Attackers are continuously figuring out new methods to gain access to computer systems and enterprises. Everything from Ransomware to targeted and precise attacks aimed at intellectual property theft, monetary gain, or other motives. In today’s age of hacking, it’s never been more important to understand who the hackers are and the methods they use to attack organizations. In this talk, we go into the demographics of hackers, how they are hacking, and the best defenses both from a personal perspective as well as an enterprise. It’s possible to withstand the attacks we see today with proven practices, but it requires hard work, and an understanding of who your adversaries are.

There's so much to do. There's not enough people. We can only do what we can based on risk, people, politics, and budget. All common things we share across each organization. This presentation dives into how to focus on building defenses against attacks, staying ahead of the methods, and focusing on known good vs. the rest. You'll leave this talk with a way to think about defense and a way to tackle the issues we face in security today.

After looking at a number of compromises dating the past several years, there are a number of commonalities between each of them and steps that could have been used to prevent. Information security isn't a practice that will always be successful in defending however, there are key indicators of compromise to look for when an attacker is attempting to compromise an organization. During this presentation, we’ll analyze a number of data breaches and look at how a number of the breaches have occurred and how an information security program can be structured in order to defend against a lot of the attacks. Most of the causes are directly related to the human element and directly phishing. This talk will dive into how phishing techniques work, and what you can do to prevent this from happening in the future.

Attack patterns are something that when it occurs is extrinsic (not natural) behavior in an infrastructure. Understanding what attack patterns look like and building an understanding of how to detect them with what you already have is possible. Most preventative technology tries in some extent to detect extrinsic behavior in an environment but falls short because of the continual changes in attack patterns and commoditized detection (sigs, etc). This talk dives into looking at what you already have in your infrastructure that you can use for intrinsic (natural) detection capabilities that doesn't rely on a specific signature, but more so on how attackers go after an organization. As an industry, we need to be detecting the extrinsic occurrences in our networks which exhibit abnormal behavior. During this presentation, we'll be covering a large percentage of techniques used by attackers, and how to detect them with what you currently have in place at your organization today.