RSS:2024 AI Track (Day 1) :: Rochester Security Summit

RSS:2024 AI Track (Day 1)

Tabletop Exercises: Enhancing Incident Preparedness and Response

Javier Figueroa
10:00 am - 10:50 am

Tabletop exercises have emerged as a cornerstone in incident and disaster preparedness. In this presentation, we discuss the purpose, benefits, structure and future of tabletop exercises.

Tabletop exercises are valuable because they create realistic scenarios within a controlled setting, allowing organizations to assess how well they’re prepared to handle different crises. By bringing together key stakeholders, decision-makers, and subject matter experts, tabletop exercises promote collaboration, communication, and critical thinking. In this presentation, we will explore the essential elements of tabletop exercises, including scenario development, execution, and evaluation.

Javier Figueroa

Javier Figueroa is a Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), and Certified Cloud Security Professional (CCSP) with over 15 years of expertise in the field of Information Technology, specializing as an Information Security Program Manager. As a Cybersecurity Manager, Javier plays a pivotal role in elevating the cybersecurity posture of clients through a comprehensive suite of services. These include strategic vCISO consultations, risk analysis, development of security roadmaps, policy formulation, and conducting incident readiness tabletop exercises.

Javier holds a Master’s Degree in Cybersecurity from Utica University.

Save Time & Money - Automate using Cybersecurity Standards

Duncan Sparrell
11:00 am - 11:50 am

This is NOT an AI talk! Automation is applying technology to "achieve outcomes with minimal human interaction". This talk is about the emerging cybersecurity standards and how they enable automation. It will cover why this is important (save money, respond at machine speed, maximize scare human expertise), what is involved (including explaining the alphabet soup of acronyms), and present results from the use cases demo'd at the Cybersecurity Automation Village (including OlympicDestroyer and SBOMs). The talk will also have a related sidebar into how we must be doing something right if the Russians and Iranians are objecting to our work at UN agencies like the ITU.

Duncan Sparrell

Duncan's mission is to make the world a safer place. He has 45+ years of expertise in software and has been involved in cybersecurity since 1990, including coining the term "SOC". After retiring as AT&T's Chief Security Architect, Duncan volunteers most of his time to cybersecurity standards including cochairing the Open Cybersecurity Alliance Cybersecurity Automation Sub-Project. He has been advocating software bill of materials (SBOM) literally for decades.

Duncan was awarded the Intelligence Community Seal Medallion, the AT&T Science and Technology Medal, the OASIS Distinguished Contributor Award, and 18 patents.

Duncan's tagline is "Think evilly, act ethically."

For more info about Duncan, see https://www.linkedin.com/in/sfractal/

Harnessing AI for Advanced Network Security: From Attacks on Privacy to Defensive Innovations

Nate Mathews and Matthew Wright
1:00 pm - 1:50 pm

In this talk, we delve into the application of state-of-the-art AI methods to bolster both offensive and defensive mechanisms in network security. We start by examining the landscape of advanced network threats, including AI-driven attacks on privacy-enhancing technologies like VPNs and Tor, and the sophisticated nature of pivoting attacks in network intrusions. Specifically, we will discuss a class of privacy attacks known as Flow Correlation attacks. We will then show how these offensive techniques can be adapted and repurposed for defense, to detect pivoting in network intrusion attacks. Our methodologies, results, and implications highlight the strengths and limitations of AI, contributing to a more robust understanding of attacks.

Nate Matthews

Nate Mathews is a Ph.D. candidate in Computing and Information Sciences at RIT. His research focuses on the intersection of privacy, security, and deep learning with a focus on traffic analysis. Among his publications, he is the lead author of a paper that appeared in the IEEE Symposium on Security and Privacy, the top venue in systems security research.

Matthew Wright

Matt Wright is Endowed Professor and Chair of Cybersecurity at RIT. He earned his PhD in CS at the University of Massachusetts in 2005. His research interests include deepfake detection, applying AI to malware and traffic analysis, and understanding the human element of security. He has over 100 peer-reviewed publications, including many works appearing in top-tier venues in cybersecurity, human-computer interaction, and computer networks.

Generative AI — Adversaries vs. Defenders

Selena Dao
2:00 pm - 2:50 pm

Dive into the world of cyber generative AI and explore its dual nature as both a potential cybersecurity risk and a valuable tool for security teams. We explore how adversaries carry out attacks, including various ways in which generative AI can be exploited for malicious purposes, including deepfake creation and automated phishing attacks. Conversely, we also examine the innovative applications of generative AI in enhancing cybersecurity measures, such as alert and risk event explanation, custom and prescriptive guidance, advanced threat hunting. This session provides a comprehensive understanding of the challenges and opportunities presented by generative AI in the cybersecurity landscape.

Selena Dao

Selena is a Senior Solutions Engineer at Trend Micro with over 4 years of experience in the cybersecurity industry. She focuses on educating and delivering technical solutions to enterprise environments across endpoint, email, XDR, and continuous risk assessment technologies.