2015 Tuesday Pre-Conference Sessions & Agenda
Transcription
2015 Tuesday Pre-Conference Sessions & Agenda
PRE CONFERENCE WORKSHOPS AT-A-GLANCE CYBER WARFARE TRAINING AND THREAT SIMULATION (PRESENTED BY BLACKFIN SECURITY) DATE: Tuesday, May 12, 2015 TIME: 8:00 am - 4:00 pm EMERGING ISSUES IN IT AUDITING (PRESENTED BY DELOITTE) DATE: Tuesday, May 12, 2015 TIME: 8:00 am - 4:00 pm INTRODUCTION TO MALWARE ANALYSIS (PRESENTED BY KORELOGIC SECURITY) DATE: Tuesday, May 12, 2015 TIME: 8:00 am - 4:00 pm OPEN FAIR TRAINING (PRESENTED BY CXOWARE AND THE OPEN GROUP) DATE: Tuesday, May 12, 2015 TIME: 8:00 am - 4:00 pm SECURITY LEADERSHIP ROUNDTABLE (PRESENTED BY E&Y) DATE: Tuesday, May 12, 2015 TIME: 1:00 pm - 4:00 pm ---------------------------------------------------------------------------------------------- PRE CONFERENCE WORKSHOP DESCRIPTIONS CYBER WARFARE TRAINING AND THREAT SIMULATION (PRESENTED BY BLACKFIN SECURITY) DATE: Tuesday, May 12, 2015 TIME: 8:00 am - 4:00 pm SPEAKER: Alex McCormack, Security Architect, Blackfin Security SESSION DESCRIPTION: During this course, enjoy a full immersive day of cyber warfare training and simulation exercises. The training will be split into two sessions consisting of security training and hands-on threat simulation exercises. Attendees will be required to bring a laptop to the event to participate in the live environment and final security challenge. During the morning session, attendees will received cutting-edge training on Web Application Security covering tactics and skills needed to test the defenses of most modern internet applications. After lunch, participants will compete head-to-head against each other in a Capture the Flag (CTF) style security competition modeled after real-world attack scenarios in a Threat Simulation Environment. The CTF event will allow you to test out your newly-learned security skills, while scoreboards give you a “play by play” as you navigate through the challenge. The instructor will be available to answer any questions, and help you understand how to properly use the techniques you learned in the morning session. LEARNER OBJECTIVES: Expect to walk away with knowledge and understanding in the following areas: Web application security fundamentals Network and application reconnaissance Data exfiltration Exploit application misconfigurations Credential compromise and discovery (password cracking) Privilege escalation SQL injection Remote exploitation of Microsoft operating system components SPEAKER BIO: Alex McCormack is a Security Architect with Blackfin Security. At Blackfin, Alex assists in the design and implementation of Capture the Flag competitions and training events. Alex has designed CTF challenges since 2013 and given training since 2012. Prior to joining Blackfin, Alex worked in Incident Response and Malware Analysis. Alex has a BS in Computer Science from the Georgia Institute of Technology and holds the GREM and GCIH certifications. Alex can be reached at am@blackfinsecurity.com, @amccormack, or amccormack.net EMERGING ISSUES IN IT AUDITING (PRESENTED BY DELOITTE) DATE: Tuesday, May 12, 2015 TIME: 8:00 am - 4:00 pm SPEAKER: Clayton Smith and Rhonda Willert, Senior Managers, Deloitte & Touche, LLP SPREADSHEET CONTROL PROGRAM ASSESSMENT SESSION DESCRIPTION: During this course, you will learn about the four cornerstones of an effective spreadsheet control environment and current issues currently in the marketplace. LEARNER OBJECTIVES: Expect to walk away with knowledge and understanding in the following areas: Background knowledge of spreadsheet programs Learn about the various types of governance models in place to support a spreadsheet program People supporting a framework and common approaches to implementing the appropriate supporting teams Identify and describe the process that is following for appropriate spreadsheet control. Learn about the types of technologies that are in place to support a spreadsheet program IDENTIFYING AND TESTING INFORMATION PRODUCED BY THE ENTITY (“IPE”) RELEVANT TO GENERAL IT CONTROLS SESSION DESCRIPTION: The content in this course is based on requirements for audits performed in accordance with the standards of the Public Company Accounting Oversight Board (PCAOB) and integrated audits performed in accordance with the standards of the AICPA. Refer to the Information Produced by the Entity Guidefor additional guidance related to this topic. This course will provide learning on how to identify and test Information Produced by the Entity (IPE) relevant to