Tuesday 12/06: Day 10
Our first and last day in New Orleans counted as a success as not only did we attend a conference, interview two leaders, but also had time to sightsee (had a tarot reading done, went to a voodoo shop) and try the local cuisine!
Pictured is the group having begneit, coffee and hot cocoa.
Notes from the conference: We attended Threat Intelligence Summit in #NOLA. Vendors such as DomainTools, Malwarebytes, NSS LAbs, ThreatConnect, Recorded Future and ThreatQuotient were all there. Below are my notes from the speakers we heard, I will be sure to add the presentation slides as and when they become available.
The keynote was delivered by Dr.Neil Jenkins from Department of Homeland Security (DHS). He shed light on the five routes DHS is currently taking to tackle the field of cybersecurity. 1) Information Sharing – this is between the private and public sector. Items like IP addresses can be shared to build an ecosystem of threat indicators. 2) Risk Assessment – DHS also provies risk and vulnerability assessments. This is to build an ecosystem of new tools, techniques and work of the next generation network protection. 3) Cyber Ecosystem – a cohesive resource for all 4) Federal Common Cybersecurity Baseline 5) Incident Response. Cyber incidents have evolved from being an attack on just one email to now having entire databases breached. Thus a more cohesive response is required from federal and private sectors. One such example is: Presidential Policy Directive 41 which was signed in July 2016. It essentially institutionalizes our cyber incidents coordination. The main themes are 1) Shared Responsibility – everyone needs to take accountability. 2) Risk-based Response – they are more likely to help a larger organization than a local pizza shop. 3) Respecting affected entities – essentially they will not reveal your company’s name or other sensitive information after a breach. 4)Unity of effort – the federal government will work together. DHS + FBI + Intelligence partners will all work together towards a common gaol. 5) Enabling restoration & recovery. Jenkins continued to speak about the three lines of effort namely asset respnose (DHS)- working with the affected network and systems, threat response (FBI) – focused on the actors/bad guys, and intelligence support – help understand the bigger picture. Just like the others from these past 10 days, Jenkins also emphaized the importance of communication. All these different groups and agencies have to collaborate together in order to produce an effective response.
Check Yo Self Before You Wreck Yo Self: The New Wave of Account Checkers And Underground Rewards Frauds by Ben Brown of Akamai Technologies was the next speaker. Topics such as incident response, tools, darknet makets, and laundering were covered. Brown had a natural talent to keep enough technical jargon to interest the audience and yet not overwhelm them! We had a chance to interact over lunch before heading onto interviewing him. One key aspect to note about Brown was that he was comfortable with himself, whether it be when it came to sharing his passion for rock climbing, rockhounding, reverse engineering or his active role in the LGBT community. That level of comfort filled the three of us with warmth despite being on an open terrace for the interview! His undergraduate degrees included anthropolgy and instead of disgarding it to enter the IT field, Brown decided to use it as he scopes out various cyber crime groups and their motives etc. It made me connect to what Christina Morillo had said in our first interview – technology is just a layer, you can add the layer to anything.
I had the chance to ask him few of the questions from what had come up in my Day 8 thoughts. The gap in Cybersecurity according to Brown is on financial and digital literacy. He termed education or lack thereof as being one of the most imporatant factors in the gap. When it came to small businesses, he suggested that they read up on the latest, implement network segmentation, and have appropriate (aka: not the same) login credentials for everything. For students & newcomers, he advised to gain experience by joining local capture the flag tournaments and do some research to what path interests you about the field. When asked about what centers him when the times get tough, he used his wife’s line, “I’m not laying a brick, I’m building a cathedral.” Such a handy line to help keep the bigger perspective in mind.
Our next interview was with Adam Kujawa from MalwareBytes. After hearing his talk on randsomware, I was even more excited to gain some industry insights and perhaps outline even the next few steps in terms of what a student in the field should do. Kujawa did not disappoint! Coated with quirky statements, contagious laugh, and a deep passion for security, Kujawa shed light on the non-traditional paths into the security realm. He, too, focused on the importance of gaining experience whether it’s small or big. The key, he noted, was to do something! Create a niche, get experience, don’t give up.
Today was perhaps the start of a new chapter in our trip – we have reached the “middle” of the journey. From the deeper questions we ask, to the increase in level of camaraderie between the team, to getting used to the RV living – a new leaf is surely turning over. The RV is filled with snores right now as everyone is getting their beauty sleep before the trek to Austin tomorrow!
For more updates, be sure to check Twitter, Instagram, and Facebook with #CybersecurityRoadtrip. Here are our individual twitter handles: Antwan, Emily, Mansi. HERE is an overview of the team, the route, current updates from RoadtripNation