SLAIT Consulting is an Information Technology consulting services company that specializes in delivering customized, creative IT solutions for customers in the commercial and public sector.
Come see us at RVAsec! Register Now.
Gold Sponsor Feature: Assura
Assura is a consulting and services firm focused on Information Technology Governance, Risk and Compliance (IT GRC) with concentrations in cybersecurity, business continuity planning, IT audit and audit defense.
Come see us at RVAsec! Register now.
CFP Submission – 2017
CFP deadline is Sunday, March 12th, 2017 at 11:59 PM Eastern!
Click here to submit a talk to the CFP now!
RVAsec
June 8-9th, 2017
Richmond, VA, on the Virginia Commonwealth University campus
RVAsec is a Richmond, VA based security convention that brings top industry speakers to the midatlantic region. In its fourth year, RVAsec 2016 attracted nearly 400 security professionals from across the country. For 2017, the conference is a two day and dual-track format, with a mixed focus on technical and management/business presentations.
All talks must be 50 minutes in length, and submissions will need to select from one of two tracks:
- Business
- Technical
The following types of presentations will not be accepted:
- Sales or marketing for companies or products
- CFP submissions from in-house or agency PR/marketing professionals
- Talks which do not offer new insight or perspective
RVAsec will hold no copyright on presentation content, but all speakers will be required to provide approval to post slides and video recordings of the talk on the RVAsec or other web sites.
Speaker Perks
- Free admission to RVAsec
- Invitation to the RVAsec speaker dinner/party
- RVAsec T-shirt, badge & attendee swag bag
- One 50% off pass for a friend or co-worker
- Fame and glory, internet style!
- Opportunity to be the recipient of the RVAsec “STFU” sign
RVAsec has a limited travel budget, but speakers who request travel
assistance may be eligible for:
- Travel allotment up to $300
- 3 nights hotel at the conference hotel
Please note that companies that fund their speaker’s travel will receive a free Associate Sponsorship Level.
Click here to submit a talk to the CFP now!
Speaker Feature: Andrea Matwyshyn
Dr. Andrea M. Matwyshyn is a legal academic studying technology innovation and its policy implications, particularly corporate information security regulation and consumer privacy. She is currently a (tenured full) professor of law/professor of computer science (by courtesy) at Northeastern University, a faculty affiliate of the Center for Internet and Society at Stanford Law School, and a visiting research collaborator at the Center for Information Technology Policy at Princeton University, where she was the Microsoft Visiting Professor during 2014-15. In 2014, Professor Matwyshyn served as the Senior Policy Advisor and Academic in Residence at the U.S. Federal Trade Commission. She has testified in Congress on issues of technology innovation and information security regulation and is a US-UK Fulbright Commission Cyber Security Scholar award recipient in 2016-2017.
CYBER!
This talk challenges the underlying assumptions of the “cyber” or “cybersecurity” legal and policy conversation. It argues that the two dominant paradigms – information sharing and deterrence – reflect last century’s policy approaches that channel our security energies in misguided directions: in their current form, they will neither thwart technology-mediated attacks on our national security nor meaningfully bolster consumer protection. Drawing insights from the work of seminal philosopher of science Michael Polanyi, this talk first identifies four analytical flaws that plague the legal and policy analysis of information security. It then offers a new policy paradigm – reciprocal security inducement. Reciprocal security inducement reframes the legal and policy security conversation around two key elements: information vigilance infrastructure and defense primacy. The talk concludes with a list of concrete legal and policy suggestions reflecting the reciprocal security inducement paradigm.* *This talk contains bacon.
Come see me at RVAsec 2016! Register now.
CTF Sponsor: Capital One
We are very pleased to announce Capital One is our sponsor for the CTF this year! Please stop by and say hi to their representatives in the Capture the Flag room.
RVA5ec Schedule Now Posted!
The full schedule for the RV5sec 2016 conference is now published!
With the huge success of last year we have kept things pretty consistent for 2016.
Registration & breakfast start at 8 AM on Thursday, June 4th and end at 6 PM (followed by the after party).
