Get an 11" iPad Pro, Surface Go 2, or $300 Off with OnDemand Training

Webcasts

To attend this webcast, login to your SANS Account or create your Account.

This webcast has been archived. To view the webcast login into your SANS Portal Account or create an account by clicking the "Get Registered" button on the right. Once you register, you can download the presentation slides below.

SANS Women in Cybersecurity Forum

  • Friday, April 24, 2020 at 10:00 AM EDT (2020-04-24 14:00:00 UTC)
  • Lesley Carhart, Diana Kelley, Katie Nickels, Heather Mahalik, Alissa Torres, Sarah Edwards, Rob Lee, Larry Whiteside, Rushmi Hasham, Beverly Benson, Parag Baxi, Humberto Hilario

Sponsors

  • Cisco Systems Inc.
  • CommVault Systems Inc.

You can now attend the webcast using your mobile device!

  

Overview

We've reached the registration limit for the Live Online version of this event. To be notified when the archived recording is available, please email SummitSpeakers@sans.org.

It would be fair to say 2020 hasn't shaped up to be the year any of us expected or hoped for. We're all wrestling with anxiety and uncertainty, personally and professionally. But even as the global economy shifts and contracts, cybersecurity talent remains in demand.

Businesses continue struggling to find talent in a variety of fascinating roles, and there are nearly infinite opportunities to learn and succeed. Despite this, Cybersecurity Ventures most recent study only reported a 9% increase in women practitioners, up from 11% in 2013. Women and non-binary people are increasingly opting for cybersecurity careers and rising through the ranks, but they still face unique challenges in doing so.

What career pathways have been effective? How have women in cybersecurity negotiated the challenges they faced? The Women in Cybersecurity Forum will look at successful women working in a variety of roles within the cybersecurity community. It will offer discussions and perspectives on key issues such as:

  • Getting started in the field
  • Valuable training experiences
  • Taking advantage of professional opportunities
  • Climbing the corporate ladder
  • Building learning and networking spaces that are welcoming to women and non-binary practitioners

Join our guest speakers, including:

  • Lesley Carhart, Principal Industrial Incident Responder, Dragos
  • Diana Kelley, Cybersecurity CTO, Microsoft
  • Katie Nickels, Principal Intelligence Analyst, Red Canary
  • Heather Mahalik, SANS Senior Instructor
  • Alissa Torres, SANS Principal Instructor
  • Rob Lee, SANS Fellow
  • Larry Whiteside, Jr., Co-Founder & President, ICMCP

Earn 4 CPE Credit hours for attending this webcast.

AGENDA

10:00-10:45am: Welcome & Keynote

Opportunity Amidst Uncertainty: Spinning Up Virtual Cons on a Shoestring

Lesley Carhart @hacks4pancakes, Principal Industrial Incident Responder, Dragos

Budgets have been slashed and travel is restricted or prohibited, but we still want and need both training and connection. Early March saw a flurry of virtual cybersecurity events, which are more important to our community than ever. Lesley will discuss her experience spinning up a 4000-attendee virtual conference in under one week, where the expenses and time-sinks come from and how to mitigate them, and lessons learned.

10:45-11:15 am: Diana Kelley, Cybersecurity Field CTO, Microsoft

Looking Forward by Looking Back: 3 Decades in Cybersecurity

Cybersecurity looked at lot different at the end of the 1980s - smartphones didn't exist and AI wasn't very intelligent - we didn't even call it cybersecurity at the time! But despite all of the rapid changes, many things have stayed the same like the core tenets of Confidentiality, Integrity, and Availability. In this talk I'll share how the work of cyber has changed in the past 30 years, lessons from the wonderful friends I've met along the journey, and the advice I'd give myself if I were just starting out all over again!

11:15-11:30am: Break

11:30 am 12:10 pm Panel:

Building Your Personal Brand for Career Success

Speaking at conferences, publishing or contributing to blogs, creating content and building networks on social media platforms like Twitter and LinkedIn, volunteering for leadership positions in industry associations there are myriad ways to build your personal brand as a cybersecurity professional. But how do you even get started? Is it worth the investment of time? What are the long-term benefits of building a personal brand? How does giving back to the infosec community help you personally?

