8:45 - 9:30: Nathaniel Gleicher, Head of Cybersecurity Strategy, Illumio
Rooting Out Evil: Defend Your Data Center Like the Secret Service Protects the President
Intruders spent more than a year inside the DNC and six months inside OPM. The 2013 Yahoo hack wasn’t discovered until stolen data appeared for sale in 2016. Everything we know about security suggests that while intruders have the advantage at the perimeter (they only have to be right once to get in), that balance should flip once they get inside (where every move could expose them). But they seem to have an advantage even once they get inside. We’ve spent years trying to defend the interior, but until we solve this puzzle, all the defense in depth in the world won’t help.
Jumping the wrought iron fence surrounding the White House is easy, but hiding inside is almost impossible. The Secret Service solves an analogous challenge by focusing on understanding and controlling the environment that they defend. Today, this approach may seem too difficult given the dynamism and complexity of the network, but without knowledge and control, attackers will continue to have an advantage both at the perimeter and once they get inside. This talk will examine how the Secret Service defends the President, how their approach can improve cybersecurity, and what we need to do to get there.
As Head of Cybersecurity Strategy, Nathaniel is responsible for thought leadership, public engagement, and overseeing Illumio’s cybersecurity technology strategy. Nathaniel is a regular speaker at leading industry events, and his writing has appeared in industry publications, the popular press, and academic journals.
Prior to Illumio, Nathaniel investigated and prosecuted domestic and international cybercrime at the U.S. Department of Justice, advised the South Korean government on technology policy, and served as Director for Cybersecurity Policy on the National Security Council at the White House. Nathaniel received a B.S. in Computer Science from the University of Chicago and a J.D. from Yale Law School. He has served as a Peace Corps volunteer on the island of Saint Vincent and as a Luce Scholar based in Seoul, South Korea.
1:30 - 2:15: Susan E Sons, Senior Systems Analyst at Indiana University's Center for Applied Cybersecurity Research
NTP Under Attack
When you pay your ISP bill, you pay for the wires, the routing equipment, the power, and the personnel, but most of the software that makes internet infrastructure work is developed and maintained by a loosely knit cadre of volunteer software engineers. This volunteer infrastructure hacker corps is dwindling due to age, lack of training, and lack of succession planning...and near-zero investment. While economies and free speech and social movements thrived on the internet, the dirty bits underneath--digital plumbing and support structures--rotted for lack of attention.
Beginning with the story of the rescue of the Network Time Protocol's reference implementation--the software that tells nearly every computer in the world what time it is--Susan Sons will talk about the problems our infrastructure faces today, and where the roads ahead may lead us. The NTP story highlights the risks involved in failure, centralization, or compromise of critical software and how cooperative efforts between hackers spanning generations may yet save it...with your help.
Susan Sons serves as a Senior Systems Analyst at Indiana University's Center for Applied Cybersecurity Research, and President/Hacker-in-Chief of the nonprofit Internet Civil Engineering Institute. Her professional time is split among a number of projects securing scientific and infrastructure technologies, including her work as Information Security Officer of Open Science Grid, helping NSF-funded science and infrastructure projects improve their security as part of the Center for Trustworthy Scientific Cyberinfrastructure, and helping to secure a DHS-funded static analysis project called the SWAMP. When not at a computer, Susan raises a 14-year-old mini-hacker, practices martial arts, lifts weights, and volunteers as a search-and-rescue operator. Known vulnerabilities: may disappear into forests without provocation, can be bribed with chocolate.
2:20 - 3:00: Afternoon Keynote Panel - Differing Viewpoints on IOT
TRACK 1 - LAYERS 0-7: PROTECTING THE TECHNOLOGIES OF THE ENTERPRISE
9:50 – 10:45: Jennifer Mellone, Client Solutions Architect, Optiv
Demystifying the Endpoint Protection Solutions Landscape
Abstract of Talk
Are you confused about what you are hearing, seeing and reading about endpoint protection solutions? If so, you are not alone. The endpoint protection solution market space is ever changing, with new and traditional endpoint solutions providers constantly evolving their products while they muddy the waters with their marketing jargon. There are many fine products out there, and no two solutions are identical. There is no one silver bullet solution that provides foolproof protection and an “Easy Button”. Come demystify and navigate this complex landscape. Learn the endpoint buzzwords and trends. Break down the marketplace. Find out what really matters when choosing a solution that is right for you as opposed to your counterpart at the organization up the street. Do your homework, test and make informed unemotional decisions. Topics discussed include definitions such as threat types, next generation endpoint, endpoint detection and response, anti-virus replacement, and machine learning. Other topics include endpoint solution categories with example products and endpoint solution requirements. If you are looking to buy an endpoint solution for the first time, or want to replace or augment the one you have, or are simply curious as to what all the latest endpoint fuss is about, then this talk is for you!
