Recorded: 09/20/2023 CERIAS Security Seminar at Purdue University Enhancing Software Supply Chain Security in Distributed Systems Christopher Nuland, Red Hat In the aftermath of the transformative 2020Solarwinds breach, securing software supply chains has surged to the forefront of modern software development concerns. This incident underscored the imperative for innovative approaches to ensure software artifacts' integrity and authenticity. The Supply Chain Level for Software Artifacts (SLSA)framework emerged as a response, emphasizing secure software development processes for supply chains. As compliance standards, notably enforced by the National Institute of Standards and Technology (NIST), intensify the call for robust security measures, the convergence of open-source technologies presents a compelling solution.In the contemporary landscape of distributed systems, like Kubernetes, the significance of signing critical artifacts, such as container images and builds, cannot be overstated. These signatures substantiate the origin and unaltered state of the artifacts, rendering them resistant to tampering or unauthorized access. Yet, with the escalating complexity of software supply chains, bolstered by the proliferation of distributed technologies, ensuring trustworthy artifact provenance becomes more formidable.This challenge is where SigStore, an innovative technology solution, steps in. SigStore enables cryptographic signing and verification of software artifacts, offering a robust mechanism to establish the authenticity of these components. By leveraging transparency log technologies, SigStore enhances the trustworthiness of the supply chain,creating a formidable barrier against malicious alterations.This talk will discuss the popular technologies in the industry that are utilizing a zero trust software supply chain. Why this type of supply chain is important, and outline the different technologies used in conjunction with SigStore to create zero-trust supply chains within the software development and deployment lifecycle.Christopher Nuland has been involved with container technology since 2010, when he worked with Oak Ridge Labs and Purdue's CdmHub on containerizing their simulations with OpenVZ. He joined RedHat in 2018 as a container specialist in the infrastructure and application development space for primarily Fortune 100 companies across the U.S. His work has focused mainly on cloud-native migrations into k8s-based platforms, and developing secure cloud-native zero-trust supply chains for the healthcare,life sciences, and defense sectors. About the speaker: Christopher Nuland has been involved with container technology since 2010, when he worked with Oak Ridge Labs and Purdue's CdmHub on containerizing their simulations with OpenVZ. He joined RedHat in 2018 as a container specialist in the infrastructure and application development space for primarily Fortune 100 companies across the U.S. His work has focused mainly on cloud-native migrations into k8s-based platforms, and developing secure cloud-native zero-trust supply chains for the healthcare,life sciences, and defense sectors.

1h 6m

Sep 20

As privacy moves from a predominantly compliance-oriented approach to one that is risk-based, privacy risk modeling has taken on increased importance. While a variety of innovative pre-existing options are available for privacy consequences and a few for vulnerabilities, privacy threat models, particularly ones focused on attacks (as opposed to threat actors) remain relatively scarce. To address this gap and facilitate more sophisticated privacy risk management of increasingly complex systems, MITRE has developed the Pattern and Action Nomenclature Of Privacy Threats In Context (PANOPTIC™). By providing an empirically-driven taxonomy of privacy threat activities and actions – as well as contextual elements – to support environmental and system-specific threat modeling, PANOPTIC is intended to do for privacy practitioners what MITRE ATT&CK® has done for security practitioners. This presentation discusses the underpinnings and provides an overview of PANOPTIC and its use. About the speaker: Stuart S. Shapiro is a Principal Cyber Security and Privacy Engineer and a co-leader of the Privacy Capability in the MITRE Labs Cyber Solutions Innovation Center at the MITRE Corporation. At MITRE he has led multiple research and operational efforts in the areas of privacy engineering, privacy risk management, and privacy enhancing technologies (PETs), including projects focused on connected vehicles and on de-identification. He has also held academic positions and has taught courses on the history, politics, and ethics of information and communication technologies. His professional affiliations include the International Association of Privacy Professionals (IAPP) and the Association for Computing Machinery (ACM).

