Sign up or log in to bookmark your favorites and sync them to your phone or calendar.

Track 1 - Ballroom B1/B2 [clear filter]
Thursday, April 26

11:00 ADT

DECEPTICON: Deceptive Techniques to Derail OSINT attempts
When we think of the process for attacking an organization, OSINT comes to the front and center of our minds. This presentation takes a presenter with experience in applying OSINT to effective penetration testing and social engineering and reverse engineers the process to determine what steps can be taken to further complicate their efforts. This is a presentation that talks about online deception, decoy accounts, canary data, encryption, maintaining one’s social media in a secure manner, and protecting one’s identity as much as possible. While nothing is absolute, this is a presentation that will leave attendees more aware of techniques to make it harder for attackers to collect accurate OSINT, either by removal or deception.

avatar for Joe Gray

Joe Gray

Senior OSINT Specialist, QOMPLX
Joe Gray joined the U.S. Navy directly out of High School and served for 7 years as a Submarine Navigation Electronics Technician. Joe is currently a Senior OSINT Specialist at Qomplx, Inc. and previously maintained his own blog and podcast called Advanced Persistent Security. Joe... Read More →

Thursday April 26, 2018 11:00 - 11:45 ADT
Track 1 - Ballroom B1/B2

13:00 ADT

You're Going to Need a Bigger Privacy Plan: Here Comes the GDPR
It's extensive, expensive and coming in for the kill: meet the General Data Protection Regulation, the massive new set of privacy provisions for all who do business within European Union shores. With strict safeguards, increased governance expectations and massive fines for failure to comply, the GDPR breaks new ground for personal privacy and individual data rights.  Officially in force starting May 2018, if your business is handling the personally identifiable information of E.U citizens and you're not in compliance, you'll want to get caught up, fast.

For Canadian businesses, the question is cropping up from European partners: what makes the GDPR so different from existing privacy agreements, and why do they need to comply? What are the implications for technology development, data controls, and why is it so revolutionary? Privacy Technologist Victoria McIntosh unravels the driving forces behind the world's largest privacy protection regulation, and what makes it unique against past provisions.

avatar for Victoria McIntosh

Victoria McIntosh

Freelance Information & Privacy Professional, Information in Bloom Management Services
Victoria McIntosh is an information and privacy professional in Halifax, Nova Scotia. Holding a Masters in Library and Information Science, she puts the pieces together. Bringing privacy expertise to projects, Victoria is a certified IAPP Information Privacy Technologist. In her blogs... Read More →

Thursday April 26, 2018 13:00 - 13:45 ADT
Track 1 - Ballroom B1/B2

14:00 ADT

Terrorist Lunch Money: The Law Responds to the Rise of Cryptocurrencies
Whether it’s a bubble or the new world order, the recent rise in the value of Bitcoin has forced governments to grapple with the reality of cryptocurrencies and their implications for the economy and society. What is Bitcoin, legally?Is it cash?Is it a commodity?Can I take it across the border?Is it terrorist lunch money?I’ll explore the current legal status of cryptocurrencies in Canada, and abroad, and discuss where the law is headed in cryptocurrency regulation in an age of techno-panic and uncertainty.

avatar for Anna Manley

Anna Manley

Principal Lawyer, Manley Law Inc.
Anna Manley is an internet and privacy lawyer based in Sydney, NS. She is the principal of Manley Law Inc. and founder of Advocate Cognitive Technologies Inc. Anna advises companies and individuals on all things law and tech related.

Thursday April 26, 2018 14:00 - 14:45 ADT
Track 1 - Ballroom B1/B2

15:00 ADT

The Paradox of Cybersecurity in Operational Technologies
IoT has moved beyond kettles, thermostats, and doorbells. Operational technologies (otherwise known as IIoT) like tractors, factories, healthcare devices, and even robots are helping to enable the fourth industrial revolution.

Companies that embrace these changes will lead the charge. Those that don’t will fall behind. These technologies lead to exciting new designs, leveraging the latest and greatest buzzword-laden offerings. Build on a clean slate, and you can drive strong security concepts into every layer of the system.

Unfortunately, these designs don’t get implemented in the real world. The real world of operational technology is messy. It’s dealing with years and years of technology decisions made with wildly different threat models. It’s trying to match technologies built with 20-year lifespans with defences that need to be updated minute-by-minute.

