DLP: How a lot of effort can potentially save you a lot of money Joel Rosenblatt Columbia University
Data loss prevention (DLP) is the process used to prevent sensitive information from leaving an institution accidentally or on purpose, without the proper authority or protection. Building a DLP program requires a lot of moving parts and will prove to be a challenge to any organization. By the end of this talk, you will understand what is required and why it is worth it.
InfoSec Observations from the Life of a Security Consultant Gary Brickhouse GuidePoint Security
What’s the difference between companies that have solid, mature information security programs and ones that seem to be constantly struggling to keep up? After working with many companies across multiple verticals and varied sizes, there are plenty of lessons to be learned from observations made across the industry. We will be taking a closer look at a few key information security trends and how you and your organization can improve your information security posture.
Security in the Telecommuting Workplace Sherry Horeanopoulos Fitchburg State University
Pretty much every College, University or K-12 school had a spring semester unlike anything they have ever experienced. The transition from Brick and Mortar to Online was accomplished via Bandaid Ripping! Those of us in the Information Security World were likely faced with – first – relaxing our security standards and – then – finding new ways to safely “compute” from the home office and make the experience as painless as possible. This session will feature both the relaxing of standards and the new thoughts on ramping up Security in an environment where working from home is probably the new “normal”.
Ransomware is Changing. Are You Ready? Sherry Davidoff LMG Security
Ransomware has evolved. Organized crime groups around the world are driving new developments to maximize monetization of each hack. Today, ransomware is often the last stage of a data breach, launched by criminals after they have already stolen massive volumes of data. Exposure threats are on the rise, as criminals threaten to publish data if they don’t receive their payment. Ransomware-as-a-service is booming, with a flood of new products competing on the dark web.
In this talk, you’ll see the latest ransomware in action, including screenshots from real-world cases. We’ll discuss strategies for preventing and responding to modern ransomware attacks, including common mistakes to avoid. Learn how to reduce your risk of a ransomware attack and respond effectively, now and in the future.
Presentation Handout (Coming Soon)
OSNIT: Common Tools and How to use them safely Siobhan Kelleher Tufts University
As security professionals we use Opensource Intelligence (OSINT) in one way or another almost every day of our lives. This talk will focus on using OSINT to find information about people. This can be a useful skill when trying to track a malicious user from email address to home address. It is also a very important topic to discuss in user awareness training to help prevent social engineering attacks like spear phishing. Additionally, there are opportunities where you can use your analytical skills to give back leveraging OSINT.