Loading…
This event has ended. View the official site or create your own event → Check it out
This event has ended. Create your own
OHIO INFORMATION SECURITY CONFERENCE 2016
Technology First invites you to participate in the 13th Annual Ohio Information Security Conference
Wednesday, March 9, at the Sinclair Community College Ponitz Center.  
View analytic

Log in to bookmark your favorites and sync them to your phone or calendar.

Wednesday, March 9
 

7:30am

Breakfast
Wednesday March 9, 2016 7:30am - 8:00am
Charity Room Sinclair Ponitz Center

8:00am

Compromise Analysis - Why We're Seeing so Many Breaches
After looking at a number of compromises dating the past several years, there are a number of commonalities between each of them and steps that could have been used to prevent. Information security isn’t a practice that will always be successful in defending, however, there are key indicators of compromise to look for when an attacker is attempting to compromise an organization. During this presentation, we’ll analyze a number of data breaches and look at all of the commonalities and how an information security program can be structured in order to defend against a lot of the attacks. This presentation will be full of demonstrations of compromise and attacks as well as defensive methods for the blue team in order to appropriately handle threats we see today. 

Speakers
avatar for David Kennedy

David Kennedy

TrustedSec
Dave Kennedy is founder of TrustedSec and Binary Defense Systems.  Both organizations focus on the betterment of the security industry from an offense and a defense perspective.  David was the former Chief Security Officer (CSO) for a Fortune 1000 company where he ran the entire information security program.  Kennedy is a co-author of the book "Metasploit:  The Penetration Testers Guide", the creator of the Social-Engineer... Read More →


Wednesday March 9, 2016 8:00am - 8:50am
Charity Room Sinclair Ponitz Center

9:00am

Database Security - Your Last Line of Defense
In recent years, data breaches have occurred even within prominent organizations such as Target, Home Depot and others . Databases are at the bottom of the security stack and are your last line of defense to protect your valuable and sensitive data. Learn how proper database security provisioning will meet data assurance compliance. 

Speakers
avatar for Steven Woody

Steven Woody

CommitDBA
Steve Woody is President of CommitDBA and has an IT Services background specializing in Database Administration, Design and Programming; a Project Management background in multiple industries, disciplines, and practices; and a Business background meeting corporate objectives of continuous improvement and profitability.


Wednesday March 9, 2016 9:00am - 9:50am
Room 116 Sinclair Ponitz Center

9:00am

Incident Response
This offering will discuss the recent evolution of cyber attacks, vital incident response planning, testing and training, implementation of policies & procedures, mitigating and responding to a breach, and, finally, legal standards of care derived from real cases. 

Speakers
avatar for Lindsay M. Johnson

Lindsay M. Johnson

Freund, Freeze and Arnold
avatar for Shawn Waldman

Shawn Waldman

Cyber Secure Defense
Shawn is the founder and President of Secure Cyber Defense LLC located in Miamisburg Ohio. He’s a 20 year IT veteran and served in law enforcement as a police officer in the late 90’s.  Shawn is a subject matter expert when it comes to FBI criminal justice compliance and speaks across the country on the topic of cyber security. He’s done work with the US Secret Service and the US Air Force teaching on the topic of cyber... Read More →


Wednesday March 9, 2016 9:00am - 9:50am
Room 120 Sinclair Ponitz Center

9:00am

Risk Matters - So Does Trust
Many organizations do not manage risk in a holistic way. Rather, they maintain silos of risk management activity that often use completely different methodologies, terminology and tools to model and treat risk. Security, Compliance and Business stakeholders are the most cloistered silos seen in the wild. This structure may have worked in the old world when being the person who said “NO” was enough but that is not the case in the age of Bring Your Own Device (BYOD), Cloud Computing and Regulatory Compliance. However, it does provide a unique opportunity for the savvy security professional to bring the silos together by normalizing the way they express, communicate and treat risk. By adopting common risk management metrics, innovative controls and trust management techniques CSO’s and other security practitioners can survive and prosper in the age of Cloud Computing and BYOD. Learn how to gain a holistic view of risk across your organization with the ultimate goal of determining your organization’s appetite for risk and facilitating the cultural move from a “Zero Risk” mentality to a “Risk Resilient” mentality.  In addition to the items listed in the abstract, I will discuss an innovative approach I have been using in the field for several years called Trust Enhanced Risk Management (TERM). 

