Online Training Special Offer! Get an iPad Mini, Surface Go, or $300 Off thru Oct 2!

Rocky Mountain 2019

Denver, CO | Mon, Jul 15 - Sat, Jul 20, 2019
This event is over,
but there are more training opportunities.

Equifax, Congress, 148 million US taxpayer's information. What Went Wrong? What Lessons Can You Learn from This?

  • Christopher Crowley
  • Tuesday, July 16th, 7:15pm - 8:15pm

Large scale breaches of information have become commonplace in the news. The 2017 breach of Equifax, a US based company specializing in aggregation of information is a very important breach that has spawned an ongoing investigation by the US government. Why is this particular breach so interesting? Robert Smith, former CEO of Equifax described its value, "In fact, we have data on approaching one billion people. We have data on approaching 100 million companies around the world. The data assets are so large, so unique it is . . . credit data, it is financial data we have something like $20 trillion of wealth data on individuals, so how many annuities, mutual funds, equities you own. About $20 trillion on property data, so property that you might own what the value was when you bought it, what its worth today. Utility data, marketing data, I could go on and on and on but massive amounts of data."

This talk will walk through the publicly disclosed timeline of breach events that were the result of the US Congressional investigation, and highlight what companies can and should do to protect their own information assets. This guidance will be focused around implementing a Security Operations Center (SOC) and identify the challenges that all SOCs face in protecting complex information systems. For each challenge, a tangible and specific recommendation on how to address that issue will be highlighted.


Bonus Sessions

The following bonus sessions are open to all paid attendees at no additional cost. There are many different types of events that fall into these categories:

  • SANS@Night: Evening presentations given after day courses have ended. This category includes Keynotes.
  • Special Events: SANS-hosted events and other non-technical recreational offerings. This category includes, but is not limited to, Receptions and Information Tables.
Monday, July 15
Session Speaker Time Type
General Session - Welcome to SANS Bryan Simon Monday, July 15th, 8:00am - 8:30am Special Events
Finding Attacks and Compromises Before Day Zero David Hoelzer Monday, July 15th, 7:15pm - 9:15pm Keynote
Tuesday, July 16
Session Speaker Time Type
CYA by Using CIA Correctly For A Change Keith Palmgren Tuesday, July 16th, 7:15pm - 8:15pm SANS@Night
Equifax, Congress, 148 million US taxpayer's information. What Went Wrong? What Lessons Can You Learn from This? Christopher Crowley Tuesday, July 16th, 7:15pm - 8:15pm SANS@Night
Data Protection in the Public Cloud -- a Look at the Good, the Bad, and the Ugly Kenneth G. Hartman Tuesday, July 16th, 8:15pm - 9:15pm SANS@Night
Wednesday, July 17
Session Speaker Time Type
Demystifying XXE Serge Borso Wednesday, July 17th, 7:15pm - 8:15pm SANS@Night
OODA Security: Taking Back the Advantage Kevin Fiscus Wednesday, July 17th, 7:15pm - 8:15pm SANS@Night
The Offensive Defender | Cyberspace Trapping Matthew Toussain Wednesday, July 17th, 8:15pm - 9:15pm SANS@Night