Breaking out the Cybersecurity Workforce Framework
Illinois Institute of Technology
The Draft NIST Special Publication 800-181 formally publishes the NICE Cybersecurity Workforce Framework (NCWF). This presentation will discuss the content and structure of the framework, breaking out work roles for use in position descriptions and job definitions, mapping to educational objectives such as the NSA's CAE Knowledge Units and the ACM/IEEE/AIS Cybersecurity Curricula 2017, and relationship of the framework to existing certifications in the field.
Ray Trygstad has broad experience and education in the management and administration of information systems; information security; computers; the Internet; and higher education. He teaches disaster recovery & business continuity, information security management, open source operating systems, digital multimedia, management, legal and ethical issues in information technology, cloud computing, and operating system virtualization. He serves as the Associate Chair of IIT's Department of Information Technology & Management (ITM), and wrote the curricula currently in use for both the Bachelor and Master's Degree programs offered by the department. His experience as a college professor as well as over four years as a Navy Flight Instructor have made him an expert in curriculum development. He is also the Director of Undergraduate Advising for the ITM degree program. He is the Chair of the IIT Undergraduate Studies Committee and a member of the IIT HLC Accreditation Team. Ray previously served as the Director of Information Technology for the IIT School of Applied Technology, where he was responsible for technology planning and computer system management and administration for the school. He has taught Naval Science, Computer Science, Business, and Public Administration at IIT, and has guest lectured at the University of Chicago. Ray is a graduate of the U.S. Naval Academy, Annapolis, MD, and was designated a Computer Systems Management Subspecialist by the U. S. Navy, where he served as an Information Systems Manager and Information Systems Security Officer when he was not flying helicopters. In this capacity he did his first information systems security audit in 1988. He is a member of the Speakers Bureau of the Chicago-based Technology Executives Club, and is the Chair of the National Board of Directors of Gamma Nu Eta, the National Information Technology Honor Society. In his capacity as an ABET Program Evaluator he goes on program accreditation visits to evaluate degree programs in Information Technology. He earned a Master of Science in Systems Management from the University of Denver and has done Ph.D. Studies at Illinois Institute of Technology.
Can we do better than F5 image steganography?
Illinois Institute of Technology
F5 image steganography is over 15 years old, and yet it is still the best we have. Current efforts to detect its use in a jpeg file take advantage of F5's tendency to alter the histogram of jpeg coefficients, which contain a larger number of zeros after processing. In this talk, we will go over methods to defeat this approach, culminating on a variation of F5, available as part of the PassLok Privacy app, where the jpeg histogram after stego injection remains nearly unchanged from that of the original image.
Francisco Ruiz is a faculty member at the Illinois Institute of Technology. He is the developer of PassLok Privacy and PassLok for Email, which is is increasingly garnering accolades as end-to-end email encryption that can actually be used by mere mortals. He is also interested in human-computable cryptography, which might come in handy when computers are no longer to be trusted.
Data at Risk: Regulatory and Privacy Concerns in a Data Breach
Adler Law Group
The current spate of high profile data breaches has put privacy in the spotlight. There are dozens of state and federal regulations that may apply, plus numerous industry codes and standards, to say nothing of international rules. Without a thorough legal review of data retention and management practices, a company is at risk. This session will address critical considerations around compliant management of data.
David M. Adler is a lawyer with over 20 years experience guiding entrepreneurs, executives, professionals and organizations through the dynamic and sometimes murky legal challenges presented by the interrelated areas of Trademark, Copyright, Trade Secrets, Privacy, Information Security, Marketing & Advertising, Social Media, Digital Business and Regulatory Compliance. David has been designated by his peers as an Illinois Leading Lawyer in 2016 and an Illinois SuperLawyerÂ® for a sixth consecutive year, both in the areas of Intellectual Property and Entertainment & Media Law. David has significant in-house counsel experience managing the legal affairs of industry-leading software providers in the public relations, marketing, and financial serivces industries, negotiating and drafting enterprise-level Software-as-a-Service (SaaS) agreements and contracts with a heavy emphasis on proprietary rights. He is a prolific writer maintaining a technology-focused blog on CIO.com: The Legal Side of Tech. His articles also appear in Illinois State Bar journals and trade journals. David is licensed in Illinois, a member of the Illinois State Bar, Federal General Bar and Federal Trial Bar, and is a member of the Illinois State Bar Association Intellectual Property Law Committee. Outside the practice of law, David taught Music Law as an Adjunct Professor at DePaul College of Law, and previously taught both Entertainment Law and Introduction to E-Business at Columbia College Chicago. David formerly chaired the Chicago Bar Association's Media & Entertainment Law Committee.