Our panel of dynamic SANS instructors, all of whom regularly present at conferences, blog, publish books, mentor others in the industry, and contribute to social media communities, all while working full-time jobs and managing personal responsibilities, will share their own experiences and answer your questions.

Moderator: Katie Nickels @likethecoins, Principal Intelligence Analyst, Red Canary; Instructor, SANS Institute

Panelists:

  • Sarah Edwards @iameviltwin, Senior Digital Forensics Researcher, BlackBagTechnologies; Principal Instructor, SANS Institute
  • Rob Lee @robtlee, Fellow, SANS Institute
  • Heather Mahalik @HeatherMahalik, Senior Director of Digital Intelligence, Cellebrite; Senior Instructor, SANS Institute
  • Alissa Torres @sibertor, Consultant/Owner, Sibertor Forensics; Principal Instructor, SANS Institute

12:10 pm 12:40 pm Training with Purpose - During COVID-19

Rushmi Hasham- Director of Training and Certification, Rogers Cybersecure Catalyst at Ryerson University

Despite so many aspirational social media posts imploring us to use the time at home to take up new hobbies and learn other languages and grow our own food, most of us are just trying to make it from hour to hour in this surreal time. But there will be an After, and you can use this time to focus on post-lockdown career goals. Zeroing in on your purpose can help you cut through the noise of free online content available right now to make this time meaningful and set you up for greater success now and in better times. 

12:40-1:25pm: Panel:

Action Plan 2020: Hiring and Retaining a Diverse Workforce

Weve all talked exhaustively about the benefits of a diverse workforce, and most managers feel sure theyre committed to diversity and inclusion. But how do we walk the walk? The International Consortium of Minority Cybersecurity Professionals (ICMCP) has declared 2020 The Year of Action, developing specific tactics for hiring and retention, and metrics for individual accountability among hiring managers, so we can literally put our money where our mouths are when talking about diversity on our teams.

Moderator: Larry Whiteside, Jr., Co-Founder & President, ICMCP

Panelists:

  • Beverly Benson, Program Director of Information Technology and Security, The American Womens College
  • Parag Baxi, VP Product, NopSec
  • Humberto Hilario, Director of Education and Information Security Manager, PC AGE Career Institute

1:25-1:30 pm: Concluding Remarks

Lesley Carhart @hacks4pancakes, Principal Industrial Incident Responder, Dragos

Speaker Bios

Lesley Carhart

Lesley Carhart is a Principal Threat Analyst, Threat Operations Center at the industrial cyber security company Dragos, Inc. She is recognized as a subject matter expert in cybersecurity incident response and digital forensics, regularly speaking on the topic at conferences and universities. She has spent the last 11 years of her 20+ year IT career specializing in information security, with a heavy focus on response to nation-state adversary attacks. Prior to Dragos, she was the incident response team lead at Motorola Solutions, performing digital forensics and incident handling services for both enterprise and public safety customers. Her focus at Dragos is developing forensics and incident response tools and processes for uncharted areas of industrial systems. She is also a certified instructor for the Dragos “Assessing, Hunting and Monitoring Industrial Control System Networks” course.

In 2017, Lesley was named a “Top Woman in Cybersecurity” by Cyberscoop news and received the Guidance Enfuse conference “Women in Technology” award. She holds a Bachelor’s Degree in Network Technologies from DePaul University, A.A.S. in Avionics Systems and Electronics Systems, GIAC GCIH, GREM, GCFA, and GCFE certifications, and currently serves as a Cyber Systems NCO in the US Air Force Reserves.

In her free time, Lesley co-organizes resume and interview clinics at several cybersecurity conferences, blogs and tweets prolifically about infosec, and is a youth martial arts instructor.


Diana Kelley

Diana is the Cybersecurity Field CTO for Microsoft and a cybersecurity architect, executive advisor and author. At Microsoft she leverages her 30 years of cyber-risk and security experience to provide advice and guidance to CSOs, CIOs and CISOs at some of the world’s largest companies and is a contributor to the Microsoft Security Intelligence Report (SIR). In addition to her work at Microsoft, she serves on the ACM Ethics & Plagiarism Committee and guest lecturer at Boston College’s Masters in Cybersecurity program. Diana serves on the Board of Directors for two non-profits, WiCyS and Sightline Security and is also the volunteer CTO for Sightline. She is a member of the RSA US Program Committee for 2018-2021, one of Cybersecurity Ventures 100 Fascinating Females Fighting Cybercrime, an IEEE 2016 “Rock Star of Risk”, and co-authored the book Cryptographic Libraries for Developers. She worked at IBM where she built and managed the IBM Security Research publication process.


