Workshop Wednesdays

INMA presents Workshop Wednesdays, a component of National Infrastructure Security and Resilience U (NISRU), offering world class online learning and continuing education focused on critical infrastructure protection and resiliency.

Note: All workshops are from 9-11am Pacific Time / 12 2pm Eastern Time

1: FEBRUARY 24

Solar Winds: Attacking the Digital Supply Chain. The most recent escalation in the Cyber Arms Race

Alex Sharpe |  CEO |  Sharpe Management Consulting LLC

Penetration of the Digital Supply Chain turned Solar Winds into a backdoor into major corporations and Government Agencies. The nature of the attack allowed the attackers to ignore many of the common defenses and highlighted weaknesses that exist in many enterprises today. Unfortunately, Digital Supply Chain attacks are nothing new. They have been written about and practiced for many years. This is just the latest escalation in the Cyber Arms Race. But why now? Come learn the history of attacks on the digital supply chain, its impact, and probably most importantly, what you can do to prevent future attacks. Come learn how complying why the plethora of laws, regulations, guidelines, and frameworks is not sufficient, and over-reliance can actually cause the very problem you are trying to prevent.

Who should attend:

Anyone involved in defending critical infrastructure information networks and systems, those in information technology risk mitigation, or organizational technology and cyber risk management leaders and managers

Learning Objectives
  1. Describe the motivation, tools, techniques, and objectives of undertaking an attack on the digital supply chain.
  2. Articulate how conforming to regulations, laws, and standards is not sufficient to fully protect against attacks on the digital supply chain.
  3. Describe the history or attacks on digital supply chains, implications to Critical Infrastructure Protection and project what is next.

About the Instructor

Alex Sharpe

CEO | Sharpe Management Consulting LLC

Mr. Sharpe is a long time (+30 years) Cybersecurity, Privacy and Digital Transformation expert with real-world operational experience. Unlike many people in this space, Mr. Sharpe has real world operational experience and has influenced national policy. He has spent much of his career helping large corporations and government agencies reap the rewards afforded by advances in technology (Digital Transformation) while mitigating cyber threats. This provides him a pragmatic understanding of the delicate balance between Cybersecurity, Operational Effectiveness, and Business realities. He began his career at NSA moving into the Management Consulting ranks building practices at Booz Allen and KPMG. He subsequently co-founded two firms with successful exits. He has participated in over 20 M&A transactions. He has delivered to clients in over 20 countries on 6 continents. Mr. Sharpe holds degrees in Electrical Engineering from New Jersey Institute of Technology (NJIT), Technical Management from Johns Hopkins University (JHU), and Business from Columbia Business School. He is a published author, speaker, instructor, and advisor. He serves on industry forums and pays it forward as a mentor at an incubator. https://www.linkedin.com/in/alex-sharpe-3rd/


2: MARCH 3 & MARCH 10 (Two Wednesday sessions)

Certified Cyber Security Architect (CCSA) Certification Training

Uday Ali Pabrai | CEO| ecfirst

CCSA is an instructor-led 2-day program. The program validates knowledge and skill sets in cybersecurity with focus on the N 1ST Cybersecurity Framework, and the U.S. DoD cybersecurity mandate, CMMC. Core topics emphasized include establishing a credible, evidence-based enterprise cybersecurity program and developing a comprehensive incident response plan.

Who should attend:

Anyone involved in designing, implementing, or defending critical infrastructure information networks and systems, those in information technology risk assessment, or organizational technology and cyber risk management leaders and managers

Learning Objectives
  1. Examine how to establish a cybersecurity program based on the NIST Cybersecurity Framework.
  2. Step through key areas that must be addressed in a credible incident response plan.
  3. Walk through core components, organization and CMMC Maturity Levels.
  4. Examine CMMC domains and CMMC capabilities required for organizations.

