Infragard Minnesota Upper Midwest Security Symposium
A Big Thank You!
Thank you to all of the attendees, sponsors and volunteers who made this event successful! We are looking forward to seeing you all at future events!
InfraGard Minnesota had reserved a block of rooms at the Embassy Suites by Hilton in downtown St. Paul, MN. Thank you to the Hilton for working with us to accommodate our attendees!
Metro State University
700 E 7th Street
St. Paul, MN 55106
June 12th, 2018: 8:30 am - 4:30 pm
June 13th, 2018: 8:30 am - 4:30 pm
$100 InfraGard Members
Topics & Speakers Day 1:
Information Sharing Between Intelligence Agencies
The Office of the Director of National Intelligence (ODNI) integrates and forge an intelligence community that delivers the most insightful intelligence possible
OPS Intelligence Coordination Working Group
Sector Analytic Unit (SAU) provides various products and services to ensure transparency and collaboration on risk impacting the FBI and US private sector.
Hostage Recovery and the U.S. Government
Members of the U.S. interagency Hostage Recovery Fusion Cell will provide an overview of the current kidnapping threat and how the government reacts to kidnapping. The presentation will cover how the government works with families and companies during these crises, and provide best practices for prevention.
Brooke Neuman & Barbara Graves
Brooke is the External Engagement Coordinator for the Hostage Recovery Fusion Cell. Previously, she served as General Stanley McChrystal's chief of staff at the McChrystal Group. Additionally, Brooke worked in the Office of the Secretary of Defense for Policy, where her assignments included: Country Director for Afghanistan; Strategic Advisor to the Commander, International Security Assistance Force in Afghanistan; Politics and Governance Team Lead for Iraq; Country Director for the UAE and Kuwait; and Foreign Affairs Specialist, Defense Reconstruction Support Office for Iraq.
Barbara is the Office of the Director of National Intelligence (ODNI) Intelligence Advisor to the Hostage Recovery Fusion Cell (HRFC). She joined HRFC after serving in the Intelligence Community in the National Counterterrorism Center (NCTC) for 14 years as a counterterrorism analyst and the first NCTC representative to the West Coast in Los Angeles, providing counterterrorism information to federal, state, and private sector partners. Previously Barbara has worked as a Special Agent in the Air Force Office of Special Investigations, a Special Agent in the CIA’s Office of Inspector General, and an analyst in the State Department’s Overseas Security Advisory Council.
Randy Trzeciak is Technical Manager of CERT’s Enterprise Threat and Vulnerability Management Team and the Director of the CERT Insider Threat Center at Carnegie Mellon University's Software Engineering Institute. Randy has over 25 years’ experience in a wide-range of topics including: insider threat, cybersecurity, software engineering, project management, information security, and database design, development, and maintenance. In addition to his role with CERT, he also has a dual appointment as Program Director for the Masters of Science in Information Security Policy and Management (MSISPM) program and CERT professor at Carnegie Mellon’s Heinz College, Graduate School of Information Systems and Management. Randy holds an MS in Management from the University of Maryland and a BS in Management Information Systems and a BA in Business Administration from Geneva College.
"Oops I Did It Again"
Ryan Manship is the President of RedTeam Security. As second in command at RedTeam, Ryan managing a team of consultants, is involved in security testing, and provides expert security guidance to customers. Previous to his role with RedTeam, Ryan led the Application Security program at FICO. He possesses a BS in Information Technology, with an emphasis on Networking and Security with a double minor in Philosophy and Humanities.
Ryan has appeared on ABC News, Business Insider, FOX, Tech Insider, has been quoted in Los Angeles Times, Bringmethenews, the Star Tribune, CSO Online, and regularly speaks at many different security events.
Kirk Hughes RN, FF/EMT, CSPI. He is a Registered Nurse working as a Certified Specialist in Poison Information and Education Director for the Minnesota Poison Control System since 2000. He has been a Firefighter/EMT for the last 25 years and current serves as a member of the City of Ramsey Fire Department, EMS training officer for Lexington Fire Department and is recently retired from the Brooklyn Park Fire Department. Kirk also works as an Investigator for the Hennepin Medical Examiner’s Office. He is a certified Advanced Hazmat Life Support Instructor, Hazmat Technician, and certified in Advanced Medical Life Support. He has been published in multiple publications including; The Journal of Perinatology and The Journal of Clinical Toxicology
Topics & Speakers Day 2:
FBI Cyber Breach Case Study
Mr. Rank and Agent Behm will discuss a recent case involving a former IT employee of an international railroad who hacked into the railroad’s computer system, used administrator credentials to gain access to the computers that controlled the network traffic for the entire railroad, and deleted all passwords which allowed the railroad to access those computers. Mr. Rank and Agent Behm will also discuss some of lessons learned from that case, including, in particular, best practices for logging and preserving evidence for investigation and possible criminal prosecution of cyber incidents.