In this talk, we’ll examine the reality of operational technology deployments. How do we match modern cybersecurity practices with decades-old technologies and regulations? Can we?  You’ll come away with a better appreciation of the challenges involved in securing operational technologies.

avatar for Mark Nunnikhoven

Mark Nunnikhoven

Vice President, Cloud Research, Trend Micro
Mark Nunnikhoven explores the impact of technology on individuals, organizations, and communities through the lens of privacy and security. Asking the question, "How can we better protect our information?", Mark studies the world of cybercrime to better understand the risks and threats... Read More →

Thursday April 26, 2018 15:00 - 15:45 ADT
Track 1 - Ballroom B1/B2

16:00 ADT

Data Breaches: Barbarians in the Throne Room
Often defenders worry about the intangible security problems. Defenders need to concentrate their efforts defending the enterprise by focusing on the fundamentals. Too often issues such as patching or system configuration failures lead to system compromise. These along with issues such as SQL injection are preventable problems. Defenders can best protect their digital assets by first understanding the sheer magnitude that a data breach can have on an enterprise.

In this talk I review my findings after analyzing hundreds of data breach disclosures as it pertains to what went wrong. I had previously done this for 2016 and I plan to have the 2017 review ready by the time of this talk.

avatar for Dave Lewis

Dave Lewis

Global Advisory CISO, Duo Security
Dave Lewis has twenty five years of industry experience. He has extensive experience in IT security operations and management including a decade dealing with critical infrastructure. Lewis is a Global Advisory CISO for Duo Security (now Cisco). He is the founder of the security site... Read More →

Thursday April 26, 2018 16:00 - 16:45 ADT
Track 1 - Ballroom B1/B2
Friday, April 27

09:15 ADT

Color Wars: Examining Models for Blue and Red Team Collaboration
It is pretty standard to to view an organization's cyber security defenders as its blue team, with red teamers performing pen tests or otherwise simulated attacks.  Recently, purple teaming has been integrated, which is a more collaborative effort between the two.  But many factors go into determining the outcome of the engagement, and many end with mixed results.  Many questions are not properly addressed, such as, who should be "in the know" about the red team exercise?  Should the attackers start inside or outside the network?  How should it be scoped?  How do we ensure that the results accurately reflect the security of the organization and the capabilities of the blue team?  Are we even ready for a pen test?

In this talk, we will evaluate multiple scenarios and models that will help organizations and defenders determine the best red, blue, purple, green, or yellow architecture to ensure continuous 360 insight into security gaps.  We will cover how to evaluate if a model is working, where tweaks can be made, and starting small, but getting big results.

avatar for Justin Silbert

Justin Silbert

CISO, LEO Cyber Security
Justin Silbert has worked as CISO for Walter Reed National Military Medical Center, and Security Manager of NHLBI at National Institutes of Health.   His expertise focuses on applying sound security practices across a spectrum of systems and environments, from certified medical devices... Read More →

Friday April 27, 2018 09:15 - 10:00 ADT
Track 1 - Ballroom B1/B2

10:15 ADT

Are You Ready for the Worst? Application Security Incident Response
No matter how small your Dev shop is, if the first time you think about the security of the software is during a major incident, it’s not going to go well.  I will teach developers and security teams to prepare for, manage, and hopefully prevent, application security incidents.  Starting with preparation; do you have a proper application inventory? How do you manage your technology stack?  Disaster Recover?  Backup strategy?  Do you have a WAF?  Monitoring? Tools that are at the ready when the s* hits the fan?  During an incident; who’s managing the incident? Do you know? What is triage? Who does the investigation? Do you have a “safe” place to do potentially destructive testing?  This talk ends with an immediate plan for the audience to get started, with a list of open source tools the security team and/or developers will use to ensure that they are ready for the worst.

avatar for Tanya Janca

Tanya Janca

CEO and Founder, We Hack Purple
Tanya Janca, also known as SheHacksPurple, is the author of ‘Alice and Bob Learn Application Security’. She is also the founder of We Hack Purple, an online learning academy, community and weekly podcast that revolves around creating secure software. Tanya has been coding and... Read More →

