Menu

Learning Labs

Learning Labs are facilitated experiences, designed to immerse attendees in interactive exercises and discussions. Attendance is limited to assure that every person in the room has the opportunity to engage with the facilitator and get the most out of the experience. Unlike a traditional track session with the “sage on the stage,” the Lab facilitator is a “guide on the side,” leading participants through the content and exercises, while challenging them to apply what they are learning and engage with one another.

NOTE: Learning Labs are free for attendees with a Full Conference pass. Expo and Discover passholders cannot register for these Labs. Because these sessions have become so popular, attendees may not reserve a seat for more than one Lab, but are welcome to join the standby queue to participate in other Labs if space is available.


How to Run a Cyber-Incident Response Exercise Using an Open-Source Scenario      

Abstract: 
In this learning lab you’ll learn how to use an open-source table-top cyber-incident scenario to facilitate an exercise in your own organization. You’ll discover how to encourage learning behavior, how to tailor the scenario to your organization’s maturity and systems, how to role-play an incident and simulate constantly changing information, and how to capture the lessons learned.  

Facilitators: 
Tim Wiseman, Author
John Elliott, Data Protection Specialist


Bad Intelligence: Or How I Learned to Stop Buying and Love the Basics    

Abstract:
Following the threat intelligence “gold rush,” buying every feed, tool and subscription available, organizations were left with a hefty bill for “bad intelligence.” We went back to the basics, developed and operationally tested a much simpler, cost effective, custom and process-driven framework to target intelligence directly on the highest risk threats to the business. Learn how to replicate it.       

Facilitators:
Larry Lipsey, Senior Consultant, EY
Brett Rogers, Manager, Cybersecurity, EY
Heather Gantt-Evans, Senior Manager, EY


Crypto Hero (Hands-On)              

Abstract: 
Will cover encryption systems and blockchains, including AES, RSA, Bitcoin, Ethereum, Stellar and quantum computation. A hands-on workshop with a series of CTF-style challenges, the session will explain and demonstrate the techniques, and help participants with the challenges. Participants must bring a laptop capable of running VMware virtual machines. Prior experience with cryptography not required.            

Facilitators:
Sam Bowne, Instructor, CCSF
Elizabeth Biddlecome, Instructor, CCSF


Cloud CTF: Identifying and Resolving Attacks in Azure      

Abstract: 
Gain firsthand experience identifying attacks against Azure workloads. You will be a member of the Contoso blue team tasked with investigating and resolving attacks that are commonly seen within cloud environments. You will also leverage the details learned about the attacks to implement the appropriate countermeasures and harden the environment to ensure that future attacks don’t occur.      

Facilitators: 
Lesley Kipling, Lead investigator / Chief Security Advisor, Microsoft
Jonathan Trull, Senior Director, Cyber, Microsoft


Are You a Secure Coding Champion? 

Abstract:      
This tech lab will offer a hands-on, gamified training environment where they compete against each other to become the ultimate “Secure Code Warrior.” Participants can first select from various software languages to compete in a tournament. Gamification elements such as published leaderboards and configurable point systems helps to make the exercise a fun, engaging and interactive experience. 

Facilitators: 
Pieter Danhieux , Founder & CEO, Secure Code Warrior
Matias Madou, CTO & Founder, Secure Code Warrior


Defending Digital Democracy: How Security Professionals Can Help  

Abstract: 
The 2016 and 2018 elections showed that digital threats to democracy are multiplying. Take a crash course on how officials across the US are securing elections by joining a simulation of 2020 under attack. Tables work together to defeat cyber and info ops. This interactive lab will end with an after-action review and tangible steps participants can take to make elections more secure.              

Facilitators: 
Jordan D’Amato Executive Director, Defending Digital Democracy Project (D3P), Belfer Center, Harvard
Mari Dugas, Project Coordinator, Cyber Security Project and D3P


Verizon Incident Preparedness Report—Taming the Data Beast  

Abstract: 
What if the next data breach beast reared its ugly head and appeared in your camp? Moreover, key stakeholders are still in denial that a data breach could, let alone did, happen. The “Verizon Incident Preparedness Report—Taming the Data Beast” tackles data breach preparation for that inevitable spar with the daemon of death in the age of digital heroes.       

Facilitators:      
John Grim, Senior Manager | Investigative Response, Verizon Enterprise Solutions
Chris Novak, Director | Investigative Response, Verizon Enterprise Solutions


How to Design and Operate a DDOS Testing Program     

Abstract: 
Despite investment in DDoS mitigation, testing the effectiveness of your solutions is seldom on the agenda missing from most vulnerability management programs that focus on vulnerability scanning and pen testing. Most deployments are susceptible to DDoS attacks. This three-hour lab delivers an effective approach to validate your defences against all forms of DDoS including the ability to simulate attacks, measure your response and determine if your operational practices are working.      

Facilitator:   
Murray Goldschmidt, Chief Operating Officer, Sense of Security Pty Ltd


Creating/Building a Phishing Training Program    

Abstract: 
Over 90 percent of data breaches happening today occur as a result of a phishing attack. The threat landscape continues to evolve, so do the attackers.  While organizations continue to implement technical controls, we must understand the current culture and improve cyber-behavior. This workshop will be led by two recognized experts with years of experience running industry-leading, global phishing programs.       

