9:00 am - 9:15 am CT 2:00 pm - 2:15 pm UTC | Track One Opening Remarks Emily Neuens, Product Marketing Manager, Cyber Defense & New2Cyber |
9:00 am - 4:00 pm CT 2:00 pm - 9:00 pm UTC | Track One Capture the Flag (CTF) hosted by KC7Cyber Join us for a free Capture the Flag (CTF) challenge hosted by KC7Cyber. In this CTF, you will get to investigate a real-world scenario using tools that mirror what security analysts at top companies use, and immerse yourself in a compelling story-driven challenge crafted by threat intelligence experts. KC7Cyber is dedicated to breaking down barriers in cybersecurity training by providing accessible, hands-on learning experiences for individuals of all skill levels, all within a gamelike and fun environment. Best of all, KC7Cyber is completely free to use! - Anyone can do this!
- Sign up for a free account at: https://kc7cyber.com/register
You'll also need a free Microsoft account to access the data. Register here: https://signup.live.com/signup
Show More
|
9:15 am - 10:00 am CT 2:15 pm - 3:00 pm UTC | Track One Keynote | The Fast-Food Effect: Translating Fast-Food Mastery into Cross-Industry Success In the dynamic realm of fast-food, efficiency, consistency, and adaptability are not mere objectives—they are essential mandates. "The Fast-Food Effect" unveils how a fast-food giant imparts invaluable lessons for enduring success in the field of cybersecurity. This keynote affirms skills from other industries can be repurposed to the cyber sector and security operations.
Show More
|
10:00 am - 10:15 am CT 3:00 pm - 3:15 pm UTC | Track One Break |
10:15 am - 10:50 am CT 3:15 pm - 3:50 pm UTC | Track One Breaking the Mold: How Two Women from Non-Technical Backgrounds Broke into Cybersecurity. Maril Vernon, Senior Security Engineer- Purple Team Lead, Aquia Inc. Have you ever heard of women breaking into cybersecurity form non-technical backgrounds with literally no technical experience to lean on? Have you ever heard of them doing it TWICE!? It’s no secret how difficult breaking in to cybersecurity is this talk will feature the inspiring stories of two women who successfully broke into, learned, and excelled in cybersecurity from non-technical backgrounds. One is now a well-known ethical hacker and Purple Team pioneer, who created her own niche. The other is just starting out in her GRC career and is already making waves in the world of Zero Trust. They will share their experiences, including the challenges they faced, the steps they took to learn cybersecurity skills, and their journeys to their current roles. The talk will compare and contrast their journeys, highlighting the similarities and differences and how their non-technical backgrounds influenced their paths. Attendees will gain valuable insights and advice on how to pursue cybersecurity careers from non-technical backgrounds.
Show More
|
10:15 am - 10:50 am CT 3:15 pm - 3:50 pm UTC | New2Cyber en Espanol El final de la era del profesional de seguridad Esta charla de 35 minutos está enfocada a proponer la idea de lo que debe dejar el profesional de seguridad atrás para amoldarse a la nueva realidad de la seguridad, a ser un profesional más flexible, resiliente y sobre todo productivo. Detrás de la charla está la idea relacionada conque debemos ser más unos profesionales de confianza y resiliencia que de seguridad, que debemos evolucionar en capacidades humanas y cuan importantes estás son en cualquier posición para desempeñar nuestro rol.
Show More
|
10:55 am - 11:30 am CT 3:55 pm - 4:30 pm UTC | Track One Detection Engineers Unveiled: A Day in the Life and the Path to This Exciting Career Embark on a journey with us into the world of Detection Engineering to discover what our daily life is like, and more. This virtual presentation will clarify the roles, responsibilities, and essential skills of this amazing career. If you're just starting your cybersecurity career or looking to pivot, finding the right path for you can be tough. We've designed this session to guide you towards a successful career in Detection Engineer.
