Intrinium: Stephen Heath
Stephen Heath, Vice President, Security Services
CISSP, CISA, C|EH, OSCP, QSA, ACE, PCIP, TCLM, TCSE
From the oil fields of Texas to investment firms in New York City,
Stephen has over a decade of experience in the Information
Technology and Security space across all sectors performing
penetration testing, compliance auditing, data forensics and incident
response, project management, implementation, and remediation.
Stephen’s rigorous technical background, combined with extensive
business experience allows him to confidently design and implement
security solutions that meet complex organizational and compliance
requirements. Additionally, Stephen is the founder and key architect
of Intrinium’s Security Operations Center which provides 24x7x365
monitoring and incident response around the globe. A recognized
thought leader, Stephen has spoken at conferences throughout the
United States including Seattle, Portland, Anchorage, Dallas, Las
Vegas, Chicago, Louisville, and beyond. Stephen is a graduate of Eastern Washington University with both a Bachelor of Science and a Master of Science in Computer Science, and currently serves as EWU’s Adjunct Professor of Information Security.
Tour of the Darknets
Come one, come all! You won’t believe your eyes! Not for the faint of heart! Enter the darknets if you dare!” The terms “darknets” and “darkweb” are being tossed around a lot, but what, exactly do these terms mean? How does it work? Can you really find anything in the seedy underbelly of the internet? How anonymous is the darknet? How much of the darknets is just the urban legends of our time? These questions and more will be answered in this interactive tour of the darknets!
Cerium Networks: Lynbe Pizzini
Incident Response, Are You Ready?
Incident Response is a process that is needed in all businesses and organizations today. Cyber threats are getting more sophisticated and attacks are happening every day, all day. This presentation will discuss the Incident Response Life Cycle and what you need to have in place in order to respond to a cybersecurity incident. A checklist will be provided so that you are ready when, not if, you must address a cybersecurity incident. Additional information on preparation and planning will also be provided.
About Lynne Pizzini
Lynne Pizzini is Cerium Networks’ Director of Cybersecurity, and is responsible for the management, oversight, and strategic vision to advise and lead clients through the cybersecurity environment and threat landscape. Lynne spent over 25 years working in the public service sector; most recently as Deputy Chief Information Officer and Chief Information Security Officer for the State of Montana. She created, implemented, and built the State’s security program, integrating state-of-the-art technology, and ensuring Montana is a leader across the Nation in information technology and security. She is a Certified Information Systems Security Professional (CISSP), a Certified Information Security Manager (CISM), and a Certified Information Privacy Professional (CIPP). Lynne enjoys the training and awareness aspect of her career and likes to make security education fun and entertaining by incorporating magic and other fun gimmicks into her presentations and awareness activities. In her spare time, Lynne likes to spend time with her family, golf, go 4-wheeling, and hang out at the local assisted living facility playing her guitar and singing.
Varonis: Mike Egli
Name: Mike Egli
Presentation Title: “Turtles, Trust and the Future of Cybersecurity”
Bio: “Mike isn’t afraid to tell it like it is. After 20+ years in IT leadership, professional services management, consulting for Fortune 500 companies, and working to secure organizations in every sector, Mike has seen what works and what doesn’t when trying to tackle today’s insider threats. Spending the past few years focusing exclusively on the application of User Behavior Analytics on the vulnerable areas of corporate assets and identifying the attackers in insider threats, Mike brings a unique perspective on what organizations can do to mitigate the risks and impacts in today’s threat landscape.
[MBA/MAIS. University of Oregon.]”
IVANTI: Josh Borges
CrowdStrike: Aaron Payne
Aaron Payne is a Senior Sales Engineer with Crowdstrike and is responsible for helping to protect customers in State and Local Government, Education, and Healthcare against the latest most sophisticated threats. Aaron has worked in senior Sales Engineer roles over the last 10 years with leading cybersecurity companies and currently resides in the Seattle suburbs. This is Aaron’s first ISSA Boise conference.
RSA: Sean Ennis
Sean Ennis is a Threat Hunter & Principal Engineer at RSA with over 14 years of experience in the threat detection and response space. During that time he has consulted on and helped build security operations, technology, incident response, and threat hunting projects for organizations across North America.
Session Title: The “Hunt-able” Network – A Practical Approach to Enable and Execute a Threat Hunting Program
This session will explore a practical approach for enabling Threat Hunting as a practice within organizations of any size. We will talk about the why, who, when, and how of implementing a successful hunting program and provide a proven methodology (with examples) to get you started.
Netskope: Alejandro Cadena
Presentation at 10AM: Uncover a Place More Scary than The Dark Web
Abstract: The Dark Web is a well-known part of the internet where many sites are not indexed by search engines and can only be accessed if you know the site address, making them effectively hidden. But there is one area arguably more dangerous and much larger in scale, and that is the Bright Web. We use the bright web every day, and it consists of tens of thousands of places where sensitive data can be easily uploaded and shared publicly either with malicious intent or on accident by unsuspecting perpetrators.
Join this scintillating discussion as we uncover the current state of the bright web, how it affects you and your company, and how recent technology advances provide the visibility and control you need to safely maneuver the Bright Web.
- New research that provides insight into how big and widespread the Bright Web is
- A look at dozens of cloud services that make it easy to share sensitive data publicly
- How the Bright Web wreaked havoc on three companies
- 5 best practices for mitigating risk and safely enabling cloud services in the Bright Web
Presenter: Alejandro Cadena, Cloud Security Engineer at Netskope
Bio: Alejandro “Ale” Cadena began his information security journey over sixteen years ago in the Marine Corps, leading to work in the Department of Defense where he focused his expertise on a broad swath of technologies. After a move to Seattle where he resides today, he helped build and protect the T-Mobile USA network as a Senior Security Engineer with a heavy emphasis on large scale proxy and firewall implementations. For the last several years Ale has shifted his focus to helping his customers and architect complex data security solutions for private and public cloud implementations. He is currently a Cloud Security Engineer at Netskope and spends his free time seeking out great live music or experimenting with exotic spices in his kitchen.
Product Demo at 3PM: CASB and SOAR… better then PB&J
Join Abhishek Iyer, Technical Manager from Demisto and Ale Cadena, Cloud Security Engineer at Netskope for a product demonstration on how we can help your organization protect sensitive data and optimize incident response through automation and orchestration in real-time, on any device, including native apps on mobile devices, whether on-premises or remote with a CASB and SOAR.
Forcepoint: Ben Bailey
About the Speaker: Ben Bailey is a Solutions Architect based in the Pacific Northwest with Forcepoint, a Raytheon company. An industry leader in delivering advanced analytics and security solutions to the broader market and key contributor to the development of best in class security tools to prevent sensitive data exfiltration. Mr. Bailey has been actively engaged in the architectural design, deployment and implementation of DLP, CASB, UEBA and Insider Threat programs with large enterprise organizations. His background is in data protection and business continuity. Mr. Bailey has served in this capacity for 10 years working with key manufacturers and service providers in the security space.