About the Instructor

Uday Ali Pabrai

CEO | ecfirst

Ali Pabrai, MSEE, CISSP (ISSAP, ISSMP), Security +, CCSFP, is the CEO of ecfirst. A highly sought after information security and regulatory compliance expert, he has successfully delivered solutions on compliance and information security to organizations worldwide. Mr. Pabrai has presented opening keynote and other sessions at several conferences, including ISACA, ISSA, FBI InfraGard, HIMSS, HCFA, HIPAA Summit, Microsoft Tech Forum, NASEBA Healthcare Congress (Middle East), Kingdom Healthcare (Saudi Arabia), Internet World, DCI Expo, Comdex, Net Secure, Nurse Practitioners Conference, National Council for Prescription Drug Programs (NCPDP), National Council for State Board of Nursing IT Conference, and many others.


3: MARCH 17

Emerging Technological Threats to U.S. Nuclear Power Plants

Michael Cohen| INMA NSSRP National Sector Chief | Nuclear Reactors, Materials, and Waste Sector
Dr. Terry Dorn| Senior Strategist | Gryphon Technologies
Jackson Wynn| CSEP, CISSP, Principal Systems Security Engineer | MITRE Corporation

This workshop will address two emerging technological threats to U.S. nuclear power plants:

1. The first presentation, entitled “A Phenomenological Examination of the Vulnerability of U.S. Nuclear Power Plants to Attack by UAS,” will examine the vulnerability of U.S. nuclear power plants against attack by UAS via the perceptions and experiences of twenty current and former managers, scientists, and contractors employed by the federal government and nuclear industry.

2. The second presentation will present CICAT, a modeling and simulation tool for evaluating the effects of cyberattack on critical infrastructure. CICAT was developed in conjunction with MITRE’s participation in an International Atomic Energy Agency (IAEA) research program to improve capabilities at nuclear facilities for preventing, detecting, and responding to cyber security incidents. We will present the application of CICAT to model a cyber-physical attack at a U.S. Pressurized Water Reactor.

Who should attend:

Anyone involved in defending energy sector critical infrastructure information networks and systems, those who want to understand more about the risks posed by unmanned arial systems (UAS) information technology risk mitigation, or organizational technology and cyber risk management leaders and managers

Learning Objectives
  1. Increase awareness of the threat posed by unmanned aerial systems.
  2. Increase the understanding that it is only through a community effort that we will be able to defeat the unmanned system threat posed by aerial, surface, and undersea systems.
  3. Increase awareness that Cyber-attacks can have potentially dangerous physical impacts on nuclear power pressurized water reactor plants and therefore the need to improve Cybersecurity at such plants.

About the Instructor

Dr. Michael Cohen

INMA NSSRP National Sector Chief | Nuclear Reactors, Materials, and Waste Sector

Dr. Cohen led the development of the first version of the Federal Radiological Emergency Response Plan in 1985 and exercised it at the St. Lucie nuclear power plant in Florida. He also served as the first DHS liaison to the industry-driven Nuclear Sector Coordinating Council. Today, he is dual hatted as the NCR IMA Nuclear Sector Chef and the National Nuclear Sector Chief.

Dr. Terry Dorn

Senior Strategist | Gryphon Technologies

Dorn was born in Ankara, Turkey. As the son of an Air Force Chief Master Sergeant, he traveled worldwide. Dr. Dorn joined the Army in 1985, excelled in the Army’s Air Defense branch, and deployed multiple times to various combat zones. Two noteworthy assignments included serving as a speechwriter to the Chief of Staff of the Army and military assistant to the Secretary of Defense. In 2013, he was inducted into the Army Officer Candidate School Hall of Fame and retired in 2014 as a Colonel. Dr. Dorn later served as a senior program manager; and as a senior strategist/business processes leader for the U.S. team supporting the UAE military headquarters modernization efforts in Abu Dhabi, UAE; and then joined Gryphon Technologies as a senior strategist supporting the Department of Homeland Security Countering Weapons of Mass Destruction team. While serving the nation as an army officer, Dr. Dorn earned a Master of Arts degree in International Relations from Boston University and a Master of Science degree in National Security Strategy from the National War College. In 2020, he completed his Ph.D. from Northcentral University in Business Administration. His area of specialization was in Homeland Security, and his dissertation was entitled, “A Phenomenological Study Examining the Vulnerabilities of U.S. Nuclear Power Plants to Attack by Unmanned Aerial Systems.