Speakers
avatar for Bryan K. Fite

Bryan K. Fite

BT
A committed security practitioner and entrepreneur, Bryan is currently a Senior Security Consultant for BT. Having spent over 25 years in mission-critical environments, Bryan is uniquely qualified to advise organizations on what works and what doesn’t. Bryan has worked with organizations in every major vertical throughout the world and has established himself as a trusted advisor. “The challenges facing organizations today require a... Read More →


Wednesday March 9, 2016 9:00am - 9:50am
Room 127 Sinclair Ponitz Center

9:00am

Two Factor Authentication
2-Factor Authentication (2FA) is clearly a best practice for IT security, but moving an organization to this level of security is a huge commitment.  Learn why the University of Dayton made the decision to “go 2FA” and how they approached the planning, implementation and support.  UD is currently in the middle of their roll-out, so you will get very current observations and analysis of the issues and challenges they are facing.

Speakers
avatar for Thomas Skill

Thomas Skill

University of Dayton
Thomas Skill, Ph.D. is Associate Provost & CIO at the University of Dayton. Skill has over 30 years of computing and communications technology experience in higher education. His current area of focus is cybersecurity.  He is one of the founding members of the Cybersecurity Consortium of Southwestern Ohio (CCSO) and is also leading the creation of the Center for Cybersecurity and Data Intelligence at the University of Dayton which will... Read More →


Wednesday March 9, 2016 9:00am - 9:50am
Room 131 Sinclair Ponitz Center

9:50am

Morning Break/Exhibitor Time
Wednesday March 9, 2016 9:50am - 10:20am
Great Hall Sinclair Ponitz Center

10:25am

10 Years of Data Breach
In 2005, ChoicePoint experienced the first security incident involving data. Since then, the term "data breach" has become part of the national lexicon. In this engaging discussion, you will learn the lesson of the past ten years and walk away with sound data governance principles in preparing for WHEN, not IF a breach occurs. 

Speakers
avatar for Scot Ganow

Scot Ganow

Faruki, Ireland and Cox
Scot Ganow is an attorney and Certified Information Privacy Professional with Faruki Ireland & Cox P.L.L. Scot's practice focuses on information privacy compliance, including data breach response management.  Before becoming an attorney, Scot served as a chief privacy officer for data and healthcare companies.


Wednesday March 9, 2016 10:25am - 11:15am
Room 127 Sinclair Ponitz Center

10:25am

Cybersecurity Economics - How Much is Enough?
Straightforward questions such as “How much security is enough for the threat we face?”, “What are our residual risks?”, and “Does this security investment provide benefits worth the costs imposed?” need straightforward answers. Tenet3 will demo metrics useful in answering these questions and provide insights into the associated cybersecurity economics. 

Speakers
avatar for Mike Clark

Mike Clark

Tenet 3
Dr. Michael Clark, Research Scientist for Tenet3, has focused on quantitative security metrics that help system stakeholders work through the economic problems of cyber security. He is one of the primary developers of MeTRA, which is Tenet3’s software platform for conducting “as designed, as built, and as operating” security assessments of complex systems. Dr. Clark received his Ph.D. from AFIT, where he studied cryptographic... Read More →
avatar for Jeff Hughes

Jeff Hughes

Tenet 3
Jeff Hughes is the President of Tenet3.   Tenet3 specializes in cyber security economics and value driven risk mitigation assessments. Jeff was the Strategic Cyber Advisor to Sensors Directorate, Air Force Research Laboratory, and was the founding chief of the Anti-Tamper Software Protection Initiative Technology Office.


Wednesday March 9, 2016 10:25am - 11:15am
Room 120 Sinclair Ponitz Center

10:25am

Tool for Making Objective Decisions about Subjective Security Controls
Ask three security people a question, and you will get five conflicting answers.  Ten if the business shows up.  If a Lawyer walks in, you might as well cancel the meeting.  The problem isn’t that any of these people are wrong; the problem is they are all correct, but we need a tool to drive precision to the question and answer, while managing the complex interplay of decisions that are distinct but overlapping.

Speakers
BK

Bill Kilgallon

LexisNexis


Wednesday March 9, 2016 10:25am - 11:15am
Room 131 Sinclair Ponitz Center

10:25am

You are How You Query: Deriving Behavioral Fingerprints from DNS Traffic
As the Domain Name System (DNS) plays an indispensable role in a large number of network applications including those used for malicious purposes, collecting and sharing DNS traffic from real networks are highly desired for a variety of purposes such as measurements and system evaluation. However, information leakage through the collected network traffic raises significant privacy concerns and DNS traffic is not an exception. In this talk, we will show a new privacy risk introduced by passively collected DNS traffic. We intend to derive behavioral fingerprints from DNS traces, where each behavioral fingerprint targets at uniquely identifying its corresponding user and being immune to the change of time. We have proposed a set of new patterns, which collectively form behavioral fingerprints by characterizing a user's DNS activities through three different perspectives including the domain name, the inter-domain relationship, and domains' temporal behavior..We have performed extensive evaluation based on a large volume of DNS queries collected from a large campus network across two weeks. The evaluation results have demonstrated that a significant percentage of network users with persistent DNS activities have DNS behavioral fingerprints. 