Determining Security Best Practices for Critical Infrastructure Protection: A Communication Sector Overview
The basis of this study was to determine how security frameworks designed utilizing the public-private partnership model aid in the identification of suggested security best practices for a communications provider’s critical infrastructure within the United States. The themes generated during the completion of this study-enforced ways that critical infrastructure partner organizations could identify suggested security best practices. These themes also opened up additional avenues for future research surrounding additional methods for identifying suggested security best practices such as security awareness and education.
Dr. Mathias (Matt) Plass is currently an Assistant Professor Management Information Systems (MIS) at Lewis University in Romeoville, Illinois. Prior to his role at Lewis he was the Lead Security Engineer for Joliet Junior College (JJC). As a leader on the IT Security and Risk Management team, he was responsible for managing disaster recovery, governance and compliance, and maintaining the risk management posture of the organization. Prior to joining JJC, he served as the Principal Security Engineer for WOW – Cable Internet and Phone, Technology & Security Manager for Home Run Inn Inc., and as a programmer with Safeco Insurance, Castle Metals and Chicago Title and Trust. He is a certified information systems security professional (CISSP), ethical hacker (C|EH), penetration tester (CPT), and network professional (Network+). He received his doctor of science degree in Cybersecurity from Capitol Technology University in Laurel, Maryland in 2015; a master of science degree in Information Assurance in 2012 from the University of Maryland University College in Adelphi, Maryland; and his bachelor of science degree from the University of Illinois at Chicago in 1996.
Everything old is new again! New cyber attacks on the same old technology
Cyber Criminals are using new fileless malware and exploits to attack users in the same old ways, Phishing/SMShing, Drive-By downloads, Watering Holes, Man-in-the-Middle (MitM), and user based attacks. We will discuss the threats, risks and recommended configurations to minimize the potential for loss. Additionally, I will perform a real-time MitM attack demonstration to explain how easy it is for hackers to gain access to your devices.
Jerry Irvine, CIO Prescient Solutions. His degrees/certifications are CISSP, CISM, CeH, CISA, CRISC, GICSP, CGEIT, CASP, CBCP, CIPT, ITIL, CNE, MCSE, CCNA, CCNP, CCDA, CCDP. As CIO, Irvine provides strategic direction for all clients, overseeing product innovation and implementation. He has been deeply involved with the IT industry since 1987. Since then, Irvine has filled MIS and CIO positions at multiple facilities and has managed hundreds of technicians and thousands of devices. He has led multiple project teams, such as one of the largest Microsoft Directory migration projects ever. In 2008, Irvine joined the US Chamber of Commerce’s Cybersecurity Working Group. This task force is responsible for advising federal decision-makers on cyber security policy and sharing best practices related to this urgent and ongoing need. In June 2015, Irvine was appointed to the U.S. Chamber of Commerce Cybersecurity Leadership Council, a group of professionals that have come together to promote cybersecurity policy. Irvine is also involved in the FBI InfraGard, USSS Cyber Crime Task Force, and IT-ISAC. His expertise on cyber security has been featured in a number of national and industry publications, including ABC News, NBC News, FOX Chicago News, WGN TV/ Radio, WBBM Radio, The Wall Street Journal, The New York Times, Chicago Tribune, CIO Magazine, Forbes, and Wired magazine.
Getting Credentials from a Locked Windows PC in 12 seconds
Joseph Granneman, MBA, CISSP
The threat landscape for Windows PCs is changing. Attackers are targeting credentials more often than they are targeting exploits for software vulnerabilities. This presentation will demonstrate the weaknesses in standard Windows authentication on a physically locked PC. We will then discuss how this attack works and how to defend against it.