Timothy Rank & Brian Behm
Timothy Rank is an Assistant United States Attorney and Deputy Criminal Chief overseeing the Fraud and Public Corruption Section of the United States Attorney’s Office for the District of Minnesota. Mr. Rank prosecutes cases involving complex financial fraud, public corruption, and cybercrime. Mr. Rank is also a Computer Hacking and Intellectual Property Coordinator and the National Security Cybercrime Specialist for the Minnesota US Attorney’s Office.
Prior to joining the US Attorney’s Office in 2004, Mr. Rank was an Assistant Attorney General for the State of Minnesota and Manager of the Criminal Division of the Minnesota Attorney General’s Office, where he prosecuted felonies in counties throughout the state of Minnesota, primarily in the areas of homicide, major narcotics offenses, and Internet crimes against children. Mr. Rank worked for the Attorney General’s Office from 1998 to 2004.
Mr. Rank started his legal career with the Minneapolis law firm Faegre & Benson, where he worked in the Business Litigation Section from 1994 to 1998.
Mr. Rank is a graduate of both the University of Minnesota and the University of Minnesota Law School, where he served as an Editor on the Law Review. He was a law clerk to the Honorable Will Garwood on the United States Court of Appeals for the Fifth Circuit from 1993 to 1994.
Brian Behm has worked as a Special Agent for the FBI for over 14 years, with the last 3+ years spent investigating cyber matters in the Minneapolis Field Office.
Easiest Catch: Don't Be Another Fish in the Dark Net
You've read the headlines. Unfortunately, the question now is not if your information is going to be accessed or stolen, but when. To inform the attendees of current developments in the digital underground as well as provide realistic advice for cyber protection, Mark Lanterman will be discussing recent high-profile cybercrime events, including website breaches impacting security firms, HR departments, courts, law firms, and government agencies. Mark will discuss particularly dangerous types of threats that might affect individuals involving the Dark Web, the Internet of Things, phishing, and Wi-Fi attacks; additionally, Mark will demonstrate the value of leveraging digital evidence and ESI in the courtroom.
Mark Lanterman is the Chief Technology Officer of Computer Forensic Services. Mark was sworn member of the U.S. Secret Service Electronic Crimes Task Force. Mark has 28 years of security and forensic experience and has testified in over 2000 cases. He is faculty at the University of Minnesota, the University of St. Thomas
School of Law, Mitchell Hamline Law School, the National Judicial College in Reno, Nevada and the Federal Judicial Center in Washington, DC. Mark is a member of the Minnesota Lawyers Professional Responsibility Board. Mark provides regular commentary on national print and broadcast media.
Cyber Range - Ransomware Compromise Scenario
Presentation Summary MN Cyber Range is a world-class training and simulation platform located in St. Paul that uses real-world scenarios and innovative technologies to ensure your cyber defense teams have the knowledge and experience they need to protect crucial information, systems and operations.
Following are some features of the MN Cyber Range
- Standalone environment for training and for testing skills, technologies, and methodologies
- Training improves individual and team skills while thwarting attacks rather than simply learning a set of cybersecurity tools
- Improvement driven cyber training—extensive debrief capabilities provide impactful activity and timeline analysis highlighting strengths and weaknesses of individuals and teams
- Customized scenarios and network topologies that mimic your own network environment—offers both IT and OT (SCADA) security
- Automated, real or combination red team attacks
- Train anyone (beginner to advanced, technical to executive), anywhere (classroom, on-site), anytime (24/7, 365 days access)
- Multiple virtual classrooms are available that allow multiple teams to simultaneously train on different scenarios
Faisal Kaleem & Jeff Peal
Faisal Kaleem received his Ph.D. degree in electrical engineering from Florida International University. Currently, he is serving as an associate professor in the Department of Information and Computer Sciences at Metropolitan State University as well as a senior fellow at the Technological Leadership Institute at University of Minnesota. Dr. Kaleem is an experienced lifelong cybersecurity practitioner. His research interests include multiple aspects of cybersecurity including forensic education, computer and network security but more specifically in the area of mobile device security, mobile malware analysis and attribution, and mobile forensics. He has established a solid track record in teaching and has received numerous university awards. He continually appears on various local news channels discussing various issues in the area of cybersecurity. He is also a certified trainer and currently holds various industry IT and security certifications.
