RVAsec 2019: Full Schedule

8:00am EDT

Breakfast

Wednesday May 22, 2019 8:00am - 9:00am EDT
Richmond Salons, 2nd Floor

Food/Drink

8:00am EDT

Registration

Wednesday May 22, 2019 8:00am - 3:00pm EDT

RVAsec Information

9:00am EDT

Welcome to RVAsec!

Speakers

Jake Kouns

Risk Based Security

Jake is the founder of RVAsec and was previously the CEO for Risk Based Security that provides vulnerabilities and data breach intelligence. He previously oversaw the operations of the Open Sourced Vulnerability Database (OSVDB.org) and DataLossDB. Kouns has presented at many well-known... Read More →

Wednesday May 22, 2019 9:00am - 9:10am EDT
Ballroom, 2nd Floor

RVAsec Information

9:10am EDT

Keynote - Andy Ellis

Speakers

Andy Ellis

CSO, Akamai

Andy Ellis is Akamai’s Chief Security Officer, and his mission is “making the Internet suck less.” Governing cybersecurity, compliance, and safety for Akamai’s planetary-scale cloud platform since 2000, he has also designed and brought to market Akamai’s TLS acceleration... Read More →

Wednesday May 22, 2019 9:10am - 10:10am EDT
Ballroom, 2nd Floor

Keynote

10:10am EDT

Vendor Break

Wednesday May 22, 2019 10:10am - 10:30am EDT
Richmond Salons, 2nd Floor

Food/Drink

10:30am EDT

CTF Intro

Speakers

Roman Bohuk

Co-founder, MetaCTF

Roman Bohuk is a second year CS student and a Rodman Scholar at the University of Virginia. He is a co-founder of MetaCTF, an organization that has been hosting competitions and trainings for universities, companies, and security conferences for over 5 years. Roman was the Linux captain... Read More →

Marina Sanusi

MetaCTF

Jake Smith

Co-Founder, MetaCTF

Jake Smith is currently a rising fourth-year at UVA studying Computer Science and Cybersecurity as well as the Co-Founder of MetaCTF which makes cybersecurity more accessible for students and professionals through hands-on trainings and competitions. As a high school student, he discovered... Read More →

Wednesday May 22, 2019 10:30am - 10:40am EDT
Ballroom, 2nd Floor

RVAsec Information

10:40am EDT

Badge Intro

Speakers

Paul Bruggeman

Badgey badge badge, HackRVA

EMbeded software developer- C, assembler (mips)AWS AdminRH/Centos AdminSQL developer, dbadmin (MySQL)PHP, bash/tcsh

Jonathan Lundquist

Badge Volunteer, HackRVA

Jonathan Lundquist volunteers his time at HackRVA building badges for RVASec and was recently the IEEE Student Branch Chair at VCU. Jonathan is on VCU's CCDC (Collegiate Cyber Defense Team), which placed 2nd at MACCDC regionals this year. Jonathan is a US Navy veteran having served... Read More →

Wednesday May 22, 2019 10:40am - 10:50am EDT
Ballroom, 2nd Floor

RVAsec Information

10:50am EDT

Vendor Break

Wednesday May 22, 2019 10:50am - 11:00am EDT
Richmond Salons, 2nd Floor

Food/Drink

11:00am EDT

Intro to Infosec and Overview of the 101 Track

Information Security is constantly in the news and making headlines. Which companies are breached? What are the impacts? How will the government respond to adversarial nations? The Internet still behaves much like the wild west – policy decisions are consistently being made and changed based on the structure and sustainability of the web. Organizations large and small are feeling the impacts of having a poor cyber security posture. This talk is perfect for those who are beginners, career changers, or anyone who needs a refresh on the building blocks of information security. It will discuss how data can be compromised, what those impacts are, and some suggestions of first steps. We will then dive into what vulnerabilities are and what to do about it. Finally, we will go over the things the rest of the 101 track will cover.

