|Tuesday, August 22, 2023|
|No more unwitting accomplices: Arming employees with relevant threat intel|
Cybercriminals with strong social engineering and phishing skills can often trick employees at targeted organizations into unknowingly abetting their malicious campaigns. That's why collecting and analyzing threat intelligence isn't enough. Companies must actually share relevant threat reports with their employee base and their partners, so that workers stay informed and vigilant. But when does it become information overload and at what point do you reach the end of workers' attention spans? This session will look at best practices and policies that help keep employees up to date on the latest CTI findings, and encourage them to act responsibly when they are ultimately targeted.
|Rich Nagle - Ohio State University|
|Enforcing least privilege|
Join Delinea’s Chief Security Scientist and Ethical Hacker Joseph Carson as he explains how a ransomware attack progresses from initial credential compromise to escalated privileges, exfiltrated data, and ultimately the ransomware deployment and ransom demand.
|Joseph Carson - Delinea|
|Research Session | Eyes on the enemy: The latest threat intelligence research|
Incident responders hunger for threat intelligence tools that can anticipate and disrupt the adversary's attack. But the latest data shows that --- in addition to the usual skills and budget shortages -- orgs are struggling to integrate their various security products and data feeds, which ultimately degrades the quality of data required to make threat intelligence effective. In this panel, we'll look at top findings from a recent survey of cybersecurity leaders about how companies are navigating these challenges and what they consider necessary to evening the odds.
|Dana Jackson - CyberRisk Alliance|
Daniel Thomas - CyberRisk Alliance
|Starting your journey- A roadmap for ICS/OT cybersecurity|
If managing cybersecurity risks is truly everyone’s job, why is it too often not a top priority? It’s very challenging to unite an enterprise around cybersecurity efforts despite it being a universal business risk. Doing so requires not only keeping pace in an evolving landscape, but accounting for your unique business environment, and establishing a common language to communicate risks across the organization.
|Jason Christopher - Dragos|
|Springing into ACTION: AI meets threat intelligence|
With the backing of the National Science Foundation, some of the U.S.'s most accomplished computer scientists and engineers have assembled in an effort to improve cyber threat intelligence capabilities by combining the power of artificial intelligence with human expertise. This session will profile the formation and early efforts of the National Science Foundation-sponsored Institute for Agent-based Cyber Threat Intelligence and OperatioN (ACTION). The five-year project was founded to help security professionals leverage the continuous learning and reasoning that AI can bring to the table as organizations seek to hone and strengthen their CTI efforts.
|Giovanni Vigna - Agent-based Cyber Threat Intelligence and OperatioN (ACTION)|
|Wednesday, August 23, 2023|
|The most important skillsets for today’s modern threat intel analyst|
If you were to publish a job posting for a threat intelligence analyst, what skills, knowledge and know-how should appear in the description? What abilities, training and experience make a modern analyst especially valuable to the hiring organization? This session will look at some of the most key attributes for threat intel analysts to possess if they want to further their careers.
|Meg Anderson - Principal Financial Group|
|Upping the ante: Threat actors are eying your software supply chain|
As defenders have improved and the threat landscape has evolved, threat actors have turned their attention towards software supply chains. This emerging threat category includes attacks against open source and third-party libraries, infrastructure compromise, and the leak of sensitive secrets like signing certificates. SSC incidents are commonly misunderstood and undetectable until after a breach has already occurred. This talk details recent major software supply chain threats identified by ReversingLabs Threat Research teams, breaking them into vectors, common SSC TTPs, and mitigation strategies for this threat category.
|Ashlee Benge - ReversingLabs|
|Moving your CTI further up the supply chain|
Due to a proliferation of supply chain attacks in recent years, cyber threat intelligence professionals now more than ever have to account for third-party partner risk when gathering and analyzing CTI. This requires security professionals to expand knowledge of and improve their visibility into organizations' extended ecosystems, in order to successfully analyze the most relevant supply chain CTI. This panel session will look at CTI best practices that account for these new challenges.
|Alex Holden - Hold Security LLC|
Ariel Ropek - Avertium
Chris Foster - Accenture Security
|The evolution of cloud threats and defenses|
In this webinar, Lacework Labs researchers review key insights you’ll need to defend against these evolving cloud threats.
|James Condon - Lacework|
|Streamlining intel reports with MITRE Engenuity's CTI Blueprints tool|
Cyber threat intel collectors and analysts are always look for new tools to help them gain sharper insights into the risks faced by their respective organizations. One of the latest innovations at their disposal is MITRE Engenuity's new CTI Blueprints tool, which is designed to create CTI reports that better serve analysts' needs, helping them enable operational defensive cyber analysis, analytics testing, and adversary emulation. This session will look at why traditional threat intel reports don't always successfully cater to the specific needs of threat analysts, and then reveal how the Blueprints tool aims to solve that problem. We'll also review the impact of MITRE's other recent innovations for the threat intel community, including its ATT&CK Flow threat-informed defense project, which came out in late 2022.
|Jonathan Baker - MITRE Engenuity|