Authored by Katherine Teitler, Director of Content at MIS Training Institute.

Late winter through early spring is like awards season for information security conferences. With a renewed passion (and possibly a few well-timed breaches) following the winter holidays, security professionals are revved up to learn from and share with one another what works, what doesn’t and what they need to be mindful of as they navigate the murky waters of InfoSec.

Here at MISTI, we’ve been planning InfoSec World 2016 for months, but the event is finally right around the corner. As presenters hone their talks to include recent events and new technological developments, some talks stand out. Possibly these security experts were prescient, but more likely, certain topics have been simmering for some time and demand our attention now.

With over 70 planned talks, it’s hard to pluck just a few from the bunch, but the five talks listed below promise to pack a punch in terms of actionable advice and words of wisdom.

‘The Simpsons’ and Their Mathematical Secrets

Have you ever watched “The Simpsons”? Did you know that there are covert mathematical equations and theorems hidden inside various episodes? Ironic, isn’t it, Smithers?

Simon Singh, best-selling author, journalist, producer and director, is part of the team that carefully weaves references to uncountable infinity, fractals and the P v NP conjecture (don’t worry, Singh will explain) into one of the most beloved TV shows of all time.

In his keynote “The Simpsons and Their Mathematical Secrets,” based on his book of the same title, Singh will share anecdotes and point out what to look for when you go back home and rewatch your favorite episodes.

If you’re craving more, Simon will hold a book signing in the expo hall right after his talk. We’ll have pink frosted donuts to munch on, too. Mmm, donuts.

Chillin’ Like a Villain: Applying Critical Thinking to Security FUD

There’s no shortage of hyperbole when it comes to gaining media ratings. With regard to information security — a field familiar but still mostly misunderstood by the public — capitalizing on fear, uncertainty and doubt (FUD) is certain.

“We’re security professionals,” you may say. Yes, true, but how many times have security decisions been influenced by or decided based on the directives of an executive who learns most of his or her security knowledge through mass media? How easy is it to become distracted by the latest and greatest research on hijacked cars or talking toasters when your security team’s mission is to protect customers’ personally identifiable information (PII)?

Chris Poulin, a research strategist with IBM X-Force, is on a mission to help enterprise security practitioners see through the FUD and focus on real threats (and there are plenty). By applying critical thinking to security processes and decisions, practitioners are more likely to stay on track and have the ability to identify attackers in their systems, understand what attackers want from the organization and learn what motivates attackers — and thus what type of data/access/disruption they’re after.

Poulin will share time-tested methods of thinking through security scenarios and provide advice on how to weaponize the information gained in the process. In other words, he’ll discuss how to apply actionable countermeasures to real threats.

A Blended Family: A Privacy and Security Partnership

Kevin Haynes, chief privacy officer at The Nemours Foundation, understands that privacy and security are like peanut butter and jelly.

Often, security and privacy are misconstrued as being the same thing. For instance, in the digital world, many individuals offer up PII intended for only the recipient (privacy) and expect the organization to implement controls to keep it under lock and key (security). In practice, the disciplines differ, but the goals are the same: Keep sensitive information away from unauthorized parties.

During his talk, Haynes will address why the success of both security and privacy depends on a strong partnership. He will outline principles that govern a privacy program and tie them to frameworks more familiar to security practitioners. At the conclusion of this talk, attendees will walk away with ideas on how to work more closely and effectively with privacy teams, plus they’ll have a road map for including privacy in the planning, implementation and management of a security program to the benefit of the organization — and its customers — as a whole.

Containers at Scale: What Security Pros Need to Know

Application containers such as Rocket from CoreOS and Docker are a dream for development teams. Without the distraction of potential disruption of a production environment, developers can focus on churning out new products and apps. Security teams like them, too, because unfinished apps and software are kept away from critical systems. But who’s looking after the security of intellectual property (IP) when it isn’t under the thumb of the security group?

PaaS, SaaS, IaaS and other as-a-service options are not new, and security practitioners are becoming more comfortable with the idea of their IP in the hands of third-party providers. Yet misconceptions about containers abound since security pros are less likely to be involved with the evaluation of a development tools than they are, say, a SIEM tool.