Jennifer L. Mellone has 16 years of network engineering experience and over 12 years of information security experience. Her experience spans the commercial and aerospace/defense industries in staff and consultative roles. She currently works for Optiv as a Client Solutions Architect and is on the endpoint subject matter expert team. She is a retired Commanding Officer in the Navy Reserve, who led and managed a team of 42 people, and is a veteran of Operation Enduring Freedom in Afghanistan. Jennifer is a quiet professional, but she spoke at the 2011 Bay Threat conference in Mountain View (“What Lurks Outside Your Door?”) and published a paper for SANS in 2015
(“Investigative Forensic Workflow-Based Case Study for Vectra and Cyphort”). Jennifer has a B.S. in Electrical Engineering and a M.S. in Engineering Management, and several certifications in the fields of network engineering and information security.
11:00 – 11:55: Paul Mockapetris, Chief Scientist, ThreatSTOP
Addresses are so ARPAnet; Name-based technologies are the frontier of Security
Abstract of Talk
It's ironic that just as we have eliminated a scarcity of Internet addresses by going from IPv4 to IPv6, names are taking over as the primary identifiers of the Internet, whether they are traditional email addresses (which double as your account name and typically a security factor), domain names, URLs, or your Facebook account. A large part of the research community believes that Named Data Networking, Content Centric Networking, or one of the similar proposals will get rid of addresses altogether, with the Internet carrying chunks of named and digitally signed content, and not an address in sight.
While that may or may not be the endgame, today we struggle with CDNs built out of caches that store both legitimate content and malware; server addresses are useless for reputation, and the name of the content is a better reputation clue, and hence we have DNS firewalls. Bad guys use millions of disposable names for DDOS and attacks; while security analysts look at DNS historical databases and realtime feeds to try and keep up. Governments want to filter your name lookups to protect you from harm and make privacy advocates scream that we are going back to the SOPA and PIPA debates (and we are). Technologists argue about whether DNSSEC is the savior of security or the ultimate DDOS tool.
This talk looks at where we are today regarding name technology and policy for the next decade.
Paul invented the Domain Name System in the early 1980s while at Information Sciences Institute, a part of USC. He also served as an ARPA program manager, and participated in several startups. He is a fellow of the Internet Hall of Fame, the ACM, and the IEEE. Today he is a visiting scholar at the University of Pierre and Marie Curie and Chief Scientist at ThreatSTOP Inc, in Carlsbad CA.
3:20 – 4:15: Rob Fry, Security Architect, StackRox
The Coming Wave of Containerization
Abstract of Talk
There have been many technologies over the past two decades that have helped reshaped the landscape for how we operate and secure our businesses. Server and desktop virtualization, the use of mobile devices, the different forms of Cloud computing and machine learning are a few examples. Right now there is another technology challenging to reshape that landscape again. The tidal wave of application containerization is here and companies are adopting this new technology even faster than previous technologies.
Why is there value in the adoption of containers? What are the business considerations for this quick adoption? Where are the obvious and the hidden challenges of securing containers? Come to this presentation to hear more about application containers and why embracing this technology is valuable to your business.
Rob Fry is an accomplished architect, inventor and public speaker with 20 years’ experience primarily in large-scale Internet companies and the utility industry. In his current role, he specializes in threat detection, security automation, data analytics, machine learning and building cloud security solutions. Previously at Netflix, he invented FIDO, a patented open source security orchestration platform, and while at Yahoo created the DUBS configuration and automation framework for production servers. In his free time, he enjoys working on improving cyber security education with major academic universities, improving threat intel to be actionable and participating on advisory boards, CABs and engineering steering teams.