General IT Controls (GITCs) LEARNER OBJECTIVES: Expect to walk away with knowledge and understanding in the following areas: Identify relevant standards and firm guidance pertaining to IPE Obtain an understanding and identify GITC IPE Describe the steps to plan and perform tests of GITC IPE WORKING PAPER RELIANCE AND INTEGRITY SESSION DESCRIPTION: Walk away with a deeper knowledge of testing and documenting internal controls testing. Documenting the results of our testing in a meaningful way to enable other parties to rely on working papers is a key element to being an effective internal auditor. LEARNER OBJECTIVES: Expect to walk away with knowledge and understanding in the following areas: Design of controls Design factors Documentation considerations Information produced by the entity Test of controls Risk associated with the control Test of operating effectiveness Plan the Nature, Timing, and Extent, and Perform Tests of Operating Effectiveness Risk Based Approach: Planning & Timing Performing tests of operating effectiveness of controls COBIT 5 ASSESSMENT SESSION DESCRIPTION: During this course, enjoy a detailed breakdown or how to conduct a COBIT 5 assessment. LEARNER OBJECTIVES: Expect to walk away with knowledge and understanding in the following areas: Background on COBIT 5 COBIT 5 assessment approach Identifying key resources Understanding the project guide SPEAKER BIOS: Clayton Smith and Rhonda Willert are Senior Managers within the Advisory practice at Deloitte & Touche, LLP. Together they have more than 25 years of IT experience with extensive knowledge of IT audit testing methodologies. Clayton can be reached at claysmith@deloitte.com and Rhonda can be reached at rwillert@deloitte.com. INTRODUCTION TO MALWARE ANALYSIS (PRESENTED BY KORELOGIC SECURITY) DATE: Tuesday, May 12, 2015 TIME: 8:00 am - 4:00 pm SPEAKER: Tyler Hudak, Security Consultant, KoreLogic Security SESSION DESCRIPTION: Due to the prevalence and business impact of malware, security professionals increasingly need the skills necessary to analyze worms, bots and trojan horses. This one day course will walk attendees through the concepts, techniques and processes for analyzing malware. Students will take a “from-the-wild” malware sample in a hands-on environment and learn how to analyze its characteristics and behavior to determine what it does and the risk it presents. PREREQUISITES: No previous experience in malware analysis is necessary as this course is designed for those who have never performed it before. However, an understanding of malware is recommended, and students must be experienced with Windows and a virtual machine (e.g. Taking snapshots, etc.) CLASS REQUIREMENTS: Students will be required to bring their own laptops for the class. Laptops will need a VMWare Workstation (NOT VMWARE PLAYER) or VirtualBox installation with an install of Windows (XP or higher) as the guest OS prior to the class. All other tools will be provided. LEARNER OBJECTIVES: In the course, students will learn: Techniques for statically and dynamically analyzing malware. How to safely analyze malicious programs. Methods for setting up an effective malware analysis lab. SPEAKER BIO: Tyler Hudak is a security consultant for KoreLogic Security and has extensive real-world experience in malware analysis and incident handling for Fortune 500 firms. He has worked numerous cases involving malware compromises and brings his front line experience and proven techniques to bear in the training. He is also the lead developer of MASTIFF, the first open-source static analysis framework used to quickly analyze malware. OPEN FAIR TRAINING (PRESENTED BY CXOWARE AND THE OPEN GROUP) DATE: Tuesday, May 12, 2015 TIME: 8:00 am - 4:00 pm SPEAKERS: Chad Weinman, Director of Integration Services, CXOWARE and Jim Hietala, Vice President, Business Development and Security, The Open Group SESSION DESCRIPTION: The Open Group and CXOWARE are partnering to provide a one day training on the Open FAIR risk analysis methodology. Prerequisites: a general understanding of security and risk concepts is a useful background to this training. LEARNER OBJECTIVES: Participants will develop an understanding of the Open FAIR risk taxonomy, including the various components of risk Participants will learn the differences between qualitative and quantitative risk analysis, and where each is appropriate Participants will learn about measurement and calibration, and how to develop confidence in risk measurements Finally, Participants will learn to work