Talks by LEO Cyber Security Experts

LEO Cyber Security experts frequently present topical and deeply technical sessions at conferences around the world. Please see the below list of upcoming in-person sessions and webinars to learn why LEOs are the best in the business.

Security BSides San Antonio | Why Your Company Needs an Independent Security Advisory Board
Andrew Hay
June 16, 2018
San Antonio, TX
http://www.bsidessatx.com/
How do you prove to your customers that you’re safeguarding their data in a secure manner without needlessly exposing the organization to potential attacks? Since security is often billed as a “people problem” it only makes sense to rely on actual people to solve the problem - and not yet another security appliance or piece of software with silver bullets for the latest and greatest threat. One method to address this communication gap is to form a trusted cyber security advisory board to discuss the current security industry trends, the best practices across the industry, and provide a vehicle for customers to communicate their security concerns to the organization's leadership. This session will draw on the speaker's experience in forming, operating, and sourcing advisors for a security advisory board.
Presentation
Security BSides San Antonio | Ten Steps to a Sound Healthcare Cyber Security Program
Heath Renfrow
June 16, 2018
San Antonio, TX
http://www.bsidessatx.com/
There is a proliferation of cyberattacks that has caused and continues to cause increasing damage to government entities, companies, and individuals alike. Organizations must take the cyber threats serious and adopt strict cybersecurity measures to counter those threats. In order for organizations to shore up their cyber defenses and go from a reactive cyber posture to a proactive posture, these ten steps should be taken.
Presentation
Execu/Net™ | T Minus 10 – How to Build an Incident Response Mission Control
Seth Jaffe
August 19 to 22, 2018
Hilton Sedona Resort at Bell Rock, Sedona, AZ
Execu/Net | CUES
Nearly every industry authority or governmental agency that has commented on data security has recommended an Incident Response Plan (IRP), and though these same bodies often loosely suggest the contents of said plan, few provide a concrete structure. This session explores, as a model for incident response, the NASA Mission Control environment. During the session, we will break an IRP into Policies, Procedures, and Dataset Repositories, and discuss development, uses, and document control management of each. We will also touch upon the organization of the Mission Control room itself, the unique communication structure between its members, and we will show a behind-the-scenes video of how Mission Control handled a launch vehicle incident – all of which provide valuable insight into effective incident response. Brought to you by a former certified NASA flight controller turned cyber attorney, this session offers a unique alternative to conventional incident response programs.
Presentation
Global Security Exchange | The Stick, the Sting, & the Squirm: How to Get The Board to Focus on Cyber
Seth Jaffe
September 23, 2018
Las Vegas, NV
https://www.gsx.org/
Boards of Directors are finally taking note of cybersecurity risks. This session will arm attendees with legal opinions, authority recommendations, legislation, and proposed regulations for the purpose of soliciting resources from executives and board members.
Presentation
HIPLA Annual Institute | Tour of the Dark Web: Cyber's Version of the Antique Roadshow
Seth Jaffe
October 5, 2018
Houston, TX
http://www.hipla.org/institute.html
Ever wonder where company information goes after a successful cyber attack? Using isolated laptops, cyber analysts will take you on a guided tour of the dark web so you can get a first-hand view of the marketplace for illegally obtained information. Attendees will gain valuable insight into the types of data available on the underground web, helping to quantify the value of various types of information for risk modeling. Attendees will also see the ease at which cyber attack tools are advertised, bought, and sold. Time permitting, cyber analysts will also set up a man-in-the-middle attack to demonstrate how threat actors capture sensitive information in public locations by creating a fake network. Speakers will discuss methods for countering this type of attack and policies a company may want to adopt to better protect its employees and its confidential data.
Presentation
(ISC)² Security Congress | Incident Response using NASA Mission Control Framework
Seth Jaffe
October 8 to 10, 2018
New Orleans, LA
(ISC)² Security Congress
Nearly every industry authority or governmental agency that has commented on data security has recommended an Incident Response Plan (IRP), and though these same bodies often loosely suggest the contents of said plan, few provide a concrete structure. This session explores, as a model for incident response, the NASA Mission Control environment. During the session, we will break an IRP into Policies, Procedures, and Dataset Repositories, and discuss development, uses, and document control management of each. We will also touch upon the organization of the Mission Control room itself, the unique communication structure between its members, and we will show a behind-the-scenes video of how Mission Control handled a launch vehicle incident – all of which provide valuable insight into effective incident response. Brought to you by a former certified NASA flight controller turned cyber attorney, this session offers a unique alternative to conventional incident response programs.
Presentation
(ISC)² Security Congress | "I" Before "R" Except After "IOC"
Andrew Hay
October 8 to 10, 2018
New Orleans, LA
(ISC)² Security Congress
Just because the security industry touts indicators of compromise (IOCs) as much needed intelligence in the war on attackers, the fact is that not every IOC is valuable enough to trigger an incident response (IR) activity. All too often our provided indicators contain information of varying quality including expired attribution, dubious origin, and incomplete details. So how many IOCs are needed before you can confidently declare an incident? Using actual investigations and research, this session will help attendees better understand the true value of an individual IOC, how to quantify and utilize your collected indicators, and what constitutes an actual incident.
Presentation
(ISC)² Security Congress | Why Your Company Needs an Independent Security Advisory Board
Andrew Hay
October 8 to 10, 2018
New Orleans, LA
(ISC)² Security Congress
How do you prove to your customers that you’re safeguarding their data in a secure manner without needlessly exposing the organization to potential attacks? Since security is often billed as a “people problem” it only makes sense to rely on actual people to solve the problem - and not yet another security appliance or piece of software with silver bullets for the latest and greatest threat. One method to address this communication gap is to form a trusted cyber security advisory board to discuss the current security industry trends, the best practices across the industry, and provide a vehicle for customers to communicate their security concerns to the organization's leadership. This session will draw on the speaker's experience in forming, operating, and sourcing advisors for a security advisory board.
Presentation

ABOUT LEO CYBER SECURITY

LEO is a seasoned team of cyber trailblazers and creative practitioners who have the deep experience and operational knowledge to combat the cyber skills gap. From information security program / policy development to virtual security experts to on-demand threat hunting and response, LEO delivers tailored security solutions to your organization through creativity, experience, and commitment.

CONTACT US TO LEARN MORE

  • Please complete the following form and one of our team members will get back to you as soon as possible.


    If you would prefer, you may call LEO directly at (530)-FINDLEO