Timeline | Session Description |
---|---|
10:30 AM | Opening RemarksIn the world of information security, it often feels like we are on the edge of our seats (or a rocky precipice), waiting for the next attack to take place – unsure of which network will be struck first. In the first half of 2021 alone, threat actors have launched attacks that have crippled pipelines and disrupted schools, hospitals, and supermarkets, demanding tens of millions of dollars in extortion fees and ransom payments along the way. It is easy to look at this landscape and feel like defenders do not stand a chance. However, the truth is quite the opposite.
Matt Bromiley, SANS Instructor |
10:45 AM | Zero Trust PanelIn the wake of the massive breach of computer systems of multiple government agencies discovered in December 2020, the US Federal Government is recommending that a Zero Trust security model be considered for all critical networks. As part of this major push to promote ZT adoption, DISA, NIST and NSA are releasing specific guidelines. NSA for example, notes that Zero Trust principles should be implemented in most aspects of a network and its operations ecosystems to become fully effective, while DISA highlights the need to rethink how we utilize existing infrastructure to implement security by design in a simpler and more efficient way while enabling unimpeded operations. Join this discussion to learn what is Zero Trust, what it is not, and how to apply it practically. Moderator: Ismael Valenzuela, SANS Instructor Panelists: |
11:25 AM | Malware and Ransomware in Federal EnvironmentCybersecurity threats are no stranger to most federal agencies. How big of a risk used to be driven by the particular agency. Sure, those in DoD and DoJ have long understood they are in the crosshairs. But what if you work at the U.S. Board of Geographic Names (yes, that's a real agency)? Ransomware is definitely in your threat model. But the reality is that malware is to every federal agency, regardless of size or mission. And they face a very motivated threat actor who won't run away just because another target is weaker. In this session, Jake will discuss why EVERY federal government agency (and contractor) can be used to satisfy an adversary's intelligence requirements (even if it's "only" through a supply chain attack). Then we'll discuss what you can do with that knowledge to ruin an adversary's day (or at least make them work a LOT harder). Jake Williams, SANS Instructor |
11:55 AM | Endpoint PanelEndpoints represent perhaps the widest and most diverse footprint that any organization can have. Encompassing old and new technologies, endpoints present multiple challenges as they cannot simply be secured with the “push of a button.” Join us for this expert panel discussion where we look at modern endpoint detection and response technologies, and how they assist organizations in defending against attacks – today and tomorrow. Moderator: Matt Bromiley, SANS Instructor Panelists: |
12:35 PM | Break |
12:45 PM | Degree Programs & Funding for Federal EmployeesThis session provides an overview of the SANS Technology Institute (SANS.edu), an accredited college offering career-focused graduate and undergraduate programs at the cutting edge of cybersecurity. At this event, you’ll learn about the curriculum, faculty, and flexible structure of the SANS.edu programs, as well as the admissions process. We’ll focus on options Federal Employees, like FBI or DoD, may pursue to cover the cost of tuition and discuss how previously completed SANS courses and GIAC certifications may be applied to programs at SANS.edu. Kim Kafka, Admissions Specialist, SANS Technology Institute |
1:15 PM | Congratulations! You're a supervisor!It's a common scenario: We need to hire or backfill a team lead or supervisor so we reach into the team, tap the team's top contributor, and "promote" them. Unfortunately, we sometimes forget that the skills that make a top contributor aren't usually the same skills that make a good supervisor. If we don't give our newly minted supervisors the skills and knowledge they need to succeed, then it's our fault if they fail - not theirs. This session will cover key differences between individual contributor and supervisory roles, common issues faced by unprepared supervisors, and how we can help our newly minted supervisors flourish. Greg Scheidel, IronVine & SANS Instructor |
1:45 PM | Identity & Access Management PanelIdentify is much more than a simple username and password. Now and in the future, to better secure our customers and organizations, we will have to improve in how we identify our users. Data breaches are in the national media every week, how can better stop this from happening? Zero Trust offers possibilities, but perhaps complexity in implementation. Passwords are legacy while other factors such as biometrics offers better ease-of use and in many cases better security, are we seeing biometrics and other factors implemented instead of passwords and at which rate? Ransomware has been a bane against our industries for many years now, and the threat actors are much more cautious and smarter in their deployments, often requiring reactions from organizations within hours of incidents developing. Can Endpoint, Detection and Response keep up? Do we have the necessary escalation chains to isolate and prevent further damages fast enough, often impacting valuable production environments. Moderator: Chris Dale, SANS Instructor Panelists: |
2:25 PM | Wrap-Up
Matt Bromiley, SANS Instructor |