2007 Department of Defense Cybercrime Convention Preview

A few months ago, a coworker and I submitted a topic for presentation at the 2007 DoD Cybercrime Convention. We were happy to learn a few weeks ago that it has been accepted. If you haven't been, or aren't familiar with the conference, I'll give you a brief overview:

The DC3 is a technology, technique, and information sharing conference specifically for the US Department of Defense and law enforcement officials (LEO). Few outside of that community are privileged to attend; even as a knowledgeable SME of a large contractor, I was lucky to have been able to go last year. The goal is to keep costs down so that our civil service employees can afford to attend, and the vendor-sponsored gimmicks are generally kept to a minimum. Last year's conference rated as a "pretty good," on my scale from "would rather have been auditing" to "first SANS experience." Others who attended and presented, like Taosecurity's Richard Bejtlich, also had some good things to say, after a well-justified rant about how poor Alan Paller's keynote was. Keynote speakers weren't so hot, and presentations ranged from thinly-veiled sales pitches that I walked out of, to incredible demonstrations by Dr. Memon (Fornet and Reassembly of Fragmented Files) and Kevin Mandia (Performing Malware Analysis). But the "good" made putting up with the "bad" worthwhile.

Our presentation is Wednesday morning, 1/24/2007. The lecture title is Advanced Attacks from the Front Line: How our Adversaries Threaten Mission Success (currently misspelled on the webpage). For a bit of insight, in case anyone reading this can attend, the abstract is as follows:

The US government and DoD do not constitute the entire front line defense of state secrets targeted by our nation's adversaries. The cleared contracting community, as designers and manufacturers of weapon systems, possesses sensitive information critical to mission success; information equally coveted by the same adversaries. This presentation will discuss the highly-skilled, highly-organized threats contractors face when defending this data, highlighted by two recent case studies. Evolving tactics and trends, their effectiveness against traditional defenses, and new techniques to counter them will be presented. Opportunities to face this threat as a joint government-contractor force abound, and will be articulated at the end of this discussion.