Speaking at 2010 DC3 Cyber Crime Conference

I'm happy to share that a presentation of mine has once again been selected for the DC3 Cyber Crime Conference, held in St. Louis at the end of January, 2010. I'm very excited to be speaking again. You can read about my past presentations here and here. If you're planning to attend, I'd love it for you to drop by on Thursday from 1:30-3:30PM.

Intelligence-driven Response for Computer Network Defense
Abstract

Network defense against sophisticated adversaries requires a new approach than what the information security industry typically prepares its analysts for. From the overarching incident response process down to the specific questions each analyst must be able to answer, classic incident response techniques and procedures are insufficient in the face of persistent and focused intrusion attempts. A detailed understanding of one’s enemy, specifically, is an overlooked concept in industry-standard information security pedagogy and mindset which can offer strategic, actionable insight into effective response. This presentation extends some information warfare concepts to discuss how intelligence-driven analysis and response can improve the defensive posture of organizations facing advanced persistent threat actors. Examples will be given at the micro and macro level; attendees should be technically well-versed as they are able to see the “big picture” of computer network defense.