53m

Sep 13

Problem: Cyber threat information is rarely codified and never connected to actual infrastructure that needs cyber protections since infrastructure is also not codified.Solution: Infrastructure Expression (IX) – Five use cases for the IX tools with methods using graph theoretics and machine learning will be presented. A full scenario on recent malware binary analysis will be presented highlighting applicability to infrastructure, creation of context specific indicators, cyber observables, and courses of actions for better cyber defenses. Background: The Idaho National Laboratory (INL) has been creating tools, methods and cyber defense capabilities using Structured Threat Information Expression (STIX) and graph database technology since 2015. INL's internal Laboratory Directed Research and Development (LDRD) project – IX - created the first codified infrastructure models in STIX. INL has open sourced these tools and uses advanced graph and machine learning methods and techniques to support critical infrastructure cyber defenses for many USG sponsors and stakeholders. About the speaker: Rita Foster is recognized nationally for research leadership in control system cyber security, briefing numerous committees in the United States Senate and House, appointed by cabinet level secretaries to serve on advisory councils and is frequently requested to provide analysis on emerging threats and impacts to critical infrastructure. She currently leads the innovation development for the infrastructure security areas: identifying research gaps that align to our agile and resilient strategies, creating partnerships, building proposals, and analyzing risk components for cyber-physical infrastructure security. These partnerships include asset owner utilities, technology providers, DOE, DHS, DOD and other government entities.  Her efforts resulted in research proposals awarded ranging from creation of automated response mitigating cyber threats, applying machine learning to firmware and malware binary code, impact analysis with physics-based modeling, asset owner consumable threat analysis and characterizations of vulnerabilities and exploits in various control systems and components.  She has over 33 years of experience in computer integration focusing on control systems applications, real-time simulations and for critical life safety related applications.Her current role at INL includes over 18 years of experience in cyber security of critical infrastructure identifying research gaps aligned with strategic direction, creating partnerships,providing capstone analysis, and thought leadership in areas of protection and defense in the energy sector.  She has mentored over 50 interns ranging from high schoolers to Ph.D. candidates using her project data and tools for dissertations. She provides outreach and education to a wide range of stakeholders and has participated in numerous exercises to identify gaps in roles and responsibilities between private industry and government.  She has managed multi-discipline teams bringing together controls system engineers, network engineers, cyber security researchers and subject matter experts for infrastructure security.  She has served as the technical lead providing initial direction and requirements for programs essential to INL's success. Her early career at INL included over 15 years of experience in independent verification and validation of large military networks for performance and security, validating of physics-based code for nuclear repositories, programming real time training simulators for nuclear operations, programming life safety systems for nuclear repositories, validated energy transmission and distribution systems and integrated divergent control systems creating supervisory control and data acquisition platforms. Prior to INL, she obtained over 8 years of experience in computer operations,programming, and data networking.

52m

Sep 06

Software Supply Chain is emerging as one of the biggest issues that enterprises are facing these days. SolarWinds, Kaseya, 3CX, the examples are way too many. These attacks rapidly multiplied in 2022.In this presentation, we will discuss the trending of software supply chain issues, the federal mandates in the form of executive orders that are impacting this space, emerging best practices and what is the fundamental tech stack to manage these issues, and lastly, what does a good supply chain security program looks like.Dr. Singh will also briefly discuss his journey from being a student at Purdue (MS, Computer Science) to his current role as Chief Information Security Officer of Alkami Technology. About the speaker: Anand is a seasoned cybersecurity executive with over 25 years of experience managing technology, security, privacy, and risk teams in a variety of verticals. His career spans Financial Services, Retail, Healthcare, Manufacturing, eCommerce, Cloud, and SaaS companies. These include UnitedHealth Group, Target Corporation, Alkami Technology, Caliber Home Loans, and PTC.He is currently the Chief Information Security Officer (CISO) at Alkami Technology. Alkami's solutions enable financial institutions to outsmart the competition by providing the nation's best Cloud, SaaS, and PI centric digital banking platform. Alkami's mission is to be the gold standard in digital banking. More than 400 FIs and 15 million end users use Alkami's solutions. Anand is also a seasoned Board director with tenures at DaVinci Academy, CISO XC, and Dallas CISO Summit. Anand holds NACD.DC, CISM, and CISSP certifications. He has a PhD in Computer Science from University of Minnesota, MS in Computer Science from Purdue University, and B.Tech. in Computer Science and Engineering from Indian Institute of Technology. Anand is a proud boilermaker and is deeply attached to Purdue's mission and its goals.