4:30 – 5:25: John Dickson, Principal, Denim Group
The DevOps Opportunity: How to Capitalize to Radically Improve Security
Abstract of Talk
Competitive forces are driving organizations to evolve and adapt at breathtaking speeds. The Agile and DevOps movements are pushing organizations to release software at dizzying rates. How are savvy security leaders adapting, gaining more influence, and transforming themselves from gatekeepers to risk consultants in their organizations? How are the most sophisticated amongst us injecting security into CI/CD pipelines to “bake in” security testing and get upstream of vulnerabilities? What the other macro trends that are fundamentally changing corporate American and security, and how can we user these trends to our advantage to expand security coverage and better protect our organizations. This keynote will outline how DevOps and other major trends are radically changing security as we know it. It will also provide proven strategies that many are using to take advantage of this historical opportunity.
Some of the the major points in this new keynote-level presentation will draw from initial ideas laid out in my 2016 RSA APAC presentation (https://www.rsaconference.com/events/ap16/agenda/sessions/2824/the-need-for-speed-application-security-in-a-devops) and my very recent Dark Reading column on massive organizational changes we're experiencing (http://www.darkreading.com/endpoint/the-business-of-security-how-your-organization-is-changing-beneath-you/a/d-id/1328526?)
John Dickson is an internationally recognized security leader, entrepreneur and Principal at Denim Group, Ltd. He has nearly 20 years’ hands-on experience in intrusion detection, network security and application security in the commercial, public and military sectors. As a Denim Group Principal, he helps executives and Chief Security Officers (CSO’s) of Fortune 500 companies and government organizations launch and expand their critical application security initiatives. His leadership has been instrumental in Denim Group being honored by Inc. Magazine as one of the fastest growing companies in the industry for five years in a row.
A former U.S. Air Force officer, Dickson served in the Air Force Information Warfare Center (AFIWC) and was a member of the Air Force Computer Emergency Response Team (AFCERT). Since his transition to the commercial arena, he has played significant client-facing roles with companies such as Trident Data Systems, KPMG and SecureLogix Corporation.
Dickson is a popular speaker on security at industry venues including the RSA Security Conference, the SANS Institute, the Open Web Application Security Project (OWASP) and at other international security conferences. He is a sought-after security expert and regularly contributes to Dark Reading and other security publications. He also regularly contributes to the Denim Group blog where he writes about key security industry issues such as software security and cyber security policy. A Distinguished Fellow of the International Systems Security Association, he has been a Certified Information Systems Security Professional (CISSP) since 1998.
TRACK 2 – LAYER 8: THE INDIVIDUAL IN THE ENTERPRISE
9:50 – 10:45: Darnell Washington, President/CEO, SecureXperts
Data Manipulation and Digital Piracy- What does this mean to you
Abstract of Talk
As a pillar of Information Security - Data integrity is essential to establish trustworthiness of data and information. What tools are available to prevent unauthorized data manipulation, exfiltration, and loss of intellectual property of organizations and individuals? This presentation addresses the technical hacker perspective and the C-Suite obligated to protect this information, and offers a fresh perspective on security awareness and diligence in protecting enterprise technologies and information from data diddling, unauthorized modification to source code and data outputs.
As President and Chief Executive Officer for SecureXperts, Darnell Washington is responsible for the strategic vision and direction of next generation technologies to protect high risk network and data infrastructures from information disclosure, data breach, and theft.
Darnell is regarded as an expert in cybersecurity with over thirty five years’ experience in data protection, physical security for the US Department of Homeland Security (DHS) , National Security Agency (NSA), National Oceanic and Atmospheric Administration (NOAA), and the Department of Defense (DoD). He is a contract instructor at the US Department of Homeland Security Federal Law Enforcement Training Center (FLETC), and is a Director of the Maritime and Port Security Information Sharing and Analysis Organization (MPS-(ISAO)
In 2011, he was granted the US patent (US7979692) for integrated video monitoring, audio messaging IP telephony, and video conferencing for his development and invention using advanced encryption technology protecting sensitive video from being observed and manipulated by unauthorized viewers, including foreign nationals and US cyber adversaries.
He currently serves as the cyber lead for cybersecurity for the Port of Long Beach Security Division and subject matter expert for piloting explosives and weapons detection programs for the US Department of Homeland Security Federal Protective Service (FPS).
