Five Critical Panels on the Use of Offensive Tactics in Cyberspace

On February 8-9, 2013, 24 world-renowned speakers will address and interact with about 80 attendees from the public and private sectors in a beautiful conference center high above the Potomac river on some of the most important issues in cyberspace - the controversial use of offensive tactics in defending networks (i.e., Active Defense). The full agenda can be seen here, but five critical panels are as follows:

• How is Russia and Georgia engaging in Active Defense?
• Featuring Ambassador David J. Smith (ret.) and Ms. Khatuna Mshvidobadze (Georgian Security Analysis Center)
• How Duqu, Flame, Gauss, and Shamoon can be reconfigured and reused against different victims (i.e., Iran against Saudi Arabia)?
• Featuring Dr. Boldizsár “Boldi” Bencsáth (Associate Professor, Laboratory of Cryptography and Systems Security (CrySyS), Department of Telecommunications, Budapest University of Technology and Economics) and Brig. Gen. Jim Jaeger (USAF, ret), Vice President of Network Defense & Forensic Services, General Dynamics
• How Much Leeway is there in the Computer Fraud and Abuse Act and International Law for Offensive Actions in Cyberspace?
• Featuring Dr. Catherine Lotrionte (Director of the Institute for Law, Science + Global Security, Georgetown University),  Mr. Stewart A. Baker (Partner, Steptoe & Johnson), Mr. Frank J. Cilluffo, Director, Homeland Security Policy Institute at George Washington University, and Mr. Marco Obiso (Cybersecurity Coordinator, International Telecommunications Union (ITU)
• What’s the Downside of Private Sector Offensive Engagement?
• Featuring Dr. Anup Ghosh (Founder and CEO at Invincea), Mr. Jeffrey Carr (Founder and CEO, Taia Global, Inc.), Mr. David Dittrich (Chief Legal Officer, The Honeynet Project), and Mr. Robert Bigman (former CISO, Central Intelligence Agency).
• If the ITU Assumes Ownership of the Internet, How May That Impact International Offensive Cyber Operations by Nation States?
• Featuring Mr. Marco Obiso (Cybersecurity Coordinator, International Telecommunications Union (ITU), Dr. Catherine Lotrionte (Director of the Institute for Law, Science + Global Security, Georgetown University), Mr. Robert Bigman (former CISO, Central Intelligence Agency), and Brig. Gen. Jim Jaeger (USAF, ret), Vice President of Network Defense & Forensic Services, General Dynamics

There are only 28 seats remaining and the Early Bird discount expires in one week so register today to be a part of the year's most unique and informative security event - Suits and Spooks DC 2013. If your employer is interested in joining RSA and Basis Technology as a sponsor, please contact me via email for details.

Add to Cart View detail

Flipping Malware: A Profit Opportunity for Corporate IT Departments

The one thing that corporate IT departments are not is a profit center. But the trend towards developing offensive exploits and selling them to government agencies could change that tomorrow if CEOs can be convinced to take the opportunity. Up to this point, CEOs and their Boards of Directors have been reluctant to spend too much money on cyber security because, frankly, it could easily become a serious money pit. A typical incident response bill for a breach can easily exceed the mid-six figures. Saudi Aramco and Sony probably paid a hefty multiple of that. Then there's the 5 figure monthly bills for threat intelligence feeds, plus the charges to protect against Denial of Service attacks, AV, IDS, IPS, etc. And the worst part of this money pit is that the company can only hope that their previously compromised network is clean. There's no way to tell for certain because it could still contain un-discovered malware.

The good news, or at least potential good news since no one is doing this yet, is that the undiscovered malware lurking on corporate networks potentially represent tens or hundreds of thousands of dollars in income for the corporation. And since it resides on the corporate network, it becomes the property of that corporation. All of a sudden, something that you've viewed only as a threat and an expense has become a valuable commodity thanks to the trend in selling offensive malware to government agencies.

The U.S. government is a customer for offensive exploits and so are a number of allied governments. In fact, if they aren't already doing this, defense contractors like Lockheed Martin, Raytheon, Northrup Grumman, and many others should already be mining their own networks for undiscovered malware, reverse-engineer what they find, and use it to fill orders by DoD since they've already got the contract vehicles in place.

Some of the more forward-looking DOD contractors who have robust internal Computer Emergency Response Teams (CERT) staffed with engineers who can do reverse-engineering could be in the best position to offer free or low-cost network defense to corporations who want to "flip" the malware found on their network for a nice profit. The best part is that everybody comes out a winner except for the malware writers who may have spent a lot of time and money developing 0-days for targeted attacks (i.e., the creators of Stuxnet, DuQu, Gauss, and Flame). In my scenario, they've merely provided a sellable commodity for free to the targets that they were hoping to exploit.

If you're a C-level executive and you'd like to discuss this idea privately with me, feel free.

Add to Cart View detail

Disruption from Within - the Insider Threat

The publicity, focus and funding associated with advanced persistent attacks and other external threats have left many companies ill prepared to defend against another vector of attack, one that operates below the radar and whose impact can rival that of any external attack - a compromised employee, vendor, supplier - the Insider Theat. Why is it increasing, sometimes  forgotten and how best to protect against it.

I'm pleased to announce that one of the telecommunications industry's leading security professionals will present just such an attack scenario at Suits and Spooks Boston. Henry Shiembob is the Executive Director of Cyber Security and Fraud Operation for Verizon and has responsibility for all global activities related to cyber compliance and investigations, insider threat, supply chain security and external fraud investigations.  Prior to his current role, Henry was Executive Director of International Security for Verizon where he was responsible for all security operations outside the United States; including investigations, physical security, crisis management and executive protection.  Henry also served as the responsible compliance executive for all international operations.

Henry’s career includes over 23 years in risk management, cyber security and international operations, including five years with Kissinger & Associates where he was Team Leader for former Secretary-of-State Dr. Henry A. Kissinger. In this capacity, he directed domestic and international security operations, including risk assessments, executive protection and intelligence briefings and was a government liaison for security matters.

This is one of 15 different offensive talks that you'll hear on October 18th and our attendance will be kept to no more than 130 people to give you ample opportunity to interact with all of our speakers while you're there. If you want to hear and discuss this particular offensive tactic with Mr. Shiembob, then register for Suits and Spooks Boston today. 

Add to Cart View detail