Katie Nickels

Katie is a SANS instructor for FOR578: Cyber Threat Intelligence and a Principal Intelligence Analyst for Red Canary. She has worked on cyber threat intelligence (CTI), network defense, and incident response for nearly a decade for the DoD, MITRE, Raytheon, and ManTech.  Katie hails from a liberal arts background with degrees from Smith College and Georgetown University, embracing the power of applying liberal arts prowess to cybersecurity. With more than a dozen publications to her name, Katie has shared her expertise with presentations at Black Hat, multiple SANS Summits, Sp4rkcon, and many other events. Katie has also served as a co-chair of the SANS CTI Summit and FIRST CTI Symposium. She was the 2018 recipient of the President's Award from the Women's Society of Cyberjutsu and serves as the Program Manager for the Cyberjutsu Girls Academy, which seeks to inspire young women to learn more about STEM. You can find Katie on Twitter @LiketheCoins


Heather Mahalik

Heather is the Senior Director of Digital Intelligence at Cellebrite.  At the SANS Institute, Heather is a senior instructor, author and the course lead for FOR585: Smartphone Forensic Analysis In-Depth. As if that isn't a full enough schedule, Heather also maintains www.smarterforensics.com, where she blogs and hosts work from the digital forensics community. She is the co-author of Practical Mobile Forensics (1st and 2nd editions), currently a best seller from Pack't Publishing, and the technical editor for Learning Android Forensics from Pack't Publishing.


Alissa Torres

Alissa Torres is founder and senior consultant for Sibertor Forensics. She is an experienced digital forensic investigator specializing in advanced computer forensics and incident response, recently serving as an advisor for an international CERT and architect of internal IR capabilities for a Fortune 100 company. Her past industry roles include senior incident handler on the Mandiant Computer Incident Response Team (MCIRT) and digital forensic examiner on an internal employee investigations team.

Alissa has taught as a Certified SANS instructor for over four years, and is lead author of the FOR526 Memory Forensics In-Depth course at the SANS Institute. She has worked in government, academic, and corporate environments and with a wide array of enterprise and investigative technical solutions. A passionate researcher and presenter, she has spoken at various industry conferences such as RSA, Shmoocon, NCCC, HTCIA, Enfuse and numerous B-Sides events. In addition to being a GIAC Certified Forensic Analyst (GCFA), she holds the GCFE, GSEC, GCIH, GPEN, CISSP, EnCE, CFCE, MCT and CTT+.


Sarah Edwards

A self-described Mac nerd, Sarah Edwards is a forensic analyst, author, speaker, and both author and instructor of SANS FOR518: Mac and iOS Forensic Analysis and Incident Response.  She has been a devoted user of Apple devices for many years and has worked specifically in Mac forensics since 2004, carving out a niche for herself when this area of forensics was still new. Although Sarah appreciates digital forensics in all platforms, she has a passion for working within Apple environments and is well known for her work with cutting-edge Mac OS X and iOS, and for her forensic file system expertise.


Rob Lee

Rob Lee is the Chief Curriculum Director and Faculty Lead at the SANS Institute where he oversees the Digital Forensics, Incident Response, Cloud, Pen Testing, Audit, Application Security, and Cyber Defense curricula along with other operational functions in the company. With more than 24 years of experience in computer forensics, vulnerability and exploit discovery, intrusion detection/prevention, and incident response, he provides consulting services in the Washington, D.C. area. Before starting his own business, Rob worked with government agencies in the law enforcement, defense and intelligence communities as a lead forvulnerability discovery and exploit development teams, a cyber forensics branch, and a computer forensic and security software development team.