Speakers

Deana Shick

Member of the Technical Staff, CERT/CC

Deana Shick has been a Member of the Technical Staff at the Software Engineering Institute's CERT Coordination Center (CERT/CC) for 5 years. Deana works on the Threat Ecosystem Analysis team where she researches and analyzes current and emerging threats and vulnerabilities. Prior... Read More →

Wednesday May 22, 2019 11:00am - 11:50am EDT
Senate Chambers, 1st Floor

101

11:00am EDT

Automating Information Security

While the complexity of modern security breaches continues to increase security professionals have to find a way to handle the increasing number and complexity of attacks. Security automation is key to maintaining network security but has not been heavily adopted. This presentation will use NIST-defined security controls to provide insight into how automation can be leveraged for information security.

Speakers

Danny McCaslin

Systems Administrator, Frederick Water

Danny McCaslin is a Systems Administrator at Frederick Water in Frederick County, Virginia. He recently ended a five and a half year stint as a systems administrator at the Northwestern Regional Adult Detention Center in Winchester, VA. Danny recently graduated with a Masters degree... Read More →

Wednesday May 22, 2019 11:00am - 11:50am EDT
Ballroom, 2nd Floor

Business

11:00am EDT

Comparing Malicious Files

A critical step taken during the malware analysis process is to attempt to determine the malware family a sample may belong to. Even if one cannot link a file to a family, one must at least try to find files that are similar and extrapolate information about the sample from comparison with these similar files. This talk reviews a variety of methods for comparing files from simple to complex.

Speakers

Robert Simmons

Director of Research Innovation, ThreatConnect

Robert Simmons is Director of Research Innovation at ThreatConnect, Inc. With an expertise in building automated malware analysis systems based on open source tools, he has been tracking malware and phishing attacks and picking them apart for years. Robert has spoken on malware analysis... Read More →

Wednesday May 22, 2019 11:00am - 11:50am EDT
Theatre, 2nd Floor

Technical

11:50am EDT

Lunch

Wednesday May 22, 2019 11:50am - 1:00pm EDT
Richmond Salons, 2nd Floor

Food/Drink

1:00pm EDT

What is Cyber Insurance? Are you covered?

Attendees of this session will gain a clear perspective of what benefits Cyber Insurance can provide to their existing Cyber Security Program. Today, Cyber Insurance is no longer a “nice to have” but is a “must have” for every company doing business in a digital world. But how much coverage do you need and what’s really involved in getting cyber insurance? People who attend this session will gain a clear perspective on what Cyber Insurance can and can’t provide and where traditional insurance policies fall short.

Speakers

Lou Botticelli

Director, Markel Corporation

Lou Botticelli serves as Executive Underwriter, Professional Liability for Markel Assurance Risk Management. Prior to his employment at Markel in 2015 he worked for insurance broker Marsh & McLennan on the Private Equity & Mergers and Acquisitions team performing both advisory and... Read More →

Kara Owens

Global Cyber Underwriting Executive, Markel Corporation

Kara Owens is Managing Director, Global Cyber Underwriting Executive at Markel Corporation. In this role, Kara is responsible for establishing and leading Markel’s cyber market strategy and working with cyber underwriters across the Company to achieve growth and profit initiatives... Read More →

Wednesday May 22, 2019 1:00pm - 1:50pm EDT
Senate Chambers, 1st Floor

101

1:00pm EDT

One Man Army - Playbook on how to be the first Security Engineer at a company

How often have you heard that 'Early stage startups don't care much about Security because if there is no product, there is nothing to secure?' Although there is merit in the argument that startups need to build product so as to sustain and grow, it often puts the person in charge of securing them in a tricky position. For most startups, this person is the first Security Engineer who can be somewhere between the 10th to 300th employee. By the time the first Security Engineer is on-boarded the attack surface has usually become quite large and he or she faces an uphill battle to go about securing the organization. In such cases, the Security Engineer needs to perform as a 'one-man army' keeping the attackers at bay. In this talk, i will present a playbook on how to perform as one.

