IWS Logo

Information Warfare Summit

October 7, 2020

Virtual Event

Oklahoma’s longest running information security conference is back for our 13th year! Due to Covid-19, we’ve gone virtual! Join us October 7 as we stream our event live to you!

Sign Up to Attend the Conference

Day(s)

:

Hour(s)

:

Minute(s)

:

Second(s)

slack

Join our Slack

Get involved in the conference. Chat with our speakers, members of the community, and sponsors.

stream

Join our Stream

We’ve got a ton of tracks and top-notch speakers ready for you. Stream them here on October 7th!

Track Streams

Click or tap the videos below to unmute the stream. Be sure to join our Slack channels for each track to chat with the speaker during the stream!

Track 1

Track 2

Track 3

Tech Village

Vendor Room

Career Room

Talk to our Career Advisors

Join our Career Room. We’ve got the folks ready to answer your questions about getting into the field, upgrading your job/skills, and perfecting your resume and certifications.

Get Your Tickets

Want an awesome shirt? We’ve got you covered. Need that CPE? We’ve got your certificates ready. Have a look at the ticket options below. $10 off for those that register before September 20th.

Registration is open until 11:30PM October 7th. If you forgot to sign up, you can sign up for swag/CPE until11:30PM tonight!

 

About Event

We may be virtual this year, but we’re not slowing down. We’ve got an exciting line up of security experts and community leaders. Not to mention, we’ll have several villages, demos, and workshops for your to join!

Multiple Tracks

Our event will features multiple speakers with something for everyone in information security.

Live Chat

Interact with your favorite speakers live during the event.

Career Networking

We’re partnering with Robert Half to offer resume assistance and networking for your next career jump.

Live Vendor Demos

Want to see the latest and greatest? Join us as we demo some of the latest in tools to protect your network.

Meet Our Keynote

Dr. Nathan Mellor

CEO of Strata Leadership, LLC

Dr. Mellor earned the Doctor of Education in Organizational Leadership degree from Pepperdine University, where he was a Colleagues Grant recipient. He earned the Master of Dispute Resolution degree from the prestigious Straus Institute for Dispute Resolution at the Pepperdine University School of Law, where he was named a Straus Fellow. He earned the Master of Science in Education degree from Harding University while serving as the Graduate Assistant to the University President. He earned the Bachelor of Arts from Harding University where he was elected Student Association President.

Dr. Nathan Mellor

A thought-leader, two-time TEDx speaker, author, and CEO of Strata Leadership, Dr. Mellor is an experienced executive coach, who has provided in excess of 3,000 coaching sessions for executive leaders. He serves as a sounding board, sparring partner and a source of encouragement for leaders seeking to maximize their effectiveness.

Since its founding in 2009, Strata Leadership has pursued its mission of “Elevating Life at Work.” Each year, the professionals at Strata Leadership provides character and competence-based talent development services for hundreds of clients (non-profits, for-profits, educational institutions, and governmental agencies) throughout the United States and abroad.

His book, “Sleeping Giants: Authentic Stories and Insights For Building A Life That Matters” is available via Monocle Press, Amazon, and Audible. He also hosts the podcast, “The Strata Leadership Show.” Nathan lives in Edmond, Oklahoma, with his wife and two daughters.

Meet Our Speakers

Lucas Chumley

Senior Security Solution Engineer at Sentinel One

With a decade’s experience in digital forensics and incident response, Lucas has assisted both large and small organizations in various industries with implementing security solutions and incident response procedures. At SentinelOne, Lucas supports a broad range of clients across the southeast United States focusing on detection and automation.

Matt Beringer

Principal Data Scientist at Rapid7

Matt Berninger is a Principal Data Scientist on the OCTO Team, passionately pursuing evil at scale using data science and forensic tools. Prior to joining Rapid7 he led research and incident response efforts within FireEye and at US-CERT. He has degrees in Cyber Warfare and Operations from the Naval Postgraduate School and Mathematics from Columbia University. He enjoys baseball, math, and baseball math.

Geoff Wilson

Security Consultant at Go Security Pro

Geoff uses data breach analytics to help companies cut through the noise, decipher what is important, maintain threat alignment, and consistently mitigate risks. Geoff has a Master’s of Information Security from Carnegie Mellon University and a Bachelor’s of Computer Science from the University of Oklahoma. He taught a graduate-level Information Security course at the University of Oklahoma for four years. Geoff is a published author, has worked with the National Security Agency, has consulted with the Executive Office of the President, and has been in Information Security for 17 years.

