Information Warfare Summit

09:00

Keynote: Focused

We live in a world of distractions. Through this program, Dr. Mellor explores how breakthroughs in the world of neuroscience are providing meaningful insights into how to train the brain for focus. The program is a breakthrough event that is extremely engaging and practical. Applicable to all, the content can be applied instantly and is a crowd favorite. (Leadership, Motivation/Inspiration)

Dr. Nathan Mellor - Strata Leadership

10:00

From Fad to Foe: Defending Against Weaponized AI

Initially dismissed as a buzzword by many security practitioners, our adversaries have now been utilizing AI for years. Today, the product of even crude AI can be indistinguishable to human perception and unlike other techniques used to deceive or destroy, AI doesn’t have to wait on a human being to improve its efficacy. AI makes itself more elegant and more efficient with every additional data point it interacts with. Our adversaries understand that AI is an indispensable addition to their arsenal. From malware that learns how to deceive its target to misinformation campaigns designed to deplete a target of resources, AI allows a maximum return on investment by decimating the amount of time and effort spent on a desired result.

Drawn on Lucas’s own experience defending systems against attacks - both human and machine powered - this talk will explore how artificial intelligence is being weaponized against the organizations we defend and how security practitioners can harness AI in unique ways to protect against such attacks.

Lucas Chumley

With a decade’s experience in digital forensics and incident response, Lucas has assisted both large and small organizations in various industries with implementing security solutions and incident response procedures. At SentinelOne, Lucas supports a broad range of clients across the southeast United States focusing on detection and automation.

Lucas Chumley - Sentinel One

11:00

The Cuckoo Effect

Attackers are here! They are ready to attack your applications, web sites, IoT devices, smart devices, and anything connected to the Internet. Learn how cybercriminals create malware, ransomware, and phishing campaigns. We will look at conventional evasion techniques used by attackers to bypass security products. In this talk, FortiGuard Labs researcher will discuss how researchers find, track, and protect against attacks from the most dangerous cyber attackers.

Aamir Lakhani

Aamir Lakhani is a leading senior security strategist. He is responsible for providing IT security solutions to major enterprises and government organizations.

Mr. Lakhani creates technical security strategies and leads security implementation projects for Fortune 500 companies. Industries of focus include healthcare providers, educational institutions, financial institutions and government organizations. Aamir has designed offensive counter-defense measures for the Department of Defense and national intelligence agencies.

Aamir Lakhani - Fortinet

12:00

TLS 1.3 Deep Dive

TLS is arguably the most important protocol on the Internet, providing the foundation for secure communication online. Major websites like Netflix and Cloudflare are already migrating toward TLS 1.3 which was finalized a little over 2 years ago. This talk will be a deep dive into the TLS 1.3 protocol, the changes from TLS 1.2, and how TLS 1.3 provides for enhanced security and performance. Special focus will be given to how the shift to TLS 1.3 impacts cybersecurity programs and network monitoring.

Geoff Wilson - Go Security Pro

12:30

Let the Machines Do Your Hunting For You - Why Big Data and Analytics Have Changed the Security Landscape

This talk will describe the journey to machine learning based analytics that have revolutionized the endpoint protection market, and draw parallels to how similar techniques and architectures can be used to solve problems in other technology domains in addition to cross-domain problems. This talk will propose the utilization of machine learning and big data analytics to reduce the level of effort to provide automated protections in the technology stack, with the end goal in mind of using SOC personnel to only work on things requiring human intervention, thus reducing the need for additional personnel, while improving security outcomes.

Chris Yates - Critical Start

1:00

Advanced Hybrid Identity with Azure AD

A hybrid Identity & Access Management system is essential for today’s on-prem and multi-cloud workloads. It’s easy to connect your Active Directory to Azure AD, but it’s harder to know how to do it to meet advanced requirements like multiple domains and forests, trusts, regulatory boundaries, and disconnected environments. This session will dive deep into each of these scenarios, and you will leave with the understanding of which approach is right for your needs.

John Spaid - Microsoft

2:00

How to Hire More Women in 3 Easy Steps!

Discussing the trials and tribulations women face in tech while positioning a community aspect that helps to empower them and reposition your culture to be more diverse and inclusive.

Minimizing hurdles, eliminating harassment, and fostering a safe, inclusive workplace for everyone.

Stacy Dunn

3:00

The Gap Between Compliance and Security

Let’s take a deep dive in why being compliant doesn’t necessarily mean you’re secure. Just because you have strong locks on all the doors doesn’t mean an attacker can’t open a window to your systems.

And just because you think you’ve achieved the ultimate security to your systems doesn’t mean you’re compliant.

Let’s face it. Being secure is difficult. Being compliant with all the various regulations your organization faces is equally difficult to manage. Is there a way to achieve both? Let’s discuss the gaps, overlaps, and how to bridge between the two.

