We are very pleased to announce Capital One is our sponsor for the CTF this year! Please stop by and say hi to their representatives in the Capture the Flag room.
Bronze Sponsor Feature: Sycom
Founded in 1996, SyCom designs, delivers and supports IT solutions that optimize business results. With offices in Richmond, Roanoke, Virginia Beach, Vienna and Huntington, WV our focus is primarily the mid-Atlantic with national delivery capability. With more than $70 million in revenue, we are one of the largest systems integrators on the East Coast. Named “Best Place to Work in Richmond,” SyCom is an employer of choice for the best IT talent in the region. More than 70% of our engineers have an average of 12 years of experience —underlining our commitment to provide sage advice that you can trust.
Speaker Feature: Joey Peloquin
Joey Peloquin
Joey Peloquin
Joey has more than 20 years of experience in the information technology industry, specializing in information security for over 15 years. Prior to joining the Citrix Security team, he served as the director of professional services for GuidePoint Security, heading up the security assessments, application and mobile, and cloud security consulting practices. Joey is an active member of the information security community, speaking frequently at conferences and events such as BSides, RVAsec, OWASP, and TakeDownCon. He has also written, or appeared in, articles by Hakin9, SC Magazine, SD Times, and Network World.
Deceptive Defense: Beyond Honeypots
Everyone knows malicious hackers utilize deception all the time. Maybe it’s a tactical DDoS attack, meticulously timed to misdirect defenders from an initial intrusion, or perhaps a data exfiltration event. Attackers reuse competitors’ code, and compile malware in languages other than their own to encourage false attribution. The examples are endless. Quarterbacks are masters of deception, too. This talk compares deceptive practices of top NFL quarterbacks with practical deception in the Enterprise, and offers suggestions on how security practitioners can utilize ruses, disinformation, misdirection, and other techniques to increase the cost of targeting an organization to the point that the risk no longer justifies the reward. The presentation covers effective recommendations deployed in production environments today that don’t require purchasing expensive deception systems.
Silver Sponsor Feature: Checkpoint
Since 1993, Check Point has been dedicated to providing customers with uncompromised protection against all types of threats, reducing security complexity and lowering total cost of ownership. We are committed to staying focused on customer needs and developing solutions that redefine the security landscape today and in the future.
Come see us at RVAsec! Register now.
Speaker Feature: Inga Goddijn and Becky Swanson
Inga Goddijn & Becky Swanson
www.riskbasedsecurity.com & www.markelcorp.com
Risk Based Security / Markel
Becky Swanson
Becky Swanson
Becky Swanson is the Managing Director of Miscellaneous E&O at Markel; this includes the Misc. Professional Liability, Information Technology Professional and Data Breach Liability coverage. She began her insurance career in 1996 and is an experienced miscellaneous professional, technology professional and cyber liability specialist with experience in all professional liability insurance coverages. Managed a team of underwriters providing training and leadership with a focus on misc./technology professional and employment practices liability risks. Her focus has been on Miscellaneous and Technology Professional and Cyber liability coverage for the past 10 years. As the Managing Director of Misc. E&O, Technology and Cyber Liability products at Markel Corporation, she is responsible for policy language analysis and development, creation and implementation of underwriting guidelines, rate strategy analysis, training and continued education. Presentations including continuing education instructor on Cyber and Misc. Professional Liability insurance, coverage panels sponsored by brokerage firms, Data Privacy and Security Exposures for public entities, Panel discussions for ACI’s Cyber & Data Forum, NetDiligence Cyber Forum, PLUS panel discussions on Emerging Trends in Professional Liability and What’s New in the Realm of Real Estate and Cyber Security World panel on cyber insurance.
Inga Goddijn
Inga Goddijn
Inga has been involved with technology risk and specialty insurance coverages since 1993 and has a wealth of experience with information risk identification and transfer. Her focus is the strategic management of data privacy and security exposures, with an emphasis on leveraging data-driven risk assessment to build sustainable and scalable programs.
