Speaker:
Matthew Maglieri, CISO, Ruby, parent company of Ashley Madison

What does a targeted attack really look like? How can you effectively defend your organization? What does it take to recover from a headline-grabbing breach and rebuild trust with your customers?

Join Matthew Maglieri, CISO of Ashley Madison's parent company Ruby Life Inc. and ex-Mandiant consultant, as he presents this unique look at what is really required to defend against an advanced targeted attack and prevent the scenario that keeps us all up at night. He will discuss:

• Anatomy of a targeted attack;
• How to recover from a high-profile breach;
• "Offensive-driven" risk management and how to best ensure breach resilience.

Speaker:
Gary Sockrider, Principal Security Technologist, NETSCOUT Arbor

What is the state of DDoS, as observed by network and security professionals directly responsible for operating and securing global networks?

This session covers a range of issues, from threat detection and incident response to managed services, staffing and budgets. Hear about the daily operational challenges, as well as strategies adopted to address and mitigate them, including the latest attack techniques and current best practices for defense. Attendees will:

• Gain insight on how IoT botnets are built and weaponized;
• Understand the newest threats to enterprise networks;
• Learn how to defend your network from these attacks.

Speaker:
Ronald Raether, Partner, Troutman Sanders

During this workshop, Troutman Sanders partner Ron Raether will discuss the benefits of table top exercises. He then will explain how to conduct an effective exercise walking through mock incidents and explaining the process. Participants will:

• Walk through several common incident scenarios and observe lessons to be learned when discussed by an incident response team;
• Learn key features in an incident response plan and how the table top exercise works to improves each component;
• Hear of common mistakes made by companies when executing an incident response plan.

Speaker:
Mark Loveless, Senior Security Researcher, Duo

Many models of security still have their roots in older infrastructure. But with the death of the network perimeter and the rapidly approaching end to passwords, there has to be a new view of the security landscape to prepare for this future - especially with new devices coming in ever-changing forms.

This presentation will cover IoT, as well as the end of solutions like VPNs, firewalls, and passwords - and we'll pick things apart. While they may seem like completely different topics, all of these things end up having security implications in unexpected ways.

Attend this session to:

• Gain an understanding of real-world risk of certain technologies;
• Learn what to look for in new technologies and security;
• Prepare for a world without perimeters, VPNs, and passwords.

Speakers:
Jon Phillips, VP Loss Prevention, Neiman Marcus Group
Shamoun Siddiqui, CISO, Neiman Marcus

With the adoption of the EMV standard for payment cards, the associated card fraud has increasingly gone down. This has resulted in cyber criminals shifting focus to other forms of fraud such as gift card fraud and fraud related to online retail purchases which are processed as Card Not Present (CNP) transactions. This has opened up new avenues for cyber defense and mitigation techniques. This presentation takes a look at:

• The evolving state of fraud in the retail industry
• New cyber defense techniques being utilized, including bot protection, device fingerprinting and advanced machine learning to detect fraudulent transactions.

Speaker:
Jason Clark, Insider Threat Researcher, Carnegie Mellon University CERT Insider Threat Center

When it comes to fraud prevention, many organizations overlook the insider threat - both the malicious actor who intends to commit fraud, as well as the accidental insider who makes a mistake or is taken advantage of by an external entity? The CERT Insider Threat Center at Carnegie Mellon University is one of the world's leading authorities on detecting insider fraud, and in this session the center's researcher will offer:

• The latest research on insider fraud;
• The growing role of the accidental insider in fraud schemes;
• How to stand up an insider fraud detection program within your organization.

Speaker:
Dan Matthews, Director of Sales Engineering, Lastline

During this session, we walk through applied use of indicators of compromise for several recent malware campaigns. The presentation starts with weak/tactical indicators, which are low cost for attackers to change and build, to strong/strategic indicators, which significantly increase costs to attackers.

This session explores:

• Recent malware campaign activities and their observable indicators;
• Examples of tools and techniques to produce and hunt for indicators within your environment;
• Techniques for making malware less successful when it bypasses your existing defenses.

Speaker:
Jim Apger, Sr Security Architect, Splunk

Security hygiene can be poor, and criminals know it. Fraudulent activity costs are in the billions worldwide across industries, and over 16 million consumers in the US were victims of identity theft or fraud in the past year. Learning to onboard new data at the speed of the business will ensure your fraud team can detect and investigate data to quickly find anomalies and reduce loss of money, reputation and organizational efficiencies.

In this session you will learn:

• How to recognize examples of fraudulent activities in your environment;
• How to more quickly find anomalies of transactions or behaviors of accounts that are fraudulent, acting fraudulently or being taken over;
• Recommendations and best practices on how to get started detecting fraudulent patterns and activities by using machine data and an analytics-driven security platform.

Speakers:
Matthew Maglieri, CISO, Ruby, parent company of Ashley Madison
Richard Murray, Supervisory Special Agent, FBI Dallas Cyber Task Force
Ronald Raether, Partner, Troutman Sanders

"Know your customer" is a familiar refrain in business circles. But as threat actors grow in number, sophistication and cross-channel schemes, it is increasingly important for organizations to also have a clear picture of their potential attackers - whether they are nation states, cybercrime gangs or lone actors. Join this panel of law enforcement officials and internal investigators for their insights on:

• Today's most prevalent cybercrime schemes - and why they are successful;
• Traits of the threat actors most commonly perpetrating these schemes;
• Lessons learned from actual crime investigations - and how you can put these to work to improve your own defenses.