We'll dive into the key skills you need for success, and show you how to develop and showcase them effectively. From programming, analytical thinking, to understanding cybersecurity concepts and explaining complex ideas, we'll break it all down. Our aim is to empower you to explore the world of Detection Engineering and provide the knowledge and motivation required for success in this industry. Whether you're a new graduate, a career switcher, or an ambitious security analyst, this presentation offers practical guidance for your journey.
This isn't just a peek into the life of Detection Engineers; it's a roadmap to a rewarding career. Join us as we share the secrets to thriving in the world of Detection Engineering and help you shape your future in the cybersecurity space.
Show More
|
10:55 am - 11:30 am CT 3:55 pm - 4:30 pm UTC | New2Cyber en Espanol Automatizando su salida de las cosas aburridas para los analistas de seguridad Esta sesión trata sobre un día en la vida de un analista de seguridad y cómo Python y otros lenguajes de programación pueden usarse como multiplicadores de fuerza para trabajar de manera más inteligente. Algunos problemas que enfrentan los analistas de seguridad, especialmente los analistas de nivel 1, son muy monótonos y muy simples. por naturaleza. Recibes un correo electrónico o un ticket que inicia el proceso de obtener información de una plataforma determinada y agregarle contexto solicitando datos adicionales de un número definido de plataformas para iniciar o ignorar una investigación. Este proceso exacto se repite decenas o cientos de veces cada mes. En esta sesión, resaltaré la importancia de aprender secuencias de comandos básicas para aumentar la productividad, liberarse del aburrimiento y prevenir el agotamiento. Los asistentes a esta sesión aprenderán sobre la importancia de las secuencias de comandos y la automatización para aumentar la productividad, reducir el agotamiento y cómo identificar actividades ideales para la automatización que requieren mucho tiempo.
Show More
|
11:35 am - 12:25 pm CT 4:35 pm - 5:25 pm UTC | Track One Panel | Your First Cyber Role: Aspiring Cybersecurity Professional to Employed Sara Ricci, Former Information Risk Governance and Resilience Executive, Hudson's Bay Company With many ways to enter the cybersecurity industry, having skills is just one part of landing your first role. This panel aims to provide a comprehensive introduction to the cyber workforce, offering valuable insights into fundamental security concepts, potential career paths, mentorship, and current industry dynamics. Whether you are a recent graduate, transitioning industries, or simply curious about cybersecurity, this talk is designed to furnish you with the necessary knowledge and resources to confidently navigate the cyber landscape and excel in this ever-changing field.
Show More
|
11:35 am - 12:25 pm CT 4:35 pm - 5:25 pm UTC | New2Cyber en Espanol Conciencia de Seguridad - Mitos y verdades ¿Qué habilidades se necesitan para actuar como un experto en concientización sobre la seguridad de la información? ¿Cómo es el día a día de este profesional? En esta charla, presentaré algunos ejemplos, casos de éxito y hablaré sobre la formación necesaria para trabajar en esta función, que ha crecido exponencialmente con el paso de los años.
Show More
|
12:30 pm - 1:15 pm CT 5:30 pm - 6:15 pm UTC | Track One Lunch & Learn 12:35-1:00 pm CT | Unlocking Your Future: Launch Your Career with SANS Foundations and Live Q&A with James Lyne Are you ready to unlock the door to a thrilling career in cybersecurity? Whether you're a fresh graduate or a seasoned professional looking to switch gears, this lunchtime takeover with James Lyne, Chief Technology & Innovation Officer at SANS, will put you on the path to success. As our digital world grows, cybersecurity's role is more critical than ever. Yet, despite the soaring demand for cybersecurity talent, a significant skills gap leaves many organizations at risk. That's where the SEC275: SANS Foundations course steps in—your launchpad into mastering the fundamentals of cybersecurity. Peek behind the curtain of this game-changing course and see how it lays the groundwork for a career in defending the digital frontier. But this is just the beginning. The cybersecurity journey offers endless paths for growth and expertise. This session will guide you through the possibilities that lie beyond SEC275, setting the stage for a lifetime of achievement in the cybersecurity sphere. Embarking on this journey with SANS isn't just about entering the cybersecurity field—it's about excelling in it. Seize this opportunity and join us to take your first step toward becoming the cybersecurity expert the future needs.