Speakers

Kashish Mittal

Head of Security, Oxygen

Kashish Mittal is a Security Researcher and Engineer. He currently is the Head of Security at MileIQ, a Microsoft startup. He has worked for companies such as Elevate Security, Duo Security, Bank of America, Deutsche Bank etc. By choice, he is an ethical hacker and an addicted CTF... Read More →

Wednesday May 22, 2019 1:00pm - 1:50pm EDT
Ballroom, 2nd Floor

Business

1:00pm EDT

Anatomy of a Government Red Team Assessment

As Chief of the Nation's Red Team follow Jason Hill on a real world red team assessment of a partner Government Agency. See how CISA's white hat hacker's are training our nation's cyber defenders.

Speakers

Jason Hill

Branch Chief, CISA Assessments (NCATS), CISA (DHS)

Jason Hill serves as the Chief of the National Cybersecurity Assessments and Technical Services (NCATS) Red Team Operations conducting Red Team Assessments for Federal Government customers and Critical Product Evaluations (CPE) for industry partners. Through those assessments, Jason... Read More →

Wednesday May 22, 2019 1:00pm - 1:50pm EDT
Theatre, 2nd Floor

Technical

1:00pm EDT

CTF Prep

Wednesday May 22, 2019 1:00pm - 3:50pm EDT
Virginia A-D, 2nd Floor

CTF

1:50pm EDT

Vendor Break

Wednesday May 22, 2019 1:50pm - 2:00pm EDT
Richmond Salons, 2nd Floor

Food/Drink

2:00pm EDT

Vulnerability Assessments and Penetration Tests

A quick look at the marketing FUD of 'Automated Pentests' and a high level look at the various technical pieces that delineate the difference between scanning and the real-world attacks used in pentesting. Touches on technical and business processes to ensure that your organization is spending its resources in the right places.

Speakers

David Sullivan

Penetration Tester, CampusGuard

Offensive Security Services at CampusGuard. Star Wars, Hockey, Emo Music, Mental Health Awareness and Swahili enthusiast.

Arent the Scans pptx

Wednesday May 22, 2019 2:00pm - 2:50pm EDT
Senate Chambers, 1st Floor

101

2:00pm EDT

Secure 9-1-1 and Protecting Our First Responders

In the past 9-1-1 networks were mostly closed networks with no access to the outside world, there has been a lack of need to think about information security because why should you? With technology advancing software vendors are now utilizing cloud services and there are outside public safety applications that now need to communicate to 9-1-1. This has led to many centers in last decade to opening up their networks. The next several years will also be a large change for 9-1-1, as they will be switching from the analog Enhanced 911 (E911) to the digital NextGen 911 (NG 911) system. For large metropolitan PSAPs, this will be a blip on the radar as they have the resources and personnel to handle the changeover but smaller and rural PSAPs will have the same information security concerns but they will not have the resources or personnel available to them to address these concerns. There are a large list of security concerns for 9-1-1 centers to acknowledge and start addressing before the switchover to NG-911. I will go over telephony denial of service attacks on both the analog E911, the VoIP NG-911, and the non-emergency lines, prank/hoax calls to 9-1-1 (what I universally call “swatting”) and in what ways that can be accomplished using technology past and present, various attack vectors to the Computer Aided Dispatch, or CAD, network why that data needs to be protected both currently and in the future with NG-911, and physical/internal threats to the 9-1-1 center for both the data and the security of the dispatchers. This is just an informational talk about these concerns to help bring awareness to what we face in the public safety industry and how we handle it with the limited resources we have available to us.

Speakers

Christine Giglio

CAD Administrator, Bedford County Department of E-911 Communications

I am the CAD Administrator for Bedford County, VA department of E-911 communications. Prior to this position, I was the Public Safety LAN Administrator for Bedford County, VA Sheriff’s Office, Fire & Rescue, and E-911 communications for 10 years. Bedford County is a rural joint... Read More →

Wednesday May 22, 2019 2:00pm - 2:50pm EDT
Ballroom, 2nd Floor

Business

2:00pm EDT

Preventing the Attack - DHCP and DNS for the Win!

