3 Days Left to Get an iPad Air w/ Smart Keyboard, Surface Go, or $300 Off with OnDemand or vLive Training thru 8/21!

Alaska 2016

Anchorage, AK | Mon, Aug 22 - Sat, Aug 27, 2016
This event is over,
but there are more training opportunities.

Are Your Networked Devices Working for You - or for Someone Else?

  • Matthew Caldwell, CISSP, BorderHawk, LLC
  • Wednesday, August 24th, 5:30pm - 7:00pm

"When you have eliminated the impossible, whatever remains, however improbable, must be the truth." - Doyle, Arthur C., 1890, The Sign of the Four

From Archimedes to Goodyear, discoveries sometimes happen that were not planned. This does not diminish the relevance or value of the discovery, rather, it highlights the value of the persistent and intelligent researcher who, once engaged with a problem, drives forward to find the solution.

For purposes of today‚s presentation, we will discuss the impact of globalization on supply chain management and its impact on cybersecurity. Globalization is a process driven by the international trade of nation states plus multi-national corporate investments. At its core lies big data in the form of data warehousing, encryption, and world-wide connectivity. Hypothetically, mature globalization, may result in a redistribution of wealth to multi-national corporations and reduce the importance of individual nation states (Orwell, George, 1984). For now, let‚s put aside the debate about whether or not globalization is truly in the best interest of the United States or the World and investigate what it means to provide corporate cybersecurity in a world that demands more and faster connectivity.

In a world where nation states and multi-national corporations sometimes compete as equals, we should expect the worst: espionage, bribery, sabotage, hacking, collusion, and every possible manner of electronic eavesdropping. Working independently, BorderHawk has found unmistakable evidence that some common Internet capable devices have been covertly modified to conceal malicious software in obscure code. Similar findings have been reported by Kaspersky Labs and Reuters News Agency (2014). This presentation will elaborate on BorderHawk‚s findings and present options for remediation.

Speaker bio: As BorderHawk‚s Chief Security Researcher, Matthew has brought unparalleled cybersecurity expertise to BorderHawk clients since 2010. Notably, Matthew was instrumental at BorderHawk‚s Anchorage Lab in identifying cyber risks and developing mitigation strategies associated with non-traditional information technology (IoT) used within certain energy company environments.

Matthew‚s cybersecurity career began as a Security Analyst, then an Information Security Special Projects Manager (responsible for all cybersecurity testing and investigative analysis involving hundreds of networks and systems), and later as co-founder of an innovative cybersecurity solutions company where he was instrumental in developing a first generation Security Information and Event Management (SIEM) system. Moreover, Matt‚s visionary cybersecurity development skills have been essential in assisting several emerging software companies in designing new cybersecurity related products.

Matthew is a Certified Information Systems Security Professional (CISSP) and holds United States Patent 7418733 August 26, 2008 for Security Event Management (SIM/SIEM/SEM).



Bonus Sessions

The following bonus sessions are open to all paid attendees at no additional cost. There are many different types of events that fall into these categories:

  • SANS@Night: Evening presentations given after day courses have ended. This category includes Keynotes.
  • Special Events: SANS-hosted events and other non-technical recreational offerings. This category includes, but is not limited to, Receptions and Information Tables.
Monday, August 22
Session Speaker Time Type
Discussion of Recent ICS Security Events Worldwide Michael Assante Monday, August 22nd, 6:30pm - 8:00pm Special Events
Tuesday, August 23
Session Speaker Time Type
How to Think about the Myriad of Cybersecurity Requirements & Challenges for Critical Infrastructure Organizations Mike Assante Tuesday, August 23rd, 5:30pm - 6:30pm SANS@Night
What We All Need to Learn from the Attack on the Ukrainian Power Grid Mike Assante Tuesday, August 23rd, 6:30pm - 7:30pm SANS@Night
Wednesday, August 24
Session Speaker Time Type
Are Your Networked Devices Working for You - or for Someone Else? Matthew Caldwell, CISSP, BorderHawk, LLC Wednesday, August 24th, 5:30pm - 7:00pm SANS@Night
Thursday, August 25
Session Speaker Time Type
Pennies of Prevention to Save Bitcoins Later: Avoiding A Ransomware Attack Mick Douglas Thursday, August 25th, 5:30pm - 6:30pm SANS@Night
Beyond IOCs: Pragmatic Attacker Identification Eric Cornelius Thursday, August 25th, 6:30pm - 7:30pm SANS@Night