April 9, 2024
Workshop
1:00 pm - 5:00 pm
OSINT Workshop at RH-ISAC Summit
Join fellow SOC analysts, engineers, and tactical incident response teams for a four-hour SANS Workshop, focused on open-source intelligence (OSINT) and incident handling.
This workshop enables participants to sharpen their skills using practical, real-world tools and techniques for conducting incident response investigations...
Networking Event
5:00 pm - 7:00 pm
Welcome Reception
Welcome to the 2024 RH-ISAC Cyber Intelligence Summit! Come say hello to old friends, meet new peers, and help kick off the 2024 conference on the Denver City Terrace.
Open to all RH-ISAC Summit attendees. No additional registration is required.
Networking Event
7:00 pm - 10:00 pm
Private | CISO Dinner
The RH-ISAC CISO Dinner is an invite-only event for select CISOs and special guests of the 2024 RH-ISAC Summit.
April 10, 2024
Keynote
8:45 am - 9:45 am
Opening Remarks & Keynote: A Decade in Cybersecurity: The RH-ISAC Eras Tour
Challenges surmounted, victories achieved, and warp speed shifts in the cyber threat landscape navigated: There’s no doubt the last decade set the foundation for the strong and collaborative RH-ISAC community that we see today. In this keynote, you’ll hear compelling stories of intelligence sharing, and the teamwork and inno...
Breakout Session
11:15 am - 11:45 am
The Evolving Cyber & Technology Policy Landscape: Implications for Information Security Teams
Federal, state and international policymakers continue to be active in developing new laws and regulations that have direct operational impacts on private sector CISOs and members of their teams. The SEC cybersecurity rule, now in effect, is compelling public companies to adjust their incident reporting and governance procedures...
Brown Bag Lunch
12:00 pm - 12:45 pm
LUNCH: Brown Bag Featured Discussions
Grab a sack lunch and find a group to sit with based on a topic of interest. This casual forum allows for free-flowing discussion with fellow practitioners and peers. We’ll have tables assigned with discussion leaders to facilitate conversation on topics from Working Groups and Security Collaboration Efforts such as:
Fraud:...
Private Session
1:15 pm - 4:00 pm
Closed-Door CISO Meeting
*SESSION BEGINS AT 1:00 P.M.*
PRIVATE SESSION: Open to CISOs Only.
This extended breakout session will cover a series of discussion topics as selected by the RH-ISAC's CISO Working Group. Topics may include key challenges and priorities with titles such as:
Leadership Perspective: When Neighbors Are Under Attack
Th...
Breakout Session
1:15 pm - 1:45 pm
Risky Business: Examining the Operational Benefits of Enhanced Collaboration Between Cyber Risk Management & CTI Functions
Now, more than ever, information security practitioners are expected to continually balance strategies for addressing a rapidly evolving cyber threat landscape against the need to meet business objectives with limited disruption. Risk management teams are critical in helping business leaders understand the organization’s risk ...
Breakout Session
2:15 pm - 2:45 pm
Take Your Incident Response Plan to the Next Level
A good incident response plan can improve your efficiency and greatly reduce the stress involved when dealing with a significant incident. But as cybersecurity professionals, it’s easy to get tunnel vision on the technical details of a situation, potentially missing aspects of the bigger picture. And when your business is disr...
Breakout Session
2:15 pm - 2:45 pm
Beyond the Hype – How our Threat Research Team Used Large Language Models to Enhance our CTI Activities
The launch of ChatGPT in late 2022 sparked considerable hype for generative AI chatbots. It is based on a large language model (LLM), an AI model that has been trained on a large corpus of text and built an understanding of language.
In threat intelligence, we often deal with human readable information, which unlike mac...
Sponsored By: Netacea
Private Session
2:15 pm - 2:45 pm
STORM-0539: The Silent Gift Card Heist | TLP:RED – Core Members Only
Storm-0539 is an unclassified threat actor labeled by Microsoft that has targeted the retail, software, and gaming industries. This talk is an analysis of the Tactics, Techniques and Procedures (TTPs) and objectives the actor carries out on its target. We’ll also delve into their primary motivation, which appears to be retaini...
