Learning Labs are facilitated experiences, designed to immerse attendees in interactive exercises and discussions. Attendance is limited to assure that every person in the room has the opportunity to engage with the facilitator and get the most out of the experience. Unlike a traditional track session with the “sage on the stage,” the Lab facilitator is a “guide on the side,” leading participants through the content and exercises, while challenging them to apply what they are learning and engage with one another.
NOTE: Learning Labs are free for attendees with a Full Conference pass. Expo Plus and Expo pass holders cannot register for these Labs. Because these sessions have become so popular, attendees may not reserve a seat for more than one Lab, but are welcome to join the standby queue to participate in other Labs if space is available.

Identity War Games: A Learning Lab on Account Opening Fraud

Abstract:
War games time! Divide into teams and work on real-world digital identity verification scenarios using next-gen data signals. What are you looking at: an honest user or a cunning cybercriminal? Challenge your skills, make trade-offs and learn what it takes to be an identity fighter!
Facilitators:
Erin Englund, Sr. Threat Analyst, BioCatch
Uri Rivner, Chief Cyber Officer, BioCatch

How to Run a Cyber-Incident Response Exercise Using an Open-Source Scenario

Abstract:
In this learning lab you’ll learn how to use an open-source table-top cyber-incident scenario to facilitate an exercise in your own organization. You’ll discover how to encourage learning behavior, how to tailor the scenario to your organization’s maturity and systems, how to role-play an incident and simulate constantly changing information, and how to capture the lessons learned.
Facilitators:
Aaron Rosenmund, Author, Evangelist and Researcher: Incident Response, Pluralsight
John Elliott, Consultant and Author

Hearts and Minds: Shaping a Successful Awareness Program

Abstract:
Talking about the human element is a hot topic these days—but it’s hard to actually change humans. It’s more art than science, but that doesn’t mean it cannot be taught. This workshop will explore psychological challenges we all face—apathy, fatigue and denial—as well as the inherent benefits in human physiology, such as how our brain chemistry responds to stories.
Facilitators:
Tonia Dudley, Security Solutions Advisor, Cofense
Lisa Plaggemier, Chief Evangelist, Infosec

Put the Analysis Back in Your SOC!

Abstract:
Despite automation and orchestration, we still need the human touch and recruiting good analysts in your security operations center is a challenge. The good news is that there is plenty of good talent out there, but they may not have the experience or training that is needed. This session will provide a technical path towards teaching new analysts how to confidently assess security events.
Facilitators:
Kristy Westphal, VP, CSIRT, Union Bank

Pentesting ICS 102

Abstract:
In this workshop, you will learn how to attack PLCs, by attacking ICS protocols: Modbus and OPC-UA. The session will start by defining ICS and key vulnerabilities, then focusing on PLCs and discovering how they communicate to learn the methods and tools you can use to p*wn them. Then you will experience real-world scenarios by attacking PLCs on a dedicated setup featuring robot arms and a model train!
Facilitators:
Arnaud Soullié, Manager, Wavestone
Alexandrine Torrents, Cybersecurity Consultant, Wavestone

Everyone Can Play! Building Great CTFs for Non-Security Folks

Abstract:
CTFs are a great tool to give non-security folks a hands-on understanding of how security vulnerabilities enable criminal activities, reduce user privacy and degrade system reliability. In this session you will learn to build interesting, educational and easy to use Capture the Flag events targeted at non-security users.
Facilitators:
Joe Kuemerle, Senior Product Security Engineer, Salesforce

Diversify or Die: A Cybersecurity Survival Guide

Abstract:
While the value of a diverse cybersecurity workforce seems clear, the consequences from a lack of diversity is overwhelming opaque. This Learning Lab will identify actionable solutions to address this issue. Each attendee will leave with a deeper understanding of the value proposition for investing in diversity, and an actionable toolkit of inclusion strategies and hiring techniques.
Facilitators:
Joshua Snavely, Dean, Langston University
Sonia Arista, Director of Healthcare and Life Sciences, Fortinet
Saniye Unsal, Strategic Security Initiatives, Alphabet/Google
Alicia Grasfeder, Assistant General Auditor, Federal Reserve Bank of Boston

Teaching Lawyers, Engineers and Business Folks to Collaborate

Abstract:
Engineers, lawyers and businesspeople speak fundamentally different professional languages.  Resulting communication gaps are often heightened during stressful times, such as incident response.  Fortunately, organizations can find a better way. Attendees will experience an abridged version of a new graduate course based on an immersive cybersecurity and data privacy simulation.
Facilitators:
Jeff Klaben, Adjunct Professor, Santa Clara University
Jennifer Stefanski, Product Counsel, SurveyMonkey

