1.24k likes | 1.45k Vues
October 2011. I’m a Suit in a Cyber World!. Twitter: #cybergamut. Employment History. Financial Services. Employment History. Suit. Financial Services. Employment History. Ski Bum. Employment History. Not-a-Suit. Ski Bum. Employment History. USAF Officer. Employment History.
E N D
October 2011 I’m a Suit in a Cyber World! Twitter: #cybergamut
Employment History Financial Services
Employment History Suit Financial Services
Employment History Ski Bum
Employment History Not-a-Suit Ski Bum
Employment History USAF Officer
Employment History Suit USAF Officer
Employment History SAIC
Employment History SAIC Program Manager
Employment History Suit SAIC Program Manager
Employment History SAIC Division Manager
Employment History Suit SAIC Division Manager
Employment History SAIC Capture Manager
Employment History Suit SAIC Capture Manager
Education History King CollegeBA Economics & Business Administration
Education History Mega-Suit King CollegeBA Economics & Business Administration
Education History Chartered Life Underwriter
Education History Suit Chartered Life Underwriter
Education History UMD EuropeBowie State UniversityMS Management Information Systems
Education History Suit UMD EuropeBowie State UniversityMS Management Information Systems
Education History Ultimate-Suit PMP
Education History GCIH
Education History Cyber Cred GCIH
Large Cyber Procurements SAIC Capture Manager
Large Cyber Procurements > $250,000,000
History and Why Change In 2008 SAIC established cybernexus Coming together or “nexus” of cyber analysts Central Maryland In 2011 cybernexus renamed cybergamut Runs the “gamut” of cyber disciplines Global organization cybergamut nodes Socorro, New Mexico Sioux Falls, South Dakota San Antonio, Texas Northern Virginia (Tysons Corner and Herndon)
Mission Statement cybergamut is a worldwide community of practice for cyber professionals across industry, academia, and government providing ongoing education, training, and certification opportunities throughout all phases of a cyber professional’s career, utilizing traditional methods as well as non-traditional techniques like puzzles, Easter Eggs, and problem solving.
Technical Tuesday What it is a technical exchange What it is not A sales presentation A product endorsement For discussion of procurements For discussion of procurement related issues
PDU and CPE • PMI PDU’s • PMI Baltimore approved most Technical Tuesday events as eligible for PMI PDU’s under Category B, Continuing Education • CPE’s for CISSP • Self certification • Other certifications • What do you need?
Defending a Large Network Brian Rexroad of AT&T 2 Dec 2008 DNI Essentials Paul Schnegelberger of SAIC and John Sanders of Northrop Grumman TASC Nov/Dec 2008 Digital Forensics Jim Jaeger of General Dynamics 13 Jan 2009 Case Studies in Cyber Attacks Aaron Wilson of SAIC 13 Jan 2009 Trickler Greg Virgin of RedJack 27 Jan 2009 Security Tools Peiter “Mudge” Zatko of BBN 27 Jan 2009 IPv6 David Harris of SAIC 10 Feb 2009 Exploitation Prediction Darryl Ackley of New Mexico Tech 24 Feb 2009 Analytic and IO Tools Clift Briscoe and Nat Cooper of Edge 24 Mar 2009 Distributed Systems Technologies and Internet Intelligence George Economou of Akamai 24 Mar 2009 Exploring the Social World of the Russian Hacker Community Tom Holt of Michigan State University 10 Mar 2009 Modern Forensic Investigative Techniques Amber Schroader of Paraben 10 Mar 2009 Defending Against BGP Man-In-The-Middle Attacks Earl Zmijewski of Renesys 14 Apr 2009 Examining the Storm Worm Nico Lacchini of TDI 26 May 2009 No-Tech Hacking Johnny Long 11 Jun 2009 Dirty Secrets of the Security Industry Bruce Potter of Ponte Technologies 14 Jul 2009 Windows Forensic Analysis: Dissecting the Windows Registry Rob Lee of MANDIANT and the SANS Institute 18 Aug 2009 Silence of the RAM Sean Bodmer of Savid Corporation 22 Sep 2009 VoIP Security - Attacks, Threats and Countermeasures Stuart McLeod of Global Knowledge 3 Nov 2009 Previous Topics
A Tale of Two Departments – How Commerce and State Dealt With Chinese Intrusions: Lessons Learned Plus: Security Heroes and the 20 Critical Controls Alan Paller of the SANS Institute 9 Mar 2010 Aurora Aaron Barr of HBGary Federal 27 Apr 2010 Malware reverse engineering at ITT Paul Frank of ITT 25 May 2010 Advanced Cyber Collection Techniques; Extracting and Analyzing Information from the Domain Name System Tim Cague of The CYAN Group 10 Aug 2010 The Rise of the Social Web Aaron Barr of HBGary Federal 5 Oct 2010 Why Security People S#ck Gene Bransfield of Tenacity Solutions 9 Nov 2010 Insider Threat and Real-World Incident Study Presented by Michael Collins & Greg Virgin of RedJack along with Jim Downey of DISA PEO-MA 30 Nov 2010 Network Monitoring Josh Goldfarb of 21st Century Technologies 4 Jan 2011 Network Device Exploitation with Universal Plug & Play Terry Dunlap of Tactical Network Solutions 8 Feb 2011 Deep Packet Inspection for Cybersecurity ASW&R Jeff Kuhn of Pangia Technologies 29 Mar 2011 Stuxnet Redux: Malware Attribution & Lessons Learned Tom Parker of Securicon 19 Apr 2011 Special Technical Tuesday and renaming 10 May 2011 APT Intrusion Remediation: The Top Do's and Don'ts Rob Lee of MANDIANT and The SANS Institute 24 May 2011 Deep Packet Inspection Peder Jungck of Cloudshield and SAIC 28 Jun 2011 Our Security Status is Grim Brian Snow 19 Jul 2011 Cellular Security Jason MacLulich of Endace 9 Aug 2011 Government Cyber Technical Directors’ Panel 30 Aug 2011 Previous Topics cont.
Upcoming Technical Tuesdays Hacking Windows 7 and defending against physical attacks 18 Oct 2011 Jesse Varsalone Looking for more speakers and topics such as: Tor routing Malware reverse engineering Cyber situational awareness Splunk Cloud computing and cloud forensics Geolocation of IP addresses and mobile devices Digital forensics E-discovery Attack attribution Deep packet inspection Fuzzing Writing secure code To suggest topics, volunteer to speak, or to receive an invitation, please contact: scott.w.sheldon@saic.com
Foreign Language • 1337 = LEET = short for elite (maybe) • 5uit = Suit • Pwn = Own • Your computer has been pwned • Teh = the • Accidents become purposeful • This was before spell checkers – hard to do now • Texting • LOL • ROFL • - OMG Powerpoint translated : and ) to this
Different Culture • 95% male • Black T-shirts • Interesting facial hair • Body art • Add alcohol and mix vigorously • Stickers everywhere • Lock picking for fun (lock sport) • Hackers aren’t all Bad • I Hack Charities • As a 5uit, I’m counter-counter-culture
Pure evil • Wireless diabetes pump exploit
Pure evil – or is it? • Wireless diabetes pump exploit • Exploit released by a pump user • Wants manufacturer to fix the problem • This is typical of many of the things released