Menu

Learning Labs

Learning Labs are facilitated experiences, designed to immerse attendees in interactive exercises and discussions. Attendance is limited to assure that every person in the room has the opportunity to engage with the facilitator and get the most out of the experience. Unlike a traditional track session with the “sage on the stage,” the Lab facilitator is a “guide on the side,” leading participants through the content and exercises, while challenging them to apply what they are learning and engage with one another.

NOTE: Learning Labs are free for attendees with a Full Conference pass. Expo and Discover passholders cannot register for these Labs. Because these sessions have become so popular, attendees may not reserve a seat for more than one Lab, but are welcome to join the standby queue to participate in other Labs if space is available.


Dear 2020 CISO: Are You Ready? Let's Build a Two-Year Plan

Abstract:
Information security and the CISOs are in the hot seat today. Companies don't want to become the next cybersecurity headline news item. As a CISO, are you doing the right activities? Focused on the right projects and information? Engaging the right people? Is there something missing? This interactive lab will raise questions that CISOs can challenge their programs, learn from peers, with and build a 2-year plan to 2020 excellence.

Facilitator:
Todd Fitzgerald, SVP, CAO Information Security, Northern Trust


Changing Security Culture

Abstract:
Explore how to change the security culture of an organization from the inside out. Through exercises led by a security culture champion, attendees find a company in trouble. Each table becomes a group of consultants and works through different tasks as they build solutions to change the security culture of the organization. At the conclusion, teams will share their best results with the room.

Facilitator:
Christopher Romeo, CEO, Security Journey


Do Not Prepare for a Data Breach - On Second Thought, Prepare!

Abstract:
Preparation is a key part of effective data breach response. From learning roles and responsibilities to developing strong cross-functional capabilities, tabletop presentations and exercises can provide important lessons to all involved. Through discussions and role-play led by distinguished CISOs/Lawyers we will address the importance of and strategies for effective preparation and will also cover specific breach response issues related to law enforcement, regulatory response and communicating with boards of directors.Learning Objective 1: Learn about the importance and benefits of breach preparation.Learning Objective 2: Learn about strategies for preparation, including table top exercises.Learning Objective 3: Learn about specific areas of concern, such as dealing with law enforcement.

Facilitators:
Kimberly Peretti, Partner; Co-lead Cybersecurity Preparedness & Response Practice, Alston & Bird, LLP
Christopher Pierson, Chief Security Officer, Viewpost


Managing and Measuring Your Security Program Using the Cyber-Defense Matrix

Abstract:
The Cyber-Defense Matrix (CDM) was unveiled at RSA in 2016 to help practitioners organize security technologies. This session will show several new use cases of the CDM, including how to measure the efficacy and coverage of controls, align them against emerging threats and requirements, and manage your security program through design patterns that emerge from the use of the CDM.

Facilitator:
Sounil Yu, SVP, Bank of America


Web Application Testing - Approach and Cheating to Win

Abstract:
As security professionals, we are often called upon to assess the security of web delivered applications and/or services which are the key technologies behind modern service delivery. And their security, or lack thereof, can make or break a company. Not all of us have either experience or a methodology for responding to this type of assessment request. We can shortcut the process, cheating to win.

Facilitators:
Jim McMurry, CEO, Milton Security Group
Lee Neely, Senior Cyber Analyst, Lawrence Livermore National Lab


Practical Malware Analysis CTF

Abstract:
Learn how to analyze Windows malware samples, with a hands-on series of projects in a fun, CTF-style environment. Topics include static analysis with strings, PEiD, PEview, and IDA Dynamic analysis with Process Monitor, Process Explorer and Ollydbg. Participants need to bring a computer with VMware installed. Flash drives will be handed out with the virtual machine to be used.

Facilitators:
Sam Bowne, CCSF
Dylan Smith, Student, CCSF


Blockchain Applications and Their Weaknesses: A Practical Investigation

Abstract:
Sure, it’s possible to hack blockchain elements (e.g., ECC), at least in theory. Some still worry about the security of blockchain technology, or that it is a solution looking for a problem. Nevertheless, it's a vital technology. It’s all about the application! Join this Lab to focus on specific issues with current—and future—blockchain applications, based on industry research.

Facilitator:
James Stanger, Chief Technology Evangelist, CompTIA


Threat Models: Into the Deep!

Abstract:
Most organizations require threat models, so what holds us back? Master security architect, author and teacher Brook Schoenfield facilitates participants in a threat-model experience based upon years of teaching. Expect a kick start. Practitioners will increase understanding. Experts gain insights for their programs.

Facilitator:
Brook Schoenfield, Principal Engineer Advanced Threat Research, McAfee LLC


DevSecOps - Cyberattack Kill Chain with Active Mitigations

Abstract:
This four-hour lab will demonstrate an end-to-end attack against a DevOps environment that results in total account takeover and locks the account owner out. The objective is to dissect the attack through the kill-chain and to provide countermeasures to defeat each component of the attack. Learn useful techniques to rapidly improve your security. Students do not require their own laptops for this tutorial.