Joseph Granneman developed a passion and expertise in information security after over 20 years of experience as an executive IT leader in hospitals, clinics and financial trading institutions. This passion has led him to found illumination.io, a cybersecurity consulting practice. He served most recently as the CIO for Rockford Orthopedic Associates prior to being regional CIO for Adventist Midwest Health. He also served as the Manager of Information Security for Calamos Investments. Previous to these roles, he was CTO and CSO for Rockford Health System in Rockford Illinois for over 16 years. He is an active author and speaker specializing in the fields of health care information technology and information security. He is an adjunct professor at Northern Illinois University and has written articles for Information Security Magazine and CIO/CSO magazine. He is currently publishing online with TechTarget at http://searchsecurity.techtarget.com/.
Help 'Them' Understand What You Do
Gift of Hope
It is a challenge to get funding, resources, and respect many times. A main reason for this is that information security is, largely, not understood. This session will present some ideas to tell your story to help "them" understand what information security professionals do. Beyond that we'll take a look at how it fits in with the business so that we can ask for resources, be it, time, people, or money. Throughout this session we'll draw in risk as well and discuss how that fits into our story.
Edward Marchewka is the Director of Information Technology for Gift of Hope Organ & Tissue Donor Network. Before joining Gift of Hope Edward was the Enterprise Information Security and Server Operations Manager (CISO) for Chicago Public Schools. He is also the creator of CHICAGO Metrics™, a platform to help manage your company's key IT and Information Security risks. Edward has completed, from Northern Illinois University, an MBA and an MS in Mathematics and, from Thomas Edison State College, a BS in Nuclear Engineering Technologies and a BA in Liberal Studies. He also holds a Certificate in Nonprofit Management from the Kellogg School of Management at Northwestern University. He is a member of (ISC)2, AITP, ISACA, and a Board Member with the Chicago InfraGard.
Mirai Botnet: How an IoT Botnet Performed Massive DDoS Attacks and Negatively Impacted Hundreds of Thousands of Internet Users in October 2016
William Favre Slater, III, M.S., MBA, PMP, CISSP, CISA, SSCP, DCDP, ISO 20000, ITIL, IPv6
Slater Technologies, Inc.
The Mirai Botnet Attack of October 2016 used known security weaknesses in tens of thousands of Internet of Things (IoT) Devices to launch massive Distributed Denial of Services Attacks against DYN, which is a major DNS Service provider. The result was a notable performance degrades in tens of thousands of businesses who rely heavily on the Internet. A short time later, the Mirai Botnet code was shared on the Internet as it was placed into Open Source. With the exponential rise of the population of IoT devices, what does the Mirai Botnet attack mean for the future of Internet Security? This presentation will examine the implications of the Mirai Botnet code and the explosion of IoT.
Bill is joining Silver Tree Services as the newly established Cybersecurity Practice Lead. He is an experienced senior IT project manager, program manager, senior IT consultant, professor and author. Prior to this position, he worked as an Information Security Engineer at a Fintech company where he established their cybersecurity management program practices, performed penetration testing and vulnerability management, and played a key role in helping his client successfully pass their first SOC2 audit. Prior to that he was a global cybersecurity manager, and in 2008 was also the first Data Center Manager for the gigantic Microsoft Chicago Cloud Data Center located near Oâ€™Hare International Airport. He has worked in various industries delivering projects in security, application development and conversion, infrastructure, and IT service management. In his first job out of college, as a young U.S. Air Force computer systems staff officer, he supported the automated command control software for Strategic Air Command at Offutt Air Force Base, Nebraska. Today, Bill is also an adjunct professor at the Illinois Institute of Technology, specializing in the areas of data center operations, data center architecture, data warehousing and information technology hardware and software. He also develops and teaches cybersecurity classes at Triton College, in River Grove, Illinois. Bill has earned three graduate degrees and a bachelor degree: an M.S. in Cybersecurity from Bellevue University in Bellevue, Nebraska, an M.B.A. and M.S. from the University of Phoenix, and a B.S. in Engineering Technology (major was Computer Systems Technology) from the University of Memphis. Bill is also an internationally published author who has written scores of articles and presentations on many topics, especially in the area of cybersecurity management. He also conducts research, and prepares and deliver technical topics in cybersecurity management at three local conferences each year since 2012.