11:00 – 11:55: Anirban Banerjee, CEO and Founder, Onion ID
Controlling Privilege Creep on SaaS and Cloud Infrastructure
Abstract of Talk
Privilege Creep is eating away at Enterprises. As employees move through the organization, privileges to applications and servers and mismanaged. This complex problem leads to increase in the attack surface, increases resolution time for IR, reduces attribution capabilities and increases compliance burdens manyfold. More than 70% of CISOs recognize that Privileged Accounts are not sufficiently secured and monitored. In this presentation we will present the Privilege Creep Lifecycle - How it manifests itself, How it spreads, Why is it difficult to manage and effective strategies to prevent your organization suffering from user and admin accounts that have access and rights that are unnecessarily broad.
Dr. Anirban Banerjee is a serial entrepreneur having founded two companies, StopTheHacker and Onion ID in the Internet security space. Anirban has a Ph.D. in Computer Science from the University of California at Riverside and specializes in computer security issues. With over 15 published scientific papers, 4 patents, 2 grants from the National Science Foundation, Dr. Banerjee is a sought-after speaker at industry conferences and is deeply connected in the technical world. Dr. Banerjee is a recognized authority in the fields of Machine Learning based Web Malware Identification and AAA.
3:20 – 4:15: Patrick Huber, San Francisco ISSA Chapter member
IT Change Management - Taming the Cowboys and Cowgirls in the Wild West of IT
Abstract of Talk
- What is Change Management?
- Implementing Change Management
- Keys to Successful Change Management
- Change Advisory Board
- Change Request System
- Change Deploy planning
- Tools for enforcing Change Management
- Questions and Answers
20+ plus years in IT as System Analyst, System Administrator, IT manager and Project Manager
IT Operations/Security Project Manager
CISSP since 2012
15 years building and supporting IT solutions for financial service providers
Focus on information security and change management
Recording Secretary for SF Bay ISSA chapter since 2014
4:30 – 5:25: Kimberly Quan, Principal, KayQueue LLC
Trust Violated: Exploring Nefarious Acts from a Trusted Insider
Abstract of Talk
An informative yet entertaining panel that I will handpick and moderate will explore very practical considerations, risks, and takeaways with regard to a hypothetical yet real-world insider threat scenario as it pertains to business infrastructure information and or processes
Kimberly Quan is principal of KayQueue LLC. Prior to this, she was a Director in the Disputes and Investigations – Global Legal Technology Solutions Group at Navigant Consulting, Inc. She has a breadth of knowledge and over 20 years’ experience, concentrating on information governance and assurance with considerable experience in the areas of complex business litigation, transactional analysis, and client services leadership concerning electronically stored information (ESI) in the incident response and risk mitigation realms. Kimberly specializes in project management and fulfilment, litigation discovery, and litigation lifecycle workflow design as it often pertains to the Electronic Discovery Reference Model (EDRM). She has extensive experience in policy creation as well as directing the identification, collection, analysis, processing, hosted review, and production of ESI. Kimberly has led regional and global projects with activity in the Americas, Asia Pacific and EMEA. She also brings extensive experience in software and technology implementation, trial preparation, organizational and process creation, and training curriculum and knowledge management creation and implementation.
TRACK 3 – LAYER 9: DEVELOPING SECURE PROCESSES FOR THE ENTERPRISE
9:50 – 10:45: Ted Heiman, Key Account Mgr., Venafi
Creating a Certificate Issuance Process That Can Be Enforced Enterprise Wide Based on your Global Security Policies
Abstract of Talk
Almost all enterprise organizations have a process for issuing digital certificates in their environment for a multitude of purposes including User and Machine Authentication, Code Signing, SSL, IOT and other critical applications. Most organizations understand that managing these certificates and the data associated with them is critical yet few do a very good job. The challenge is that there are few quality tools out there for keeping track of large numbers of certificates. Initially most organizations begin by implementing a spread sheet, sometimes coupled with a calendar, in an effort to keep track of expiring certificates so critical applications do not crash or cause some type of outage. But when you reach critical mass, 10,000 certs and up, these systems and processes tend to fail due to their inability to scale. The other challenge most enterprises face is the existence of a multitude of Certificate Authorities, Internal and external facing, and certificates proliferating in their environment so quickly that they have lost total control over this process. This includes certs that never expire, self-signed certs, wild card certs, weak key length certs, Go Daddy certs and other unknown certs that can create chaos due to the sheer magnitude of the problem. Best Practices dictate that organizations should strive to enforce a process for issuing certs across the enterprise that conforms to their Global Security Policies. This results in certificates that are properly issued and managed that the organization can feel confident putting its brand behind.
