Tag: incident response

RVAsec 15 Speaker Feature: Michael Darling

May 8, 2026
Speaker

Secure by Design, Trusted Through Compliance (<– add to your schedule)

This talk will challenge listeners to redifine the traditional technical vs compliance mindset and thing of security as risk management. Whether it’s technical or contractual risk we should all be focused on the same goal of reducing material impacts to our organizations. It will walk through a model in which compliance is built upon strong technical foundations and becomes a mechanism for communicating trust to your organization, customers, and regulators

Michael Darling:
Michael Darling is the founder and Principal Consultant at Solstice Security, where he provides fractional CISO services and helps high confidentiality industries like defense, legal, and financial services build strong security programs and navigate their compliance challenges.

He has spent 25+ years building security programs that actually work. He led the ground-up development of a cybersecurity program at one of the largest law firms in the country and helped shape national cyber policy at the White House budget office and CISA. A retired Marine Lieutenant Colonel and combat veteran, he served in infantry, physical security, IT, and cybersecurity roles.

Michael is passionate about closing the gap between what security frameworks promise on paper and actual security outcomes.

Come see Michael Darling at RVAsec 15!

RVAsec 15 Speaker Feature: Ryan O’Donnell

May 6, 2026
Speaker

Catching Collection in M365: Outlook and SharePoint Canary Tokens (<– add to your schedule)

After a stolen token grants access to M365, the next move is predictable: search for value before exfiltration. This talk shows how to detect that collection phase using canary tokens built on native telemetry across Outlook and SharePoint/OneDrive. We cover end-to-end implementation and results from live production deployments, including what produced high-fidelity signal and what created noise.

Ryan O’Donnell:
Ryan O’Donnell is a Senior Security Engineer at Microsoft. Over the last 13+ years, he’s been performing Penetration Tests, Red Team assessments, and Incident Response investigations. Ryan has presented at the followinhttg conferences: Wild West Hackin’ Fest, Saintcon, Hack Space Con, Hack Red Con, BSides Las Vegas, BSides NoVa, and BSides Roanoke. Ryan has a Masters in Cybersecurity from GMU and the following certifications: OSCP, OSEP, GCFA, and GREM.

Come see Ryan O’Donnell at RVAsec 15!

RVAsec 15 Speaker Feature: Victoria Mosby

May 4, 2026
Speaker

Use It Monday: A 5-Step Method for Turning Security Findings Into Stories Executives Act On (<– add to your schedule)

Security teams produce thorough, accurate reports that executives nod at and never act on. This talk teaches a practical 5-step method for translating findings into narratives that produce decisions — one you’ll practice live and use Monday morning.

Victoria Mosby:
Victoria Mosby is a cybersecurity strategist, advisor, and storyteller with 16 years of experience spanning federal consulting, governance and risk, and cybersecurity SaaS. She is the founder of Basilisk Security Consulting, a boutique advisory practice focused on security communication and executive alignment, and the creator of the Cyber Lorekeeper, a platform dedicated to making security concepts not just understandable but memorable.

Her work sits at the intersection of technical depth and business translation. As a Senior Sales Engineer at PlexTrac, Victoria partners with security teams to design workflows, align tooling to operational needs, and help practitioners communicate findings in ways that actually move decision-makers. She has briefed executives across healthcare, financial services, government, and critical infrastructure, and has spent years studying why some security reports generate action while most generate acknowledgment and nothing else.

That question became the Saga Framework, a comprehensive storytelling methodology for cybersecurity communication grounded in cognitive science research and built around seven narrative archetypes. The framework gives practitioners a repeatable system for translating technical findings into executive narratives that are visceral, specific, and designed to produce decisions. It includes a calibration system for matching narrative intensity to audience type, a practitioner toolkit, and a full written methodology. “Use It Monday” distills the framework’s most actionable core into a 5-step method practitioners can learn in a conference talk and apply the same week.

Victoria holds a Master’s in Cyber Forensics and has spent her career building bridges between the security team, the boardroom, and the broader community. Outside of work, she writes dark fantasy fiction, runs D&D campaigns, and crochets, usually while thinking about how narrative structure works in both storytelling and security briefings.

Come see Victoria Mosby at RVAsec 15!

RVAsec 15 Speaker Feature: Kyle Flaherty

May 1, 2026
Speaker

Empathy, Not Telepathy: How Embedded Engineering Teams Scale Cyber Response (<– add to your schedule)

The real issue of AI isn’t just the speed of the adversary, but the unprecedented noise they’ve created which makes finding the signal through traditional means nearly impossible. This talk explores how embedding engineers into the cyber lifecycle helps drown out the noise and empowers analysts to focus on high-leverage response at scale.

Kyle Flaherty:
Kyle is based out of Richmond and leads the Cyber Intelligence Engineering function at Capital One, where his teams work directly with Cyber Intelligence Analysts to empower them to respond at scale.

Kyle has spent 7 years at Capital One and has prior security work with the U.S. Navy and NSA. His interest in Cyber is rooted in service: a love for technology combined with a desire to serve, inspired by growing up in a military family. Kyle holds a degree in Computer Science from Wake Forest University.

Come see Kyle Flaherty at RVAsec 15!

RVAsec 15 Speaker Feature: Chelsea Bryan

April 29, 2026
Speaker

Community is a Control: Strengthening Cybersecurity Through Connection (<– add to your schedule)

Strong cybersecurity programs are not built by tools alone. This session explores how trust, mentorship, and community can directly impact incident response effectiveness, analyst retention, and long term resilience within security teams.

Chelsea Bryan:
Chelsea Bryan is a Security Operations Analyst at Virginia Commonwealth University with four years of hands on experience supporting enterprise security operations in a complex higher education environment. She works daily with SIEM platforms, endpoint detection and response tools, and network monitoring systems to triage alerts, investigate suspicious activity, respond to phishing and malware incidents, and contribute to continuous improvement of detection and response processes. In addition to her operational responsibilities, Chelsea is deeply committed to mentoring aspiring cybersecurity professionals and career changers who are working to break into the field. She provides practical guidance on building foundational knowledge, and navigating early career growth. She believes strong security teams are built through consistency, collaboration, and investing in people, and she is passionate about helping the next generation of analysts build confidence and capability in cybersecurity.

Come see Chelsea Bryan at RVAsec 15!

RVAsec 2013 Videos: Sean Mason & Barry Kouns

July 1, 2013
Videos

More speaker videos from RVAsec 2013!

Sean Mason: A Day in the Life of an Incident Responder at a Fortune 5

Barry Kouns: Risk Assessment — The Heart of Information Security

More videos coming soon–keep your eyes open!