Registration and breakfast start again at 8 AM Friday, June 5th and end at 4 PM, followed immediately by the closing reception at VCU.
For the full details and times for specific talks, please see the schedule page.
Virginia Secretary of Technology, Karen R. Jackson to Keynote RVAsec!
We are pleased to announce that Karen Jackson will be keynoting RVA5ec!
Karen Jackson serves as the Secretary of Technology for the Commonwealth. Prior to her appointment, she served as the Commonwealth’s Deputy Secretary of Technology and Vice President of Broadband Programs for the Center for Innovative Technology.
Ms. Jackson serves as a senior advisor to the Governor on technology matters including innovation, data analytics, telecommunications, cybersecurity, and unmanned systems. She is also responsible for overseeing the Commonwealth’s IT infrastructure.
As Secretary, she is responsible for policy and legislative initiatives as well as developing programs to facilitate innovation, entrepreneurship, technology development and adoption. Ms. Jackson also serves as the Virginia lead for the Mid-Atlantic Aviation Partnership (MAAP) and co-chair of the Virginia Cybersecurity Commission.
Ms. Jackson has been actively engaged in the federal policy initiatives including the development of the National Broadband Plan. She received a 2009 IP3 award from Public Knowledge for her work in information policy, and was named to Government Technology’s 2010 list of the top 25 Doers, Dreamers, and Drivers. She was recently named to The Governing Institute Women in Government Leadership Program Class of 2015.
Ms. Jackson serves on a number of Boards including the Virginia Economic Development Partnership, the Center for Innovative Technology, and serves as Governor McAuliffe’s representative to the FCC’s Intergovernmental Advisory Committee.
She holds a bachelor’s of science in business management from Christopher Newport University and a master’s of business administration from The College of William and Mary.
Speaker Feature: Steve Christey
Steve Christey
Steve Christey
MITRE
Steve Christey Coley is a Principal Information Security Engineer in the Cyber Security Division at The MITRE Corporation, supporting FDA CDRH on medical device cyber security. Steve was co-creator and Editor of the CVE list and chair of the CVE Editorial Board from 1999 to 2015. He is the technical lead for CWE, the Common Weakness Scoring System (CWSS), and the CWE/SANS Top 25 Software Most Dangerous Software Errors. He was a co-author of the influential “Responsible Vulnerability Disclosure Process” IETF draft with Chris Wysopal in 2002. He was an active contributor to other community-oriented efforts such as CVSS, CVRF, and NIST’s Static Analysis Tool Exposition (SATE). His interests include adapting traditional IT security
methodologies to new areas, software assurance, improving vulnerability information exchange, and making the cybersecurity profession more inclusive for anybody who seeks a place in it. He holds a B.S. in Computer Science from Hobart College.
Toward Consistent, Usable Security Risk Assessment of Medical Devices
“CVSS? For *my* medical device?” It’s more likely than you think.
With so many different stakeholders in the medical device ecosystem – including manufacturers, hospitals, researchers, third-party coordinators, and patients – it’s no wonder that risk assessment is looking kind of discombobulated right now. When a new medical device vulnerability comes out, rarely is there any agreement about how bad it is. It can be very difficult for health care providers to use existing information to make appropriate, defensible risk decisions
If only there were a common vulnerability scoring system to stop the madness! Enter CVSS. But how can this IT-oriented system be used for evaluating medical device vulnerabilities, and should it? Fortunately, FDA’s CDRH has tasked MITRE to work with the medical device community to find out, so I’ll tell you all about it.
Silver Sponsor Feature: Hermetic Networks
We are Hermetic Networks. A passionate team of IT professionals, hackers, and customer service providers. We take the complication out of technology for our customers and help them do great things.
Come see us at RVAsec! Register now.
Silver Sponsor Feature: Assura
Assura is a consulting and services firm focused on Information Technology Governance, Risk and Compliance (IT GRC) with concentrations in cybersecurity, business continuity planning, IT audit and audit defense.
Come see us at RVAsec! Register now.