Tuesday, August 22, 2023
No more unwitting accomplices: Arming employees with relevant threat intel

Cybercriminals with strong social engineering and phishing skills can often trick employees at targeted organizations into unknowingly abetting their malicious campaigns. That's why collecting and analyzing threat intelligence isn't enough. Companies must actually share relevant threat reports with their employee base and their partners, so that workers stay informed and vigilant. But when does it become information overload and at what point do you reach the end of workers' attention spans? This session will look at best practices and policies that help keep employees up to date on the latest CTI findings, and encourage them to act responsibly when they are ultimately targeted.

Rich Nagle
Enforcing least privilege

Join Delinea’s Chief Security Scientist and Ethical Hacker Joseph Carson as he explains how a ransomware attack progresses from initial credential compromise to escalated privileges, exfiltrated data, and ultimately the ransomware deployment and ransom demand.

Joseph Carson
Research Session | Eyes on the enemy: The latest threat intelligence research

Incident responders hunger for threat intelligence tools that can anticipate and disrupt the adversary's attack. But the latest data shows that --- in addition to the usual skills and budget shortages -- orgs are struggling to integrate their various security products and data feeds, which ultimately degrades the quality of data required to make threat intelligence effective. In this panel, we'll look at top findings from a recent survey of cybersecurity leaders about how companies are navigating these challenges and what they consider necessary to evening the odds.

Dana Jackson Daniel Thomas
Starting your journey- A roadmap for ICS/OT cybersecurity

If managing cybersecurity risks is truly everyone’s job, why is it too often not a top priority? It’s very challenging to unite an enterprise around cybersecurity efforts despite it being a universal business risk. Doing so requires not only keeping pace in an evolving landscape, but accounting for your unique business environment, and establishing a common language to communicate risks across the organization. 
As the cyber threat landscape continues to rapidly grow, having the right tools to manage it is a must. If you feel like you need a roadmap to get started, you’re not alone! Join us to discuss how to build and align the people, processes, and technologies in your ICS/OT environment to ensure the safety and reliability that critical infrastructure demands.

Jason Christopher
Springing into ACTION: AI meets threat intelligence

With the backing of the National Science Foundation, some of the U.S.'s most accomplished computer scientists and engineers have assembled in an effort to improve cyber threat intelligence capabilities by combining the power of artificial intelligence with human expertise. This session will profile the formation and early efforts of the National Science Foundation-sponsored Institute for Agent-based Cyber Threat Intelligence and OperatioN (ACTION). The five-year project was founded to help security professionals leverage the continuous learning and reasoning that AI can bring to the table as organizations seek to hone and strengthen their CTI efforts.

Giovanni Vigna
Wednesday, August 23, 2023
The most important skillsets for today’s modern threat intel analyst

If you were to publish a job posting for a threat intelligence analyst, what skills, knowledge and know-how should appear in the description? What abilities, training and experience make a modern analyst especially valuable to the hiring organization? This session will look at some of the most key attributes for threat intel analysts to possess if they want to further their careers.

Meg Anderson
Upping the ante: Threat actors are eying your software supply chain

As defenders have improved and the threat landscape has evolved, threat actors have turned their attention towards software supply chains. This emerging threat category includes attacks against open source and third-party libraries, infrastructure compromise, and the leak of sensitive secrets like signing certificates. SSC incidents are commonly misunderstood and undetectable until after a breach has already occurred. This talk details recent major software supply chain threats identified by ReversingLabs Threat Research teams, breaking them into vectors, common SSC TTPs, and mitigation strategies for this threat category.

Ashlee Benge
Moving your CTI further up the supply chain

Due to a proliferation of supply chain attacks in recent years, cyber threat intelligence professionals now more than ever have to account for third-party partner risk when gathering and analyzing CTI. This requires security professionals to expand knowledge of and improve their visibility into organizations' extended ecosystems, in order to successfully analyze the most relevant supply chain CTI. This panel session will look at CTI best practices that account for these new challenges.

Alex Holden Ariel Ropek Chris Foster
The evolution of cloud threats and defenses

In this webinar, Lacework Labs researchers review key insights you’ll need to defend against these evolving cloud threats.

You’ll learn:
•    The speed at which attackers compromise cloud accounts and weaponize new remote code execution vulnerabilities
•    The increasing scale of attacks post-compromise
•    Novel Linux malware techniques and increased compromised activities targeting cloud infrastructure
•    How tools like Cloud-Hunter can enable security teams to easily perform threat hunting across all your data

James Condon
Streamlining intel reports with MITRE Engenuity's CTI Blueprints tool

Cyber threat intel collectors and analysts are always look for new tools to help them gain sharper insights into the risks faced by their respective organizations. One of the latest innovations at their disposal is MITRE Engenuity's new CTI Blueprints tool, which is designed to create CTI reports that better serve analysts' needs, helping them enable operational defensive cyber analysis, analytics testing, and adversary emulation. This session will look at why traditional threat intel reports don't always successfully cater to the specific needs of threat analysts, and then reveal how the Blueprints tool aims to solve that problem. We'll also review the impact of MITRE's other recent innovations for the threat intel community, including its ATT&CK Flow threat-informed defense project, which came out in late 2022.

Jonathan Baker