Jackson Wynn

CSEP, CISSP, Principal Systems Security Engineer | MITRE Corporation

Systems security engineer with 15+ years of experience at The MITRE Corporation applying systems and security engineering to a wide range of DoD, USG, and international programs. Subject matter expert in cyber threat modeling, mission assurance, and cyber resiliency. Career focus on developing software tools used to apply cyber research to achieve system security engineering (SSE) outcomes. Prior to MITRE, over 20 years of experience as a software engineer developing distributed software systems.


4: MARCH 24

Getting Ahead of Supply Chain Insider Threats

Brett Tucker | Technical Manager | Software Engineering Institute
Randy Trzeciak | Director | CERT National Insider Threat Center, Carnegie Mellon University, Software Engineering Institute

An effective cybersecurity program and related insider threat practice is constructed on a foundation of robust risk management. This includes the third-party risk management practices required to mitigate the supply chain risks. This talk explores how CERT’s recently released OCTAVE FORTE risk management model can be applied to enterprise and supply chain risk management in the interest of responding to potential insider risks that may come with partner organizations.

Who should attend:

Anyone involved in defending critical infrastructure supply chains, those in supply chain risk assessment or mitigation, or critical infrastructure supply chain leaders and managers.

Learning Objectives
  1. Identify common risks related to their supply chain.
  2. Discuss the various steps of building a risk program to address supplier related risks using OCTAVE FORTE.
  3. Discuss aspects of insider threat as it relates to partner organizations

About the Instructor

Brett Tucker

Technical Manager | Software Engineering Institute

Brett is the Technical Manager of Cyber Risk Management in the CERT Program at Carnegie Mellon University’s (CMU) Software Engineering Institute (SEI). Brett is responsible for a research and development portfolio focused on improving the security and resilience of the nation’s critical infrastructure and assets with specific focus on risk and resilience. He also teaches executive and graduate level courses as a CERT adjunct professor at the Heinz College and serves as the Technical Sponsor for the Executive Chief Risk Officer training program. Brett has 20 years of experience in engineering, risk management, and technical management within the public and private sectors. Prior to joining the SEI, Brett was the Global Risk Manager for Westinghouse Electric Company where he managed the corporate enterprise risk portfolio and global insurance programs. Preceding that role, Brett also managed a project controls organization as well as led the engineering, procurement, and installation of Instrumentation & Control suites for AP1000 nuclear power plants. Prior to Westinghouse, Brett served as an intelligence officer at the Central Intelligence Agency and also as a defense contractor for the Naval Sea Systems Command. Brett is a veteran of the United States Navy and served as a Surface Warfare Officer and qualified naval nuclear engineer. Brett holds a Bachelor of Science degree in Chemical Engineering from the University of Notre Dame, a master’s degree in engineering management from Old Dominion University, and an MBA from Penn State University. Brett is a certified Project Management Professional (PMP), Certified Information Systems Security Professional (CISSP), and an ASQ Certified Six Sigma Black Belt (CSSBB). Most recently, Brett was appointed as an advisor for Governor Holcomb’s Executive Council for Cybersecurity for the state of Indiana.

Randy Trzeciak

Director | CERT National Insider Threat Center, Carnegie Mellon University, Software Engineering Institute

Randy is a Principal Researcher, Technical Director (Acting) of the Security Automation Directorate at CERT; Deputy Director of the Cyber Risk and Resilience Directorate at CERT, and the Director of the CERT National Insider Threat Center at Carnegie Mellon University’s Software Engineering Institute. The team’s mission is to assist organizations in improving their security posture and incident response capability by researching technical threat areas; developing and conducting information security assessments; and providing information, solutions and training for preventing, detecting, and responding to illicit activity. In addition to his role with CERT, he also has a dual appointment as Program Director for the Master of Science in Information Security Policy and Management (MSISPM) program and CERT professor at Carnegie Mellon’s Heinz College, Graduate School of Information Systems and Management, at Carnegie Mellon University. He teaches various graduate-level courses for the MSISPM and MISM programs and is an instructor for the CISO and CIO executive education programs in the Heinz College. Prior to his career at Carnegie Mellon, Randy worked for Software Technology, Incorporated (STI) in Alexandria, Virginia. For nine years, he was a consultant to the Naval Research Laboratory (NRL) working on numerous projects designing, building, and supporting large-scale relational database management systems and executive management systems. During his employment with STI, Randy also filled the role of Information Systems Business Manager.