Greg Bailey

Varonis

Kristopher Wall

Penetration Testing Manager at Stinnett & Associates

Kris is a community member local to the Oklahoma information security scene. Kris regularly speaks at conferences, including BSidesOK, Information Warfare Summit, Root 66, and several tech groups. Kris is the co-founder of Root 66 Cyber Security Conference, OKCSEC, and the Irregulars Ethical Hackers.

Aamir Lakhani

Senior Security Strategist at Fortinet

Mr. Lakhani creates technical security strategies and leads security implementation projects for Fortune 500 companies. Industries of focus include healthcare providers, educational institutions, financial institutions and government organizations. Aamir has designed offensive counter-defense measures for the Department of Defense and national intelligence agencies.

Chris Yates

Principal Security Architect at Critical Start

Chris has 25 years of experience in IT, and 10 in Information Security. He worked for 14 years in the public sector (Department of Defense), and has worked in the private sector in transportation, electric utility, and healthcare industries. He has spoken on security architecture, the security impacts of converged infrastructure, and on next generation security tools at several local and national security conferences. He also teaches networking and network security at Southern Nazarene as an adjunct professor.

Multiple Tracks

Leadership strategies, tactical techniques, and security trends. You name it, we’ve got it.

Sponsors

A huge thank you to our sponsors. We wouldn’t be able to do this without their support.

See the Full Schedule

Need a quick view to find your favorite talks? See our full schedule here for a convenient way to find the perfect talks and events to attend.

Find Your Favorite Talks

We’ve got an amazing line up of talks and speakers ready to keep your skills sharp and mind informed.

CONFERENCE SCHEDULE

08:45

Opening Remarks

Chad Kliewer

09:00

Keynote: Focused

We live in a world of distractions. Through this program, Dr. Mellor explores how breakthroughs in the world of neuroscience are providing meaningful insights into how to train the brain for focus. The program is a breakthrough event that is extremely engaging and practical. Applicable to all, the content can be applied instantly and is a crowd favorite. (Leadership, Motivation/Inspiration)

Dr. Nathan Mellor - Strata Leadership

10:00

From Fad to Foe: Defending Against Weaponized AI

Initially dismissed as a buzzword by many security practitioners, our adversaries have now been utilizing AI for years. Today, the product of even crude AI can be indistinguishable to human perception and unlike other techniques used to deceive or destroy, AI doesn’t have to wait on a human being to improve its efficacy. AI makes itself more elegant and more efficient with every additional data point it interacts with. Our adversaries understand that AI is an indispensable addition to their arsenal. From malware that learns how to deceive its target to misinformation campaigns designed to deplete a target of resources, AI allows a maximum return on investment by decimating the amount of time and effort spent on a desired result.

Drawn on Lucas’s own experience defending systems against attacks - both human and machine powered - this talk will explore how artificial intelligence is being weaponized against the organizations we defend and how security practitioners can harness AI in unique ways to protect against such attacks.

Lucas Chumley

With a decade’s experience in digital forensics and incident response, Lucas has assisted both large and small organizations in various industries with implementing security solutions and incident response procedures. At SentinelOne, Lucas supports a broad range of clients across the southeast United States focusing on detection and automation.

Lucas Chumley - Sentinel One

11:00

The Cuckoo Effect

Attackers are here! They are ready to attack your applications, web sites, IoT devices, smart devices, and anything connected to the Internet. Learn how cybercriminals create malware, ransomware, and phishing campaigns. We will look at conventional evasion techniques used by attackers to bypass security products. In this talk, FortiGuard Labs researcher will discuss how researchers find, track, and protect against attacks from the most dangerous cyber attackers.

 

Aamir Lakhani

Aamir Lakhani is a leading senior security strategist. He is responsible for providing IT security solutions to major enterprises and government organizations.

Mr. Lakhani creates technical security strategies and leads security implementation projects for Fortune 500 companies. Industries of focus include healthcare providers, educational institutions, financial institutions and government organizations. Aamir has designed offensive counter-defense measures for the Department of Defense and national intelligence agencies.

Aamir Lakhani - Fortinet

12:00

TLS 1.3 Deep Dive

TLS is arguably the most important protocol on the Internet, providing the foundation for secure communication online. Major websites like Netflix and Cloudflare are already migrating toward TLS 1.3 which was finalized a little over 2 years ago. This talk will be a deep dive into the TLS 1.3 protocol, the changes from TLS 1.2, and how TLS 1.3 provides for enhanced security and performance. Special focus will be given to how the shift to TLS 1.3 impacts cybersecurity programs and network monitoring.

