Schedule & Speakers
8:15am - 9:00am
Keynote - Dug Song
Dug is the co-founder of Duo Security, a cybersecurity company that protects digital access by verifying the identity of users and the safety of their devices. After the acquisition of Duo Security by Cisco in 2018, Dug served as the chief strategy officer for Cisco’s global security business.
He is currently the co-founder and president of the Song Foundation, which invests in the innovative people and organizations advancing justice and equity in Southeast Michigan. Dug also serves on the executive board of the Wallace House for Journalists, and on the advisory board of Venture for America in Detroit. Dug is heavily involved in the startup community in Michigan as an active investor, advisor and board member. He is co-founder of the Michigan Founders Fund, helping entrepreneurs turn business success into community wealth, and also serves on the boards of the Detroit Regional Chamber, and the National Advisory Council for Innovation & Entrepreneurship at the US Department of Commerce, with a focus on racial justice and economic equity.
Co-Founder and President
The Song Foundation
CTF313 - Capture the Flag Opens!
9:05am - 10:00am
Securing the Enterprise Against AI Threats: Practical Insights and Recommendations
In recent years, the landscape of our industry has been significantly transformed by the revolutionary impact of artificial intelligence (AI). This powerful technology has elevated productivity and efficiency to unprecedented levels, reshaping the way we conduct business.
However, amidst the benefits, it’s imperative to acknowledge the new security challenges that accompany this digital shift. Threat actors are now leveraging AI technology to orchestrate sophisticated attacks, presenting a complex and ever-evolving risk landscape. Additionally, the adoption of AI systems within our enterprise may inadvertently introduce novel vulnerabilities, demanding our heightened vigilance and proactive measures.
Drawing from his wealth of experience, Paul Rodriguez will offer practical insights and invaluable suggestions to bolster your security measures and navigate the intricacies of an AI.
10:05am - 11:00am
Analysis Without Paralysis
There is one thing that everyone in our industry will have to do at some point, analysis. However, analysis is seldom taught in the industry and analysts often need to fumble their way into figuring out what to do. I have taken the time to organize my years of fumbling into a methodical approach that anyone can use. I put words to the everyday tasks we go through, so that I can teach “how to do analysis”. I do this by covering topics like planning, finding evil, recording findings, correlation and creating your own timelines. If you ever felt like you never knew where to begin with analysis or want some tips to improve your current skills, this is the presentation for you.
Cisco Talos Incident Response
11:05am - 12:00pm
Tales from the Crypt: A Security Engineer Tells All
Are you ready to descend into the depths of security operations? Venture forth with BitLyft Cybersecurity’s Security Operations Center Director, Noah Hoag. Drawing from the good, the bad, and the downright eerie, Noah offers lessons learned directly from the ‘crypt’. Step inside the operational underworld of cybersecurity and uncover key defense strategies for your organization.
Security Operations Center Director
12:00pm - 1:00pm
Provided at Venue
1:05pm - 2:00pm
The Security Hitchhikers Guide to API Security
Timothy De Block
Director - Advisory Services
2:05pm - 3:00pm
Strategies for Limiting the Threat of Business Email Compromise (BEC)
As thieves and scammer have moved their tactics online, protecting businesses from the ever-evolving menace of Business Email Compromise (BEC) is paramount. This presentation will explore the strategies and countermeasures necessary to safeguard organization’s sensitive information, finances, and reputation. Discover the crucial steps to thwarting BEC attacks and fortifying defenses against this pervasive and costly threat.
Federal Bureau of Investigation (FBI)
3:05pm - 4:00 pm
Defending Beyond Defense
Assumptions burn defenders every day. Perhaps the most pernicious one is that systems and their controls will always work as designed. Best practices in security may be good guidelines, but unfortunately also suffer from these same blind spots. For example, best practice recommends the use of LAPS for local administrator account passwords of domain-joined computers, yet misconfiguration of active directory can turn it from a protective control into a vulnerability. What if there was a way to challenge these assumptions up front? The best way to dismantle these types of assumptions is to experience how deeply flawed they are through immersion in the offensive security space. In this talk we’ll explore how to immerse yourself in the offensive security world to obtain this knowledge without needing to change careers or obtain additional certifications. By being more informed about offensive security, defenders are better able to recognize relevant intel, understand existing threats, and more readily discover attacker behavior. Join me as I discuss how there’s more to defending than just defense, and how to find and engage with the amazing resources that are waiting to be explored.
Sr. Information Security Forensic Analyst
University of Buffalo
4:05pm - 5:00pm
Don't Keep Your Own Gate - Starting Fresh in Cybersecurity
5 years ago I decided I wanted to change career fields from Human Resources to Cybersecurity. This process took nearly that entire five years. Along the way I started a podcast, become the director of a non-profit and got to compete in the DEF CON SECTF. The intent of this talk is to shorten my timeline for others. I’ll be discussing the decisions, moves, mentors and luck that made my transition possible as well things you can do differently, faster and better to make the move to cybersecurity. Highlights of this talk will be:
- Finding a place to start – What even is a cybersecurity career?
- Hacking your strengths – Finding ways to contribute to a new community (even if you think you don’t belong)
- Don’t be the keeper of your own gate and don’t tolerate it from others
- Finding a mentor and being a good mentee
- Knowing when you are “ready” to make the move
Senior Security Engineer
CTF313 - Capture the Flag Closes!
5:05pm - 5:30pm
6:00pm - 10:00pm
Social Event - Lansing Shuffle
Come join us at Lansing Shuffle for dinner, drinks and socializing!
325 Riverfront Dr, Lansing, MI 48912