5: MARCH 31

Top Twenty Excuses why individuals and organizations do not take cyber security seriously: How to change the corporate mindset to overcome this

Scott Augenbaum | Retired Supervisory Special Agent | FBI

During Retired Supervisory Special Agent Scott Augenbaum’s 30-year career with the FBI he responded and interviewed over 1,000 Cybercrime victims and conducted an equal number of awareness presentations with the goal of preventing future Cybercrime victimization. Over the years he discovered the global cost of Cybercrime continued to increase all while organizations also increased spending on products and services. As he was providing his awareness briefings to organizations, he noticed he kept hearing the same excuses day in about why they were not concerned with the increasing Cyber Threat. Scott is going to share these excuses with you and explain how they lead to an increase in Cybercrime victimizations and share with you specific techniques to overcome these common obstacles in order to change the mindset of your executive team

Who should attend:

Anyone involved in defending critical infrastructure information networks and systems, those in information technology risk mitigation , or organizational technology and cyber risk management leaders and managers

Learning Objectives
  1. Discover the commonalities in over 1,000 Cybercrime victimizations.
  2. What are the top twenty excuses provided by organizations and how to destroy these limiting beliefs.
  3. How to train your employees to take the Cybercrime problem seriously.

About the Instructor

Scott Augenbaum

Retired Supervisory Special Agent | FBI

Scott joined the Federal Bureau of Investigation (FBI) in the New York Field Office in 1988 as a support employee, In 1994 he became a Special Agent and was assigned to the Syracuse, New York Office, where he worked domestic terrorism, white collar and hate crimes, and all computer crime investigations. In October 2003, he was promoted to Supervisory Special Agent at FBI Headquarters, Washington D.C in the Cyber Division, Cyber Crime Fraud Unit and was responsible for managing the FBI’s Cyber Task Force Program and Intellectual Property Rights Program. In 2006, he transferred to Nashville, TN and managed the FBI Memphis Division Computer Intrusion/ Counterintelligence Squad in Nashville, TN. Over the past ten years, he is provided hundreds of computer intrusion threat briefings to educate organizations on emerging computer intrusion threats and how to not to be the victim of a data breach. Scott earned an MBA at American Sentinel University in Information Technology and a master’s Certificate in Information Security Management from Villanova University and holds numerous General Information Assurance Certifications. He is also the author of The Secret to Cybersecurity: A Simple Plan to Protect Your Family and Business From Cyber Crime.


BEING RESCHEDULED

Taking an APPSECond to Understand Security Vulnerabilities in Mobile Application Development

Mike Muscatell | Senior Manager, Information Security|Krispy Kreme

This presentation will show how mobile applications are being utilized to stand up parallel businesses by exploiting weaknesses in those applications. These exploits go unseen in most cases however, through a series of live demonstrations, will show how the exposures can be detected and mitigated.

Who should attend:

Anyone involved in defending critical infrastructure information networks and systems, those developing software for critical infrastructure systems, or organizational information technology leaders and managers.

Learning Objectives
  1. Learn the methodologies utilized by cyber criminals to create businesses using exploited mobile applications
  2. How the business activity is hiding in plain sight.
  3. Learn what steps can be taken to mitigate and potentially disrupt the cyber criminal’s business at the expense of your company’s applications.
  4. Additional take-aways:
    1. See How and Where the “activity” is conducted to perform these criminal acts.
    2. How to identify malicious activity associated with mobile applications “beyond the scan”.
    3. Enhance current security practices on what controls are bypassed by utilizing existing company resources.

About the Instructor

Mike Muscatell

Senior Manager, Information Security | Krispy Kreme

Mike Muscatell is a seasoned IT veteran with more than 25 years in the Information Security field. He is an Offensive Security Professional. Was honored as top 100 professionals in the Information Security Field by Strathmore. Member of a number of security organizations including FBI Infragard and International Cyber Threat Task Force (ICTTF).


