT as the standard file system for SDXC media which is used in cameras, cell phones and other consumer electronics.

exFAT is implemented in a different file system organization than the legacy predecessor FAT family file systems such as FAT12/16/32, and the forensics investigator will be required to know and understand this new format as forensics examinations are conducted using this new file system.
exFAT topics to be covered in the session:
• History
• Features
• File System Limits
• Advantages/Disadvantages
• Relevance to forensics computing and digital investigation
• Hiding places to look out for – where criminals can hide things

SPEAKER BIO(S): Robert Shullich is an Enterprise Security Architect at AmTrust Financial Services, Inc, and has also worked in other Financial Organizations in various senior roles in Information Risk Management and Information Security. He has served in roles that assess information risk by evaluating the inherent risk in IT projects, and proposes additional controls that either mitigate or reduce the risk in those projects. He holds Master Degrees in Computer Science, Business Administration, Telecommunication Networks, Digital Forensics and Cyber Security. He holds many professional certifications that include the CPP, CISSP, ISSAP, ISSMP, CISA, CISM, CCFP/US, GCFA, CHFI, CIPP/US and CRISC. He has been in the IT field for 40 years, with at least 20 of those years in information security.