Jeff Peal is currently serving as the District ISO for the Federal Reserve Bank of Minneapolis. He has over 20 years of IT experience with the last 18 years with the Federal Reserve Bank. Jeff holds a Master’s degree in Information Technology and is currently pursuing his Doctorate in Information Assurance and Security at Capella University.
Developing Digital Forensic Investigative Processes for the Xbox Gaming Console
Electronic crime is conducted on a number of different mediums, having only computers for analysis is a thing of the past. This presentation will focus on how to identify, acquire and analyze digital evidence on the Xbox gaming platform. Further, a new innovative research lab and investigation lab at DSU will be discussed.
Dr. Ashley Podhradsky is an award-winning associate professor of Digital Forensics at Dakota State University in Madison, South Dakota. In addition to her professor role, she also has administrative responsibilities as the coordinator of the Masters of Science in Cyber Defense at DSU. Ashley has been an invited speaker at several events and universities including The Pennsylvania State University, Bureau of Justice Affairs, Women in CyberSecurity, InfraGard and DePaul University among others. Her research and work has been published and highlighted in several leading conferences, journals, radio programs, newscasts, and webisodes. In addition to her academic and professional work, she has a strong passion for increasing gender diversity in cybersecurity. She is the PI and Camp Director for GenCyber: Girls in CybHER Security, a program sponsored by the NSA. Ashley was the recipient of the EmBe 2017 "Young Woman of Achievement", and is a New America Cybersecurity Fellow.
Building Your Own Threat Intelligence Program: What the Marketing Teams Left Out
There is no shortage of blogs, whitepapers, and webinars available on the topic of creating a threat intelligence capability. Unfortunately, many of these materials do not address some of the fundamental concepts and topics needed to make those programs successful long-term and instead focus on technical indicators and technology, such as Threat Intel Platforms. While no two Intel programs will ever be alike, Doug will discuss concepts, models, and considerations to gain (and measure) the Return on Investment of intelligence resources allocated to your security and risk programs?
Doug served for 13 years in the U.S. Air Force planning and leading signals and counterintelligence intelligence collections and operations. After transitioning to the private sector, he continued to pursue his passion for building and maturing intelligence teams.
Doug has lead threat intelligence and threat hunting teams in a global Fortune 10 technology company, launched professional services aimed at maturing intelligence capabilities for Fortune 100 firms for a cyber-intelligence startup, and now leads threat intelligence for Xcel Energy.
Cryptocurrency has been a widely discussed topic across the world over the last few years. Cryptocurrency brings opportunity and risk in today’s fast paced interconnected environment. Brian will share information on the significant risks that we face due to the rapid expansion of these blockchain activities and some ideas about how to prepare for the upcoming changes resulting from this new technology.
Brian Stoeckert, a partner in Stratis Advisory, is a recognized risk management expert with more than 15 years of experience in providing startups through Fortune 500 companies with strategy intelligence, advisory services and witness testimony. At Stratis,he manages an international portfolio of FinTech startups, money service businesses, financial institutions, government agencies, universities, and entertainment companies. Brian has served as an expert witness in domestic and global civil and regulatory matters related to anti-money laundering (AML) and digital currency compliance. He also serves as a consultant to SONY Pictures’ Crackle streaming platform 10-episode series “StartUp.”
Previously, Brian led Booz Allen Hamilton’s San Francisco-based strategy and risk practice, advising boards of directors, audit and compliance committees, and executive management teams of financial institutions, money service businesses and global intelligence firms. Brian has also served as a guest lecturer at New York University’s Law School and Stern School of Business on AML laws, regulations and digital currency compliance, and he is a frequent presenter at global risk, compliance and FinTech conferences. He is a member of the National Association of Corporate Directors, chairman of the ACAMS Chapter Steering Committee, and an executive board member of the award-winning ACAMS Northern California Chapter. Brian received his JD from New York Law School and his BA in Political Science from Stony Brook University. In 2014, he received the university’s Top 40 Under Forty Award.