7: APRIL 14

The American Terrorist

Dr. Terry Oroszi | Professor | Wright State University Boonshoft School of Medicine

This research identifies the attributes of an American terrorist by studying the patterns within 50 demographic variables and exploring their correlation with the motivation to commit crimes related to terrorism. We believe that such an understanding will help to halt the recruitment of American citizens by providing a profile that will quickly identify a person that is susceptible to radicalization and offer tools on to intervene. Not only did this study confirm the previous findings, but it also expanded upon them by examining 519 U S citizens convicted of crimes related to terrorism since Sept. 11, 2001. Additional characteristics collected include the location of residence, crime and imprisonment, religion, organizational alliances, race, heritage and path to citizenship, field of study and occupation, social status, military, mental health, marriage and family, conviction, punishment, and target. We did a deep dive into the American military terrorists. We endeavor to continue identifying the common traits of terrorists and the social circumstances that render a person susceptible. By creating a well sourced and researched list of behaviors we offer methods for community-based curbing of radicalization.

Who should attend:

Anyone involved in defending critical infrastructures from acts of terrorism, or critical infrastructure physical security leaders and managers

Learning Objectives
  1. Improved Communication:
    1. Speak with confidence on several aspects of terrorism in the United States.
    2. Educate others on the true aspects of terrorism and terrorists, based on real data/statistics.
  2. Enhanced Response:
    1. Recognize and appropriately respond to potential threats related to terrorism, including the subtle signs.
    2. Summarize and apply the fundamentals of terrorism to other aspects of violent behaviors.
  3. Crisis Decision-Making:
    1. Recommend a strategy based on your interpretation of the data presented and communicate that strategy with others.
    2. Identify markers of a developing extremist and the tools to help steer them down a better path.

About the Instructor

Dr. Terry Oroszi

 Professor | Wright State University Boonshoft School of Medicine

Dr. Terry Oroszi is a faculty member and director at Boonshoft School of Medicine, part of Wright State University in Dayton, Ohio. Her subject matter expertise is Homeland Security. As part of her role at BSOM, she serves as Director of the graduate and the Chemical Biological, Radiological, Nuclear (CBRN) Defense Programs. She started her career in the Army, transitioned to the laboratory doing molecular genetics work, and merged her military and science experiences to develop the homeland security focus for the medical school and the department of Pharmacology and Toxicology.

Dr. Oroszi has several collaborations with the military, industry, academia, and the government in the areas of CBRN, terrorism, and crisis decision-making. She is the founder and chair of The Dayton Think Tank, a gathering of the top 50 crisis leaders in the region. As a civilian, Oroszi has received training from the FBI through two programs in 2018 and 2019 and is president of the Dayton InfraGard chapter. Oroszi and has shared her research on American terrorists with NSA, at Quantico, and members of Congress in DC. Her subject matter expertise in terrorism and crisis leadership has been recognized in media, including print, web, and T.V., and as an invited speaker at national conferences for military, government, and industry leaders. Along with several journal publications, she is a co-editor and contributing author of “Weapons of Mass Psychological Destruction and the People that Use Them,” Praeger ABC-Clio, The American Terrorist: Everything You Need to Know to be a Subject Matter Expert, Greylander Press (a book covering 4 years of dedicated research on American citizens charged with acts related to terrorism).


8: APRIL 21

NIST Cybersecurity Framework = Prescriptive Standard for HIPAA

Uday Ali Pabrai | CEO| ecfirst

NIST Cybersecurity Framework is the framework that executives can trust to base their HIPAA compliance program. This framework can be used by organizations that may be small or large, including business associates, physician practices, hospitals, IT firms, government agencies, and other healthcare entities.

Roadmap for Cybersecurity Practices

The Cybersecurity Framework is the result of the February 2013 United States Presidential Executive Order titled “Improving Critical Infrastructure Cybersecurity”. The Cybersecurity Framework envisions effective cybersecurity as a dynamic practice area that is continually addressing threats with a risk-based approach to prioritize response. The NIST Cybersecurity Framework is inclusive of risk-based guidelines that enables you to build a prioritized roadmap towards enhanced cybersecurity practices.