1h 0m

Aug 30

Human identity recognition is one of the key mechanisms of ensuring proper asset and information access to individuals. It became an established authentication practice for government, consumer, financial and recreational institutions in modern society. Biometrics are also increasingly used in a cybersecurity context to mitigate vulnerabilities and to ensure protection against an unauthorized access. However, with the rise of the technological advancements, such as AI and deep learning, more and more capabilities exist to infer private information of individuals and to use aggregate data mining for commercial or other purposes. This lecture will discuss how deep learning methods can enhance biometric recognition accuracy in a variety of settings: unimodal and multi-modal systems, social behavioral biometrics, and risk assessment. The lecture will further focus on risks of privacy and ethical considerations, with discussing cancellability and de-identification as two of the mechanisms to mitigate the privacy concerns. About the speaker: Prof. Gavrilova holds Full Professor with Tenure appointment at the Department of Computer Science, University of Calgary, Canada. Prof. Gavrilova research interests lie in the areas of machine intelligence, biometric recognition, image processing and GIS. Prof. Gavrilova publication list includes over 150 journal and conference papers, edited special issues, books and book chapters, including World Scientific Bestseller of the Month (2007) – "Image Pattern Recognition: Synthesis and Analysis in Biometric," Springer book (2009) "Computational Intelligence: A Geometry-Based Approach" and IGI book (2013) "Multimodal Biometrics and Intelligent Image Processing for Security Systems". She has received support from CFI, NSERC, GEOIDE, MITACS, PIMS, Alberta Ingenuity, NATO and other funding agencies. She is an Editor-in-Chief of Transactions on Computational Sciences Springer Verlag Journal series and on Editorial board of seven journals.

50m

Apr 19

The roots of software piracy were propelled by the fledgling game market of the 1980's where the PC game supply chains were brittle and copying floppy disks was really easy.  This talk will walk through the history and evolution anti-cracking controls as video games moved from bedroom game development to a 220 billion dollar industry. About the speaker: Kelly FitzGerald is an Product Security Architect at the RTX CODE Center where she focuses on factory and supply chain cybersecurity and threat intelligence.  Kelly comes to RTX after 15 years at Symantec/Veritas where she worked in Product Security Vulnerability Management while doing research in medical device vulnerabilities.  Kelly lives with her husband, kind golden retriever and sassy black cat in San Diego, CA.  In her spare time she creates bad art, manipulates the memory of single player games and watches way too much educational YouTube.

43m

Apr 12

Information Flow Tracking (IFT) is a useful tool to reason about security of a system. It can be applied at different levels of abstraction - starting from operating system all the way to gate-level circuits through various representations of software and hardware. In this talk, we will focus on IFT at the register transfer level (RTL) representation of hardware and discuss how IFT can be applied to find various types of RTL security vulnerabilities. We will discuss an inductive formulation of the problem based on leakage alert and propagation alert that offers a scalable solution and micro-architecture-level design insights compared to more traditional formulations. We will end the talk by outlining some of the research challenges that we need to address to push the boundary further. About the speaker: Dr. Sayak Ray is a Security Researcher at Intel Corporation. His area of research includes tools and automation for security validation, security challenges in FPGA, heterogeneous computing and data center networking. Dr. Ray regularly publishes at design automation conferences and journals. He has served on technical program committees of various conferences such as DAC and ICCAD. Before joining Intel in 2016, he was a Post-doctoral Research Associate at Princeton University. Dr. Ray obtained his PhD from UC Berkeley in 2013.

51m

Apr 05

"What Do We Owe One Another In Cybersecurity?" As the cybersecurity ecosystem evolves, we understand more about how interconnected we are: the ripple effects from breaches, the fact that supply chains aren't discrete lines but rather a web, and that mapping our vulnerabilities is harder than we thought. In this session, Wendy Nather will talk about the concept of civic duty on the Internet — not just sporadic charity efforts or "nice to have" information sharing, but the social norms and obligations we should face together if we want a sustainable world of technology. Shared risk requires shared defense. About the speaker: Wendy Nather leads the Advisory CISO team at Cisco. She was previously the Research Director at the Retail ISAC, and Research Director of the Information Security Practice at 451 Research. Wendy led IT security for the EMEA region of the investment banking division of Swiss Bank Corporation (now UBS), and served as CISO of the Texas Education Agency. She was inducted into the Infosecurity Europe Hall of Fame in 2021. Wendy serves on the advisory board for Sightline Security. She is a Senior Fellow at the Atlantic Council's Cyber Statecraft Initiative, as well as a Senior Cybersecurity Fellow at the Robert Strauss Center for International Security and Law at the University of Texas at Austin.