Kristopher Wall - Stinnett & Associates

4:00

Closing Ceremonies & Door Prizes

IWS Crew

5:00

Afterparty!

We’ve chosen two outdoor locations: Top Golf in Oklahoma City and Flying Tee in Tulsa. Masks will be provided to help attendees keep safe. The after party starts after the conference.

What: Happy Hour following IWS conference – Hosted by Optiv and Friends!

When: October 7, 2020 5:00-7:00pm

Where: 2 separate locations this year to accommodate both Tulsa and OKC areas! Top Golf OKC and Golf Suites Tulsa (Jenks). Please register if you plan to attend, at the location nearest to you so we have an accurate count:

Enjoy food, beverages, networking with peers and golf, in a socially distanced atmosphere.

Optiv

TRACK 2

12:00

Build Minotaurs, not Machines: Lessons Learned from Integrating AI into Cybersecurity Operations

Amid all that has been said about the potential impacts of AI in the field of Cybersecurity, what do we have to show for it? The truth is, there are considerable obstacles to widespread adoption of AI and ML. In this talk, we will examine both broad community research, and ongoing AI research at Rapid7, to illustrate the technical, policy, and procedural challenges facing the adoption of AI in operational environments.

The examples will include malware analysis, host-based process modeling, network anomaly detection, and user behavior analytics. Challenges range from technical implementation, to organizational buy-in, security concerns, customer communications, and analyst interaction. The talk is designed to be accessible without a formal background in Data Science or Machine Learning, and the concepts presented should be familiar to anyone working in cybersecurity.

Matt Berninger began his cybersecurity career in the SOC, working his way to incident responder, and has most recently moved to the realm of Data Science. In the last few years, he has tried many times to build and implement machine learning into operational processes - failing often, but occasionally succeeding. The names, characters, and algorithms depicted in this presentation have been obfuscated, but the stories are real. This talk should be helpful to anyone looking to build, buy, or integrate AI and ML solutions into their operations.

Matt Beringer - Rapid 7

12:30

Integrated Outcome

Efficiency has become the most sought-after outcome for security operations teams. Optiv demonstrates how organizations can gain efficiencies within their security program through platform integrations, automation and data analytics. Join us to see how Optiv can help your team reduce the time it takes to triage alerts, share threat intelligence and bring context to the deluge of log data.

Todd Weber - Optiv

1:00

Army Cyber Security Panel

The United States Army has its own cyber security team. Ever wonder what they do? Well today we’ll present leaders and members of the team, give a “day in the life of” chat, and provide a Q&A session.

Kevin Turner - Solara Surgical Partners, Captain Dan Slusarchuk

2:00

CMMC: A Compliance Journey

CMMC is the new DoD framework for cyber defense, the Cybersecurity Maturity Model Certification, and it will shortly be mandated across the DoD supply chain. Not only mandated but it will require an independent third-party audit to confirm that compliance, a massive change from the current world of self-attestation, and corrective plans. By design, this is going to drive a much higher level of cyber compliance across the Defense Industrial Base (DIB), and that means not just some, but a vast majority of companies will have to make significant changes and investments to meet these requirements. It also appears this will not be limited to DoD. There is already discussion and some action to mandate CMMC compliance and audits in other areas of Federal government contracting. This talk will discuss the compliance and security journey of one company.

Vincent Scott - Cybersecurity Group

3:00

Risky Business: Updating Our IT Application Risk Assessment Process

Are you seeking to implement or update an IT app risk assessment process at your small or medium-sized organization? Devon Energy recently retooled our risk assessment process for new IT applications. We propose to present on why we did this, give desired objectives for the new process, and discuss how we went about it. We will give an overview of the new process along with examples of its use. We believe the methodology for retooling our risk assessment process, as well as the new process itself, will be especially helpful for small and medium-sized organizations.

Rich Lay - Devon Energy

5:00

Afterparty!

We’ve chosen two outdoor locations: Top Golf in Oklahoma City and Flying Tee in Tulsa. Masks will be provided to help attendees keep safe. The after party starts after the conference.

What: Happy Hour following IWS conference – Hosted by Optiv and Friends!

When: October 7, 2020 5:00-7:00pm

Where: 2 separate locations this year to accommodate both Tulsa and OKC areas! Top Golf OKC and Golf Suites Tulsa (Jenks). Please register if you plan to attend, at the location nearest to you so we have an accurate count:

Enjoy food, beverages, networking with peers and golf, in a socially distanced atmosphere.

Optiv

TRACK 3

12:00

Microsoft Teams Explosion: How to Prevent Data Leaks

Do you know what really happens behind the scenes when a user creates a new Team in Office 365? (More than you think!) Where do files go when you share them with a Teams channel? (Hint: check SharePoint.) How can an O365 admin see which sensitive files have been shared outside a Team via links?