When is the best time to prevent something? BEFORE it happens of course! This talk will describe the unique abilities of DNS and DHCP to protect your network by preventing potential malicious activity BEFORE it occurs. Both of these protocols can literally block malicious activity BEFORE it occurs! As the Internet of Things explodes on all of our networks, and complexity of networks increases, knowing what it on your network is critical. The increased number of devices, many of which are not in your control, can lead to an increased number of threats to your network. A simple, centrally controlled mechanism that can control access to ALL devices exists in your network already. Attend this session to find out how it works.

Speakers

Jeff Cummings

v rep (attending11/5), infoblox

Jeff is a senior systems engineer working for Infoblox, Inc. focusing on the Virginia and West Virginia markets. Prior to Infoblox, Jeff managed CACI's Cyber Solutions Lab. Jeff has been working in security field for over 20 years. In those years he has worked many areas of the... Read More →

Wednesday May 22, 2019 2:00pm - 2:50pm EDT
Theatre, 2nd Floor

Technical

2:50pm EDT

Vendor Break

Wednesday May 22, 2019 2:50pm - 3:00pm EDT
Richmond Salons, 2nd Floor

Food/Drink

3:00pm EDT

Social Engineering, Physical Security & USB Attacks

You may think that USB drops are a thing of the past but that’s certainly not the case. Sometimes breaching a target with a massive defense budget is as simple as a $10 USB dropped at the right location. In this talk I’ll share how an organization could start their own USB drop assessment by detailing the history, common research, tools of the trade, tactics, and mindset of a potential attacker.

Speakers

Brad Thornton

Senior Penetration Tester, ICSynergy

I’m currently a Senior Penetration Tester with a consultant firm. I participate in multiple CTF events, belong to several security focused organizations, and attend numerous conferences on the subject. Historically, I’ve served in various roles in relation to privilege identity... Read More →

Wednesday May 22, 2019 3:00pm - 3:50pm EDT
Senate Chambers, 1st Floor

101

3:00pm EDT

Compliance, Technical Controls, and You

Information Security compliance without enforcement through technical controls is just checking boxes. On the other hand, technical controls without the backing of compliance through effective policy and management support can equate to just playing with the latest bright and shiny security related hardware and software. We will walk through effective and popular techniques used by attackers. Then the compliance and technical controls that are designed to detect and mitigate these techniques will be discussed in depth .

Speakers

Derek Banks

Security Analyst, Black Hills Information Security

Derek is a Senior Security Analyst at Black Hills Information Security and has over 20 years of experience in the IT industry as a systems administrator for multiple operating system platforms, and monitoring and defending those systems from potential intruders. He has worked in the... Read More →

Wednesday May 22, 2019 3:00pm - 3:50pm EDT
Ballroom, 2nd Floor

Business

3:00pm EDT

From The Trenches: Observations of and Tracking Actor Activity

EDR and threat hunting capabilities provide an unprecedented level of visibility into an infrastructure, and by extension, into malicious actor's behaviors and TTPs. This capability extends well beyond what is available from OSINT collection and processing, as well as traditional IR, and provides the foundation for a strategic tracking process to truly take full advantage of what's available. Not only can you track behaviors over time, but mapping the observed TTPs to the MITRE ATT&CK framework can provide valuable insights, and inform defensive measures.

Speakers

Harlan Carvey

Sr Researcher, CrowdStrike

Harlan has spent over 2 decades in the info/cyber security field, most of which has been spent in DFIR. He is a prolific author and speaker.

Wednesday May 22, 2019 3:00pm - 3:50pm EDT
Theatre, 2nd Floor

Technical

3:50pm EDT

Vendor Break

Wednesday May 22, 2019 3:50pm - 4:00pm EDT
Richmond Salons, 2nd Floor

Food/Drink

4:00pm EDT

No More Whack-a-Mole: How to Find and Prevent Entire Classes of Security Vulnerabilities

In software development, we frequently see the same logical coding mistakes being made repeatedly over the course of a project’s lifetime, and often across multiple projects. When these mistakes lead to security vulnerabilities, the consequences can be severe. No one knows this better than companies like Google and Microsoft, whose software is used by millions of people every day.

