2019 Annual Information Technology Security Conference

2019 Annual Information Technology Security Conference

Commonwealth Charter Academy
1 Innovation Way | Harrisburg, PA 17110
Wednesday, September 18, 2019 | 8:30 am to 3:15 pm
Print Agenda

8 a.m.

Registration - Continental Breakfast, Exhibits Open

8:30 a.m.

Welcome and Opening Comments

  • Gene Barr, President and CEO, Pennsylvania Chamber of Business and Industry
8:35 a.m.

Keynote Speaker:  The Threats to U.S. Business Posed by China’s Technology Acquisition Efforts

  • William R. Evanina, Director, National Counterintelligence and Security Center

The National Counterintelligence and Security Center (NCSC) is led and staffed by a cadre of professionals with decades of national security and law enforcement expertise and varied analytic, investigative and policymaking backgrounds. The NCSC facilitates and enhances U.S. counterintelligence efforts and awareness by enabling the counterintelligence community to better identify, assess, prioritize and counter intelligence threats from foreign powers, terrorist groups, and other non-state entities; ensures that the counterintelligence community acts efficiently and effectively; and provides for the integration of all U.S. counterintelligence activities. 

9:10 a.m.

Keynote Speaker:  The Most Serious Threats Today and The Biggest Mistakes Companies Are Making in IT Security

  • Josh Shapiro, Pennsylvania Attorney General, Office of Attorney General

The Attorney General is Pennsylvania’s top law enforcement official, with a wide range of responsibilities to protect and serve the citizens and agencies of the Commonwealth. The Attorney General is served by a staff of several hundred prosecutors, attorneys, investigators, agents and support staff in offices across the state, divided into three sections: Criminal Law Division, Public Protection and Civil Law.  They are seeing a sharp increase in mistakes companies are making to protect against today’s most serious IT threats, including ransomware, data breaches, and customer/employee information stolen.  The Attorney General will provide a unique perspective on dealing with the biggest mistakes companies are making in IT security, and dealing with the today’s most serious IT threats. 

9:45 a.m.

Question and Answer Session with the Keynote Speakers

10 a.m. Refreshment Break – Exhibits Open
10:15 a.m.

Offensive Security & Defensive Tactics (Hands-on Workshop)

  • Charles Sgrillo, CISSP, Red Team Analyst, Vanguard’s Global Risk & Security Division; Professor, Cyber and Information Security, Drexel University

In this workshop attendees will learn the basics of offensive security and how attackers leverage tools and techniques to discover vulnerabilities in an organization. Attendees will leverage widely used, free, and open source tools to learn how to better protect their organizations. In completing this three hour workshop attendees will learn:

Offensive Security:

  • Applying the Cyber Kill Chain
  • Open Source Intelligence (OSINT)
  • Principles of vulnerability assessments and penetration testing
  • An introduction to weaponization and exploit development

Defensive Tactics:

  • How business decisions can create vulnerabilities
  • Designing technical solutions and business policies to better counter attackers
  • Applying controls and metrics to evaluate and baseline your cyber posture
  • Road mapping and strategic planning

Attendees participating in this lab should bring:

Noon Lunch – Exhibits Open
1 p.m.

Offensive Security & Defensive Tactics (Hands-on Workshop) (cont’d)

  • Charles Sgrillo, CISSP, Red Team Analyst, Vanguard’s Global Risk & Security Division; Professor, Cyber and Information Security, Drexel University
2 p.m. Refreshment Break – Exhibits Open
2:15 p.m.

The Many Layers of the Dark Web and Protecting Your Company

  • Connie G. Mastovich, Senior Cybersecurity Analyst, Reclamere

This presentation will provide fascinating information regarding the little-understood Dark Web portion of the internet.  If someone is accessing the Dark Web on a business network, there could be any number of compromises to the network.  And, if a business is not adequately securing their sensitive, confidential, or proprietary information, that information could end up for sale on the Dark Web.  We will discuss:

  • The Dark Web—how it works, what to look for, what all can go on there
  • Why it is important for security professionals to understand the Dark Web
  • How people find and access it
  • What law enforcement is doing to combat the activities there
  • How criminals try to avoid capture by using both technology and other methods
  • Recent evolution of Dark Web markets
  • Demos of actual Dark Web sites
  • Suggestions that security specialists can use to protect the information they handle on a daily basis from being exploited on the Dark Web.
3:15 p.m. Adjourn

Although some of the presenters are attorneys, nothing in this program should be construed as legal advice or as pertaining to specific factual situations.

Register to attend

Online registration for this event is now closed. For more information call 877.866.8965