Greg Bailey - Varonis

12:30

Async Intelligence Gathering with Python

This presentation discusses the use of Python and various libraries: Requests, Selenium WebDriver, Re (Regular Expressions), and BeautifulSoup4 to acquire open-source intelligence data at a large scale. It’ll be focused not only on those libraries, but around asynchronous technology and the exponential speed advantages provided.

Jeff Bowie - Alias Forensics

1:00

Trust, but Verify: Maintaining Democracy In Spite of Информационные контрмеры

There are many important elections this year. As you read this, Russia is already disrupting them.

When we talk about election security, most people think of hacking voting machines. But what about other cyber methods and means of disrupting an election? What can nation state threat actors do today, tomorrow, the day of the election, and after to sow chaos and erode our faith in democracy?

In this session, we’ll discuss how Russia has influenced worldwide elections using cyberwarfare and how we have fought back. We’ll understand the natural asymmetry between how Russia and other countries are able to respond, and how we have changed our approach since 2016.

By the end, we will be brainstorming all of the ways to disrupt an election that countries aren’t prepared for.

Get ready to put your nation state threat actor hat on and disrupt some elections - and maybe even earn some ириски-тянучки.

Allie Mellen - Cybereason

2:00

Security Leadership and Management Competencies

As security professionals we have seen the landscape change. Cyber security is now more vital and relevant to the growth of your organization than ever before. As a result, information security teams have more visibility, more budget, and more opportunity. This talk covers the tools to become a security business leader who can build and execute strategic plans that resonate with other business executives, and develop management and leadership skills to better lead, inspire, and motivate your teams.

Joe Sullivan - Rural Sourcing

3:00

Using a 30-60-90 Day Plan to Become A Rockstar CISO

Are you managing your career? Are you getting the attention your background and experience should command? If not, why not? In this session you will lean how to read a job description and filter out the jobs you don’t want and shouldn’t waste time on. You will also learn hoe to be the perfect candidate, on paper, and get the interview. You will also learn how to develop a solid 30-60-90 Day Plan to use in your interview. Then you will learn how to approach the interview in a manner that will showcase your talent in the right light, overcome any objections the interviewers may have, and walk out with a job offer using your 30-60-90 Day Plan.

Gordon Rudd - Venminder

5:00

Afterparty!

We’ve chosen two outdoor locations: Top Golf in Oklahoma City and Flying Tee in Tulsa. Masks will be provided to help attendees keep safe. The after party starts after the conference.

What: Happy Hour following IWS conference – Hosted by Optiv and Friends!

When: October 7, 2020 5:00-7:00pm

Where: 2 separate locations this year to accommodate both Tulsa and OKC areas! Top Golf OKC and Golf Suites Tulsa (Jenks). Please register if you plan to attend, at the location nearest to you so we have an accurate count:

Enjoy food, beverages, networking with peers and golf, in a socially distanced atmosphere.

Optiv

But wait, there’s more!

Looking for something to help you advance your career? Looking for a job? Looking to keep sharp on the latests with the industry? This is the place to be!

TECH VILLAGE

12:00

CISSP Prep - Panel

Looking to land your CISSP certification soon? If so, this is the panel for you! Come prepared with questions how how to land the certification and what you can expect after the certification.

Jonathan Kimmitt, John Spaid, Nathan Sweaney, Rob Hines

1:00

Getting into InfoSec

If you're looking to make the jump into a new information security career, then we've got the panel for just that. Join us as our panel of professors and industry experts share their experiences in getting into the field.

Dr. Jon McHenry, Professor Haifeng Ji, Curtis Griffin, Pedro Serrano

2:00

Linux Hardening in 2020

Hardening Linux has always been a challenge. Come and see how things have improved and what new challenges are on the horizon.

John Robertson

3:00

College of Lockpicking

Pick all the locks! Shim all the shackles! You know the drill!

College of Lockpicking

5:00

Afterparty!

We’ve chosen two outdoor locations: Top Golf in Oklahoma City and Flying Tee in Tulsa. Masks will be provided to help attendees keep safe. The after party starts after the conference.

What: Happy Hour following IWS conference – Hosted by Optiv and Friends!

When: October 7, 2020 5:00-7:00pm

Where: 2 separate locations this year to accommodate both Tulsa and OKC areas! Top Golf OKC and Golf Suites Tulsa (Jenks). Please register if you plan to attend, at the location nearest to you so we have an accurate count:

Enjoy food, beverages, networking with peers and golf, in a socially distanced atmosphere.

Optiv

VENDOR ROOM

12:00

Sentinel One

Vendor Demo

12:30

Stinnett & Associates

Vendor Demo

1:00

Optiv

Vendor Demo

1:30

Fortinet

Vendor Demo

2:00

Go Security Pro

Vendor Demo

2:15

Varonis

Vendor Demo

2:30

Rapid 7

Vendor Demo

2:45

Critical Start

Vendor Demo

3:00

Rack59

Vendor Demo

3:15

Alias

Vendor Demo