With each code vulnerability discovered, we’re presented with an opportunity to investigate how often this mistake is repeated, whether there are any other unknown vulnerabilities as a result, and implement an automated process to prevent it reappearing. In this talk, I’ll be introducing Variant Analysis, a new process being pioneered by security teams at a number of companies including Google and Microsoft, that does just this. I’ll discuss how it can be integrated into your development and security operations, and also share some stories from the trenches.

Speakers

Sam Lanning

Developer Advocate, Semmle Inc

Sam started working at Semmle in October 2014, after deciding to drop out of his Masters at Oxford University after having completed his undergraduate Computer Science degree there. Sam was the first full-time developer for Semmle’s LGTM platform and worked on it for over 3 years... Read More →

Wednesday May 22, 2019 4:00pm - 4:50pm EDT
Ballroom, 2nd Floor

Technical

4:50pm EDT

Closing Day 1

Speakers

Chris Sullo

Founder, RVAsec Conference

Chris is the founder of RVAsec and Head of Innovation at Project Discovery, Inc. Chris has been in the security industry for 27 years, working in various research and security roles with Focal Point, HP (SPI Dynamics) and Capital One. He is the author of the “Nikto” web server... Read More →

Wednesday May 22, 2019 4:50pm - 5:00pm EDT
Ballroom, 2nd Floor

RVAsec Information

5:30pm EDT

RVAsec After Party Sponsored by Risk Based Security and GuidePoint Security

You must register (another link will be sent) and sign up to attend.

Being registered for the conference or using Sched will not get you on the list.

More details to follow!

Wednesday May 22, 2019 5:30pm - 7:30pm EDT
The Circuit 3121 W Leigh St, Richmond, VA 23230, USA

After Party

8:00am EDT

Breakfast

Thursday May 23, 2019 8:00am - 8:50am EDT
Richmond Salons, 2nd Floor

Food/Drink

8:00am EDT

Registration

Thursday May 23, 2019 8:00am - 3:00pm EDT

RVAsec Information

8:50am EDT

Welcome to RVAsec Day 2!

Speakers

Jake Kouns

Risk Based Security

Thursday May 23, 2019 8:50am - 9:00am EDT
Ballroom, 2nd Floor

RVAsec Information

9:00am EDT

Keynote - Mandy Logan

Following a series of 5 strokes and major head injuries, Mandy is no longer in the construction engineering industry. She used her life hacking prowess from a non-traditional background (such as skipping five years of K-12 schooling while working on a ranch and then graduating from a giant, traditional high school in 2.5 years with a 4.2 GPA) to re-establish neuro control using her electrical system, her tongue against her teeth, and perseverance. Now, as a happy dyslexic autie (autistic person) she is pursuing all things InfoSec with an emphasis on Incident Response, Neuro Integration, Artificial General Intelligence, and Community, pressing forth to improve the lives of InfoSec professionals and long term ethical neuro tech for those unable to express themselves to their own satisfaction. She enjoys art, travel, naps, speaking, continuing and broadening her own recovery, and good people. Mandy always hopes to be half the person her service dog, Trevor, is. (He helped her relearn to walk!)

Speakers

Mandy Logan

Speaker, Student, Human, Mandy Logan

Thursday May 23, 2019 9:00am - 10:00am EDT
Ballroom, 2nd Floor

Keynote

10:00am EDT

Vendor Break

Thursday May 23, 2019 10:00am - 10:10am EDT
Richmond Salons, 2nd Floor

Food/Drink

10:10am EDT

Risk Assessment - The Heart of Risk-based Security

Everywhere you look today you see “risk-based security” being touted as the next big thing. Knowing your assets, understanding the threats and vulnerabilities that may impact those assets, and calculating a risk score in order to prioritize mitigation actions, should be every organization’s goal. Risk-based security is not accomplished by performing a risk assessment exercise once a year. It requires a continuous assessment of your organization’s risk posture. Too many businesses think that completing a risk assessment is a difficult and complicated process that requires expensive software and can only be done by third party consultants. As a result, risk assessments are not conducted or conducted once and stored away to show the auditors. Risk assessments are essential in order to assure that the expenditures involved in mitigating vulnerabilities and the implementation of security controls are commensurate with the risks facing the organization. Attend this interactive session to explore the definitions, methodologies, structure and the expected results of a proper risk assessment that can be produced by your organization.