58m

Mar 29

For 35 years, the Internet has been bedeviled by attackers. For about as long, defenders have tried deploying various defenses; these have often been of limited utility. We look back at what has happened, focusing on the explicit or (more often) implicit assumptions behind the defenses, and why these assumptions were or were not correct. About the speaker: Steven M. Bellovin is the Percy K. and Vida L. W. Hudson Professor of Computer Science at Columbia University, member of the Cybersecurity and Privacy Center of the university's Data Science Institute, and an affiliate faculty member at Columbia Law School. Bellovin does research on security and privacy and on related public policy issues. In his copious spare professional time, he does some work on the history of cryptography. He joined the faculty in 2005 after many years at Bell Labs and AT&T Labs Research, where he was an AT&T Fellow. He received a BA degree from Columbia University, and an MS and PhD in Computer Science from the University of North Carolina at Chapel Hill. While a graduate student, he helped create Netnews; for this, he and the other perpetrators were given the 1995 Usenix Lifetime Achievement Award (The Flame). He has also received the 2007 NIST/NSA National Computer Systems Security Award and has been elected to the Cybersecurity Hall of Fame. Bellovin has served as Chief Technologist of the Federal Trade Commission and as the Technology Scholar at the Privacy and Civil Liberties Oversight Board. He is a member of the National Academy of Engineering and has served on the Computer Science and Telecommunications Board of the National Academies of Sciences, Engineering, and Medicine. In the past, he has been a member of the Department of Homeland Security's Science and Technology Advisory Committee, and the Technical Guidelines Development Committee of the Election Assistance Commission.Bellovin is the author of Thinking Security and the co-author of Firewalls and Internet Security: Repelling the Wily Hacker, and holds a number of patents on cryptographic and network protocols. He has served on many National Research Council study committees, including those on information systems trustworthiness, the privacy implications of authentication technologies, and cybersecurity research needs; he was also a member of the information technology subcommittee of an NRC study group on science versus terrorism. He was a member of the Internet Architecture Board from 1996-2002; he was co-director of the Security Area of the IETF from 2002 through 2004.More details may be found at http://www.cs.columbia.edu/~smb/informal-bio.html.

59m

Mar 22

Endpoint security controls have traditionally relied on detecting malicious activity to protect devices from intrusions. But attackers often change their techniques so quickly that detection patterns must be adapted, resulting in a detection lag. Some of this limitation can be solved by using hardware-based process isolation, which isolates risky endpoint tasks from the user's data and critical parts of the operating system. One of the most interesting data sources the HP Threat Research team uses to track malware trends and behaviors are isolation traces, since they can give us an insight into techniques that have bypassed detection controls. In this presentation, we provide an overview of captured attack techniques that are currently seen in the wild. We will elaborate how attackers try to bypass email security and how users are lured to infected websites to download malware. Finally, we will share advice on how to protect against such attacks and what to look out for. About the speaker: Patrick is a malware analyst at HP with interests in a wide range of security areas. He already focused on cyber security during his studies, where he developed a particular interest in malware analysis. After graduation, he worked on a scientific project at the university and built a dynamic malware analysis system for code similarity clustering. He gained further experience in incident response and threat intelligence at a Swiss bank. Since 2021, Patrick works as a malware analayst on HP's Threat Research team. He conducts analyses of new threats, using the results to improve HP's security products and shares them with the community.

