Ohio InfoSec Anniversary 2019

13th July 2019

---

Looking for the Q&A? Click here

Time and Place

July 13th 9:00AM - 5:00PM EST

Miami Valley Research Park
1900 Founders Drive
Suite 100
Dayton, Ohio 45420

Directions

Schedule

Time	Speaker	Event
9:00 AM	Charles Monett/Paul Hankins	Checkin for Attendees and Breakfast
9:30 AM	Dr. John Carls/Paul Hankins	Introduction
9:45 AM	Deral Heiland	Uboot to Root
10:45 AM	Robert Stewart	A Discussion of Secrets
11:45 AM		Break for lunch - pizza provided on site by OISF
1:00 PM	Matt Scheurer	Continuous Skills Improvement for Everyone
2:00 PM	Micah Brown	DLP Demystified
3:00 PM	Dr. John Carls/Paul Hankins	Break for Dessert/Prize Giveaway
3:30 PM	Barry Kimball	Pixel Tracking: How it’s used and abused
4:30 PM	Dr. John Carls/Paul Hankins	Closing Remarks, Thanks, OISF Requests

About the Speakers:

Deral Heiland - UBoot to Root

Deral Heiland CISSP, serves as a Research Lead (IoT) for Rapid7. Deral has over 20 years of experience in the Information Technology field, and has held multiple positions including: Senior Network Analyst, Network Administrator, Database Manager, Financial Systems Manager and Senior Information Security Analyst. Over the last 8+ years Deral’s career has focused on security research, security assessments, penetration testing, and consulting for corporations and government agencies. Deral also conducted security research on numerous technical subjects, releasing white papers, security advisories, and has presented the information at numerous national and international security conferences including Blackhat, Defcon, Shmoocon, DerbyCon, RSAC, and Hack In Paris. Deral has been interviewed by and quoted by several media outlets and publications including BBC, MIT Technical Review, MSNBC, SC Magazine, Threat Post and The Register.

Robert Stewart - A Discussion of Secrets

As a social engineering practitioner there are many tricks I use to gain access to facilities, and ways that I coerce individuals into helping me achieve my goals along the way. We'll be talking about some of these tricks, tactics, and techniques to hopefully make my life harder and your security better.

Robert Stewart is a Security Consultant for Rapid7, working on engagements that range from network, web application, mobile, electronic social engineering, physical social engineering penetration test. 'I break into things for a living, lets talk about it.'

Matt Scheurer - Continuous Skills Improvement for Everyone

Matt Scheurer serves as Chair of the Cincinnati Networking Professionals Association Security Special Interest Group (CiNPA Security SIG) and works as a Systems Security Engineer in the Financial Services industry. Matt is also a Bugcrowd Ambassador. He holds a CompTIA Security+ Certification and possesses multiple Microsoft Certifications including MCP, MCPS, MCTS, MCSA, and MCITP. He has presented on numerous Information Security topics as a featured speaker at many local area technology groups and large Information Security conferences primarily across the Ohio, Indiana, and Kentucky Tri-State. Matt maintains active memberships in a number of professional organizations including the Association for Computing Machinery (ACM), Cincinnati Networking Professionals Association (CiNPA), Financial Services - Information Sharing and Analysis Center (FS-ISAC), Information Systems Security Association (ISSA), and InfraGard.

Micah Brown - DLP Demystified

https://twitter.com/micahkbrown

Data breaches have become a common fixture of our daily lives. Executives are paying closer attention to their organization’s security posture and funding projects aggressively. Often these projects involve a rollout of flashy new technology and / or devices. These solutions are sold, marketed, and deployed as silver bullet solutions. Technologies such as DLP are open sandbox tools that allow a company to build policies around how data can be stored, processed, and transmitted. It is very easy for a company solely focused on standing up a DLP environment and not provide value to the business.

Micah K Brown is a member of the IT Security Engineering team at American Modern Insurance, part of the Munich RE Group. Over the past four years he has served as the lead Engineer on the DLP implementation for Data Loss Prevention for the Munich RE organizations located in North and South America. In this role Micah has learned the many intricacies of what works in a successful DLP project. In his free time, Micah serves on the Greater Cincinnati ISSA Chapter as Vice President. Micah graduated from the University of Cincinnati and holds an active CISSP.

Barry Kimball - Pixel Tracking: How it’s used and abused

Barry Kimball has worked with computers the majority of his life. Having studied materials engineering and computer engineering has worked through how and what makes a chip work all the way to programming. Working in several fields of IT and wide range of industries. Currently run’s Cincinnati SMBA and member of several local security groups in the Cincinnati area.

Questions & Answers

Who is welcome to attend?

All individuals interested in information security. This includes high school students, college students, professionals, and anyone else interested in our topics.

What cost is there to attend?

There is no minimum cost to attend, but there is a suggested donation of $20.

I'm interested. How do I register?

Registration will be at the door, limited to 110 attendees.

I'll be there. Any food/drink?

Breakfast: Bagels (subject to change)
Lunch: Pizza
Dessert: Cake (subject to change)
Drinks (throughout the day): Coffee, Soft Drinks (reg & diet), Water

I'd like to know about CEUs/CPEs. Could you tell me more?

6 CEU/CPE's are available for registered attendees. Request them at the end of the conference.

I have another question about the conference. Could you answer it?

Sure! Contact us at info@ohioinfosec.org