Ted Heiman has over 25 years of experience in the information security field. His career includes significant experience in secure networking and access control, as well as data protection and applied cryptography. Best known for his role in the deployment of the Common Access Card (CAC) for the Department of Defense, Ted received a letter of recommendation for his role in the Gracie award-winning project. Ted also played a critical role in the deployment of the first online banking solution ever deployed in the US with Sumitomo Bank of California as well as successful deployment of the first ever supermarket banking project with Wells Fargo Bank and Safeway Supermarkets
11:00 – 11:55: Shimon Modi, Dir. of Products and Technology, TruSTAR
Addressing Operational Blindspots with Intelligence Exchange
Abstract of Talk
The last 5 years have seen a marked shift in how companies view cyber intelligence as a building block of their security strategy, but there still is a lot of confusion about how to build a program that provides utility. In today’s ever evolving threat landscape having access to timely information is critical. As evidenced over the last few years, attackers are getting more organized and sharing attack methodologies among themselves. Adding intelligence exchange and sharing to enterprise security programs can be an effective strategy in increasing the barrier for adversaries as well. This strategy can reduce the lifespan of attack TTP’s and also change the economics for attackers. By looking beyond your own four walls organizations can take faster mitigation action and also reduce their attack surface.
This presentation will review the concerns that have held companies back from participating in incident exchange on a larger scale, including challenges around reputational risk, concerns over liability and government regulation, and lack of trust with whom the information is being shared. A significant portion of the presentation will be devoted to operator centric analysis capabilities required for building an effective incident exchange program.
This presentation will cover:
-A discussion of the cyber threat intelligence and incident sharing concepts, frameworks, standards, and how they should be viewed within enterprise security infrastructure.
-Clearer understanding of state-of-the-art cyber incident data modeling and exchange protocols, and learn how to practically leverage these developments.
-Discussion of real world use cases where intelligence exchange and sharing has lead to insights about evolving cross sector campaigns and attack toolkits.
Key Takeaways for Audience:
-How new legal and technology developments that enable real-time incident exchange and collaboration on a much larger scale.
-Practical skills to apply cyber intelligence and incident exchange concepts to their security architecture and security operational procedures.
-Process and technology to effectively leverage intelligence exchange and sharing as part of incident analysis and intelligence enrichment.
Shimon has worked in technical leadership roles on a wide range of cyber security initiatives in industry, government and academia. He is currently the Director of Product & Technology at TruSTAR Technology and previously he lead cybersecurity initiatives focused on threat intelligence and Internet of Things at Accenture Technology Labs. He presented at 2014 ISSA International Conference and has also been invited to speak at IEEE conferences and hacker conferences, including Black Hat & ShmooCon. He holds a B.S. in Computer Science, M.S. in Information Security and Ph.D. from Purdue University.
3:20 – 4:15: Ron LaPedis, Global Enablement Specialist, MicroFocus
Linking Cyber response to BCP
Abstract of Talk
For over 25 years, Business Continuity Professionals have been planning incident response, running checklist, tabletop, and live fire exercises to ensure that they have "muscle memory" when things go wrong. Why aren't cyber professionals doing the same thing? This session will show you how to link cyber to business continuity and will feature an interactive "what if" scenario to get your creative juices running.
Ron LaPedis a global enablement specialist with Micro Focus, focusing on identity, access, and security. He is a prolific author, blogger, and speaker with more than 21 years of information security, business continuity, and emergency response experience. After 25 years with Hewlett Packard in various domestic and overseas positions, he worked for Citrix, NetApp, and most recently Sungard Availability Services. Ron is also a Distingished Fellow of the Ponemon Institute and a member of the Responsible Information Management (RIM) council.