Organization

The Cybersecurity Framework provides your organization with an opportunity to build a credible cybersecurity plan. The Cybersecurity Framework enables an organization like yours to determine your current cybersecurity capabilities and set enterprise goals for a target state. It helps you to establish a plan to improve and maintain your cybersecurity program. The Cybersecurity Framework comprises of three primary components: Profile, Implementation Tiers, and Core.

Who should attend:

Anyone involved in defending healthcare and public health critical infrastructure information networks and systems, those involved in cyber risk assessment and mitigation, or healthcare and public health leaders and managers.

Learning Objectives
  1. Establishing an evidence-based HIPAA compliance program based on the NIST Cybersecurity Framework
  2. Mapping between HIPAA mandates and the NIST Cybersecurity Framework
  3. Key updates in the NIST Cybersecurity Framework including the requirement for managing cybersecurity within the supply chain (business associates)
  4. Build a prioritized roadmap towards enhanced cybersecurity practices.

About the Instructor

Uday Ali Pabrai

CEO| ecfirst

Ali Pabrai, MSEE, CISSP (ISSAP, ISSMP), Security +, CCSFP, is the CEO of ecfirst. A highly sought after information security and regulatory compliance expert, he has successfully delivered solutions on compliance and information security to organizations worldwide. Mr. Pabrai has presented opening keynote and other sessions at several conferences, including ISACA, ISSA, FBI InfraGard, HIMSS, HCFA, HIPAA Summit, Microsoft Tech Forum, NASEBA Healthcare Congress (Middle East), Kingdom Healthcare (Saudi Arabia), Internet World, DCI Expo, Comdex, Net Secure, Nurse Practitioners Conference, National Council for Prescription Drug Programs (NCPDP), National Council for State Board of Nursing IT Conference, and many others


9: APRIL 28

Open Source Intelligence for Critical Infrastructure Protection

James McDowell| Securities Analyst | Alabama Securities Commission

Attendees will learn the applications of OSINT in protecting critical infrastructure, discuss use-cases of OSINT in criminal investigations, and identify OSINT resources.

Who should attend:

Anyone involved in critical infrastructure protection intelligence and investigations, risk management, insider threat detection, or critical infrastructure leaders and managers.

Learning Objectives
  1. Understand the applications of OSINT in protecting critical infrastructure.
  2. Analyze use-cases of OSINT in criminal investigations.
  3. Identify OSINT resources.

About the Instructor

James McDowell

Securities Analyst | Alabama Securities Commission

James has a master’s degree in Cybersecurity and professional certificates in Blockchain Fundamentals, Data Science for Executives, and Computer Science for Artificial Intelligence. He is a Certified Blockchain Expert, Certified Cyber Crime Investigator, Certified Ethical Hacker, Certified Fraud Examiner, and Certified Computer Hacking Forensic Investigator. He has completed various other certifications related to counter-terrorism, infrastructure security, and emergency preparedness. He serves as a Fusion Liaison Officer and Infrastructure Liaison Officer. He coordinates multi-jurisdictional investigations and advises his colleagues on digital investigations, data analytics, and operational security. James is a dedicated public servant and is actively involved in many professional organizations. He is a Member-at-Large of the Board of Directors of the Birmingham Chapter of the InfraGard Membership Alliance, Co-Chair of the “Investment Adviser Cybersecurity and Technology Project Group” of the North American Securities Administrators Association (NASAA), and Chair of the Financial Crimes Section of the Government Blockchain Association (GBA).


10: MAY 5

Browser Betrayal and Conducting Online Investigations without Attribution

Matt Ashburn| Head of Strategic Initiatives| Authentic8

Adam Huenke| OSINT Tradecraft Training Specialist| Authentic8

We all know that our online activity can be tracked for targeted advertising. Many of us have received friend suggestions on social media for long lost acquaintances. Now more than ever, your online activity is tracked, monitored and brokered for a variety of reasons. However, did you know that your online research activity can negatively affect your investigations? The same tracking mechanisms can uncover investigators’ intent and identity, potentially spoil investigations and even enable retaliation by criminals.

