Matt Anthony is the VP for Security Remediation Services at The Herjavec Group. Prior to joining The Herjavec Group, Matt held numerous leadership positions focused in enterprise security programs, most recently at Alberta Health Services, a $14 billion, 115 seat enterprise.
Matt has been at the forefront of the information security practice for many years, building and implementing effective programs to govern and manage risk. He has developed and operated Security Operations Centres, led security incident response practices, created policy and governance frameworks, and implemented and operated digital investigation teams. Matt believes strongly in positioning information security as an enabler of business by promoting an architectural and risk-based approach to program development and management.
Credit card theft has dominated the information security headlines recently and for good reason. This talk will demonstrate (with both Chip & PIN and magnetic stripe credit cards) how malware is able to steal the most critical details. It will also delve into the underground economy and explore how the stolen data is stolen, used and ultimately exploited to the criminals' benefit.
October 21, 2014 | Security Fundamentals (803) | 14:40 - 15:40
Ever wonder what the next big information security threat will be? So do we… and let’s face it, if we knew for certain, we would be keeping quiet and likely very rich. However, this panel session brings together a group with their collective finger on the pulse of information security in Canada and beyond, who all have unique perspectives. We encourage you to join us to find out where the panel thinks the next big threats are, and discuss what we can do reduce the associated risk. This will be an interactive session, so we encourage you to bring along your suggestions and questions for the panel based on what you have heard throughout the conference.
October 22, 2014 | Tech 3 (801b) | 14:40 - 15:40
In early 2014 Kaspersky Labs reported on an extremely advanced malware sample that was used in a sophisticated espionage campaign (http://bit.ly/1bl4L0e). As with many samples seen in these types of campaigns (Stuxnet, Duqu, etc.), Careto went undetected for a long period of time, even on systems with updated AV and HIPs products installed. In this presentation I will show how memory forensics, which analyzes the state of a system without relying on any built-in APIs, can be used to detect such malware either on the running system or during offline analysis. During the presentation, the open-source Volatility memory forensics framework will be used to demonstrate how to detect Careto’s most advanced techniques, including stealthy DLL injection, process hollowing, and kernel hooking. The presentation will also briefly touch on how enterprises can use memory forensics in proactive detection of unknown malware samples.
October 22, 2014 | Tech 2 (801a) | 10:15 - 11:15
Aamir Lakhani is a cyber security researcher and practitioner with Fortinet and FortiGuard Labs, with over 10 years of experience in the security industry. He is responsible to provide IT security solutions to major commercial and federal enterprise organizations. Lakhani has designed cyber solutions for defense and intelligence agencies, and has assisted organizations in defending themselves from active strike back attacks perpetrated by underground cyber groups. Lakhani is considered an industry leader in support of detailed architectural engagements and projects on topics related to cyber defense, mobile application threats, malware and advanced persistent threat (APT) research.
In its recent list of 46 Federal Technology Experts to Follow on Twitter, FedTech magazine described Aamir Lakhani as "a blogger, infosec specialist, super hero...and all around good guy." Lakhani runs blog, DrChaos.com which was ranked as a leading source for cyber security by FedTech Magazine. Additionally, he is a published author, has been featured on Federal News Radio. His books include Web Penetration Testing with Kali Linux, XenMobile MDM, and the soon to be released Pentesting with Kali Linux on Raspberry Pi.
Aamir Lakhani has presented research and strategy world-wide at many security conferences, and participates on advisory boards for organizations centered around Cyber Defense. He is participating with the National Science Foundation with their proposal to create The National Cyber Security Sports Federation (NCSF) for high school students. He continues to dedicate his career to security, research and education.
How Hackers get caught
Everyone sees the daily stories about hackers stealing personal data and credit cards but the media moves on to the newest breach the next week. What happens to these cases and the criminals behind them?
This presentation will cover Law Enforcement (the good), criminals and their motives (the bad) and the dumb things hackers do to get themselves caught (the idiots). We will talk about malware, social media, the criminal underground and a handful of other items related to digital crimes investigation.
October 22, 2014 | Security Fundamentals (803) | 10:15 - 11:15
We’re all aware that the cyber threat landscape continues to shift and evolve at a staggering pace. Attacks are becoming more sophisticated and let’s face it - the notion that signatures are dead is an exaggeration. Cyber security is continuing to shift too, as industry experts begin to prescribe continuous monitoring over incident response. Recognizing the need to identify adaptive, integrated security protection architectures, IT research and advisory juggernaut Gartner recently announced the development of a new solutions category called Continuous Active Threat Protection. Listen as eSentire’s Founder and Chief Security Strategist Eldon Sprickerhoff outlines Gartner’s 5-Style Advanced Threat Defense Model and how the shift toward continuous monitoring will impact next generation security platforms and the evolution of security as a service.
The key takeaways for this session are: 'Learn more about the key elements of an adaptive security architecture (ASA) and how organizations can plan for integration' and 'The cascade effect: how ASA can help enterprise protect their vendor endpoints'.
October 22, 2014 | Tech 1 (718a) | 11:30 - 12:00
Defenders are at a huge disadvantage, often investigating compromise with educated guesses based on theoretical knowledge of kill chains, anomaly detection, and IOCs. Experience adds the benefit of recognizing what has been done before, but few blue team members understand how attacks work and how attackers move or escalate during attacks. This talk will explore vulnerability discovery, attack flow, escalation paths, final compromise, and exfiltration for our most investigated incidents. Organizations that feel safe with vulnerability scanning, firewalls, anti-virus, and carefully considered risk prioritization will want to reconsider how effective these controls really are in light of the patterns revealed by these investigations. But, don't fret! Practical recommendations will be made about how to help better secure the enterprise using a better understanding of attacker tactics. Strategic solutions as well as point solutions with low or no cost will be discussed.
October 21, 2014 | Tech 1 (718a) | 13:25 - 14:25
This presentation is designed to provide practical career advice to aspiring penetration testers, or those who want more insight into what the actual day to day life of a penetration tester is like. This presentation examines social, psychological, and physical issues surrounding a career in one of information security's most popular fields.
October 21, 2014 | Security Fundamentals (803) | 10:15 - 11:15
Heather Pilkington is a penetration tester with prior experience inside Threat and Vulnerability Management, and more than 10 years in Information Security overall. In her spare time, she is a curator of cute animal photos, a technical editor, and a fiction writer. Heather is known for a fast-paced and humorous presentation style.