Show More
|
1:15 pm - 1:50 pm CT 6:15 pm - 6:50 pm UTC | Track One From Rogue to Vanguard: My Odyssey through the Cyber Realm In this candid narrative, I will share my unique journey from a past of transgressions to a present of indispensable service in the cybersecurity domain. My trajectory saw me evolve from a criminal to a Special Forces soldier blending cyber skills with Human Intelligence (HUMINT), and further, to a cyber instructor for the Department of Defense (DoD) and presently, a Senior Solutions Engineer with SANS. Each chapter of my journey, although seemingly disparate, was instrumental in honing a rich array of skills which are now my arsenal in the cybersecurity battlefield.
The summit’s theme, “New2Cyber: A Day in the Life,” resonates profoundly with my experiences, demonstrating how unconventional paths can lead to mastering the cyber realm. My talk will provide a deep dive into how the accrued skills from varied stints contributed to my current success, without a clear trajectory towards the present role. I will explore themes of leadership in non-hierarchical settings, bridging the gap between technology and business stakeholders, and the indispensable core security skills.
Furthermore, I’ll share insights on making the leap into the cyber security field, the value of hands-on experience gained through Capture the Flag (CTF) competitions, and the art of effective communication in this domain. My story seeks to inspire and guide individuals at all career stages, illuminating the boundless opportunities within cybersecurity, and how an open, learning-centered trajectory, peppered with a blend of unconventional experiences, can carve out a successful and fulfilling career in this dynamic field.
Join me as I unravel the tapestry of my professional odyssey, offering a blend of motivational narrative, practical insights, and actionable advice for aspiring and seasoned cybersecurity practitioners alike. Through my narrative, attendees will glean an understanding of how to leverage diverse experiences, continually learn, and adapt in the ever-evolving cybersecurity landscape.
Show More
|
1:15 pm - 1:50 pm CT 6:15 pm - 6:50 pm UTC | New2Cyber en Espanol Mi Primer Trabajo - Descubriendo la Realidad Laboral Conseguiste tu primer oferta de empleo en ciberseguridad, la aceptaste y estás en tu primer día de trabajo! Crees que todo irá perfecto, pero descubres la realidad del ambiente laboral. Esta charla profundiza en los pasos cruciales que hay que dar al conseguir un nuevo empleo y navegar por las fases iniciales de adaptación dentro de la organización. Se hace hincapié en la comprensión de la empresa, la delimitación de tareas, el tratamiento de los puntos débiles y la comunicación eficaz.
El objetivo de esta charla es enseñar a las personas un enfoque estructurado para la integración sin resbalones en un nuevo trabajo, haciendo énfasis en la importancia de comprender el negocio, la eficiencia de la gestión y la responsabilidad.
Show More
|
1:55 pm - 2:30 pm CT 6:55 pm - 7:30 pm UTC | Track One Unmasking Organizational Culture: Harnessing OSINT for Better Informed Career Decisions Culture is an organization's DNA and may be the most overlooked factor in evaluating a job offer or in researching new opportunities. Does an organization's actual culture align with what it purports to be? Is it an environment where you’ll be engaged, valued, rewarded, and where you can thrive? For those new to the field, this talk will shed light on the often-overlooked aspect of corporate culture when evaluating potential partners, vendors, or employers.
Before signing a contract, it is essential to take a critical look of the organization you're considering aligning with. Open-source intelligence (OSINT) tools offer a powerful and readily available means to assess and evaluate this intangible yet vital component of any professional relationship.
This presentation will explore:
• What is Corporate Culture? - We will define corporate culture and its significance in business relationships and decision-making. We will discuss how it influences a company's values, ethics, goals, and more.
• Why Assess Corporate Culture? - Discover why understanding a company's culture is not just a "nice to have" but a critical aspect of making informed choices. We will emphasize how a poor cultural fit can lead to stress, frustration, and worse.
• Leveraging OSINT Tools - Learn about the open-source information-gathering tools and techniques available for assessing corporate culture. This includes examining publicly available data, social media presence, employee reviews, and more.