As the leader of the insurance practice group at Risk Based Security, Inga is responsible for a variety of client advisory services including management and mitigation of data security and privacy risk, policyholder risk reduction programs and the development and implementation of cost effective breach response solutions. As a strong advocate for sharing knowledge, Inga has presented at a variety of industry forums and has led many continuing educations sessions throughout the U.S. She currently holds a CIPP/US designation.
Show Me The Money! Uncovering The True Cost of a Breach
It’s become the quintessential million dollar question, how much does a data breach cost? Unfortunately reliable open sources for answering that question are few and far between. With budgets under a microscope and resources stretched thin, being able to reasonably estimate breach costs is an import part of gaining buy-in for new security initiatives and defining acceptable levels of risk. This session will demystify the process of estimating breach costs by taking a closer look at the different factors that drive event expenses. Using real case examples taken from actual breaches, the session will break down the various elements that contribute to the cost of a breach and include ideas for calculating these expense factors. We’ll round out the session with a discussion of how the breach, along with the response effort, influences “soft” costs as well, such as reputation damage and lost business.
Silver Sponsor Feature: Palo Alto Networks
As the next-generation security company, we are leading a new era in cybersecurity by safely enabling all applications and preventing advanced threats from achieving their objectives for tens of thousands of organizations around the world. We are one of the fastest growing security companies in the market because of our deep expertise, commitment to innovation, and game-changing security platform focused on bringing an end to the era of breaches by uniquely integrating our Next-Generation Firewall, Advanced Endpoint Protection, and Threat Intelligence Cloud.
Come see us at RVAsec! Register Now.
Speaker Feature: Caleb “chill” Crable & Evan “detro” Keiser
Caleb “chill” Crable & Evan “detro” Keiser
Cylance
Caleb is a Malware Analyst at Cylance, practicing dirtywhitehat, and frequent contributor to the information security community both online and at technology security events. Caleb enjoys long walks on the beach with polymorphic malware in his leisure.
Evan also serves as a Malware Analyst at Cylance, constantly disseminating new threat intelligence among his team and performing security incident 
reconstruction in his spare time. Based in Raleigh-Durham, North Carolina, in his free time Evan is an avid lock picking enthusiast and penetration tester who enjoys finding holes in virtual and physical security controls of all kinds, belgian waffles and hacking all the things.
Cloud & Control: Where do we go from here?
With so many people taking advantage of the cloud, no one really thinks about how the cloud is taking advantage of you. We will be taking an in-depth look at the pros, and mostly cons, of the datacenter clusters that we harmlessly refer to as cloud infrastructure. Whether it be saucy selfies, bank or medical records, or even just highly valued data in general; How safe do you actually think it is…on someone else’s computer?
RVA5ec Schedule Now Posted!
The full schedule for the RV5sec 2016 conference is now published!
With the huge success of last year we have kept things pretty consistent for 2016.
Registration & breakfast start at 8 AM on Thursday, June 4th and end at 6 PM (followed by the after party).
Registration and breakfast start again at 8 AM Friday, June 5th and end at 4 PM, followed immediately by the closing reception at VCU.
For the full details and times for specific talks, please see the schedule page.
Silver Sponsor Feature: GE
GE (NYSE: GE) is the world’s Digital Industrial Company, transforming industry with software-defined machines and solutions that are connected, responsive and predictive. GE is organized around a global exchange of knowledge, the “GE Store,” through which each business shares and accesses the same technology, markets, structure and intellect.
Come see us at RVAsec! Register now.
Trey Ford to Keynote RVAsec!
We are pleased to announce that Trey Ford will be keynoting RVA5ec!
Trey Ford is a security executive, industry strategist and research advocate. Over the last 15 years, Trey ran Black Hat events worldwide as General Manager, and provided services ranging from global security strategy, incident response, product management, PCI QSA and security engineering for a variety for industry leaders including Rapid7, Zynga, McAfee, FishNet Security and WhiteHat Security.