Speakers
avatar for Junjie Zhang

Junjie Zhang

Wright State University
Junjie Zhang is an Assistant Professor in the Department of Computer Science and Engineering at Wright State University. He received his Ph.D. in Computer Science from Georgia Institute of Technology in 2012. He also received his M.S. in Systems Engineering and B.S. in Computer Science from Xi'an Jiaotong University, China, in 2006 and 2003, respectively. His current research focuses on network security and Cyber-Physical System security.


Wednesday March 9, 2016 10:25am - 11:15am
Room 116 Sinclair Ponitz Center

11:15am

Lunch
Wednesday March 9, 2016 11:15am - 12:15pm
Charity Room Sinclair Ponitz Center

12:15pm

Emerging Cybersecurity Threats and Challenges
2016 looks to be another watershed year for cybercrime. Adversaries continue to rapidly refine their attack capabilities, while business and government struggle to keep up.  Outnumbered by five to one, what can security professionals do to stem the advancing tide?  

Speakers
avatar for Richard Staynings

Richard Staynings

Director of Global Security Advisory Services, CISCO Systems
Richard Staynings joined Cisco in October 2014 helping form a groundbreaking new cybersecurity team to advise and assist Cisco’s most important customers how best to protect their business data and technology assets.  With the onset of the Internet of Everything (IoE), and an almost ceaseless expansion of the inter-network of people, process and technology, the security challenge is huge. Bringing together the best minds with the best... Read More →


Wednesday March 9, 2016 12:15pm - 1:00pm
Auditorium Sinclair Ponitz Center

1:15pm

It Was the Best of Logs, It Was the Worst of Logs
Logs are everywhere in your environment. They tell you the story of your network: what is happening during every moment of every day, what is working, and what has failed. All too often, we have a tendency to treat logs the same way high school students look at books – boring, archaic sources of information that are only consulted when no other option is available. However, this is not the case – logs are filled with interesting stories and sequences of events – stories that can make our work easier (or at least more interesting). This presentation will focus on making logging interesting, using a variety of stories and personal experience to highlight cases where logs were a key tool in answering questions and solving problems. 

Speakers
avatar for Tom Kopchak

Tom Kopchak

Hurricane Labs
Tom Kopchak is a Senior Security Engineer and Operations Team Lead at Hurricane Labs, an Information Security Firm in Cleveland, Ohio who specializes in Splunk design and implementation, network integration, and firewall and network security. Tom is an alum of the Rochester Institute of Technology, with a background in Computing Security and Information Security (MS) and Applied Networking and System Administration (BS). His research areas... Read More →


Wednesday March 9, 2016 1:15pm - 2:05pm
Room 120 Sinclair Ponitz Center

1:15pm

One Team, Two Team, Red Team, Blue Team
Is there any value behind internal red team testing? YES! Setting up an internal team matures the Information Security program in more ways than you may think. Hiring the right people, finding the right tools, and leveraging the results to drive action make this crucial, let’s discuss. 

Speakers
avatar for Dan Wilkins

Dan Wilkins

CareSource
Dan Wilkins is a Senior Information Security Analyst at CareSource, focusing on threat intelligence and red team/blue team integration in order to protect CareSource members and employees. He is also President of OISF, also presenting previously at DerbyCon, OISC, OISF, and MISTI's Cloud Security World.


Wednesday March 9, 2016 1:15pm - 2:05pm
Room 116 Sinclair Ponitz Center

1:15pm

Preservation Challenges
Whether it is in response to a security incident, or just general preservation in litigation, it can be costly and time consuming.  When not done correctly, one can find themselves in additional litigation, dealing with sanctions or worse.  Putting a process around litigation allows for an efficient response and something to turn to when things go wrong.  The process involves management, IT and legal.

Speakers
avatar for Greg Kelley

Greg Kelley

Vestige Digital Investigations, Ltd
Greg Kelley is the CTO of Vestige, Ltd, a company that performs computer forensic and incident response services.  Greg has 20 years of experience in the computer industry and has testified in various jurisdictions regarding forensic analysis.


Wednesday March 9, 2016 1:15pm - 2:05pm
Room 127 Sinclair Ponitz Center

1:15pm

What to Do About Human Error in Security
Human error is responsible for contributing to 95% of security incidents. Technology advances alone will not eliminate this risk. To combat it takes a profound understanding of why human errors continue to occur. Darren will clarify the causes of human error, and give specific recommendations on mitigation strategies.

Speakers
avatar for Darren Kall

Darren Kall

Kall Consulting
Darren Kall is an experienced security product owner and UX professional with over 25 years of experience in global tech-company leadership including Microsoft, AT&T Bell Laboratories, IBM, and LexisNexis. He founded the Windows Security UX team, Windows Security Assurance team, and the MSN-client Security and Privacy teams.