48m

Mar 08

The use of sophisticated digital systems to control complex physical components in real-time has grown at a rapid pace. These applications range from traditional stand-alone systems to highly-networked cyber-physical systems (CPS), spanning a diverse array of software architectures and control models. Examples include city-wide traffic control, robotics, medical systems, autonomous vehicular travel, green buildings, physical manipulation of nano-structures, and space exploration. Since all these applications interact directly with the physical world and often have humans in the loop, we must ensure their robustness, security, and physical safety. Obviously, the correctness of these real-time systems and CPS depends not only on the effects or results they produce, but also on the time at which these results are produced. For instance, in a CPS consisting of a multitude of vehicles and communication components with the goal to avoid collisions and reduce traffic congestions, formal safety verification and response time analysis are essential to the certification and use of such systems. This seminar introduces two key elements for building robust real-time systems: regularity-based virtualization and functional reactive programming.Real-time resource partitioning (RP) divides hardware resources (processors, cores, and other components) into temporal partitions and allocates these partitions as virtual resources (physical resources at a fraction of their service rates) to application tasks. RP can be a layer in the OS or firmware directly interfacing the hardware, and is a key enabling technology for virtualization and cloud computing. Open, virtualized real-time systems make it easy to securely add and remove software applications as well as to increase resource utilization and reduce implementation cost when compared to systems which physically assign distinct computing resources to run different applications. The first part of this talk will describe ways based on the Regularity-based Resource Partition Model (RRP) to maintain the schedulability of real-time tasks as if they were scheduled on dedicated physical resources and increase the utilization of the physical multi-resources.The benefits of using the functional (reactive) programming (FRP) over the imperative programming style found in languages such as C/C++ and Java for implementing embedded and real-time software are several. The functional programming paradigm allows the programmer to intuitively describe safety-critical behaviors of the system and connect its components, thus lowering the chance of introducing bugs in the design phase, resulting in a robust and secure implementation. Its stateless nature of execution does not require the use of synchronization primitives like mutexes and semaphores, thus reducing the complexity in programming on parallel and multi-core platforms. Hence, FRP can potentially transform the way we implement next-generation real-time systems and CPS. However, accurate response time analysis of FRP-based controllers remains a largely unexplored problem. The second part of this talk will explore a framework for accurate response time analysis, scheduling, and verification of embedded controllers implemented in FRP. About the speaker: Dr. Albert Cheng, a U.S. Department of State Fulbright Specialist (2019-2024), is a full professor and former interim associate chair of computer science and a full professor of electrical and computer engineering at the University of Houston in Houston, Texas.  He was a visiting professor at Rice University and the City University of Hong Kong.  He received the B.A. degree with highest honors in computer science, graduating Phi Beta Kappa, the M.S. degree in computer science with a minor in electrical engineering, and the Ph.D. degree in computer science, all from The University of Texas at Austin, Austin, Texas.Prof. Cheng is a Distinguished Member and Speaker of the ACM, an Honorary Member of the Institute for Systems and Technologies of Information, Control and Communication, and a Fellow of the Institute of Physics. An author of over 270 publications, Prof. Cheng is an Associate Editor of the IEEE Transactions on Knowledge and Data Engineering (TKDE) and the ACM Computing Surveys (CSUR). His research interests center on the design, specification, analysis, optimization, formal verification, scheduling, and implementation of embedded and real-time systems, real-time virtualization, cyber-physical systems/Internet of things, real-time machine learning, knowledge-based systems, functional reactive systems, and security.He received the 2015 University of Houston's Lifetime Faculty Award for Mentoring Undergraduate Research.  He implemented in C the first model checker, co-invented by ACM Turing Award winner E. Allen Emerson, augmented with semantics-based analysis for rule-based expert systems. He authored the popular textbook Real-Time Systems: Scheduling, Analysis, and Verification. Prof. Cheng is the Founder and CEO of AMKC Informatics, LLC.Speaker's website:Professor Albert M. K. Cheng's Homepage (uh.edu)

1s

Mar 01

This talk will discuss how we engineer trust among agents, humans, and algorithms to develop solutions to significant practical problems, including Trustworthy AI in multiple applications, Resilience in systems, and a framework for Artificial Conscience to control AI, which we extend to system security. Trustworthiness of AI solutions is emerging as a must for the best use of AI. Using our trust system, we have developed metrics for acceptance, explainability, and fairness of AI solutions having humans in the loop. Furthermore, we introduce the concept of Trustability, which captures the probability of a system keeping the required QoS performance under a specific attack tree. Finally, we present our framework for Artificial Conscience, where AI algorithms are controlled by agents who negotiate with each other using our trust engine to output a solution with maximum" Artificial Feeling." This framework can be easily implemented in any AI system where multiple metrics are involved, including system security scenarios. About the speaker: Arjan Durresi is a Professor of Computer Science at Indiana University Purdue University in Indianapolis, Indiana. He has published over 100 papers in journals, over 220 articles in conference proceedings, and twelve book chapters. His research interests include Trust Engineering, System Security, Trustworthy Artificial Intelligence, AI Control, Network Architectures and Protocols, and Quantum Computing. NSF, USD, states, universities, and industry sources funded his research. He was named among the top 2% of scientists on Stanford's list in September 2021and updated in October 2022.