4:30 – 5:25: John Barchie, Practice Manager, OpenSky
The practical uses of the COBIT5 framework
Abstract of Talk
When developing critical artifacts for running a successful information security program, whether it be actionable policies, InfoSec Charters, determining appropriate reporting lines, establishing key performance indicators, or just reviewing your cyber security process, it helps to have a guide. COBIT5 is that guide and more, COBIT5 helps to drive the value of InfoSec (and IT!) to the business and if followed appropriately establishes those processes that help to determine the sufficiency and effectiveness of various programs. As a Cyber Security professional, and especially one in management, it is essential to understand the concepts surrounding COBIT5 to mature the information security program.
John Kenneth Barchie, CISM, CISSP, CRISC, CNE, MCSE is an Information Technology and Information Security Expert and Practice Manager with OpenSky Corporation. With over 20 years in the high-tech and financial industries, John has been engaged to manage, audit, review and improve over 200 information technology departments and to charter corporate and agency security functions. John has deep proficiency with COBIT5 and uses this Governance Framework as guidance for chartering business units, evaluating business processes and establishing roadmaps for overall business (especially IT) improvement. John has spoken at venues like SecureWorld, ISACA conferences, and provides specialty classes as needed for his clients.
TRACK 4 - THE EXPANDING ENTERPRISE FROM IoT TO INDUSTRIAL CONTROL
9:50 – 10:45: Gregory Enriquez, CEO, TrapX Security
Protecting IOT Devices on Internal Networks Using Deception Technology
Abstract of Talk
This session will overview our continued research into the Internet of Things (IoT) and their impact to enterprise network security. The Internet of Things is the network of physical devices that contain embedded technology which enable varying degrees of communication, command and control. These devices may allow the ability to sense and/or interact with their internal operations or even the external environment. Any single IoT device, without adequate security, can present a serious threat to the networks to which they are connected. We share our forward view of the impending escalation in IoT cyber-attacks and the risks these pose to corporate, government and personal security. We share our view of how new best practices, and the new technologies that support them, such as deception, can mitigate or reduce the risk in placing IOT technologies on your networks. Finally, we also highlight IoT trends and present our view of new attack vectors for continued research.
Enriquez is a talented senior executive with deep domain experience in cyber security. Prior to TrapX Enriquez served as vice president sales at FireEye (NASDAQ: FEYE), where he led the worldwide sales team for the company’s advanced technologies division. Enriquez began his career in 1981 with IBM (NYSE: IBM) and ascended to the rank of Vice President Worldwide Industry Sales, Software Group, with responsibility for products to meet the market-specific needs of 15 vertical industry sales organizations. Among his other executive assignments, Enriquez served as Vice President of Tivoli’s Americas sales organization following the company’s acquisition by IBM.
From 2004 to 2008, he served as Senior Vice President, Worldwide Sales and Field Operations for Stratus Technologies, a fault tolerant server company. He joined Symantec in 2009, and then led worldwide sales, business development, marketing and services teams for its Norton Data Services unit. Most recently Enriquez served as vice president of worldwide sales for rapidly growing Mandiant, which was acquired for a one billion dollar valuation by FireEye. Enriquez earned a Bachelor’s Degree in business administration from the University of Southern California (USC).
11:00 – 11:55: Lawrence Dietz, General Counsel & Managing Dir., Information Security, Tal Global
Law of the Internet of Things
Abstract of Talk
While the Law of IoT is very much unsettled, enterprises have learned that an ounce of legal prevention is worth a ton of punitive damages. Organizations are potentially liable for damages caused by negligence and/or product defects. There may also be liability due to breach of contract warranties and other forms of negligence.
This session will will review key lessons learned about SCADA and IoT breaches and attacks such as Stuxnet and Mirai from a legal and security perspective. We will look at the consequences of SCADA breaches and potential legal fallout and analyze two case studies and discuss best legal and security practices. A hypothetical automobile manufacturer will be used as a basis for two different case featuring two different potential attackers: a hostile nation state and aggrieved employees. Time will be left for q and a as well as open discussion.
