The Contractor Dilemma: How to Address Federal Supply Chain Risk – Jon Check – RSA22 #4
Government will always be deemed a high value target among adversaries, but so are their contractors – deemed another avenue in for cyberespionage among enemy nation states and cybercriminals. SC Media's Derek Johnson will speak to Jon Check, executive director of cyber protection solutions, about the dual responsibility of security systems and networks of government customers, and ensuring compliance with security standards bestowed upon the contracting community.
Jon Check is the Vice President of Cyber Protection Solutions at Nightwing. He
leads the team that delivers proactive cybersecurity and next-generation technology to protect customers from persistent cybersecurity threats. Prior to this role, Jon held executive positions at Raytheon, CSRA Inc, and IBM Global Business Services. Jon is also a board member and former chairman of the National Cybersecurity Alliance, a board member of the U.S. Cyber Games, and an AFCEA DC board member. He holds a Bachelor of Arts in environmental science from the University of Virginia.
The Road From Craigslist to Cyber Philanthropy – Craig Newmark – RSA22 #4
In 1995, Craig Newmark started curating a list of San Francisco arts and technology events, which he personally emailed to friends and colleagues. People were soon calling it “Craig’s List.” Most know the rest of the story. But what did that rapid entry into tech entrepreneurship teach him about information security? And how did that lead to a passion for, among other things, cyber philanthropy? SC Media's Jill Aitoro will speak to Newmark about his career, and his own evolution in infosec awareness that came with it.
Craig Newmark is a philanthropist who gets stuff done. Most commonly known for founding the online classified ads service craigslist, Newmark creates and funds networks that work to protect the country and to help people out. This includes building networks to help protect the country in the cybersecurity world, defending against disinformation warfare, and fighting online harassment.
Born in Morristown, New Jersey, Newmark earned degrees in computer science from Case Western Reserve University. He lives in New York City and enjoys birdwatching, science fiction, and TV. Craig is not as funny as he thinks he is.
He reminds you that “a nerd’s gotta do with a nerd’s gotta do.”
Attack Surface Management – What Is It & How Can It Help You? – Mark St. John – RSA22 #4
Over the past year, we’ve seen more buzz develop around attack surface management. In fact, major analyst firms Forrester and Gartner recently released research about this topic. But what exactly is it?
In this segment, join Mark St. John, LookingGlass’s SVP of Product, to learn more about how to define your attack surface, how to manage it, and how it can help your organization improve its cybersecurity. This segment is sponsored by LookingGlass Cyber. Visit https://securityweekly.com/lookingglass to learn more about them!
Mark St. John, Senior Vice President of Product for LookingGlass Cyber Solutions, brings over 20 years of security operations expertise and incident response team leadership to the company. He works closely with government, financial, and technology clients to map their attack surface, proactively detect security threats and defend their enterprise.
Prior to LookingGlass, Mark served as the COO of AlphaWave, which was acquired by LookingGlass in 2021. He has also led threat Intelligence and incident response teams at technology-forward organizations including Appgate and Verizon Business. Mark is widely recognized for his cyber security acumen and ability to provide customers with valuable, relevant, and relatable information they can act upon.
Experience in the Age of Security – Branden Williams – RSA22 #4
As the push toward digital transformation continues, every organization is having to choose: Security or experience first? We are entering an era where Security and Identity professionals work together to eliminate tradeoffs and rapidly evolve from technical experts to experience artists. Using solutions that customize, code, and integrate for you while boosting security through MFA, passwordless logins, and risk modernizes your identity experience. This segment is sponsored by Ping. Visit https://securityweekly.com/ping to learn more about them!
Dr. Branden R. Williams has nearly twenty-five years of experience in business, technology, and cybersecurity as a consultant, strategist, and executive. Dr. Williams has experience working for the largest and smallest institutions as an entrepreneur, practitioner, and advisor. His specialty is navigating complex landscapes—be it compliance, security, technology, or business—and finding innovative solutions that promote growth while reducing risk. He is a practitioner and advisor for operational, engineering, and management of IT and IS tools. He’s held several executive roles in the industry, and served on both the PCICo and EMVCo boards. He is an author of several books on PCI Compliance, and his blog and other publications can be found at his website (brandenwilliams.com).
Transform: a Perspective – Fleming Shi – RSA22 #4
How surreal it is for the industry to return to RSA event in person... what changed or transformed fundamentally ... etc. Specific impacts around the areas of ZTNA, SOC, and OT security.
This segment is sponsored by Barracuda Networks. Visit https://securityweekly.com/barracuda to learn more about them!
Fleming joined Barracuda in 2004 as the founding engineer for the company’s web security product offerings, helping to create the first version of Barracuda’s message archiving product and paving the way for expansion into new content security product areas. As Chief Technology Officer, Fleming leads the company’s threat research and innovation engineering teams in building future technology platforms to deliver continued success in our security and data protection products. He has more than 20 patents granted or pending in network and content security.
Going Beyond the Motions of Cybersecurity – Malcolm Harkins – RSA22 #4
Speed, Velocity, and Acceleration. The physics of motion are well documented, and we understand how these scalar and vector quantities differ. In information security and cyber risk management the dynamics are not as well understood which has confused our ability to distinguish between motion and progress. This confusion intensifies our escalating risk cycle by causing a mirage of control that continues to lead us to down a path of compromise and catastrophe, adding to our growing labor and skill deficit. This segment is meant to explore the existing physics and gravitational forces of how we have approached cyber risk management to date, discuss where we are stuck today as well as ideas for a path forward - a reorientation of security operations function so that it is optimized to handle the volume as well as reposition it from an anchor point of continual reaction to one where it can take proactive action in front of the cycle of risk. The heart of these changes is a redefinition of the risk equation we have been using for decades Risk = F (Threat, Vulnerability, Consequence) which while useful initially has created a spray and pray model across most of our organizations. I will explain how to redefine the equation to be Risk = F (Threat, Exploitability, Consequence).
Segment Resources: https://www.uscybersecurity.net/csmag/going-beyond-the-motions-of-cybersecurity/
Malcolm Harkins is the Chief Security and Trust Officer at HiddenLayer. In this role he reports to the CEO and is responsible for enabling business growth through trusted infrastructure, systems, and business processes. Malcolm is also responsible for peer outreach activities to drive improvement across the world in the understanding of cyber risks as well as best practices to manage and mitigate those risks. He is also an independent board member and advisor to several organizations and CISO Ambassador for Reveald. He enjoys being an executive coach to CISOs and others in a wide variety of information risk roles. Key areas of focus include the ethics around technology risk, social responsibility, total cost of controls, public policy, and driving more industry accountability.
Previously Malcolm was the Chief Security and Trust Officer at Cylance. Malcolm was also previously Vice President and Chief Security and Privacy Officer (CSPO) at Intel Corporation.
That’s a wrap: Takeaways from RSAC 2022 – Joe Uchill – RSA22 #4
We came, we saw, and actually interacted in person. Join the SC Media editorial team as they chat about the big takeaways from the RSA Conference, and what they learned about priorities and challenges the infosec community will grapple with upon their return to the job.
Joe is a senior reporter at SC Weekly, focused on policy issues. He previously covered cybersecurity for Axios, The Hill and the Christian Science Monitor’s short-lived Passcode website.
