2012 – Schedule

Agenda is subject to change.
(Note that we will not require registration for Breakout Sessions this year)

Tuesday October 23, 2012

8:00 – 8:30 am Welcome and Opening Remarks Special Agent in Charge Kenneth Moore, FBI Knoxville Field Office

David W. Purkey, Assistant Commissioner for the Department of Safety and Homeland Security and Director for the state of Tennessee Office of Homeland Security

8:30 – 9:30 am Betsy Woudenberg China, Cyber, and U.S. Energy: We’ve all read about China’s cyber espionage against U.S. companies, but looking at cyber evidence is just part of the story. What’s driving China’s cyber espionage? Who’s behind the attacks? And most importantly, what will they steal next? Betsy Woudenberg, a former CIA Operations Officer, discusses China’s intentions and cyber capabilities using publicly known cyber attacks on U.S. energy companies as examples of how China’s domestic concerns are driving its international espionage. Whatever your industry, this talk is a step towards understanding China as a cyber adversary as the foundation for creating your own protection strategy.

Ms Woudenberg will accept requests for copies of her presentation — please contact us and we will forward the request to her.

9:30 – 9:45 am Break  
9:45 – 10:45 am Jason Lamar Information Superiority as an Enabler of Context-Aware Security: Network defenders need information superiority – a clear baseline of their environments – in order to protect them. This session explores how to leverage information superiority to take a context-aware approach to security to achieve total network visibility, control without compromise and intelligent security automation.
10:45 – 11:00 am Break  
11:00 am – 12:00 pm Lance Spitzner Securing The Human: Organizations have traditionally invested most of their security in technology, with little effort in protecting their employees. As a result, many attackers today target the weakest link, the human. Awareness, not just technology, has become key to reducing risk and remaining compliant. This high-level talk explains why humans are so vulnerable, how they are being actively exploited and what organizations can do about it.

Mr. Spitzner’s presentation can be found on the SANS site here. You can also find his blog here.

  Breakout Session: Jason Lamar Information superiority for virtual networks
12:00 – 1:00 pm Lunch  
1:00 – 2:00 pm Bill Dean For years, organizations were instructed to diligently protect the perimeter from attackers. This approach no longer works. After many high-profile breaches, we are now being told that we are likely already breached and must detect the attackers that are already inside. This presentation will discuss methods and tools to detect and disrupt attackers that are already inside our networks.

Mr. Dean regrets that he cannot distribute copies of his presentation.

2:00 – 2:15 pm Break  
2:15 – 3:15 pm Jill Knesek Jill will present her experiences working with BT Global Services in London this summer.

Ms. Knesek regrets that she cannot distribute her presentation, but if you have specific questions please contact us and we will forward them to her.

  Breakout Session: Bill Dean Technical aspect of tools and techniques to perform network forensics
3:15 – 3:30 pm Break  
3:30 – 4:30 pm Keatron Evans Attacks From the Cloud: While much attention is being given to securing information in the Cloud, Keatron will discuss launching attacks, both client side and server side, from the Cloud. The discussion will include Cloud Technologies, current security concerns with the Cloud, and how the Cloud is currently being used as the launching or pivot point for attacks.

Wednesday October 24, 2012

8:00 – 8:30 am Opening Remarks Richard Lambert, Senior Counterintelligence Officer, Oak Ridge National Laboratory

James D. Perry, Chief Information Officer, University of Tennessee – System Administration

8:30 – 9:30 am Winn Schwartau The BYOD Mobile Security Spectrum – A Functional Taxonomy: To ‘BYOD or not to BYOD’ is the question that just about every private, government and military organization is asking itself today about the consumerizations and infiltration of mobile devices of myriad flavors. The BYOD conundrum however, may be a mis-phrasing as it may not be an “either or” binary question. This session will functionally’ taxonimize’ the security spectrum of BYOD and options available to enterprises today.

Mr. Schwartau will accept requests for copies of his presentation — please contact us and we will forward the request.

9:30 – 9:45 am Break  
9:45 – 10:45 am Ron Ross While Revision 4 of 800-53 will not yet be final by the Summit, it will be close. Dr. Ross will bring an update on the many changes in this important revision.

Posted here

  Breakout Session: Joe McCray  
10:45 – 11:00 am Break  
11:00 am – 12:00 pm Travis Howerton NNSA’s recent implementation of cloud computing experiences and lessons learned will be presented by Travis, who is heading up NNSA’s cloud and mobile computing efforts.
12:00 – 1:00 pm Lunch  
1:00 – 2:00 pm Joe McCray Joe will bring his considerable expertise on vulnerability exploitation, including SQL injection, to another entertaining and educational presentation.
  Breakout Session: Travis Howerton  
2:00 – 2:15 pm Break  
2:15 – 3:15 pm Greg Hinkel Early Observations with Implementing IPv6 at ORNL: Greg will discuss and present examples of some of the technical details encountered while rolling out IPv6 at Oak Ridge National Laboratory.

Posted here

  Breakout Session: Winn Schwartau Solving the Cyber Security Hiring Crisis From DHS to Wall Street: The Great Talent Search
3:15 – 3:30 pm Break  
3:30 – 4:00 pm Tim Walsh An update on Chattanooga’s infrastructure and SimCenter Enterprises, Inc. research being performed there
4:00 pm Closing Activities