WiCyS Workshops 2018

 

Workshop 1.1

Title: Recruiting Cybersecurity Talent: A workshop for hiring managers and external recruiters

Presenters: Deidre Diamond (CyberSN) and Kennedy Kyle (CyberSN)

Description: Cybersecurity professionals know that recruiters don’t speak the language of cybersecurity. There are 35 job categories in cybersecurity and our community posts the same five descriptions for all of our job postings. In order to attract talented candidates in a market that has several hundred thousand unfilled openings, one must understand how to market to cybersecurity professionals. This workshop will discuss ways to market your organizations career openings to recruit the best cybersecurity experts, and will conclude by drafting effective job descriptions.

Audience: HR and Recruiting Professionals

Stipend/Incentive: N/A

Special Skills Required: None

Laptop Requirements: None

Date/time: Thursday 2:00-4:00

 

Workshop 1.2

Title: Threat Intelligence: Beyond the Basic

Presenters: Rachel.Giacobozzi (Target Inc.) and Breanna.Laconic (Target Inc.)

Description: This workshop will focus on analyzing internal phishing and network indicators of compromise (IOCs) to find patterns for detection and blocking. The phishing portion starts with the types of IOCs that can be tracked from phishing emails, how to create a template that can be used for tracking over time, and the internal and external uses for the information. The network portion focuses on how to track network IOCs, IOC pivoting, and how use your results for detection and blocking.

Audience: Anyone

Stipend/Incentive: N/A

Special Skills Required: None

Laptop Requirements: Bring their own

Date/time: Thursday 2:00-4:00

 

Workshop 1.3

Title: Introduction to iOS Application Security Testing

Presenters: Dawn Isabel (IOActive) and Jessica Sexton (IOActive)

Description: This workshop will introduce fundamentals of iOS application security testing. Topics include  understanding the structure of iOS application packages, App Store encryption, examining the application binary, and collecting information about the application’s attack surface, application data, location of sensitive data, and clues that indicate an application may not be handling data securely.  Hands-on exercises will be conducted on sample files with provided tools.Participants will work through exercises focused on straightforward static analysis and review of application artifacts. Participants need to bring a laptop capable of running VirtualBox. No prior mobile or iOS experience is required, but attendees should be comfortable working with tools at the Linux command line.

Audience: Professionals

Stipend/Incentive: N/A

Special Skills Required: Attendees should be comfortable using virtual machines and Linux command line tools

Laptop Requirements: Bring their own

Date/time: Thursday 2:00-4:00

 

 Workshop 1.4

Title:  N00bSec to Cyber-Champion: Hacking the National Cyber League for Success

Presenters: Kaitlyn Bestenheider (Pace University), Elizabeth Molloy (Pace University), Vincente Gomez (Pace University), Michael Lavacca (Bloomberg) and Andreea Cotoranu (Pace University)

Description: This workshop is an introduction to collegiate cybersecurity competitions through the National Cyber League (NCL). Participants will be guided through a Capture-the-Flag style Hack-a-thon using an extensive list of tips and tools that ensure success. By working through hands-on challenges, ranging from Open Source Intel to Cryptography to Network Traffic Analysis and more, participants will gain exposure to the skill sets needed to succeed in NCL. Participants will be able to keep the resources provided in workshop.

Audience: Students and Faculty

Stipend/Incentive: N/A

Special Skills Required: All skill levels welcome

Laptop Requirements: Bring your own

Date/time: Thursday 2:00-4:00

 

Workshop 2.1

Title:  Conducting meaningful research and presenting effectively

Presenters: Anna Trikalinou (Intel), Lily Yang (Intel), Reshma Lal (Intel), Tania Skinner (Intel), Dr. Melissa Dark (Purdue University), Dr. Ann Cox (Department of Homeland Security) and Dr. Celeste Matarazzo (Lawrence Livermore National Laboratory)

Description: This workshop will consist of a one-hour panel discussion followed by one-hour small group discussions. In the panel, notable professionals and faculty will provide their insights into the most important cybersecurity topics for research and analysis. They will also offer advice on how to conduct and present your research to different audiences, address career challenges (common or specific to a research career), highlight different career paths and the qualities that can make you stand out to advance your career.  Following the panel, you will have the opportunity to personally meet and interact with the panel members, our Intel professionals and the other workshop participants in one-hour smaller group discussions. You will also be given special attention during this part of the workshop to practice your poster presentation interactively in a very supportive environment. You will receive feedback to help you prepare the right pitch for the specific audience.

Audience: Students interested in cybersecurity research careers

Stipend/Incentive: N/A

Special Skills Required: None

Laptop Requirements: None  

Date/time: Thursday 4:30-6:30

 

Workshop 2.2

Title: Building a Home Lab for Malware Analysis

Presenters: Sarah Kern (The MITRE Corporation) and Susie Heilman (The MITRE Corporation)

Description: This workshop will provide a walk-through of how to set up a home-based malware analysis lab with emphasis on best practices for constraining malware to a controlled, isolated environment. Attendees will receive an overview of popular free tools (Procmon, Process Explorer, Regshot, and more) and instruction on how to customize and maintain the environment after initial configuration. There will be opportunity for hands-on experience with behavior monitoring tools and examples of the fundamental artifacts that shed light on malware functionality. All experience levels welcome! Laptop with VirtualBox installed is required. A Windows 7/10 ISO or similar is recommended, though not required.