1s

Feb 22

Examines Chinese views on the importance of information as the new currency of international power, and discusses how the PLA's restructuring supports PLA efforts at planning for future "informationized local wars." About the speaker: Dean Cheng is a non-resident Senior Fellow with the Potomac Institute for Policy Studies and a Senior Advisor with the US Institute of Peace. He recently retired from the Heritage Foundation as the Senior Research Fellow for Chinese political and security affairs. He specializes in Chinese military and foreign policy, and has written extensively on Chinese military doctrine, technological implications of its space program, and "dual use" issues associated with China's industrial and scientific infrastructure. He is the author of "Cyber Dragon: Inside China's Information Warfare and Cyber Operations."

50m

Feb 15

Increasingly, the United States is becoming more and more dependent on Space-based technologies and systems. Our adversaries are well aware of this and have become much more aggressive in their attempts to understand, infiltrate and interfere with Space-based operations, while watching the corresponding impacts to ground-based critical infrastructure. Mr. Keen will discuss that increasing dependency and the associated cyber aspect, then extrapolate that into the upstream and downstream impacts to terrestrial critical infrastructure that occur as a result of Space-based events. Finally, he will discuss how the expanding presence of Space-based operations presents an increasing and dangerous cyber threat to both the Space-based and terrestrial-based critical infrastructure systems as they become even more co-dependent moving forward.

1s

Feb 08

Increasingly, the United States is becoming more and more dependent on Space-based technologies and systems. Our adversaries are well aware of this and have become much more aggressive in their attempts to understand, infiltrate and interfere with Space-based operations, while watching the corresponding impacts to ground-based critical infrastructure. Mr. Keen will discuss that increasing dependency and the associated cyber aspect, then extrapolate that into the upstream and downstream impacts to terrestrial critical infrastructure that occur as a result of Space-based events. Finally, he will discuss how the expanding presence of Space-based operations presents an increasing and dangerous cyber threat to both the Space-based and terrestrial-based critical infrastructure systems as they become even more co-dependent moving forward. About the speaker: Currently a Senior Advisor on Space and Cybersecurity within the National Risk Management Center, Cybersecurity and Infrastructure Security Agency (CISA) at the U.S. Department of Homeland Security, Ronald Keen is a retired Air Force officer with an extensive background in intelligence and space systems operations, as well as critical infrastructure protection. Concluding a distinguished military career, Ron accepted the position as a Division Director in the Indiana State government directing research and testifying on issues within the utility regulatory environment with an emphasis on energy, cybersecurity and critical infrastructure. He accepted his current position with the Department after retiring from State government service. Ron earned his Bachelors at Southwest Texas State University and is a graduate of Embry Riddle Aeronautical University with a Masters in Aeronautical Science. A published author, Ron and his wife, Susan,have five children.

1h 0m

Feb 08

To secure connected products, developers and manufacturers must use tools and processes that are purpose built to analyze the complex binaries found within connected devices and embedded systems. Beyond the capabilities of traditional security tooling, dedicated product security (software supply chain security) tools must run in the specialized languages, systems, and deployment cycles for these connected devices. In this talk hosted by Finite State's Jason Ortiz, we will examine where traditional security falls short in analyzing the composition of a device, detecting its vulnerabilities, assessing the severity of those vulnerabilities, prioritizing and conducting response actions. In this session, you will learn how traditional tools can’t always see the opaque threats that live inside connected devices, explore Software Bill of Materials (SBOMs) and how to generate them, and discover how to build a product security strategy that leads to more secure products and software supply chains.

1s

Feb 01

To secure connected products, developers and manufacturers must use tools and processes that are purpose built to analyze the complex binaries found within connected devices and embedded systems. Beyond the capabilities of traditional security tooling, dedicated product security (software supply chain security) tools must run in the specialized languages, systems, and deployment cycles for these connected devices. In this talk hosted by Finite State's Jason Ortiz, we will examine where traditional security falls short in analyzing the composition of a device, detecting its vulnerabilities, assessing the severity of those vulnerabilities, prioritizing and conducting response actions. In this session, you will learn how traditional tools can't always see the opaque threats that live inside connected devices, explore Software Bill of Materials (SBOMs) and how to generate them, and discover how to build a product security strategy that leads to more secure products and software supply chains. About the speaker: Jason Ortiz is Engineering Manager at Finite State and has over 10 years of experience in the US Intel Community and more than five years in commercial cyber security services. In his role, Jason leads the team that develops necessary interfaces between the Finite State Platform and data for use by customers and partners in their business context. Jason is also President of the Indiana InfraGard Members Alliance, a partnership between the FBI and the private sector that facilitates public-private collaboration and information sharing, and a proud Boiler alum!