Mobile app security inferno: Sifting through the ashes of data at rest
The mobile landscape is growing rapidly, exposing new threats on its landscape. Whether you've never performed mobile app penetration testing or need a refresher, join us for an intensive tutorial explaining how to conduct penetration testing on Android and iOS apps. We will be discussing common tools and practices necessary to test mobile apps, and diving deeper into the "data at rest" aspect of the mobile attack surface.
As the software support engineer at NowSecure, Tony Ramirez enhances test coverage for mobile application penetration testing iOS and Android apps. His expertise in mobile wows customers as he troubleshoots their obstacles in performing mobile app security assessments. Tony holds a master's degree in cyber forensics and security from Illinois Institute of Technology.
Mobile Security: Trends and Emerging Threats
Federal Bank of Chicago
Mobile devices are ubiquitous but how secure are they? Do we truly understand the risks we are taking with the vast amounts of data we capture, store and transmit when we use our devices? This presentation will highlight some of the trends in security across the mobile ecosystem from the physical device to the mobile network operators to the app stores to the apps we use everyday. We will discuss how emerging threats, such as mobile malware, are causing practitioners to change the way their approach to security. Whether you are a business developing or selling mobile services or a consumer of mobile services, you will benefit from hearing real-life cases that will help you reframe how you think about mobile security practices.
Sandra J.H. Rolnicki is part of the Supervision and Regulation (S&R) Department of the Federal Reserve Bank of Chicago (FRBC). She leads a team of risk management professionals who are responsible for assessing inherent and residual Information Technology (IT) and Operational risk at institutions within the FRBC’s portfolio and across the Federal Reserve System (FRS). She also participates in FRS initiatives on Vendor Risk Management and Cybersecurity. In addition, Ms. Rolnicki is a member of the instructor team with the FRBC’s Technology Lab, a hand-on training facility for U.S. and international regulators. She focuses on classes that feature topics such as Mobile Banking, Information Security Vulnerability Management and Virtual Currency. Prior to joining the FRBC, Ms. Rolnicki’s professional experience includes leadership roles in Internal Audit and Quality Assurance in the real estate, investment, telecommunications and consumer electronics industries. Ms. Rolnicki holds a Bachelor of Science degree in Industrial Engineering and a Master of Science degree in Information Technology, both from Northwestern University’s McCormick School of Engineering. She is currently pursuing a PhD degree in Management Science from Illinois Institute of Technology’s Stuart School of Business.
Public Information & Fake News
GATE America, Inc.
In today's changing times and speed of the news cycle, the increase in what is titled as "fake news", in accurate or just plain false has become a hot button topic both in the political world but with the general public. This presentation will explore fake news, how it can occur and the factors that contribute to it going viral at times.
Robert Tornabene is a law enforcement officer working with the Niles Illinois Police Department. In his 24 years in Law Enforcement Robert has worked in patrol, investigations and administration is presently serving in the capacity of Commander in the Administrative Division as Media Relations and Training Coordinator. Robert serves in the capacity of Public Information Officer for the Niles Police Department. Graduate in Northwestern University “Police School of Staff and Command”, Certified Public Information Officer, Social Media Manger Certified, FBI – Trained Public Information Officer State Certified Gang Specialist, State Certified Juvenile Specialist, State Certified Evidence Technician, Trained by Federal Bureau of Investigations in Domestic and International Terrorism, Trained in both basic, Advanced Reid Interview and Interrogation Techniques, Communications Tactics, Community Emergency Response Team Trainer, Terrorism Awareness, First Responders to Critical Incidents, Haz-Mat Awareness, Cops In Schools, School Violence Issues: Protecting Our Schools In Illinois, Terrorism Intelligence Specialist. Explosive Recognition: Bomb and Security Planning, and many more. Nationally certified I-SAFE Professional Development Trainer and Dignitary Protection Certified. Public Information Officer Trained.