Speakers

Barry Kouns

Chairman & CFO, Risk Based Security Inc.

Barry Kouns is CEO at Risk Based Security, a vulnerability intelligence, organizational ratings,and on-demand security solutions firm. Barry's experience includes information security consulting, risk assessment and quality management. Barry has full knowledge of GLBA, FFIEC, HIPAA... Read More →

Thursday May 23, 2019 10:10am - 11:00am EDT
Senate Chambers, 1st Floor

101

10:10am EDT

Was I Supposed to Mix the Security in Before I baked it?

Security practitioners advocate ideals through clichés and analogies to help others understand complex problems. One prominent analogy espouses baking security into a solution instead of bolting security on at the end. This seems like an obvious analogy – a baker certainly can’t add flour to a cake after it’s in the oven. In business reality, time-to-market beats security every day of the week. How can an architect bake security into solutions when the extra time could result in a failed venture? This talk explores the realities of blending security into the design and implementation of solutions with a goal of realizing better is not the enemy of perfect. Some implementations bolt on security beautifully; other design patterns prove impossible to correct. Look forward to a meme-filled tour of architectures, design patterns, and lessons learned that will help security practitioners and business people identify if they’re cooking soup or baking cakes (…if that sounds like a mixed metaphor, don’t be late for supper).

Speakers

Brandon Martin

Security Craftsman

Brandon Martin is a solo security practitioner at Deconstructed Security, LLC. He helps clients find the right investments, partners, and internal improvements to mitigate cybersecurity risk. Through his experiences he earned the Offensive Security Certified Professional (OSCP), Certified... Read More →

Thursday May 23, 2019 10:10am - 11:00am EDT
Ballroom, 2nd Floor

Business

10:10am EDT

Cybersecurity Zero to Hero with CyberChef

The Cyber Swiss Army Knife “CyberChef” is a simple, intuitive web app for carrying out all manner of "cyber" operations within a web browser. CyberChef has significantly lowered the entry threshold for field of Malware Analysis. This talk demonstrates how CyberChef provides the means for those without a strong programming or reverse engineering backgrounds to accomplish complicated, technical Cybersecurity tasks. This talk will also highlight how CyberChef can streamline the workflows of more seasoned analysts with advanced combinations of tasks.

Speakers

Jonathan Glass

Lead Malware Analyst, Federal Reserve Bank of New York

Reverse Engineer. Forensic Analyst. Teacher. Nerd.

Thursday May 23, 2019 10:10am - 11:00am EDT
Theatre, 2nd Floor

Technical

10:10am EDT

CTF

Thursday May 23, 2019 10:10am - 3:50pm EDT
Virginia A-D, 2nd Floor

11:00am EDT

Vendor Break

Thursday May 23, 2019 11:00am - 11:10am EDT
Richmond Salons, 2nd Floor

Food/Drink

11:10am EDT

Network Security 101

Think the network is a black box that magically gets your cat videos to you? This talk explains how it works at the fundamental levels.

Speakers

Rick Lull

Sr Solution Architect, InterVision

Lifelong geek turned security consultant after stops as a desktop tech, server bubba, and network jockey. Rick is a healthcare IT survivor, and is now playing Horatio on the bridge for hire with a local technology consulting company, advising clients on security strategy and operations... Read More →

Thursday May 23, 2019 11:10am - 12:00pm EDT
Senate Chambers, 1st Floor

101

11:10am EDT

Breaking and Entering: Emulating the Digital Adversary in 2019

As one of the United States government's premier assessment and penetration testing organizations, the Department of Homeland Security (DHS) National Cybersecurity Assessments and Technical Services (NCATS) team is responsible for proactively identifying risk against federal, state, local, territorial, and critical infrastructure networks. This session will provide detailed insight on how DHS emulates the digital adversary in order to identify and mitigate risk against our nation's infrastructure through core capabilities in vulnerability scanning, penetration and red team testing, design review, and phishing assessments. The quantifiable and objective data gained by the NCATS team will allow attendees to gain a comprehensive understanding of the issues that affect government networks and how DHS is helping to overcome them.