with available data, and to pick the right abstraction levels at which to perform risk analysis Participants will also learn about the Open FAIR certification program for risk analysts SPEAKER BIOS: Chad Weinman, Director of Integration Services, CXOWARE. Chad Weinman is a dynamic & motivated professional who is passionate about risk. He has helped dozens of clients on risk program design & adoption, been a speaker for industry conferences, and has facilitated over 75 training seminars on risk. Chad is the Director of Integration Services for CXOWARE, a leader in the quantification of information & security risk. He jokingly claims to have the best job in his organization as he is able to continually analyze risk and works daily with clients domestic and abroad. Chad is a leading expert in Factor Analysis of Information Risk (FAIR), a framework for the quantification of risk (Quantification can and should be done). Chad is originally from the Ohio in the US. @chadweinman. Jim Hietala, VP, Security, The Open Group Jim Hietala, Open FAIR, CISSP, GSEC, is Vice President, Business Development and Security for The Open Group, where he manages the business team, as well as security and risk management programs and standards activities, He has participated in the development of several industry standards including O-ISM3, O-ESA, Risk Taxonomy Standard, Risk Analysis Standard, and O-ACEML. He also led the development of compliance and audit guidance for the Cloud Security Alliance v2 publication. Jim is a frequent speaker at industry conferences. He has participated in the SANS Analyst/Expert program, having written several research white papers and participated in several webcasts for SANS. He has also published numerous articles on information security, risk management, and compliance topics in publications including CSO, The ISSA Journal, Bank Accounting & Finance, Risk Factor, SC Magazine, and others. An IT security industry veteran, he has held leadership roles at several IT security vendors. Jim holds a B.S. in Marketing from Southern Illinois University. SECURITY LEADERSHIP FORUM (PRESENTED BY E&Y) DATE: Tuesday, May 12, 2015 TIME: 12:00 pm - 4:00 pm PARTICIPATION CRITERIA*: Security Leadership Roundtable participants are required to be executive/senior-level information security professionals reporting directly to the CEO, CFO, CIO or the equivalent. In companies with more than 200 employees, the Security Executive Exchange attendance is open to qualified executive direct reports of the organization’s CISO. Individuals should be responsible for information security at the corporate or enterprise level within their organizations, be interested in discussing sensitive security issues with their peers, and be willing to share professional experiences. * Participants will be reviewed to ensure qualifications are met and may not be permitted to participate if you don't meet the qualifications JOB TITLE REQUIREMENTS: CISOs and CSOs Security Directors IT Audit Leadership team Senior Compliance Executives Security Leadership Roundtable participants employed by a company that sells a security product or service must meet the following additional requirements: The organization must have a clear separation between the internal security or research practitioner and those involved in sales, marketing or product management. The organization must have a minimum of 200 employees or a minimum of 2 direct reports to the participant. The attendee must certify that he or she is not involved with the sales, marketing or product management of security products or offerings. SESSION DESCRIPTION: Join us at the 2015 RMISC Security Leadership Forum for an afternoon of peer discussion and industry insight. This session is open to security leaders, such as CISOs, Security Directors, and others in leadership positions in their organizations. The afternoon will start with an insightful discussion from E&Y experts that will inform attendees on current industry trends . Next, leaders will participate in roundtable discussions with their peers to learn about each other's best practices and help provide a common body of knowledge to the leadership community. After completing the roundtable discussions, the group will provide their insights back to the group so that all can share in the insights gained. The roundtable groups will be kept small in order to ensure that all group members can participate in the discussion. Please come join us for some quality time and interaction with your peers.