• Questions You Should Be Asking- We will discuss the questions that should be part of your standard prep and initial call to understand better and validate your findings, help you dive deeper, and demonstrate that you’ve done your homework.
• Conclusion and Next Steps - We'll wrap up by discussing the long-term benefits of integrating corporate culture assessments into your decision-making process and how this can contribute to personal and professional growth.
This talk is tailored for individuals new to information security but is equally relevant for anyone involved in changing organizations, job roles, career advancement, or evaluating new opportunities. By the end of this presentation, attendees will have a clear understanding of why assessing corporate culture is crucial, along with practical knowledge of how to effectively use OSINT tools to make informed choices when considering any professional relationship.
Show More
|
1:55 pm - 2:30 pm CT 6:55 pm - 7:30 pm UTC | New2Cyber en Espanol Te mereces tu éxito Me encantaría tener la oportunidad de compartir mi trayectoria a mi posición actual como Directora de Innovación Tecnológica en Darktrace. Mi trayectoria hacia una carrera en ciberseguridad no es la más tradicional. Como estadounidense de primera generación, asistí a la universidad en UC Berkeley, sin saber exactamente qué carrera quería seguir y cómo funcionaba la universidad en los EE. UU. Por resultado, cuando inicié la universidad tuve que salirme de mi primera clase de Cálculo en la universidad porque no estaba preparada para ella. Esta fue una experiencia súper importante para mí porque es donde aprendí que estaba bien dar un paso atrás para poder dar un paso adelante. En el futuro, terminé especializándome en Matemáticas Aplicadas y Literatura Portuguesa. Una lección clave para mí fue no seguir una carrera basada en un título, sino investigar qué estaría haciendo. Entonces, cuando me gradué, busqué un trabajo donde pudiera combinar mi pasión por idiomas, español y portugués, con mis habilidades técnicas. Cuando solicité mi primer trabajo como analista de amenazas cibernéticas en Darktrace, no cumplía con todos los requisitos de la descripción del trabajo. Sin embargo, esto no me disuadió de postularme porque confiaba en que tenía algo único que aportar a la empresa: mis habilidades lingüísticas y mi conciencia multicultural, que de hecho me sirvieron como una enorme ventaja competitiva, que finalmente me permitió conseguir el trabajo. Comencé como analista de amenazas cibernéticas, y aprovechaba cada oportunidad disponible para destacarme, tomando iniciativa para apoyar donde fuera que hubiese la oportunidad. Esta iniciativa propia que mostré finalmente me ayudó a construir una buena reputación y me brindó la oportunidad de ser ascendida a múltiples trabajos dentro de la empresa, incluyendo el de especialista en producto industrial, Líder del Equipo de Analistas, Consultora Analista Senior y, en última instancia, ser ascendida a Directora de Innovación Tecnológica. Mi camino hacia este puesto incluyó entrar a espacios en los que era minoría, como mujer POC en ciberseguridad. Espacios donde tuve que identificar que en realidad estaba sufriendo el síndrome de impostor. Fue a través de esto que aprendí la importancia de contar con el apoyo de colegas de mayor rango que yo, que me orientaron en diferentes situaciones. Espero poder compartir mi experiencia con una audiencia a la que esto pueda resonar e incluso motivarlos a tomar riesgos cuando sientan que no cumplen con todos los requisitos, que no poseen las habilidades y rasgos que los distinguen y, en última instancia, no tener miedo de perseguir metas para alcanzar las carreras de sus sueños. Quiero hablarle a una audiencia donde a veces podemos culpar a la suerte o sentir que no merecemos el trabajo que queremos, y resaltar que no es suerte, es nuestra ética de trabajo y perseverancia, nuestra capacidad de buscar oportunidades y la habilidad de tomar las decisiones correctas que nos llevan al éxito.