Facilitators:  
Cheryl Conley, Cyber Governance Risk & Compliance Senior Staff, Lockheed Martin
Tonia Dudley, Security Solutions Advisor, Cofense


Breaking Out of the Security Metrics Matrix: Steps in the Right Direction

Abstract:
Security professionals struggle to create and customize meaningful metrics. Software companies, governments and frameworks have provided some terms, but are they used efficiently? Join us to discuss how organizations worldwide have mapped metrics to practical security controls, and how they have tracked progress, and provided solid evidence of ROI and value for money.         

Facilitators:  
Tim Crothers, Vice President of Security, Target
James Stanger, Chief Technology Evangelist, CompTIA


Evasion Tactics in Malware from the Inside Out  

Abstract:
Authors of malicious code employ clever tactics to get around security tools such as analysis sandboxes and antivirus products. This technical talk will explore such evasion techniques by looking at real-world samples with the help of a debugger and other free analysis utilities, so you can better understand evasion mechanisms and learn how to examine them on your own.             

Facilitator:  
Lenny Zeltser, Instructor / VP of Products, SANS Institute / Minerva Labs


Threat Hunting across Thousands of Multicloud Workloads          

Abstract:
How do you know if your public-cloud environments are really safe? Based upon the latest research from the RedLock Cloud Security Intelligence Team this session will present tactics and tools for threat hunting across multiple public cloud environments. Get your hands dirty capturing the flag and learn the most effective countermeasures.    

Facilitators:  
Gaurav Kumar, CTO, RedLock
Matthew Chiodi, Chief Security Officer, Public Cloud, Palo Alto Networks


Mental Health in Cybersecurity: Preventing Burnout, Building Resilience

Abstract:
Mental health is a key element in the human factor, and directly impacts the way in which cybersecurity professionals function in their daily work. This session will cover the psychosocial stressors unique to cybersecurity, discuss burnout and identify management mechanisms. Attendees will learn how to build the foundations for mental resilience, for use in their workplace.   

Facilitator:  
Ryan Louie, Psychiatrist, Foundation Physicians Medical Group, Inc.


Cybersecurity Leadership Effectiveness Using the 7-S Framework

Abstract:
How do we know if the CISO’s security program has accounted for all the components to be effective? This session will draw on the work in the 1980s by two McKinsey consultants (7-S Framework) and applies it to building and sustaining the cybersecurity program to ensure we have accounted for strategy, structure, systems, skills, style, staff and shared values. The talk will look at each of these components.          

Facilitator:  
Todd Fitzgerald, Managing Director/CISO, CISO SPOTLIGHT, LLC


Cyber Defense Matrix Reloaded

Abstract:
The Cyber Defense Matrix (CDM) was unveiled at RSA in 2016 to help practitioners organize security technologies. This session will show several new use cases of the CDM, including how to measure the efficacy and coverage of controls, align them against emerging threats and requirements, and manage your security program through design patterns that emerge from the use of the CDM.      

Facilitator:  
Sounil Yu, Chief Security Scientist, Bank of America


Smart Contracts and Initial Coin Offerings: A Technical Perspective  

Abstract:
The speaker is the author of the book Smart Contracts and Initial Coin Offerings: Technical, Business and Legal Perspectives. This presentation will include examples and best practices for smart contracts and initial coin offerings from a technical perspective.  

Facilitator:  
Tom Plunkett, Consulting Solutions Director, Oracle


Fine-Tuning Your Cyber-Defense Technologies with the ATT&CK Framework              

Abstract:
MITRE has developed a curated knowledge base and framework known as Adversarial Tactics, Techniques and Common Knowledge (ATT&CK). ATT&CK provides knowledge describing behaviors and actions that a cyber-adversary might utilize once initial access has been gained within an organization’s network. This learning lab will look at fine-tuning cybersecurity stacks using this framework.

Facilitator:  
Lane Thames, Senior Security Researcher, Tripwire, Inc.


Let’s Make Risk a Game! 4,000 Cyber-Risks in Your Hand.       

Abstract:
Join us as we unleash a terrible “what-if” doomsday machine—in the form of a card game—and explore 4,000 potential cyber-loss scenarios. This model is changing the risk conversation at many forward-leaning organizations. Come early to get a free card deck to bring back and expand visibility into your own risk universe.

Facilitators:
Joel Benge, Strategist, ADG Creative
Earl Crane, Founder and Chairman, Emergynt


Everything You Need to Know about Cybersecurity and Privacy Law in Two Hours!  

Abstract:
Do you want to understand cybersecurity and privacy law? With today’s rapid pace of business decisions and incidents you need to be able to spot issues quickly and accurately. Join us for a two-hour tour of the most critical laws and regulations and then we’ll have some fun issue-spotting exercises. Next time be the person who can spot and avoid costly issues on your team and save the day.      

Facilitators:
James Shreve, Partner and Chair of the Cybersecurity Practice, Thompson Coburn LLP
Christopher Pierson, Founder & CEO, BLACKCLOAK


Holistically Mitigating Human Vulnerabilities and Attacks

Abstract:
Most data breaches result from user failings. The response is to implement awareness, but alone it is unsuccessful. In this lab, attendees work through common attacks targeting people; identify an appropriate combination of technology, process, and awareness; and prepare their organizations to effectively mitigate human vulnerabilities with a combination of technology, process, and awareness.

Facilitators:
Tracy Celaya, Consultant, Systems Evolution, Inc.
Alexandra Panaretos, National Practice Lead for Security Awareness and Training, EY
Ira Winkler, President, Secure Mentem

 

This document was retrieved from http://www.rsaconference.com/events/us19/agenda/learning-labs on Tue, 26 Mar 2019 06:12:56 -0400.