Caleb “chill” Crable & Evan “detro” Keiser

@dirtywhitehat @detro

Cylance
Caleb is a Malware Analyst at Cylance, practicing dirtywhitehat, and frequent contributor to the information security community both online and at technology security events. Caleb enjoys long walks on the beach with polymorphic malware in his leisure.

Evan also serves as a Malware Analyst at Cylance, constantly disseminating new threat intelligence among his team and performing security incident reconstruction in his spare time. Based in Raleigh-Durham, North Carolina, in his free time Evan is an avid lock picking enthusiast and penetration tester who enjoys finding holes in virtual and physical security controls of all kinds, belgian waffles and hacking all the things.

Cloud & Control: Where do we go from here?
With so many people taking advantage of the cloud, no one really thinks about how the cloud is taking advantage of you. We will be taking an in-depth look at the pros, and mostly cons, of the datacenter clusters that we harmlessly refer to as cloud infrastructure. Whether it be saucy selfies, bank or medical records, or even just highly valued data in general; How safe do you actually think it is…on someone else’s computer?

Register Now!

Michelle Schafer & Tim Wilson

@mschafer

Merritt Group
Michelle Schafer is Senior Vice President and runs the cybersecurity team at Merritt Group, an integrated marketing and public relations firm based in the DC area. Over the past decade, Michelle has represented more than 50 security companies including BlackHat, CrowdStrike, Mandiant, Netwitness, Venafi, MACH37, PhishMe, (ISC)2, PGP and Fortify Software, among others. She is a MACH37 mentor and frequently presents at conferences like RVASec and Security B-Sides about the role of media in cybersecurity.

Tim Wilson is Editor in Chief and co-founder of Dark Reading.com, UBM Tech’s online community for information security professionals. He is responsible for managing the site, assigning and editing content, and writing breaking news stories. Wilson has been recognized as one of the top cyber security journalists in the US in voting among his peers, conducted by the SANS Institute. In 2011 he was named one of the 50 Most Powerful Voices in Security by SYS-CON Media.

The Changing Mind of the Security Pro — How Hype and Media Shape Infosec Priorities
One of the most difficult jobs of today’s security professional is setting priorities in a storm of news reports, vulnerability disclosures, and product announcements. With so much hype and misinformation on the Web and in the media, how can infosec pros determine which problems to tackle first? In this informative session, top experts in the fields of security PR and media will discuss the various ways that threats and technology are overhyped — and how you can sort through the noise to determine what really matters to your organization

Register Now!

Steve Christey

@sushidude

www.mitre.org

MITRE
Steve Christey Coley is a Principal Information Security Engineer in the Cyber Security Division at The MITRE Corporation, supporting FDA CDRH on medical device cyber security. Steve was co-creator and Editor of the CVE list and chair of the CVE Editorial Board from 1999 to 2015. He is the technical lead for CWE, the Common Weakness Scoring System (CWSS), and the CWE/SANS Top 25 Software Most Dangerous Software Errors. He was a co-author of the influential “Responsible Vulnerability Disclosure Process” IETF draft with Chris Wysopal in 2002. He was an active contributor to other community-oriented efforts such as CVSS, CVRF, and NIST’s Static Analysis Tool Exposition (SATE). His interests include adapting traditional IT security
methodologies to new areas, software assurance, improving vulnerability information exchange, and making the cybersecurity profession more inclusive for anybody who seeks a place in it. He holds a B.S. in Computer Science from Hobart College.

Toward Consistent, Usable Security Risk Assessment of Medical Devices
“CVSS? For *my* medical device?” It’s more likely than you think.

With so many different stakeholders in the medical device ecosystem – including manufacturers, hospitals, researchers, third-party coordinators, and patients – it’s no wonder that risk assessment is looking kind of discombobulated right now. When a new medical device vulnerability comes out, rarely is there any agreement about how bad it is. It can be very difficult for health care providers to use existing information to make appropriate, defensible risk decisions

If only there were a common vulnerability scoring system to stop the madness! Enter CVSS. But how can this IT-oriented system be used for evaluating medical device vulnerabilities, and should it? Fortunately, FDA’s CDRH has tasked MITRE to work with the medical device community to find out, so I’ll tell you all about it.

Register Now!

Dawn-Marie Hutchinson

@CISO_Advantage

www.optiv.com

Optiv
Dawn-Marie Hutchinson brings 15 years of enterprise information technology experience to her role as a senior consultant in the Office of the CISO at Optiv. She is an innovative business partner with extensive
experience serving on Enterprise Risk Management teams. She is an expert in providing data privacy and security solutions to manage information risk, improve IT governance and strengthen internal controls.

Beyond the Security Team: The Economics of Breach Response
Breaches are expensive. So expensive that cyber insurance coverage is often lacking. This presentation explores the economics of breaches, the differences between breach and incident response and how you can align your security team’s goals with company values.

Register Now!