Facilitator:
Murray Goldschmidt, Chief Operating Officer, Sense of Security


Cyber Crises: Executive Cyber Incident Response Simulation

Abstract:
Missing facts, lack of established processes, and unclear regulations can slow a company's response to a fast-moving cyber crisis. In this lab, we will simulate a cyber incident, highlighting the different questions company leaders must answer as they respond to the attackers, their customers, their shareholders, and the public. You will be assigned a leadership role for the game and will work with a team to make decisions around your company's response. After the game, we will discuss lessons learned and best practices for responding to cyber incidents.

Facilitators:
Joy Smith, Expert, Cyber Solutions, McKinsey and Company
Dayne Myers, Senior Solution Leader, McKinsey & Co.


How to Measure the Impact of Your Security Awareness Program

Abstract:
This hands-on, interactive event will walk you through how to identify, define and measure the key metrics you need, and how to communicate those metrics to your leadership. In addition, all attendees will return to their organizations with a draft metrics framework they will be able to implement right away.

Facilitator:
Lance Spitzner, Director, SANS Institute


Eleventh Hour IoT Security

Abstract:
Despite the hype, IoT security has still managed to sneak up on us. Many are learning of IoT deployments with only months (or weeks!) notice, and IT managers are being thrown into the deep end of OT security. This lab will cover real-world IoT threat modeling that IBM X-Force Red has used to help its clients to get a handle on this brave new world of embedded devices and new protocols.

Facilitators:
Steve Ocepek, X-Force Red Regional Lead, North America, IBM
Krissy Safi, Sr. Security Services Offering Manager, IBM X-Force Red


Surviving Contact: Keeping Your CEO Employed and Your Business in Business

Abstract:
As businesses become more digitally dependent, security ops become more intertwined with the business. To test, measure and validate this alignment, we present a model of cyclical, intensity increasing and threat scenario-driven war games designed to stress test the entire business' ability to respond. Today, cyber incidents are business incidents, cyber threats are business threats. Come test your skills and engage with other participants to gain experience preparing for cyber incidents that are threats to your business.

Facilitators:
Heather Gantt-Evans, Cyber Threat Management, Manager, EY
Mark Manglicmot, Senior Manager, EY
Sean Wessman, Cyber Security Principal, Ernst & Young LLP


Cloud Defender: Detecting and Responding to Adversaries in AWS

Abstract:
Get first-hand experience with cloud penetration techniques, see what they look like and learn how to defend against them. You will use the provided template to spin up an example AWS environment in your account, hack it using scripts and watch the attack unfold in real time. Use evidence from the attack to create automated countermeasures. Leverage built-in AWS services to detect signs of compromise.

Facilitators:
Martin Holste, CTO, Cloud, FireEye
Paul Lee, Senior Cloud Solutions Engineer, FireEye


Hoarding Data Is Risky Business

Abstract:
Establishing business savvy retention policies often feels like a lose-lose battle. Everyone wants to keep their data forever as they “may NEED it in the future.” Yet we all know, as data atrophies, its value declines while the cost of managing and protecting it persists. This lab walks through decision points to consider when retaining and a tabletop exercise to declutter your data environment.

Facilitators:
Michelle Dennedy, Chief Privacy Officer, Cisco
Jonathan Fox, Director, Privacy Engineering, Cisco
Lisa Bobbitt, Lead Privacy Engineering Architect, Cisco


How to Measure the Security of Your Network Protection Devices

Abstract:
Security can be measured. It can be defined. This unique lab will teach you how to apply the mathematics and axioms of Analogue Network Security to quantitatively architect secure processes, from code, to networking, to human and physical influences. Learn how to measure bounding, compare the security performance of security products, reduce data leaks and exfiltration, and much more.

Facilitators:
Mark Carney, Security Researcher and Consultant, Security Research Labs GmbH
Winn Schwartau, SAC/WinnSchwartau, LLC


Ethical Dilemmas in Cybersecurity

Abstract:
Cybersecurity professionals face a growing number of ethical dilemmas, which are getting increasingly complex. In this lab, participants will identify the most common ethical dilemmas and work through a variety of them, examining and debating actions to take. Facilitators will introduce tools and research to draw on in navigating ethical challenges and engage the group in exploring ramifications related to actions.

Facilitators:
Jeff Klaben, CISO, SRI
Irina Raicu, Director of the Internet Ethics program, Markkula Center for Applied Ethics
Sean Brooks, Research Fellow, UC Berkeley Center for Long-Term Cybersecurity


A General Introduction to Modern Cryptography

Abstract:
What happens on your computer or phone when you enter your credit card info to make a purchase? This session will explore the fundamentals of modern symmetric and asymmetric cryptography including the SSL/TLS protocol, block ciphers, stream ciphers, key exchange, and of course, RSA. We’ll then examine some modern applications such as cryptocurrencies and blockchains as well as election technologies. No prior experience is assumed.

Facilitator:
Josh Benaloh, Microsoft

This document was retrieved from http://www.rsaconference.com/events/us18/agenda/learning-labs on Tue, 20 Nov 2018 03:05:50 -0500.