1h 2m

Feb 01

For 5 years, we have experimented with technology, people, and process controls at RELX, all designed to create an integrated framework for phishing mitigation. I’ll speak about technology we’ve adopted (and that we haven’t). I’ll speak about failures in industry efforts (e.g., digital signatures). I’ll speak about behavioral science and how we have adopted its concepts to drive behavior change. I’ll speak about the “human is the weakest link/humans are our strongest link” debate raging in the industry today. I’ll tell you where we still struggle as a company and as an industry. This topic will drive conversation, because everyone gets phishing emails; and everyone thinks they have a solution.

1s

Jan 25

For 5 years, we have experimented with technology, people, and process controls at RELX, all designed to create an integrated framework for phishing mitigation. I'll speak about technology we've adopted (and that we haven't). I'll speak about failures in industry efforts (e.g., digital signatures). I'll speak about behavioral science and how we have adopted its concepts to drive behavior change. I'll speak about the "human is the weakest link/humans are our strongest link" debate raging in the industry today. I'll tell you where we still struggle as a company and as an industry. This topic will drive conversation, because everyone gets phishing emails; and everyone thinks they have a solution. About the speaker: Aurobindo Sundaram is the Head of Information Assurance & Data Protection at RELX, a global provider of information and analytics for professional and business customers across industries. He works closely with the company's Board of Directors, Group & division CEOs and functional heads, Chief Technology Officers, and Chief Information Security Officers to articulate and implement RELX's global information security program. His remit extends across 30,000+ employees, offices in 40+ countries, and customers in 180+ countries. Aurobindo has graduate degrees in computer science and management and is a CISSP.

1h 1m

Jan 25

The rise of enterprise cloud computing has brought an even greater emphasis on data. According to an analysis compiled by Statista, two zettabytes of data were created, captured, copied, and consumed globally in 2010. That figure will reach 97 zettabytes this year and 181 zettabytes by 2025. As the adoption of cloud computing continued to evolve, so did how enterprises approached securing their data. Today, enterprises find their data scattered throughout their various cloud systems, and they have lost visibility into where their sensitive data resides. The problems are about whether there are any shadow data stores that developers left abandoned? Who can access all of the enterprise data on these clouds, and are there excessive privileges? What data is at risk of being breached and falling out of regulatory compliance? Moreover, the growing complexity of cloud computing is a big part of why breached data records have risen (according to the Identity Theft Resource Center) from 16 million in 2010 to more than 155 million today. A recent survey from IDC found that 98% of organizations they queried reported at least one cloud data breach in the past 18 months. With all these challenges, cybersecurity professionals are faced with the daunting task of understanding where their organization's critical or regulated data exists across cloud platforms. The process of identifying and securing cloud data is called the Data Security Posture Management. In this talk, we will go over certain techniques for discovering, analyzing and securing data in various cloud platforms. We will then look at challenging problems that are opening up more avenues for further investigation, and research.

1s

Jan 18

The rise of enterprise cloud computing has brought an even greater emphasis on data. According to an analysis compiled by Statista, two zettabytes of data were created, captured, copied, and consumed globally in 2010. That figure will reach 97 zettabytes this year and 181 zettabytes by 2025. As the adoption of cloud computing continued to evolve, so did how enterprises approached securing their data. Today, enterprises find their data scattered throughout their various cloud systems, and they have lost visibility into where their sensitive data resides. The problems are about whether there are any shadow data stores that developers left abandoned? Who can access all of the enterprise data on these clouds, and are there excessive privileges? What data is at risk of being breached and falling out of regulatory compliance? Moreover, the growing complexity of cloud computing is a big part of why breached data records have risen (according to the Identity Theft Resource Center) from 16 million in 2010 to more than 155 million today. A recent survey from IDC found that 98% of organizations they queried reported at least one cloud data breach in the past 18 months. With all these challenges, cybersecurity professionals are faced with the daunting task of understanding where their organization's critical or regulated data exists across cloud platforms. The process of identifying and securing cloud data is called the Data Security Posture Management. In this talk, we will go over certain techniques for discovering, analyzing and securing data in various cloud platforms. We will then look at challenging problems that are opening up more avenues for further investigation, and research. About the speaker: Dr. Mummoorthy Murugesan is currently the founding Director of Engineering at Normalyze Inc. Earlier, he worked at Teradata R&D where he developed the incremental planning and execution of queries. He has worked in start-ups such as Netskope, and Turn to build highly scalable systems. At Netskope, he built the data management platform for the CASB (cloud access security broker) product. Before Normalyze, he led the cloud infrastructure initiatives for Workday's Prism analytics. Dr. Murugesan's interests span data, analytics, security and cloud infrastructure. He received his Ph.D. in Computer Science from Purdue University, and Masters degree from Syracuse University.