Geoff Wilson - Go Security Pro

12:30

Let the Machines Do Your Hunting For You - Why Big Data and Analytics Have Changed the Security Landscape

This talk will describe the journey to machine learning based analytics that have revolutionized the endpoint protection market, and draw parallels to how similar techniques and architectures can be used to solve problems in other technology domains in addition to cross-domain problems. This talk will propose the utilization of machine learning and big data analytics to reduce the level of effort to provide automated protections in the technology stack, with the end goal in mind of using SOC personnel to only work on things requiring human intervention, thus reducing the need for additional personnel, while improving security outcomes.

Chris Yates - Critical Start

1:00

Advanced Hybrid Identity with Azure AD

A hybrid Identity & Access Management system is essential for today’s on-prem and multi-cloud workloads. It’s easy to connect your Active Directory to Azure AD, but it’s harder to know how to do it to meet advanced requirements like multiple domains and forests, trusts, regulatory boundaries, and disconnected environments. This session will dive deep into each of these scenarios, and you will leave with the understanding of which approach is right for your needs.

John Spaid - Microsoft

2:00

How to Hire More Women in 3 Easy Steps!

Discussing the trials and tribulations women face in tech while positioning a community aspect that helps to empower them and reposition your culture to be more diverse and inclusive.

Minimizing hurdles, eliminating harassment, and fostering a safe, inclusive workplace for everyone.

Stacy Dunn

3:00

The Gap Between Compliance and Security

Let’s take a deep dive in why being compliant doesn’t necessarily mean you’re secure. Just because you have strong locks on all the doors doesn’t mean an attacker can’t open a window to your systems.

And just because you think you’ve achieved the ultimate security to your systems doesn’t mean you’re compliant.

Let’s face it. Being secure is difficult. Being compliant with all the various regulations your organization faces is equally difficult to manage. Is there a way to achieve both? Let’s discuss the gaps, overlaps, and how to bridge between the two.

Kristopher Wall - Stinnett & Associates

4:00

Closing Ceremonies & Door Prizes

IWS Crew

5:00

Afterparty!

We’ve chosen two outdoor locations: Top Golf in Oklahoma City and Flying Tee in Tulsa. Masks will be provided to help attendees keep safe. The after party starts after the conference.

What: Happy Hour following IWS conference – Hosted by Optiv and Friends!

When: October 7, 2020 5:00-7:00pm

Where: 2 separate locations this year to accommodate both Tulsa and OKC areas! Top Golf OKC and Golf Suites Tulsa (Jenks). Please register if you plan to attend, at the location nearest to you so we have an accurate count:

Enjoy food, beverages, networking with peers and golf, in a socially distanced atmosphere.

Optiv

TRACK 2

12:00

Build Minotaurs, not Machines: Lessons Learned from Integrating AI into Cybersecurity Operations

Amid all that has been said about the potential impacts of AI in the field of Cybersecurity, what do we have to show for it? The truth is, there are considerable obstacles to widespread adoption of AI and ML. In this talk, we will examine both broad community research, and ongoing AI research at Rapid7, to illustrate the technical, policy, and procedural challenges facing the adoption of AI in operational environments.

The examples will include malware analysis, host-based process modeling, network anomaly detection, and user behavior analytics. Challenges range from technical implementation, to organizational buy-in, security concerns, customer communications, and analyst interaction. The talk is designed to be accessible without a formal background in Data Science or Machine Learning, and the concepts presented should be familiar to anyone working in cybersecurity.

Matt Berninger began his cybersecurity career in the SOC, working his way to incident responder, and has most recently moved to the realm of Data Science. In the last few years, he has tried many times to build and implement machine learning into operational processes - failing often, but occasionally succeeding. The names, characters, and algorithms depicted in this presentation have been obfuscated, but the stories are real. This talk should be helpful to anyone looking to build, buy, or integrate AI and ML solutions into their operations.

Matt Beringer - Rapid 7

12:30

Integrated Outcome

Efficiency has become the most sought-after outcome for security operations teams. Optiv demonstrates how organizations can gain efficiencies within their security program through platform integrations, automation and data analytics. Join us to see how Optiv can help your team reduce the time it takes to triage alerts, share threat intelligence and bring context to the deluge of log data.

Todd Weber - Optiv

1:00

Army Cyber Security Panel

The United States Army has its own cyber security team. Ever wonder what they do? Well today we’ll present leaders and members of the team, give a “day in the life of” chat, and provide a Q&A session.