Audience:

Stipend/Incentive: N/A

Special Skills Required: None

Laptop Requirements: Bring your own

Date/time: Thursday 4:30-6:30

 

Workshop 2.3

Title: Practical Network Forensics

Presenters: Marcelle Lee (LookingGlass Cyber Solutions), Jennie Kam (Cisco) and Ellie Dawn (Cisco)

Description: Analysis of network traffic can provide a wealth of forensic data and is an essential aspect of many fields of cybersecurity work, including incident response, security operations, and malware analysis. Artifacts obtained through network traffic analysis can reveal hacker techniques and methodology, such as use of malware, network traversal, privilege escalation, establishment of persistence, and data exfiltration.  In this hands-on workshop, the participants will use Wireshark to examine custom packet captures showing both “normal” and malicious network activity. Participants will be provided with the captures and solutions that they can apply in their own environments.

Audience: Anyone

Stipend/Incentive: N/A

Special Skills Required: None

Laptop Requirements: Bring your own

Date/time: Thursday 4:30-6:30

 

Workshop 2.4

Title: Cyber Competition to Engage and Inspire

Presenters: Oxana Pelc (Facebook) and Tiffany Benjamin (Facebook)

Description: Cyber competitions draw people in and engage them towards cybersecurity. Want to interact with a new inclusive platform? Come play, engage, inspire and learn how to use for yourself or host your own. Did we also mention there is gonna be awesome Facebook swag and special prizes for the top players?

Audience: Anyone

Stipend/Incentive: Prizes to the top three!

Special Skills Required: CS beginner friendly

Laptop Requirements: Bring your own

Date/time: Thursday 4:30-6:30

 

Workshop 3.1

Title: Teaching Cyber Ethics and Societal Impacts in Introduction Computing Courses

Presenters: Dr. Yesem Kurt Peker (Columbus State University) and Dr. Florence Appel (St. Xavier University)

Description: This workshop is a hands-on faculty development session introducing the Catalyzing Computing and Cybersecurity in Community Colleges (C5) project.  The workshop will present modularized content, lecture materials, active learning exercises, and assessment questions that can be integrated into existing computing courses. Workshop participants will need a WiFi-enabled laptop to download the instructional module and gain access to VirtualBox and an Ubuntu image. All seven instructional modules carry a creative commons license for adoption and adaption, and are available for free download from https://c5colleges.org/index.php/cs-course/module-downloads.

Audience: Faculty

Stipend/Incentive: N/A

Special Skills Required: None

Laptop Requirements: Bring your own

Date/time: Friday 3:45-5:45

 

Workshop 3.2

Title: Adventures in Cyberspace:  Cyber Security Literacy for K-12 and Beyond

Presenters: Julie Rursch (Iowa State University) and Tracy LaVan (Iowa State University)

Description: At Iowa State University, we are embarking on an adventure that few have attempted. We want to share cyber security with all ages and in a way in which they can apply it in their daily lives. In this hands-on workshop, we will share materials from our college course, high school curriculum, video modules and CyberToons, professional development, and our upcoming online lab. All materials are available to instructors free of charge and the participant will leave with access to web sites, printed materials, open-ended and discussion questions, and curricular ideas that can be modified for all ages. Materials are based on information presented in Computer Security Literacy: Staying Safe in a Digital World by Douglas Jacobson and Joseph Idziorek. Resources can be found here: http://www.security-literacy.org/ 

Audience: Anyone

Stipend/Incentive: N/A

Special Skills Required: None

Laptop Requirements: Bring your own

Date/time: Friday 3:45-5:45

 

Workshop 3.3

Title: Hacking Discourses - Exploring Feminist and Critical Theory through Cybersecurity

Presenters: Nathan Fisk (Florida Center for Cybersecurity) and Felice Flake (ScySec LLC)

Description: Finding yourself all too frequently charged with "convincing" resistant students or colleagues that diversity in cybersecurity matters? Stereotypically privileged cybersecurity dudes got you down? Just want to know a little more about feminist social theory? This workshop will explore the intersections between cybersecurity and feminist theory, from hacker history and critical pedagogy to penetration testing and standpoint epistemology. The workshop will provide participants with tools and concepts for deconstructing and resisting the more oppressive elements of cybersecurity culture. As such, this workshop will be broadly applicable for multiple roles and positions within the field of cybersecurity, although will likely be most useful for educators and professionals in training or communications roles.