Wednesday March 9, 2016 1:15pm - 2:05pm
Room 131 Sinclair Ponitz Center

2:05pm

Afternoon Break/Exhibitor Time
Wednesday March 9, 2016 2:05pm - 2:40pm
Great Hall Sinclair Ponitz Center

2:45pm

Frying Fluorescents from Afar
Wireless sensor networks play a major role in the deployment of smart energy and building automation systems, yet the implications are seldom explored. First, we introduce an open source tool for pen-testing proprietary Z-Wave wireless networks. We then demonstrate rapidly destroying fluorescent lights connected to a wireless automation system. 

Speakers
avatar for Joseph Hall

Joseph Hall

AFIT
Joseph Hall is currently a graduate student at the Air Force Institute of Technology studying the security implications of Wireless Sensor Networks. Joseph has eight years of experience working in IT security management for the United States Air Force.


Wednesday March 9, 2016 2:45pm - 3:35pm
Room 116 Sinclair Ponitz Center

2:45pm

Future of Information Security Governance, Risk and Compliance
GRC systems today promise efficient and effective management of internal, external controls management and compliance with standards & legislative frameworks such as FISMA, HIPAA Meaningful use, SOX, PCI-DSS, NIST RMF and so on. This presentation provides current and target state of GRC for auditors, legal and information security practitioners. 

Speakers
avatar for Max Aulakh

Max Aulakh

Mafazo
Max Aulakh is a Dayton based cyber security entrepreneur that has been recognized by Dell Founder 50 Entrepreneur Program as an “innovative entrepreneur”. Max’s work in information security field has resulted in proven track record of success in leading GRC programs for global enterprises.


Wednesday March 9, 2016 2:45pm - 3:35pm
Room 127 Sinclair Ponitz Center

2:45pm

Social Engineering a Breach
The risks of social media sites and other abstract tools, such as google hacking, to collect information about Businesses that allow a hacker to plan, design and execute a successful attack against a company.  What you don’t know, in this case, can really hurt you. Understanding the risks of what you publish via social media and other outlets allows you to properly mitigate those risks.

Speakers
avatar for Samuel Spurlock

Samuel Spurlock

Forsythe Technology Inc.
Sam Spurlock has been in Information Security and Information Technology for 25+ years and is a Certified Information Systems Security Professional.  Sam is the Treasurer and sits on the board for the Dayton Chapter of InfraGard (https://infragard.dayton.oh.us/).  He has developed security solution (i.e. Firewalls and Proxy Servers), organized and lead teams that performed Security Assessment (Penetration testing and Social... Read More →


Wednesday March 9, 2016 2:45pm - 3:35pm
Room 120 Sinclair Ponitz Center

2:45pm

Tuning SEIM Analytics
This presentation provides a high level overview of machine and search based analytics.  It covers example scenarios where they may be used to aid security analysts.  People, systems and processes differ between organizations.  These differences make it desirable to tune analytics to reduce noise.

Speakers
avatar for Richard Fernandez

Richard Fernandez

LogRhythm
I am an Enterprise Security Engineer for the LogRhythm. My role is to advance the growth of LogRhythm’s Security Intelligence Platform. My focus is architecting solutions and executing Proof-of-Concepts to demonstrate complex use cases on behavior analytics.  For over 24 years, I’ve worked closely with both the private and public sectors in a variety of security roles.  Some are as follows, solutions architect and engineer... Read More →


Wednesday March 9, 2016 2:45pm - 3:35pm
Room 131 Sinclair Ponitz Center

3:45pm

NIST 800-53 A Practical Approach to Benchmarking
NIST 800-53 and the NIST Cyber Security Framework have all the bits and pieces we need to benchmark our security program maturity.  Leo will discuss a practical way to use this standard and measure progress over the lifecycle of your security program. 

Speakers
avatar for Sarah Ackerman

Sarah Ackerman

Clark Schaefer Consulting, LLC
Sarah Ackerman is the Director of Technology at Clark Schaefer Consulting, a regional consulting firm providing IT/Security, Risk/Controls, and Accounting/Finance services.  Sarah is responsible for the overall engagement quality of the services provided to clients.  She has significant experience providing information security, risk management, IT audit, and other technology and risk/control services within a wide variety of... Read More →
avatar for Leo Cronin

Leo Cronin

Cincinnati Bell


Wednesday March 9, 2016 3:45pm - 4:30pm
Charity Room Sinclair Ponitz Center

4:30pm

Overall Conference Experience
We hope you enjoyed the 2016 OISC! Please take a moment to give us some feedback. Thank you!

Wednesday March 9, 2016 4:30pm - 5:00pm
Great Hall Sinclair Ponitz Center