In this workshop, we’ll cover:

– How commercial browsers continue to betray your privacy

– How your investigations can be put at risk

– Methods to work smarter (and safer), not harder

– How to safely access untrusted websites without infecting your agency

– Why you should care about the dark web and how to access it

Who should attend:

Anyone involved in defending critical infrastructure information networks and systems, application development, cybersecurity risk mitigation, or cyber risk management leaders and managers

Learning Objectives
  1. Help others understand how using a commercial browser undermines any expectation of privacy and security
  2. Conduct online investigations while managing attribution
  3. Apply open source intelligence tradecraft to their current workflows as means of blending in with average site visitors to prevent tipping off suspects
  4. Leverage data capture, storage, and collaborative techniques to improve caseload productivity

About the Instructor

Matt Ashburn

Head of Strategic Initiatives| Authentic8

Matt is the Head of Strategic Initiatives, focusing on cross-functional strategy and engagement with customers. Prior to Authentic8, Matt served as a CIA officer focusing on cyber issues, including a detail serving on the National Security Council as the Chief Information Security Officer and Special Advisor to the National Security Advisor, leading technical expertise, risk reduction strategies, and policy for national security systems. At CIA, Matt led the technical direction and coordination to stand up an innovative, unified cyber security operations center to fully harness agency authorities, resources, and talents to prevent and respond to advanced cyber threats. He also led the detection watch floor of CIA’s cyber incident response team, and has been recognized with a national intelligence award and service ribbon from the Director of National Intelligence and the IC CIO Partnership Award. Prior to CIA, Matt gained over 10 years of government and private sector experience focusing on intelligence matters and cyber security initiatives at federal agencies and a major financial institution. He holds a BS in Electrical Engineering from the University of Virginia and is a graduate of FBI’s Intelligence Basic Course at Quantico, VA. Matt splits his time between Washington, DC and Puerto Rico, and volunteers as a sworn reserve police officer with the DC Metropolitan Police.

Adam Huenke

OSINT Tradecraft Training Specialist| Authentic8

Experienced Cyber Threat Intelligence and Intelligence Analyst with more than 3 years in Cyber Threat Intelligence at Huntington National Bank and 9 years as an Intelligence Analyst in the United States Marine Corps from the Battalion Level all the way to HQ US Special Operations Command. Adam is a current InfraGard Member out of the Central Ohio Members Alliance Chapter. Adam currently holds a bachelor’s degree in Cyber Security from American Military University (Magna Cum Laude) and an associate degree in Digital Forensics from St. Petersburg College. Prior to working at Huntington National Bank, Adam conducted numerous training events in support of military and government clients as an Intelligence Training Support Analyst/Cellular Operations Specialist.


11: MAY 12

Religious Facilities Protection Program: How to protect places of worship

Curtis Jones| Program Manager| INMA NSSRP Religious Facilities Protection Program

Description TBD.

Who should attend:

Anyone involved in the protection of religious or faith-based facilities, religious facility security management.

Learning Objectives

TBD

About the Instructor

Curtis Jones

Program Manager| INMA NSSRP Religious Facilities Protection Program

Curtis is a dedicated Security Professional with over 35 years of executive corporate security, federal law enforcement, and life safety management experience and is currently leading the Infragard National Religious Facilities Protection Program in partnership with DHS, FEMA, and DOJ. In 2018, Curtis successfully graduated from the FEMA National Emergency Advanced Academy and actively serves on the DHS Community Response to Active Shooter Incident Project Washington DC. Curtis is the former President for the San Diego Infragard Chapter. As the newest member of the Faith Based Information Sharing Analysis Organization Advisory Board (FB-ISAO), Curtis is working with this group in providing threat-informed, risk-based, all-hazards support to the Community of Faith to include all faiths and partner organizations. In 2007 Curtis founded 7 Crowns Security Consultants Inc. providing Physical Security Consulting services for mid to fortune 500 corporations.

