Speaker

Brian Contos

Brian Contos

Chief Strategy Officer, Sevco Security

San Francisco, California, United States

Actions

With two IPOs & eight acquisitions, Brian has helped build some of the most successful security companies in the world. He has over 25 years in the security industry as a security company entrepreneur, board advisor, investor, and author. After getting his start with the Defense Information Systems Agency (DISA) and later Bell Labs, Brian began the process of building security startups and taking multiple companies through successful IPOs and acquisitions, including Riptech, ArcSight, Imperva, McAfee, Solera Networks, Cylance, JASK, Verodin, and Mandiant.

Brian has worked in over 50 countries across six continents. He authored the book Enemy at the Water Cooler and co-authored Physical & Logical Security Convergence with former NSA Deputy Director William Crowell. He was featured in the cyberwar documentary 5 Eyes alongside General Michael Hayden, former NSA, and CIA Director. Brian writes for Forbes and regularly presents at conferences like Black Hat, RSA, OWASP, and BSides.

Area of Expertise

  • Business & Management
  • Energy & Basic Resources
  • Government, Social Sector & Education
  • Information & Communications Technology
  • Manufacturing & Industrial Materials

Topics

  • Cyberwar
  • Cybercrime
  • Cybersecurity
  • IoT
  • Asset Intelligence
  • Hacking
  • Technology Startups
  • Information Technology
  • network security
  • Computer Security
  • Information Security
  • Information Security Governance and Risk
  • InfoSec
  • Technical Leadership

Hacking Demos & Security Fails: 4 million assets analyzed across 4 years

Do you want to see a cloud application and an industrial robot hacked? Well then, strap in because you’ve come to the right place. We’ll also explore the top 10 security failures observed by analyzing four million assets across four years and stories from the trenches that will engage and enrage. We’ll define vendor-agnostic methodologies you can employ to mitigate these top security failures, impress your boss, and make new friends, even Stephanie in IT operations, who despises everyone.

Dark allies from the nightmare dimension, on an unholy crusade, have assembled a variety of hacking demonstrations for your education and amusement. But beyond the hacking, you’ll glean hidden mysteries exposed by analyzing millions of assets. What types of mysteries do you ask? Here’s a sneak peek: when securing assets, most organizations have done just enough to survive but not enough to matter.

From inventories from hell and broken EDR to vulnerable ephemeral cloud assets and advanced persistent auditors, this presentation investigates the top 10 security fails commonly attributed to poor asset intelligence. Real-life cases will be exposed to help illustrate the pervasiveness of these issues across a multitude of organizational types and security budgets.

Vendor-agnostic mitigation strategies applicable to talent, techniques, and technology will be shared. You can use these strategies across discovery, prevention, detection, and response. Nation-states and cybercriminals want you to fight today’s threats with yesterday’s strategies. Cybercriminals have monetized attacks on your assets, and nation-states have built multi-million-dollar tools to target them, maintain persistence, and evade detection. These bad actors count on you being passive and want you to fail. Disappoint them!

Attendee Takeaways

- Observe cloud applications and xIoT devices being compromised.
- Understand the top 10 security fails.
- Explore stories from the trenches across diverse business verticals.
- Learn strategies that you can apply to help mitigate these threats.

This presentation is entertaining, educational, and designed for attendees at all technical levels. However, having an intermediate level of security expertise is recommended. I can deliver this talk for 30, 45, or 60 minutes.

Brian Contos

Chief Strategy Officer, Sevco Security

San Francisco, California, United States

Actions

Please note that Sessionize is not responsible for the accuracy or validity of the data provided by speakers. If you suspect this profile to be fake or spam, please let us know.

Jump to top