Show More
|
2:35 pm - 3:15 pm CT 7:35 pm - 8:15 pm UTC | Track One Lightning Talks Michael Vien, Associate Director of CyberSecurity Operations , DTCC 2:35-2:45 | Chris Ante Day in the Life of a CTI Engineer What does a normal day for a Cyber Threat Intelligence (CTI) Engineer look like? In order to be an efficient analyst, one must also learn how to be a good engineer. The other way is just as true. This talk covers how a CTI Engineer sits at the intersection of both analysis and engineering. Reading CTI reports, decomposing Indicators-of-Compromise (IOCs), ingesting data into a CTI platform, and managing infrastructure are all in a day’s work. 2:45-2:55 | Dwight Turner Inclusive Cybersecurity: Tips for Hacking Barriers A brief or long talk making the case for minorities as expert risk assessors. Our neighborhoods are over-governed, we deal with an abnormal level of risk each day, and don't have the privilege of being non-compliant. This should be the backdrop for encouraging minorities to consider roles in cybersecurity, not to deter them. The talk would be rounded out with tips for newcomers, especially sharing experiences with Black Genius Academy (a Google Tech Equity Collective Initiative), dealing with imposter syndrome, focus, mentorship, and related issues. 2:55-3:05 | Michael Angelo Vien Mastering the Art of Human Connection: Insights from a Social Engineering Expert Join us for an enlightening session featuring a distinguished social engineering expert who will delve into the captivating world of human connection and manipulation. In this talk our speaker will share riveting stories and real-life experiences, unveiling the subtle nuances and psychological tactics employed in the realm of social engineering.
Drawing from a wealth of hands-on encounters, our expert will explore the intricacies of human behavior, dissecting the art and science of influence, trust-building, and persuasion. Through a series of engaging narratives, attendees will gain valuable insights into the techniques used by social engineers to navigate the complexities of social interactions both online and off.
This session promises to be an eye-opening exploration of the human psyche, revealing how individuals can be subtly influenced, and awareness can be a powerful shield against manipulation. Attendees will leave equipped with a deeper understanding of social engineering techniques, enabling them to recognize and defend against such tactics in their personal and professional lives.
Prepare to be captivated by compelling anecdotes, actionable insights, and a newfound awareness of the power of human connection, as our expert guides you through the fascinating world of social engineering. 3:05-3:15 | Nandita Rao Narla A Career Journey from Security to Privacy Engineering Abstract
In an era where data privacy is paramount, professionals in the cybersecurity landscape find themselves at the crossroads of evolution. This talk will map the personal and professional journey of a seasoned security engineer into the emerging field of privacy engineering. The presentation will address the fundamental differences between security and privacy engineering, emphasizing the unique skill sets and perspectives required for success in the latter. Attendees will gain insights into the intricacies of navigating this career pivot, including the acquisition of new knowledge, the cultivation of a ‘harms’ focused mindset, and the adaptation of existing security expertise to the dynamic privacy landscape. Through personal anecdotes, lessons learned, and practical advice, the talk aims to inspire fellow security professionals to consider and navigate a similar transition. Whether you are contemplating a career shift or seeking to enhance your skills, join us to discuss a roadmap for leveraging security expertise as a foundation for success in the privacy engineering domain.
Show More
|
3:15 pm - 3:30 pm CT 8:15 pm - 8:30 pm UTC | Track One Break |
3:30 pm - 4:15 pm CT 8:30 pm - 9:15 pm UTC | Track One Panel | Paving Our Own Path: Leveraging Diverse Perspectives to a Successful Career in Cybersecurity Tamara Warren, Security Industry Specialist , Amazon Web Services (AWS) Discover inspiring stories from accomplished women who transitioned into cybersecurity from nontraditional careers such as middle school educator, human resources, banking, and public health.
Our diverse panel will share personal journeys, shedding light on the unspoken challenges of navigating this pivot, including decoding industry jargon, the certification dilemma, the pivotal role of networking, and the perpetual commitment to continuous learning. Attendees can expect valuable insights, practical advice, and actionable takeaways to inspire and guide their own paths into the dynamic field of Cybersecurity.
Show More
|
4:15 pm - 4:30 pm CT 9:15 pm - 9:30 pm UTC | Track One Wrap-Up |