Diana Kelley, executive security adviser at IBM, and Ed Moyle, director of emerging business at ISACA, will dispel some myths about what containers are and why they matter from a security point of view. Building on a long history of application security experience, Kelley and Moyle will share the “gotchas” of using these technologies at scale and lay out compliance and data governance challenges organizations can expect when containers are part of the development life cycle.

This talk will give attendees a framework for understanding how a security program can adapt as usage increases and more tools — some with and some without security baked in — are brought to market.

Mobile Forensics — Tools and Investigation in a BYOD World

A version of this talk has been hanging around the InfoSec World program for a while now. Before you say “been there, done that,” don’t forget that device manufacturers are developing new ways to protect consumers’ mobile data, making it harder to access by anyone other than the phone owner. Adversaries, too, are testing and sharing ways to break all that is new.

InfoSec World veteran Warren Kruse, vice president of data forensics at Altep, and Aaron Crews, senior associate general counsel at Wal-Mart (or “The Mobile Krew,” as they will henceforth be known), are gearing up to show session participants how to handle the security of data flowing through or stored on mobile devices regardless of the owner. An organization’s data is its data, and employees, customers or courts won’t be forgiving if the organization fails to both properly secure and adequately prove that it did so in the event of a breach.

This talk will prepare attendees to find, collect and restore data from mobile devices, even when the data appears to have been deleted. Kruse and Crews will start with an overview on mobile memory basics, then progress to demonstrate tools that allow forensic and IR teams to acquire and analyze mobile data. At the end of the talk, attendees will review a checklist outlining how to obtain critical evidence should the courts come knocking.

But Wait! There’s More at InfoSec World

If that’s not enough to entice you to visit Orlando in April, InfoSec World 2016 will have its first-ever lock picking course and a beer crawl, courtesy of our sponsors. Come mingle with fellow security practitioner and learn a thing or two along the way!

For the entire event agenda, please visit the InfoSec World website.

More from Intelligence & Analytics

Email campaigns leverage updated DBatLoader to deliver RATs, stealers

11 min read - IBM X-Force has identified new capabilities in DBatLoader malware samples delivered in recent email campaigns, signaling a heightened risk of infection from commodity malware families associated with DBatLoader activity. X-Force has observed nearly two dozen email campaigns since late June leveraging the updated DBatLoader loader to deliver payloads such as Remcos, Warzone, Formbook, and AgentTesla. DBatLoader malware has been used since 2020 by cybercriminals to install commodity malware remote access Trojans (RATs) and infostealers, primarily via malicious spam (malspam). DBatLoader…

New Hive0117 phishing campaign imitates conscription summons to deliver DarkWatchman malware

8 min read - IBM X-Force uncovered a new phishing campaign likely conducted by Hive0117 delivering the fileless malware DarkWatchman, directed at individuals associated with major energy, finance, transport, and software security industries based in Russia, Kazakhstan, Latvia, and Estonia. DarkWatchman malware is capable of keylogging, collecting system information, and deploying secondary payloads. Imitating official correspondence from the Russian government in phishing emails aligns with previous Hive0117 campaigns delivering DarkWatchman malware, and shows a possible significant effort to induce a sense of urgency as…

X-Force releases detection & response framework for managed file transfer software

5 min read - How AI can help defenders scale detection guidance for enterprise software tools If we look back at mass exploitation events that shook the security industry like Log4j, Atlassian, and Microsoft Exchange when these solutions were actively being exploited by attackers, the exploits may have been associated with a different CVE, but the detection and response guidance being released by the various security vendors had many similarities (e.g., Log4shell vs. Log4j2 vs. MOVEit vs. Spring4Shell vs. Microsoft Exchange vs. ProxyShell vs.…

Unmasking hypnotized AI: The hidden risks of large language models

11 min read - The emergence of Large Language Models (LLMs) is redefining how cybersecurity teams and cybercriminals operate. As security teams leverage the capabilities of generative AI to bring more simplicity and speed into their operations, it's important we recognize that cybercriminals are seeking the same benefits. LLMs are a new type of attack surface poised to make certain types of attacks easier, more cost-effective, and even more persistent. In a bid to explore security risks posed by these innovations, we attempted to…