Gold Sponsors

Wellbury Information Services LLC



Social Media

Our LinkedIn Group:

Ohio InfoSec Anniversary 2016

9th July 2016

Time and Place

July 9th 8:00AM - 5:00PM EST

Miami Valley Research Park 1900 Founders Drive Suite 100 Dayton, Ohio 45420

Directions

Registration and Payment

Registration - $10

Attendee Name

Note:

Cash will not be accepted at the time of the event. You will need to register and pay via the Paypal button(s) above.

Agenda

Start End Event
8 AM 8:45 AM Registrations and Breakfast
8:45 AM 9 AM Introduction
9 AM 10 AM Adrian Crenshaw
10:15 AM 11:15 AM Tim Wright
11:30 AM 12:30 PM Jason Samide
12:30 PM 1:30 PM Lunch
1:30 PM 2:30 PM Dino Tsibouris and Mehmet Munur
2:45 PM 3:45 PM Joel Cardella
3:45 PM 4 PM Cake

Speakers

Adrian Crenshaw - Breaking The Teeth Of Bluetooth Padlocks

Bio

Adrian Crenshaw has worked in the IT industry for the last seventeen years. He runs the information security website Irongeek.com, which specializes in videos and articles that illustrate how to use various pen-testing and security tools. He did the cert chase for awhile (MCSE NT 4, CNE, A+, Network+. i-Net+) but stopped once he had to start paying for the tests himself. He holds a Master of Science in Security Informatics, works for TrustedSec as a Senior Security Consultant and is one of the co-founders of Derbycon.

Abstract

Recently, several padlocks have come on the market that use a smartphone to unlock them instead of a key. This talk will cover these locks, potential bypasses and attack vectors as well as provide information on Bluetooth low energy. Locks covered will be the Quicklock, Noke, Master Lock 4401DLH and perhaps a few others.

Dino Tsibouris and Mehmet Munur

Bios

Dino Tsibouris is the founding principal of the law firm Tsibouris & Associates, LLC, which is recognized as a Tier 1 firm in Information Technology Law by US News’ Best Law Firms. His practice concentrates in the area of technology and intellectual property law with specific focus on electronic commerce, online financial services, software licensing, and privacy law. In addition, Mr. Tsibouris' practice includes the implementation of electronic signatures, records management and information security. He was previously an attorney with Thompson Hine LLP and a Vice President and Counsel for e-Commerce and Technology at Bank One Corporation (now JPMorgan Chase). He has conducted CLE and trade association presentations on various e-banking and e-commerce matters, and participated in many regulatory and industry task forces addressing new legislation.

Full Bio Here

Mehmet Munur is a Partner at Tsibouris & Associates, LLC. He concentrates his practice in the areas of technology law, data privacy and security, and financial services. Before becoming a partner at Tsibouris & Associates, LLC, Mehmet was an attorney at IBM focusing on technology law, software licensing and services, information privacy and security, and product development.

Full Bio Here

Abstract

Dino Tsibouris and Mehmet Munur will be presenting on a lawyer’s perspective on data security. They will discuss data security breaches and trends in 2016, federal and state regulators’ perspective on data security, and developing international privacy issues.

Tim Wright

Jason Samide

Bio

Mr. Samide has worked in Information Technology for the past 12 years focusing on Fortune 500 companies to include financial, manufacturing, healthcare, technology as well as State Government and the Department of Defense. For the past eight years specializing in information security initiatives, each job has brought its own perspective with each experience building upon the next.

Jason has focused his career towards cyber security and managed security programs and continues to hone his skills through researching technologies and his involvement with various security groups around the region. Mr. Samide serves as Stealthcare’s Vice President of its Cyber Intelligence Division and provides IT and security services to Stealthcare’s broad corporate client base across the US, Canada, and abroad.

While technology is a method of enforcing policies, Jason understands the business side of technology having earned his Master’s Degree in Business Administration. Jason is passionate and driven to provide secure solutions to some of the most challenging environments facing Stealthcare’s clients today. He is a Certified Information Systems Security Professional (CISSP) and has obtained multiple Microsoft and Cisco certifications.

Mr. Samide graduated from Cleveland State University with a Bachelor’s Degree in Finance and Masters of Business Administration from Cleveland State University.

Abstract

2016 Predictions and How History repeats itself

Joel Cardella

Bio

Joel Cardella has over 24 years of experience in information technology, having run a gamut from network operations, sales support, data center management, field operations and information security. He has worked in industries including telecommunications, healthcare and manufacturing. Prior to rapid7 he held the role of Regional Security Officer for North America for a multinational manufacturing company.

As a former CISO, he helps C-suite executives better interact on information security topics. He also helps organizations build and run security programs, manage risk, and increase their security maturity posture. As a public speaker he has presented at security conferences across North America, Infragard, and US Army TACOM LCMC. He is an instructor at Eastern Michigan University teaching business-focused IT and network security, and holds a Masters Degree in Organizational Leadership. Joel is an ISACA Certified Information Security Manager (CISM).

Abstract

This presentation will discuss the product of nearly a year’s worth of opportunistic credential scanning data collected from Heisenberg, Rapid7’s public-facing network of low-interaction honeypots. Instead of focusing on the passwords that end users typically pick, with this data we can see what opportunistic scanners are using in order to test— and likely compromise— Internet connected point of sale (POS) systems, kiosks, and scamware-compromised desktop PCs which offer the Remote Desktop Protocol (RDP) service for remote management.