Decoding the Hack

Presentation from the Security Roundtable at Washington University in St. Louis.  Topics Include:

  • Cyber Security State of Affairs
  • Fog of More
  • Foundational Cyber Hygiene
  • Hacking Methodology
  • Reconnaissance and Vulnerability Identification Methods
  • Physical Access Attack Demonstrations
    • HID Attacks
    • Keylogger Attacks
  • Client-Side Attack Demonstrations
    • Man-In-The-Middle
    • Phishing
    • Facebook Credential Stealing
    • Browser Exploit
  • Server-Side Attack Demonstrations
    • SQL Injection


Top 20 Security Controls for Effective Cyber Defense

Presentation from Lunch and Learn at The Boeing Company. Topics Include:

  • Are we Winning the Cyberwar?
  • Why use the Center for Internet Security Critical Security Controls (CIS CSC)?
  • CIS CSC Tenets
  • Top 20 Critical Security Controls
  • Top 5 Critical Security Controls (Foundational Cyber Hygiene) Deep Dive
  • Tips


2015 API Cybersecurity Industrial Control Systems Workshop

Presentation from the 2015 American Petroleum Institute Cybersecurity Industrial Controls Systems Workshop. Topics Include:

  • Recent ICS/SCADA Incidents
  • ICS Security Overview
  • Critical infrastructure security compared with traditional IT security
  • ICS Security Assessments and associated risks
  • ICS/SCADA Device Discovery Process
  • ICS/SCADA Vulnerability Identification
  • ICS/SCADA System and Protocol Exploitation


Why Your Data Isn't Safe: Lessons from a Hacker

Presentation from the 2015 ASI Power Summit. Topics include:

  • Cyber defense trends
  • Hacker and cybercriminal motivations
  • Common Tactics
  • Top 5 Recommendations:
    • Know Thyself
    • People, Processes, Technology
    • Scan and Patch
    • Multifactor Authentication
    • Compliance = Minimum