12: MAY 19

HITRUST CSF: A Framework of Frameworks

Uday Ali Pabrai | CEO | ecfirst

Businesses across industries must continually comply with federal and state mandates. Threats are advanced. Threats are persistent. Threats are disruptive to business operations and finance. The challenge is how to address the multitude of security, privacy and regulatory requirements. The HITRUST® CSF harmonizes and cross references complex standards to enable organizations establish a credible cybersecurity program. So the recommendation is to establish a credible HIPAA compliance program aligned with the HITRUST CSF. Prioritize the completion of HITRUST certification. Applying the HITRUST CSF to address HIPAA mandates requires the following key steps:

1. Integrate the HITRUST Risk Management Framework into your information protection program.

2. Conduct a comprehensive HITRUST CSF Self-Assessment.

3. Perform HITRUST CSF Validation and Certification.

4. Manage and maintain HITRUST CSF Certification‒ Continually

The bottom-line recommendation for HIPAA compliance: HITRUST CSF = Credible HIPAA Compliance! The HITRUST CSF certification helps support an organization’s assertion of HIPAA compliance. When you think of HIPAA compliance, think HITRUST CSF certification.

Who should attend:

Anyone involved in defending critical infrastructure information networks and systems, those in information technology risk mitigation, or organizational technology and cyber risk management leaders and managers.

Learning Objectives
  1. Walk through how HITRUST CSF maps to and addresses ISO 27001, HIPAA, PCI DSS, and NIST standards
  2. Evaluate basing a HIPAA Privacy and Security compliance program on HITRUST CSF
  3. Step through core components of HITRUST CSF
  4. Examine the prescriptive and scalable requirements of HITRUST CSF
  5. Understand how to establish a credible enterprise cybersecurity program on HITRUST CSF
About the Instructor

Uday Ali Pabrai

CEO| ecfirst

Ali Pabrai, MSEE, CISSP (ISSAP, ISSMP), Security +, CCSFP, is the CEO of ecfirst. A highly sought after information security and regulatory compliance expert, he has successfully delivered solutions on compliance and information security to organizations worldwide. Mr. Pabrai has presented opening keynote and other sessions at several conferences, including ISACA, ISSA, FBI InfraGard, HIMSS, HCFA, HIPAA Summit, Microsoft Tech Forum, NASEBA Healthcare Congress (Middle East), Kingdom Healthcare (Saudi Arabia), Internet World, DCI Expo, Comdex, Net Secure, Nurse Practitioners Conference, National Council for Prescription Drug Programs (NCPDP), National Council for State Board of Nursing IT Conference, and many others.

13: MAY 26

A White Hat Approach to Insider Threats – REMOTE WORKER

Mike Muscatell | Senior Manager, Information Security | Krispy Kreme

This presentation is designed to help individuals identify how seemingly “innocent” activity can make them an insider threat and help organizations identify existing critical controls needed to develop an Insider Threat Program using a white hat hacking methodology. Through live demonstrations will show simple techniques used to bypass various controls.

Who should attend:

Anyone involved in insider threat detection and mitigation, information system cyber risk management, information technology risk mitigation , or information technology leaders and managers

Learning Objectives
  1. Learn the methodologies utilized by individuals within the organization that would be defined as insider threat activity.
  2. How to identify system based behavioral indicators.
  3. Learn which existing or enhanced security layer can provide insider threat profile data.
  4. Learn how areas of the organization i.e., Legal, Procurement & HR are key stakeholders in assisting to identify insider threat activity.
  5. Additional take-aways:
    1. How to identify business processes which can contribute to insider threats.
    2. Enhance current security program on what controls are bypassed by utilizing routine IT procedures
    3. Enhance procedures required to identify insider threat exposures.
    4. Enhance awareness training to include additional methods of insider threat.
    5. Enhance existing physical and digital security layers to better identify specific insider threat activity.
About the Instructor

Mike Muscatell

Senior Manager, Information Security | Krispy Kreme

Mike Muscatell is a seasoned IT veteran with more than 25 years in the Information Security field. He is an Offensive Security Professional. Was honored as top 100 professionals in the Information Security Field by Strathmore. Member of a number of security organizations including FBI Infragard and International Cyber Threat Task Force (ICTTF).