Kevin Turner - Solara Surgical Partners, Captain Dan Slusarchuk

2:00

CMMC: A Compliance Journey

CMMC is the new DoD framework for cyber defense, the Cybersecurity Maturity Model Certification, and it will shortly be mandated across the DoD supply chain. Not only mandated but it will require an independent third-party audit to confirm that compliance, a massive change from the current world of self-attestation, and corrective plans. By design, this is going to drive a much higher level of cyber compliance across the Defense Industrial Base (DIB), and that means not just some, but a vast majority of companies will have to make significant changes and investments to meet these requirements. It also appears this will not be limited to DoD. There is already discussion and some action to mandate CMMC compliance and audits in other areas of Federal government contracting. This talk will discuss the compliance and security journey of one company.

Vincent Scott - Cybersecurity Group

3:00

Risky Business: Updating Our IT Application Risk Assessment Process

Are you seeking to implement or update an IT app risk assessment process at your small or medium-sized organization? Devon Energy recently retooled our risk assessment process for new IT applications. We propose to present on why we did this, give desired objectives for the new process, and discuss how we went about it. We will give an overview of the new process along with examples of its use. We believe the methodology for retooling our risk assessment process, as well as the new process itself, will be especially helpful for small and medium-sized organizations.

Rich Lay - Devon Energy

5:00

Afterparty!

We’ve chosen two outdoor locations: Top Golf in Oklahoma City and Flying Tee in Tulsa. Masks will be provided to help attendees keep safe. The after party starts after the conference.

What: Happy Hour following IWS conference – Hosted by Optiv and Friends!

When: October 7, 2020 5:00-7:00pm

Where: 2 separate locations this year to accommodate both Tulsa and OKC areas! Top Golf OKC and Golf Suites Tulsa (Jenks). Please register if you plan to attend, at the location nearest to you so we have an accurate count:

Enjoy food, beverages, networking with peers and golf, in a socially distanced atmosphere.

Optiv

TRACK 3

12:00

Microsoft Teams Explosion: How to Prevent Data Leaks

Do you know what really happens behind the scenes when a user creates a new Team in Office 365? (More than you think!) Where do files go when you share them with a Teams channel? (Hint: check SharePoint.) How can an O365 admin see which sensitive files have been shared outside a Team via links?

Greg Bailey  - Varonis

12:30

Async Intelligence Gathering with Python

This presentation discusses the use of Python and various libraries: Requests, Selenium WebDriver, Re (Regular Expressions), and BeautifulSoup4 to acquire open-source intelligence data at a large scale. It’ll be focused not only on those libraries, but around asynchronous technology and the exponential speed advantages provided.

Jeff Bowie - Alias Forensics

1:00

Trust, but Verify: Maintaining Democracy In Spite of Информационные контрмеры

There are many important elections this year. As you read this, Russia is already disrupting them.

When we talk about election security, most people think of hacking voting machines. But what about other cyber methods and means of disrupting an election? What can nation state threat actors do today, tomorrow, the day of the election, and after to sow chaos and erode our faith in democracy?

In this session, we’ll discuss how Russia has influenced worldwide elections using cyberwarfare and how we have fought back. We’ll understand the natural asymmetry between how Russia and other countries are able to respond, and how we have changed our approach since 2016.

By the end, we will be brainstorming all of the ways to disrupt an election that countries aren’t prepared for.

Get ready to put your nation state threat actor hat on and disrupt some elections - and maybe even earn some ириски-тянучки.

Allie Mellen - Cybereason

2:00

Security Leadership and Management Competencies

As security professionals we have seen the landscape change. Cyber security is now more vital and relevant to the growth of your organization than ever before. As a result, information security teams have more visibility, more budget, and more opportunity. This talk covers the tools to become a security business leader who can build and execute strategic plans that resonate with other business executives, and develop management and leadership skills to better lead, inspire, and motivate your teams.

Joe Sullivan - Rural Sourcing

3:00

Using a 30-60-90 Day Plan to Become A Rockstar CISO

Are you managing your career? Are you getting the attention your background and experience should command? If not, why not? In this session you will lean how to read a job description and filter out the jobs you don’t want and shouldn’t waste time on. You will also learn hoe to be the perfect candidate, on paper, and get the interview. You will also learn how to develop a solid 30-60-90 Day Plan to use in your interview. Then you will learn how to approach the interview in a manner that will showcase your talent in the right light, overcome any objections the interviewers may have, and walk out with a job offer using your 30-60-90 Day Plan.

Gordon Rudd - Venminder

5:00

Afterparty!

We’ve chosen two outdoor locations: Top Golf in Oklahoma City and Flying Tee in Tulsa. Masks will be provided to help attendees keep safe. The after party starts after the conference.

What: Happy Hour following IWS conference – Hosted by Optiv and Friends!