Audience: Anyone

Stipend/Incentive: N/A

Special Skills Required: None

Laptop Requirements: Bring your own

Date/time: Friday 3:45-5:45

 

Workshop 3.4

Title: Skills and Inspiration for Career Journeys in Cybersecurity

Presenters: Cheryl Whitis  (Raytheon Missile Systems), Kathy Frain (Raytheon Intelligence, Information & Services), Sheila Alvarez  (Raytheon Missile Systems), Kathy O’Donnell (Raytheon Integrated Defense Systems), Mary Ann Waddick (Raytheon Intelligence, Information & Services), Jordan Miller (Raytheon Missile Systems). Facilitator: Felicia Jackson (Raytheon Missile Systems)

Description: Thinking of a career in cybersecurity?  This workshop will share with you 6 (six) multi-generational testimonials from people just starting in a cyber career through senior cyber leadership. This workshop will also discuss the skills required for your transition into the cybersecurity world.  We hope this may inspire you to your own pathway. This workshop will be a very interactive workshop that includes a speed-networking portion to allow for Q&A and personal networking opportunities! 

Audience: Anyone

Stipend/Incentive: N/A

Special Skills Required: Presenters range from first line managers through VP. Each with a unique skillset

Laptop Requirements: Bring your own

Date/time: Friday 3:45-5:45

 

Workshop 4.1

Title: Hunting for Anomalies

Presenters: Fatima Rivera (Google) and Natalie Roe (Google)

Description: Security leaders need to understand their network and have the ability to identify anomalies in traffic that could indicate an active, persistent or past threat. This workshop will introduce the concept of threat hunting.  Various hunting techniques and tools will be discussed and the workshop will culminate with a hands-on exercise.   Attendees will get first-hand lessons-learned from Google security leaders and understand how to apply the practices at their own organization

Audience: Anyone

Stipend/Incentive: N/A

Special Skills Required: None

Laptop Requirements: Bring your own

Date/time: Saturday 2:30-4:30

 

Workshop 4.2

Title: Profiling Cyber Adversaries (Hackers): Introduction to Cyber Intelligence

Presenters: Edna Reid (James Madison University), A.J. Nash (Symantec) and Ali Alison (Symantec)

Description: Cyber intelligence (CYI) is an emerging specialization focusing on the analysis of cyber threats and cyber adversaries to support decision making about cyber security defense and risk management. Profiling and analyzing cyber adversaries are skills that cyber analysts and/or cyber intelligence professionals develop. This workshop introduces strategies and tools that organizations use to conduct cyber threat intelligence as well as how to profile cyber adversaries to identify their motivations, cyber attack patterns, geopolitical situations, and other activities that can be used to help in anticipating their actions. We will conclude with team-based activities such as profiling cyber adversaries and participating in a Symantec cyber analytical challenge.

Audience: Anyone

Stipend/Incentive: N/A

Special Skills Required:  None

Laptop Requirements: Bring your own

Date/time: Saturday 2:30-4:30

 

 

Workshop 4.3

Title: Ethical Hacking Challenge

Presenters: Amanda Bondoc (EC-Council)

Description: This hands-on workshop will demo modules in the Certified Ethical Hacker certificate program, including sniffing and hacking wireless networks.  Each participant will need a laptop with internet connection and the participants will be presented with a competition challenge.  The participant who completes the challenge first will receive a choice of certification package. The package will include eBook, video lectures, iLabs, and testing voucher. The package is valued at $1899.00. All participants will receive access to iLabs for each session participant (30 Day Access).      This hands-on workshop will demo modules in the Certified Ethical Hacker certificate program, including sniffing and hacking wireless networks.  Each participant will need a laptop with internet connection and the participants will be presented with a competition challenge. 

Audience: Anyone

Stipend/Incentive: The participant who completes the challenge first will receive a choice of certification package. The package will include eBook, video lectures, iLabs, and testing voucher. The package is valued at $1899.00. All participants will receive access to iLabs for each session participant (30 Day Access).

Special Skills Required: None

Laptop Requirements: Bring your own

Date/time: Saturday 2:30-4:30

 

Workshop 4.4

Title: Thinking Out of The Box: Using a Cyber Security Mindset to Escape the Room

Presenters: Suzanne Mello-Stark (Worcester Polytechnic Institute), Emily Hao (Worcester Polytechnic Institute) and Maryann Vanvalkenburg (Worcester Polytechnic Institute)

Description: Cyber attacks succeed when resources are exploited and used in a manner contrary to their intended purpose. A cyber security specialist needs to think like an attacker to apply effective defensive strategies. Escape rooms challenge participants to interact with their surroundings to uncover clues. Additionally, puzzles are designed in such a way that participants must work together to find the solution. This workshop introduces an escape room focusing on teaching fundamental principles of cyber security. Participants will learn how an escape room is designed and will be given materials to create their own escape rooms. Participants will also have the opportunity to demo a real escape room. No formal knowledge of cyber security is required.

Audience: Anyone

Stipend/Incentive: N/A

Special Skills Required: None

Laptop Requirements: Bring your own

Date/time: Saturday 2:30-4:30