Lawrence Dietz, is an internationally renown speaker. He has been a regular speaker at RSA. In addition he has spoken at NATO’s Information Security Day, conducted a seminar on Cyberwar in Paraguay and other venues. Hehas extensive military and commercial intelligence and security experience. At TAL Global he has managed a variety of technically complex investigations involving intellectual property, sensitive data compromise, potential international illegal shipments, and celebrity reputation issues. As the company’s chief legal officer he is responsible for a variety of legal transactions. Prior to joining TAL Global Dietz served in senior roles at Symantec Corporation to include Director of Market Intelligence and Global Public Sector Evangelist. He retired as a Colonel in the U.S. Army Reserve. His degrees include BS in BA, MBA, JD, LLM in European Law. Dietz is also a volunteer, pro-bono, Judge in Small Claims Court in Santa Clara County Superior Court. He is the author of the authoritative Blog on Psychological Operations (PSYOP), http://psyopregiment.blogspot.com.
3:20 – 4:15 – SECURITY AUTOMATION PANEL
Sourabh Satish, CTO, Phantom
Sourabh Satish has a long-standing and accomplished career in Cyber Security. In his 20+ years of working in the security industry, Sourabh has designed and implemented many security products and technologies. He has more than 175 issued patents and 50+ pending. He has spoken at many conferences and events on wide variety of topics ranging from deep security technologies to big data analytics and machine learning. He is now the CTO and Co-Founder of Phantom Cyber, a security startup in Silicon Valley which is at the forefront of Security Automation and Orchestration with its security automation platform. Sourabh is also an advisor to many security startups and regularly participates in many standards working groups to push for standards in related areas of Cyber Security.
Rishi Bhargava, Co-Founder, Demisto
Rishi Bhargava is Co-founder of Demisto, a comprehensive platform that goes beyond security orchestration. Prior to founding Demisto, Rishi was VP and General Manager of the Software Defined Datacenter Group at McAfee / Intel. A visionary and technology enthusiast, he was responsible for delivering Intel integrated security solutions for datacenters. Before Intel, Rishi launched multiple products to establish McAfee’s leadership in risk & compliance, virtualization, and cloud security.
Rishi has dozens of patents in computer security and is passionate about innovative technologies as he serves as an active advisor to multiple startups in Silicon Valley and India.
Piero DePaoli, Sr. Dir., Security Business Unit, ServiceNow
Piero DePaoli leads product marketing for ServiceNow’s Security Business Unit which includes its Security Operations and Governance, Risk, and Compliance solutions. Piero has more than 20 years of experience building and marketing mobility, security and cloud solutions for enterprises. Prior to joining ServiceNow, Piero led product marketing for Symantec’s enterprise security products and previously held product management and product marketing with iPass, CompuServe Network Services, UUNET and MCI WorldCom. Piero holds an MBA with an emphasis in Information Systems and Marketing and a BA in Political Science and Economics from the University of California, Davis.
Robi Papp, Founder, and Ian Forrest, Principal Engineer, Avantgarde Partners
After successful periods in sales and product management with security technology vendors, systems integrators and consulting companies, Robi co-founded Avantgarde Partners to fill a gap in the cybersecurity market to extract the full value of security technology investments. Avantgarde Partners provides purpose built managed security services to offload significant variable costs by taking the most complex security technologies and transforming them into operationalized, measured programs for information security and the business. Robi is also the Chair of the State of California’s Cybersecurity Apprenticeship Initiative to train cohorts and place apprentices into cybersecurity departments of organizations and enterprises.
Group Presentation / Panel Discussion
4:30 – 5:25: Robert Gebhard, Attorney and Partner, Sedgwick LLP
Navigating the Legal Landscape in Data Security: Current Status and Emerging Trends in U.S. Law
Abstract of Talk
The talk would begin with a brief overview of the current patchwork of the U.S. regulatory regime, including a discussion of minimum data security standards imposed by law and state breach notification laws. The talk would then highlight some of the major lessons learned from Government enforcement activity to date, and conclude with a brief summary of current trends in data breach litigation, predominantly class actions. As part of the litigation discussion, I also would provide a real life example of the various litigation permutations -- government, private and bankruptcy -- that can ensue from a single data breach.
I have practiced law for over 30 years, including 6 years in the bankruptcy civil enforcement component of the U.S. Dept. of Justice for Silicon Valley. I am a Certified Information Privacy Professional (CIPP/US). I am also a frequent speaker and author. I have served as an instructor at the U.S. Department of Justice, National Advocacy Center. I also have been a guest lecturer at the Stanford University, Graduate School of Business. I am a regular contributor to Sedgwick's Cybersecurity blog.