53m

Jan 18

Cybersecurity is inherently complicated due to the dynamic nature of the threats andever-expanding attack surfaces.  Ironically,this challenge is exacerbated by the rapid advancement of many new technologieslike Internet of Things (IoT) devices, 5G infrastructure, cloud-basedcomputing, etc.  This is where artificialintelligence (AI) and machine learning (ML) techniques can be called intoservice, and provide potential solutions in terms of threat detection andmitigation responses in a rapidly changing environment.  On contrary, humans are often limited by theirinnate inability to process information and fail to recognize/respond to attackpatterns in the multi-dimensional, multi-faceted world.  The recent DARPA AlphaDogFight has proven AIpilots can defeat even the best human pilot in air-to-air combat.  This prompted our engineers to develop aminimum viable product (MVP) that demonstrates the value of a multi-agent reinforcementlearning (MARL) architecture in a simulated cyber wargaming environment.   By using our simulation framework, we essentially“trained” the learning agents to produce the optimum combination/permutation ofcyber attack vectors in a given scenario. This cyber wargaming engine allows our analysts to examine tactics,techniques and procedures (TTPs) potentially employed by our adversaries.  Once these vulnerabilities are analyzed, ourcyber protection team (CPT) can close security gaps in the system.

1s

Jan 11

Cybersecurity is inherently complicated due to the dynamic nature of the threats andever-expanding attack surfaces.  Ironically,this challenge is exacerbated by the rapid advancement of many new technologieslike Internet of Things (IoT) devices, 5G infrastructure, cloud-basedcomputing, etc.  This is where artificialintelligence (AI) and machine learning (ML) techniques can be called intoservice, and provide potential solutions in terms of threat detection andmitigation responses in a rapidly changing environment.  On contrary, humans are often limited by theirinnate inability to process information and fail to recognize/respond to attackpatterns in the multi-dimensional, multi-faceted world.  The recent DARPA AlphaDogFight has proven AIpilots can defeat even the best human pilot in air-to-air combat.  This prompted our engineers to develop aminimum viable product (MVP) that demonstrates the value of a multi-agent reinforcementlearning (MARL) architecture in a simulated cyber wargaming environment.   By using our simulation framework, we essentially"trained" the learning agents to produce the optimum combination/permutation ofcyber attack vectors in a given scenario. This cyber wargaming engine allows our analysts to examine tactics,techniques and procedures (TTPs) potentially employed by our adversaries.  Once these vulnerabilities are analyzed, ourcyber protection team (CPT) can close security gaps in the system. About the speaker: Ambrose Kam is a Lockheed Martin Fellow with over 25 years of experience in the Department of Defense (DoD) industry. He is one of the earliest pioneers at applying modeling, simulation, and operations analysis techniques to threat modeling and cyber resiliency assessment. He regularly gives lectures at MIT, Georgia Tech, and industry consortiums like the Military Operations Research Society (MORS) and National Defense Industry Association (NDIA). Ambrose has been quoted in major publications including Forbes, The Economist, etc, and has co-authored a book in Simulation and Wargames. As a subject matter expert, he represents Lockheed Martin in industry standards organizations like ISO, LOTAR, and INCITS. His most recent efforts in wargaming, Machine Learning/Deep Learning, Cyber Digital Twin, and Blockchain earned him patents and trade secret awards. In 2017, Ambrose won the prestigious Asian American Engineer of the Year (AAEOY) award for his technical leadership and innovations. He holds several advanced degrees from MIT and Cornell University as well as a Bachelor of Science degree from the University at Buffalo.

55m

Jan 11

Whether you’re implementing security policy or developing products, considering the human element is critical. Yet security professionals often fall victim to misconceptions and pitfalls that undermine users’ ability to reach their full security potential. Grounded in real-world examples and human-centered research, this talk will explore how to recognize and overcome these pitfalls towards improving security through user empowerment.

1s

Dec 07, 2022