Securing Secure Shell Interactive and Automated Access Management against Insider Threats
Defense Contractor in the Cyber Community (representing self)
Secure Shell (SSH) is a highly popular tool among system administrators as it provides a full suite of remote management tools and robust security. However, it also provides insiders with anonymity to do harm against their employer. This discussion will focus primarily on SSH clients and will provide techniques to reduce anonymity while preserving the robust security that secure shell provides. It will incorporate peer reviewed real world scenarios and will be based on National Institute National Institute of Standards and Technology Internal Report (NISTIR) 7966, “Security of Interactive and Automated Access Management Using Secure Shell (SSH).
Paul Collier a defense contractor in San Antonio, Texas and have been working in cyber security since 2007. His primary focus is on solving and configuring the crypto-piece for hardware and software systems to enable them to leverage Public Key Infrastructures (PKI); which is also known as PK-Enabling. He has also planned new PKIs for large commercial entities. He has a CISSP certification (#350519). He holds an MBA in Project Management from Amberton University and 14+ years in Information Assurance and 6 years in USAF Operational Test and Evaluation of Space and C4 ISR systems.
Sexting Investigations and Appropriate Consequences
Be Sure Law Enforcement Technology Training
The attendee will learn how and why our kids are involved in Sexting and ultimately become involved in Sextortion. We will examine the investigative process, a new cutting edge diversion program (JuvenileJusticeOnline.org) and how Law Enforcement curtails the spread of the Sexted images by submitting the images to the National Center for Missing and Exploited Children.
Detective Wistocki is the author of the "Illinois Sexting Law and Swatting Legislation" and is an expert in the field of sexting investigations and consequences. He is also a Law Enforcement Technology Instructor for the National Association of School Resource Officers (NASRO), Northeast Multi Regional Training (NEMRT) and the Department of Justice(DOJ). In addition, he created a webinar studio to train law enforcement remotely live throughout the United States in sexting and social network investigations and consults with schools across the country through his website www.besureconsulting.com and JuvenileJusticeOnline.org.
So your networked device is public...now what?
Joliet Junior College
Ever wonder what happens when your ISP provides an IPv6 address to your residence or business? This session explores the visibility of the attack surface when using IPv6. Participants will take from this presentation provisioning strategies of infrastructure devices from both the consumer and business perspective. To explore this concept, we will take you through some vectors of exploitation of a modern network protocol.
Joe Sullivan is a professor at Joliet Junior College and teaches for the Cisco Networking Academy. He has numerous certifications from IPv6 Sage to Palo Alto and Cisco Security. He has extensive experience with security, networking and collaborative services. He has designed authentication systems for Verizon and KDDI and is the principal innovator of two patents in VOIP. He has been honored by Cisco Systems with the Instructor Excellence Expert distinction and is currently studying Cloud infrastructure.
Tame Your Security and Compliance Program Using the NIST Cybersecurity Framework
Illinois Institute of Technology
Learn how the use of the NIST Cybersecurity Framework can help meet your organization's security program and compliance requirements. A case study will be presented for the SEC OCIE National Exam Program.
Bonnie A. Goins is an Adjunct Industry Professor of Information Technology Management at the Illinois Institute of Technology. She has over 23 years of experience in security management and assessment, risk management and assessment, business continuity/disaster recovery, incident response and security compliance with regulations and frameworks, such as the NIST Cybersecurity Framework, ISO 27001/2, ISO 20001/2, ITIL, PCI, HIPAA, SOX, NERC, FISMA and others. Ms. Goins also currently serves as a Principal Consultant for one of the largest global security consulting firms in the world and has been a trusted advisor/consultant to numerous Fortune 100 and 500 clients during her career in information security.
The Ethics and Economics of Risk: A Case of Privacy
University of Wisconsin - Parkside
It is standard for organizations to spend no more than they could lose due to risk. What happens if this protects the organization but leaves customers unprotected? If an organization also calculates risk from the customer perspective, this may lead to innovative products, a change in advertising, and more customers or higher-income products. Since this requires customer buy-in, it implies that customers need to also act responsibly. In many cases, an ethical organization may need to educate customers about their self-interest. This research briefly considers the ethical case of privacy involving mobile apps.
Susan Lincke PhD CISA is author of the text: Information Security: An Applied Approach. She is an Assoc. Professor at University of Wisconsin-Parkside. She was a recipient of a National Science Foundation grant dealing with information security and audit.
The Future of Credit Card Payment Application Security: PA-DSS vs P2PE
Coalfire Systems Inc.