Red Teaming for Blue Teamers: A Practical Approach Using Open Source Tools

Abstract:
When it comes to testing the security posture of an enterprise, those who don’t have dedicated red teams or external penetration testers are often left behind. This session will demonstrate how to use free resources that make testing security tools approachable to anyone. After abusing the target machine, attendees will look at the telemetry gathered by open source tools to detect adversarial behaviors.
Facilitators:
Travis Smith, Principal Security Researcher, Tripwire

Preplanning the Data Breach Chess Board with External Vendors

Abstract:
Seventeen years later: do you have everything in place to respond to a data breach? This session will bring together a lawyer, cybersecurity expert and identity monitoring expert to show what you must do prior to a breach and to refresh your current preparedness. It will show you what third parties you need to engage so your business does not suffer from a fumbled attempt to retain customers.
Facilitators:
Dr. Christopher Pierson, Founder & CEO, BLACKCLOAK
James Shreve, Partner and Cybersecurity Chair, Thompson Coburn LLP
Michael Bruemmer, VP, Data Breach and Consumer Protection, Experian

Optimizing Enterprise Cybersecurity through Serious Games

Abstract:
This Learning Lab will provide participant with the knowledge and methodology to enhance their enterprise cybersecurity posture. A serious game format is utilized to immerse participants and apply their strategies to learn real-time lessons against active threats. Players must protect virtual enterprises from bot-driven threat actors, who can range in tier from hacktivist to nation-state actors.
Facilitators:
David Ormrod, Director, Hivint

Authentication on the Move: Challenges for Mobile Web Applications

Abstract:
How do you type a complex password on a tiny keyboard while sipping coffee? Most people hate passwords, and they really hate them for mobile web applications. But there are alternatives? In this hands-on session, you will learn not just what the alternatives are for modern cross platform web applications, but also how to implement them and how to avoid and recognize some of their weaknesses.
Facilitators:
Jason Lam, Certified Instructor, SANS Institute
Johannes Ullrich, Dean of Research, SANS Technology Institute

Cyber Defense Matrix Learning Lab

Abstract:
The Cyber Defense Matrix (CDM) helps practitioners organize their overall security program. This Learning Lab will walk participants step-by-step through several use cases of the CDM, including how to map the latest startup vendors and security trends, organize controls, capture measurements and metrics, and align skill sets needed to support the functions of the security program.
Facilitators:
Sounil Yu, Chief Security Scientist, Cyber Defense Matrix

Only After Disaster Can We Be Resurrected: Field Lessons in Cyber-Incidents

Abstract:
Only after disaster can we be resurrected. This workshop will use investigations, air crashes and nuclear accidents to expose specific biases that hinder our ability to avoid casting blame, and often hide the systemic issues that truly led to the disaster. Attendees get hands-on experience with four real-life cyber-incidents and are exposed to the chaotic, volatile atmosphere permeating these events.
Facilitators:
Mark Sangster, VP and Industry Security Strategist, eSentire
Jon Washburn, Chief Information Security Officer (CISO), Stoel Rives LLP

Motivating Human Compliance: Mitigating Passive Insider Threat

Abstract:
Security professionals work to protect internet users from cybercrime while users find creative ways to circumvent rules and put themselves in harm’s way. Why would they do that! How can management detect and mitigate the danger? This Learning Lab will present interactive scenarios to give participants an experience to take home and put into practice.
Facilitators:
Maria Flores, Technical Communicator, Data-Doctor.Info
Keyaan Williams, CEO, Cyber Leadership and Strategy Solutions, LLC
MK Palmore, VP, Field CSO (Americas), Palo Alto Networks

Defend Yourself Using Built-In Linux Security Technologies

Abstract:
In this lab, you’ll learn how you can build defense-in-depth in the OS by implementing the key security technologies available to you in Linux. You will ensure security compliance, implement network security, access management and data security to build a strong foundation to proactively defend against possible security attacks and breaches.
Facilitators:
Lucy Kerner, Senior Principal Security Global Technical Evangelist and Strategist, Red Hat

Privacy Engineering Demystified: You Too Can Be a Privacy Engineer

Abstract:
This lab will demonstrate the critical role of privacy engineering and that software engineers and program/product managers can be privacy engineers.  Presenters will provide high-level concepts of privacy engineering and discuss how the process can be integrated into the solution development lifecycle. Attendees will walk through the entire privacy engineering process with real-world use cases.
Facilitators:
Michele Guel, Distinguished Engineer & IoT Security Strategist, Cisco
Deepika Gupta, Technical Leader, Information Security, Cisco