Speakers

Robert Thompson

Deputy Branch Chief, DHS

Bobby Thompson is a member of DHS’ National Cybersecurity Assessment and Technical Services (NCATS) team leading the effort to secure our nation’s critical infrastructure and government resources. NCATS is responsible for conducting comprehensive penetration tests, red team assessments... Read More →

Thursday May 23, 2019 11:10am - 12:00pm EDT
Ballroom, 2nd Floor

Business

11:10am EDT

Introduction to CSRF

An introduction to Cross Site Request Forgery, how to exploit it, and prevent it.

The talk will begin with an introduction to Cross Site Request Forgery, defining what it is, how to exploit, how to prevent it. Live demonstrations (if the demo gods cooperate) will be used during the presentation. The talk concludes with an example of using Flash to bypass the mistaken protections offered by Cross Origin Resource Sharing.

Speakers

Aaron Bishop

Principal Penetration Tester, SecurityMetrics, Inc.

bISHop has been in the security realm for over 10 years, focused on penetration testing for 6 years. If bISHop is not at a computer, he can often be found in the mountains with his dog.

Thursday May 23, 2019 11:10am - 12:00pm EDT
Theatre, 2nd Floor

Technical

12:00pm EDT

Lunch

Thursday May 23, 2019 12:00pm - 1:00pm EDT
Richmond Salons, 2nd Floor

Food/Drink

1:00pm EDT

Being Secure Doesn’t Mean You Are Managing Risk

Charles will explain the beginner concepts of identifying, quantifying, qualifying, and decisioning risks with a focus on how this differs from the practice of cybersecurity.

Speakers

Charles Tango

CISO, Altria

Charles is the Chief Information Security Officer at Altria, the parent company of producers of superior branded tobacco and wine products such as Philip Morris USA and Ste. Michelle Wine Estates.Charles also represents Altria on the board of the Richmond Technology Council, which... Read More →

Thursday May 23, 2019 1:00pm - 1:50pm EDT
Senate Chambers, 1st Floor

101

1:00pm EDT

Security Mind Expansion

Information security is always changing and to keep up with these changes we need to somehow upgrade the professionals to keep up. In order to do this we need to expand the brain of the information security professionals. In this presentation we will cover several modern day philosophy concepts and how to incorporate these concepts into your everyday practice. These concepts include: ontological design, looking-glass self, feedback loops, flow state, cognitive play. Applying these concepts will hopefully expand your mind and improve how information security is conducted.

Speakers

Chandos Carrow

Deputy Information Security Officer, Virginia Department of Health

Chandos Carrow is a Co-Information Security Officer for the Virginia Department of Health. He has worked for the Commonwealth of Virginia for more than 10 years and has been with the VDH for almost 2 years. Chandos has worked in several state agencies in his career including healthcare... Read More →

Thursday May 23, 2019 1:00pm - 1:50pm EDT
Ballroom, 2nd Floor

Business

1:00pm EDT

Network Security Monitoring: Experience and Lessons

Network Security Monitoring is an integral part of security defense. Setting up Network IDS/IPS properly is critical to ensuring an organization’s NSM is efficient and effective. I have learned quite a few lessons from my experience in the NSM realm: from properly sizing and architecting solutions to automating deployment and operations in a variety of environments. I will also share lessons on working with Network teams to configure network components for NSM, setting up and operating NSM systems, and scaling NSM solutions to handle customer demands. I will also compare Open Source Solutions to Vendor Solutions. My goal for this presentation is for attendees to learn from my experiences in order to make informed decisions in their own environments.