When: October 7, 2020 5:00-7:00pm

Where: 2 separate locations this year to accommodate both Tulsa and OKC areas! Top Golf OKC and Golf Suites Tulsa (Jenks). Please register if you plan to attend, at the location nearest to you so we have an accurate count:

Enjoy food, beverages, networking with peers and golf, in a socially distanced atmosphere.

Optiv

But wait, there’s more!

Looking for something to help you advance your career? Looking for a job? Looking to keep sharp on the latests with the industry? This is the place to be!

TECH VILLAGE

12:00

CISSP Prep - Panel

Looking to land your CISSP certification soon? If so, this is the panel for you! Come prepared with questions how how to land the certification and what you can expect after the certification. 

Jonathan Kimmitt, John Spaid, Nathan Sweaney, Rob Hines

1:00

Getting into InfoSec

If you're looking to make the jump into a new information security career, then we've got the panel for just that. Join us as our panel of professors and industry experts share their experiences in getting into the field.

Dr. Jon McHenry, Professor Haifeng Ji, Curtis Griffin, Pedro Serrano

2:00

Linux Hardening in 2020

Hardening Linux has always been a challenge. Come and see how things have improved and what new challenges are on the horizon.

John Robertson

3:00

College of Lockpicking

Pick all the locks! Shim all the shackles! You know the drill!

College of Lockpicking

5:00

Afterparty!

We’ve chosen two outdoor locations: Top Golf in Oklahoma City and Flying Tee in Tulsa. Masks will be provided to help attendees keep safe. The after party starts after the conference.

What: Happy Hour following IWS conference – Hosted by Optiv and Friends!

When: October 7, 2020 5:00-7:00pm

Where: 2 separate locations this year to accommodate both Tulsa and OKC areas! Top Golf OKC and Golf Suites Tulsa (Jenks). Please register if you plan to attend, at the location nearest to you so we have an accurate count:

Enjoy food, beverages, networking with peers and golf, in a socially distanced atmosphere.

Optiv

VENDOR ROOM

12:00

Sentinel One

Vendor Demo

12:30

Stinnett & Associates

Vendor Demo

1:00

Optiv

Vendor Demo

1:30

Fortinet

Vendor Demo

2:00

Go Security Pro

Vendor Demo

2:15

Varonis

Vendor Demo

2:30

Rapid 7

Vendor Demo

2:45

Critical Start

Vendor Demo

3:00

Rack59

Vendor Demo

3:15

Alias

Vendor Demo

5:00

Afterparty!

We’ve chosen two outdoor locations: Top Golf in Oklahoma City and Flying Tee in Tulsa. Masks will be provided to help attendees keep safe. The after party starts after the conference.

What: Happy Hour following IWS conference – Hosted by Optiv and Friends!

When: October 7, 2020 5:00-7:00pm

Where: 2 separate locations this year to accommodate both Tulsa and OKC areas! Top Golf OKC and Golf Suites Tulsa (Jenks). Please register if you plan to attend, at the location nearest to you so we have an accurate count:

Enjoy food, beverages, networking with peers and golf, in a socially distanced atmosphere.

Optiv

CAREER ROOM

09:00

Career Advice and Networking

Melanie Hendricks and Gordon Rudd

10:00

Career Advice and Networking

Melanie Hendricks and Gordon Rudd

11:00

Career Advice and Networking

Melanie Hendricks and Gordon Rudd

12:00

Career Advice and Networking

Melanie Hendricks and Gordon Rudd

1:00

Career Advice and Networking

Melanie Hendricks and Gordon Rudd

2:00

Career Advice and Networking

Melanie Hendricks and Gordon Rudd

3:00

Career Advice and Networking

Melanie Hendricks and Gordon Rudd

5:00

Afterparty!

We’ve chosen two outdoor locations: Top Golf in Oklahoma City and Flying Tee in Tulsa. Masks will be provided to help attendees keep safe. The after party starts after the conference.

What: Happy Hour following IWS conference – Hosted by Optiv and Friends!

When: October 7, 2020 5:00-7:00pm

Where: 2 separate locations this year to accommodate both Tulsa and OKC areas! Top Golf OKC and Golf Suites Tulsa (Jenks). Please register if you plan to attend, at the location nearest to you so we have an accurate count:

Enjoy food, beverages, networking with peers and golf, in a socially distanced atmosphere.

Optiv

Villages and More

We’ll be offering multiple villages and tracks for your to sharpen your skills and network with others.

Diamond Sponsors

Platinum Sponsors

Gold Sponsors

Silver Sponsors

Bronze Sponsors

intsights
checkpoint

Contributing Sponsors

Stinnett & Associates

After Party Sponsor