Friday April 27, 2018 10:15 - 11:00 ADT
Track 1 - Ballroom B1/B2

11:15 ADT

Introducing CSE’s open source AssemblyLine: High-volume malware triaging and analysis
The Communications Security Establishment (CSE), Canada’s national cryptologic agency and a leading expert in cyber security, believes in fostering collaboration and innovation. For the first time ever, CSE is releasing one of its own tools to the public as an open source platform. Developed internally, AssemblyLine is a cyber defence framework designed to perform distributed analytics at scale, focusing primarily on detecting and analyzing malicious files. Learn how AssemblyLine can not only minimize the number of innocuous files that cyber security professionals are required to inspect every day, but how you can collaborate with others to customize and improve the platform.

avatar for Tyler Parrott

Tyler Parrott

Senior IT Security Analyst, CSE
Tyler Parrott is a Senior IT Security Analyst with the Communications Security Establishment, currently working for the organization's Cyber Defence program. Tyler has 10 years of experience at CSE, spending 4 years in Vulnerability Research, 3 years with Infrastructure Management... Read More →

Friday April 27, 2018 11:15 - 12:00 ADT
Track 1 - Ballroom B1/B2

13:00 ADT

Medical Records on the Black Market
Medical record breaches have a double impact, since they harm the healthcare institutions, but also disclose private and sensitive information about the patients. Because of this, the value of EHR (Electronic Health Records) has exceeded the value of financial records, not only because it opens the door for liability actions, but also because it can damage (or ruin) the patients life.

In this talk I will cover the different ways in which an owned server could be taken advantage of for profit purposes, and then I will discuss about the sell value of medical and financial information in the black market. I will cover a few specific recent cases (like the last one from Equifax), describe the attack vector, calculate how much it cost to the companies and end users, and talk about how it could have been fixed.

avatar for Matias Katz

Matias Katz

Matias Katz is a Web & Infrastructure Security specialist. He has spoken at BlackHat, H2HC, Hack in Paris, Ekoparty, HackMiami, Campus party, OWASP and many other international conferences. He is the CEO of MKIT (www.mkit.com), a company that specializes in Red Team operations, on-demand... Read More →

Friday April 27, 2018 13:00 - 13:45 ADT
Track 1 - Ballroom B1/B2

14:00 ADT

Patching: Show Me Where It Hurts
Patching - it's complicated!  As much as we like to point fingers of blame and malign the processes in place, the fact is that one size does not fit all when security updates get issued.

What's the definition of insanity: doing the same thing over and over. Organizations at every level seem to be struggling with staying on top of patching, but it feels more like a necessary evil rather than a best practice.

Ignorance is not bliss when it comes to uncovering longstanding widespread vulnerabilities and attempting mitigation. As Meltddown and Spectre have painfully demonstrated, we're damned if we do and damned if we don't.

I've done some real life research into the issues to find new approaches to an old problem. We need to go beyond just finding the sweet spot between mitigating business risk with vulnerability exposure. Let's talk about how can we fix this process that seems inherently broken, especially as it now affects IoT, OT and medical devices. Because the cure isn't supposed to be worse than the disease.

avatar for Cheryl Biswas

Cheryl Biswas

Strategic Threat Intel Analyst
Cheryl Biswas is a Strategic Threat Intel Analyst with a major bank whose name she cannot share in Toronto, Canada, where she monitors and assesses international relations, threat actors, vulnerabilities and exploits. In her previous role with KPMG Canada, she was a Cyber Security... Read More →

Friday April 27, 2018 14:00 - 14:45 ADT
Track 1 - Ballroom B1/B2

15:00 ADT

Try Harder?
How we treat people has impact and consequences, especially when it comes to welcoming new professionals to infosec. Telling someone to simply ‘try harder’ without any support is detrimental to progress and motivation.  In order for learners to be successful in developing their skills, we need to accept that learning is a dynamic process that should recognize the individual.  Infosec training should not function like a Fraternity- we should be there to support each other not make it like hazing! Come hear from two experienced teachers on the current paradigm in infosec training and offer clear strategies to make infosec training more inclusive, welcoming, accessible, empathetic - and pain free.

avatar for Geoffrey Vaughan

Geoffrey Vaughan

Senior Security Engineer, Security Innovation
Geoffrey is a Sr. Security Engineer with Security Innovation. He spends his time hacking and securing web applications, mobile apps, robots, 3D printers, infrastructure, embedded devices, and anything with a Biometric. He is passionate about security and helping others build secure... Read More →

Friday April 27, 2018 15:00 - 15:45 ADT
Track 1 - Ballroom B1/B2