Rob graduated from the U.S. Air Force Academy and served in the U.S. Air Force as a founding member of the 609th Information Warfare Squadron, the first U.S. military operational unit focused on information operations. Later, he was a member of the Air Force Office of Special Investigations (AFOSI) where he led a team conducting computer crime investigations, incident response, and computer forensics. Prior to starting his own firm, he directly worked with a variety of government agencies, U.S. Department of Defense, and intelligence communities as the technical lead for a vulnerability discovery and an exploit development team, lead for a cyber forensics branch, and lead for a digital forensic and security software development team. Rob was also a directorfor MANDIANT, a company focused on investigating advanced adversaries, such as the APT, for five years prior to starting his own business. Rob co-authored the book Know Your Enemy, 2nd Edition. Rob earned his MBA from Georgetown University in Washington DC. Rob is also a co-author of the MANDIANT threat intelligence report M-Trends: The Advanced Persistent Threat.


Larry Whiteside

Larry Whiteside Jr. is a veteran CISO, former USAF Officer, and thought leader in the Cybersecurity field. He has 25+ years experience in building and running cybersecurity programs, holding C Level Security executive roles in multiple industries including DoD, Federal Government, Financial Services, Healthcare, and Critical Infrastructure.

Larry is a Co-Founder and President, and on the Board of Directors at the International Consortium of Minority Cybersecurity Professionals (ICMCP), a 501(c)3 non-profit association that is dedicated to increase the number of minorities and women in the cybersecurity career field through providing workforce development that includes skills assessment, training, education, mentorship, and opportunity.


Rushmi Hasham

Rushmi Hasham is a strong advocate for identifying and implementing unique training and employment opportunities to increase the representation of women in Cybersecurity and other technology-related careers.

In her endeavour to increase diversity in cybersecurity, Rushmi recently joined Rogers Cybersecure Catalyst, as Director of Training and Certification. The Catalyst is a not-for-profit owned by Ryerson University. The Catalyst, launched September 2018, will empower Canadians and Canadian businesses to take the opportunities and tackle the challenges of cybersecurity by driving collaboration and excellence in training and certification; commercial incubation and acceleration; applied R&D; and public education and policy development in cybersecurity. Rushmi is also a serial social-entrepreneur, founding 2 businesses in the technology services industry. She firmly follows the doctrine that business has a responsibility in lifting communities, she has weaved that doctrine into her own companies and into her work at the Catalyst. One of Rushmi's ventures has been selected as Canada’s Top 50 Growth Businesses.

Rushmi lives in Mississauga with her husband Jeff and their two daughters, Natalie and Nicole.


Beverly Benson

Ms. Beverly Benson is the Program Director of Information Technology and Security at The American Women’s College which is part of Bay Path University. In her role she is responsible for the cybersecurity program, curriculum development and delivery, as well as the assessment of student learning and achievement. She is also a faculty member, teaching online courses in cybersecurity. Beverly holds a Master of Science in Cybersecurity with a concentration in Digital Forensics and has just completed her second Master of Science in Computer Information Technology with a concentration in Networking and Telecommunications Technology. Beverly has also earned her Systems Security Certified Practitioner (SSCP) certification and is currently preparing for the CISSP exam.


Parag Baxi

Parag is a compassionate people champion and technical executive with over 10 years of experience in scaling information security startups for enterprise customers. Parag started in infosec as a practitioner at the Federal Reserve Bank of New York, and then as a program owner at Ogilvy & Mather where he scaled and highly automated Vulnerability Risk Management.


Humberto Hilario

Mr. Humberto Hilario is the Director of Education and Information Security Manager at PC AGE Career Institute. In education, he leads faculty, staff, and students of the Internet work Engineering program at four campuses in New Jersey. As an IT security professional, he provides strategic leadership in the implementation of the information security programs, integrating into IT and all related business processes.  He holds a Master of Science in Information Technology Management and has 30+ years of IT and security experience. Mr. Hilario has achieved numerous IT industry certifications from vendors such as (ISC)2, EC-Council, CompTIA, Microsoft, Cisco, and VMware. Mr. Hilario has participated as speaker in technology conferences in his native Dominican Republic as well as in New Jersey.

Need Help? Visit our FAQ page or email webcast-support@sans.org.

Not able to attend a SANS webcast? All Webcasts are archived so you may view and listen at a time convenient to your schedule. View our webcast archive and access webcast recordings/PDF slides.