Speakers

Jeff Tehovnik

Rackspace Government Solutions

Jeff has been working in IT since 1998 and graduated from Virginia Commonwealth University (BS-IS 2012, MS-CISS 2014) and the SANS Technology Institute (PGC Ethical Hacking & Penetration Testing). Jeff also enjoys research and educating on Technical Information Security Topics including... Read More →

Thursday May 23, 2019 1:00pm - 1:50pm EDT
Theatre, 2nd Floor

Technical

1:50pm EDT

Vendor Break

Thursday May 23, 2019 1:50pm - 2:00pm EDT
Richmond Salons, 2nd Floor

Food/Drink

2:00pm EDT

101 Panel

A recap of the 101 track and Q&A with some of our speakers and RVAsec experts.
Moderated by Deana Shick.

Speakers

Deana Shick

Member of the Technical Staff, CERT/CC

Thursday May 23, 2019 2:00pm - 2:50pm EDT
Senate Chambers, 1st Floor

101

2:00pm EDT

Code Signing: A Security Control That Isn’t Secured

As a security professional, how involved are you with your organization's code signing activities and processes? Learn how you can create a secure enterprise code-signing infrastructure that will scale and adapt as networks continue to evolve and grow.

Speakers

Eddie Glenn

Senior Product Marketing Manager, Venafi

Eddie Glenn is a senior manager at Venafi and is responsible for Venafi’s solutions that address the security risks for code signing and DevOps infrastructure. Eddie has more than 30 years of experience in software development, DevOps, and security at companies such as IBM, Rational... Read More →

Thursday May 23, 2019 2:00pm - 2:50pm EDT
Ballroom, 2nd Floor

Business

2:00pm EDT

Operationalizing the ATT&CK™ Framework

Use of atomic indicators of compromise for cyber security, quickly become stale, and are often defeated by malicious actors. Behavioral-based detection strategies focus on series of actions, during an intrusion, and are more dynamic in defending against intrusions. In this talk, GE-CIRT discusses strategies to track, and respond to threat actors, by using frameworks like the Lockheed Martin Kill Chain and the MITRE ATT&CK framework with TIAMAT, GE's in-house developed end-to-end operational ATT&CK tool.

Speakers

Conrad Layne

Sr Cyber Intelligence Analyst, GE

Conrad Layne is a senior cyber intelligence analyst with General Electric since 2013. In this role, Conrad tracks more than 50 Nation-state actors, their attacks, and TTPs with efforts focused on cyber-attacks affecting industrial control systems. Conrad holds a Bachelor of Science... Read More →

Thursday May 23, 2019 2:00pm - 2:50pm EDT
Theatre, 2nd Floor

Technical

2:50pm EDT

Vendor Break

Thursday May 23, 2019 2:50pm - 3:00pm EDT
Richmond Salons, 2nd Floor

Food/Drink

3:00pm EDT

CISO of 2025

So much of the news related to CISOs today is negative. The reasons are clear because the challenges are enormous. Many CISO’s believe they are not given a fair chance – essentially obstructed from doing their job. Often there can be poor trust with the board, primarily due to not having a pragmatic, cost effective plan, to solve board level problems. CISOs have failed largely in this regard as their security plans have been tactical and not delivering on strategic goals. The common argument is executives just don’t ‘get it’, but most do, and they realize that security doesn’t provide great value with historic or conventional approaches. They might say the business only wants check-box security, but executives understand that to a great degree that is the only material benefit offered by security – so may as well get it at best cost. This talk will explore where and why things have happened the way they have, and how to move towards a definition for the CISO of 2025.

Speakers

Dan Holden

CEO, Pharos Security

Dan Holden is CEO of Pharos Security measures, aligns, and guides optimization of the ROI and level of protection of a security program and translates the security program into business level terminology. Mr. Holden has 25 years in information security having served as CTO of the... Read More →

Thursday May 23, 2019 3:00pm - 3:50pm EDT
Ballroom, 2nd Floor

Business

3:50pm EDT

Closing - Day 2

Speakers

Chris Sullo

Founder, RVAsec Conference

Thursday May 23, 2019 3:50pm - 4:00pm EDT
Ballroom, 2nd Floor

RVAsec Information

4:00pm EDT

Closing Reception & Awards

Speakers

Reception