The security of applications used for accepting credit card payments is at a crossroads. Traditionally, payment applications encrypt card holder data inside their applications, which still makes them vulnerable to exploits at merchants, even when compliant with the Payment Card Industry Data Security Standard (PCI DSS). Newer technologies, where the card number is encrypted at the point of swipe and never exposed to the merchant, such as Point-to-Point Encryption (P2PE) are gaining ground. The PCI Security Standards Council (PCI SSC) now has two standards covering both traditional and P2PE credit card payments. Which will win, PA-DSS or P2PE, or will the two co-exist? Which is really more secure?
Joel Dubin has been a PCI QSA and a PA-QSA for eight years and has conducted both PCI and PA-DSS assessments for companies and payment application vendors ranging from large companies to small mom-and-pop shops. He has conducted assessments in the US, Latin America, Europe and the Middle East and is well versed in the security trends in the credit card industry.
The Organized Mess and Business Ethics of Cyber Threat Intel
As a community, information security practitioners know less but profess to know MORE than anybody in terms of the ACTUAL attacks methods, payloads, and vulnerabilities in the wild. Independently, the “industry” has some of the brightest people on this planet with access to unmatched resources and unbridled enthusiasm. So, as the world connectivity infrastructure continues to improve and attack surfaces increase, what can we do to work together to provide a cohesive, non-limiting view of threat intelligence. We’ll discuss the current state of affairs, the blind spots, the ugly warts, and develop a plan to arm us all as security freedom fighters.
Top 10 things to do right now to stay out of the news
Companies are being breached at an alarming rate. While some attacks have gotten more advanced, most are taking advantage of obscure default settings and simple misconfigurations to gain access to your network and escalate privileges. This talk will focus on the top security controls that can be implemented at low cost and low impact to your network, ensuring maximum ROI of your Domain Admins valuable time. Missing this talk could mean risking your company’s reputation.
Ron is a Certified Information Systems Security Professional (CISSP) and Certified Computer Examiner (CCE) with 17 years of experience in offensive and proactive security measures, threat mitigation, breach response and digital forensics, and over 18 years total experience in Information Technology. Ron is a Partner in the independent firm, BTB Security. Ron founded BTB Security after successfully developing and leading professional consulting teams and global security organizations. Ron has an extensively varied background performing jobs in law enforcement, intelligence, and information security/forensics. Ron has experience on various systems, devices and applications and areas of focused expertise include security assessments, security monitoring, incident response, forensic investigations/examinations, and security organization implementation and review. Ron also has over twelve years’ experience in the programming of various languages.
Understanding how PKI can secure your organization
Health Care Services Corporation (HCSC)
This presentation will dissect how PKI cryptography works, and how it is used by Major corporations and the DOD to secure IT data... I will provide a detailed technical discussion of the various uses of PKI in the large corporate environments to smaller organizations. I will explain how HCSC has leveraged PKI to Secure every single bit of Data in their Organization, explaining that we expect to be breached... so we have proactively encrypted all data so that if a breech were to occur, there would be no loss of data.
Todd is currently the Sr. Cybersecurity Engineer / PKI SME, he currently manages the operational control of the entire HCSC Encryption operations, for Texas, Illinois, Oklahoma, New Mexico, and Montana. He taught the Bachelors Cybersecurity course, as an adjunct professor at ITT until they went out of business. He has over 7 years of working experience in the PKI security space, he worked for 2 yrs at Ft Huachuca, for the NSA in the JITC PKI laboratory. He worked for 1.5 Yrs at the Army Network Command applying PKI to Exchange Servers, he was brought to Texas to Migrate Alcon Inc. PKI to Novartis' PKI infrastructure. After that project he worked for Bank of America where he migrated their SHA-1 infrastructure to SHA-2. Then HCSC hired him away from Bank of America. He graduated from Bellevue University with Masters in Cybersecurity in 2013. He attained Bachelors in MIS / Economics from the University of Nebraska Lincoln, 1995. He was a Crew Chief in the USAF for 6 yrs working on F-111E and F-4G aircraft, a disability ended his military career. He currently live in Plano, Texas, and he is originally from Davey, Nebraska.