Private Session
2:15 pm - 4:00 pm
Closed-Door CISO Meeting (Cont.)
PRIVATE SESSION: Open to CISOs Only.
This extended breakout session will cover a series of discussion topics as selected by the RH-ISAC's CISO Working Group. Topics may include key challenges and priorities with titles such as:
Leadership Perspective: When Neighbors Are Under Attack
The Effect of Solarwinds' Lawsuit o...
Breakout Session
3:15 pm - 4:00 pm
Situational Awareness: Protecting the Unknown
How can you apply security controls to assets that you are unaware of? This presentation will delve into the genesis and evolution of a novel approach to enhancing situational awareness for corporate assets. The central theme revolves around the creation of a semi-quantitative C-Suite report metric, incorporating a custom weight...
Breakout Session
3:15 pm - 4:00 pm
Catphish: Infiltrating an International Refund Fraud Operation
In the summer of 2023, a refund fraud threat actor attempted to recruit a SHEIN customer service employee to facilitate large amounts of refund requests. SHEIN CTI assumed the identity of the targeted employee, and conducted a month-long operation to gather information from the threat actor. During this investigation, the innerw...
Keynote
4:15 pm - 5:00 pm
Closing Keynote: S.E.ing IRL & with A.I. & Defending Against It With Q.I.
We will look at a real-life successful bank robbery captured on video to see what went right & wrong that led to the bank to be compromised 15 seconds after I walked in and led to the 100% compromise of every computer in the branch including the server room computers!
We will then dive into how A.I. is being used by cri...
Networking Event
5:00 pm - 6:00 pm
Happy Hour
Celebrate the first day of the RH-ISAC Summit while enjoying light snacks and drinks!
April 11, 2024
Keynote
9:00 am - 9:45 am
Keynote: Reducing Business Risk with Zero Trust Architecture + AI
Cyber attackers are using AI to generate creative ways to compromise users, as documented in a recent Washington Post article, “Cybersecurity faces a challenge from artificial intelligence’s rise.” Retail & Hospitality organizations must excel at protecting digital assets in the face of these AI-powered cyberthreats. L...
Breakout Session
10:00 am - 10:45 am
Kill Switch to expensive SIEMs
The idea behind this presentation is to provide a fresh insight on how we can overcome challenges encountered with managing a SIEM/Data Lake with growing costs and logging requirements and data retention for compliance purpose, ability to query historical data. We will also discuss how we can secure and control the data routing ...
Breakout Session
10:00 am - 10:45 am
Peer-Benchmarked Threat Resilience Metrics
CISOs need to answer the question “how do we compare with our peers?” Skechers, Canadian Tire and Security Risk Advisors (VECTR.io) will show how to benchmark threat resilience using the shared RH Threat Index. The presenters will share the free testing platform and 2024 test plan for attendees to level-up their metrics ...
Sponsored By: Security Risk Advisors
Breakout Session
11:15 am - 11:45 am
Cyber Resiliency: Preparing the Business for Incident Response
We live in a new normal, with unknowns around every corner and every organization should have a plan for the worst. A traditional cyber-focused incident response plan is no longer enough. A larger business lens will be used for this talk and we’ll discuss the required roles, organizations, critical processes, and more- in as m...
Breakout Session
11:15 am - 11:45 am
Beyond Chat: GPTs & Security Awareness in the Workplace
Resistance is futile! Learn about the past, present, and future of GPT and other Generative AI technologies, as well as how to prepare for them, use them, and reduce the tremendous risk surrounding them. Communication strategies, best practices, and policy recommendations will be discussed in this fun and highly informative pres...
Breakout Session
11:15 am - 11:45 am
Managing Threat Pressure – A Proactive, Data-Driven Approach to Countering Fraud & Product Abuse
The landscape of online threats is constantly evolving as criminals develop new tactics, techniques, and procedures (TTPs) to achieve their goals. These methods can range from simply collecting information to committing fraud, posing a serious risk to businesses and their customers. To combat these threats, organizations must pr...
Sponsored By: Booz Allen Hamilton
Breakout Session
11:15 am - 11:45 am
Malware Protection for OT Equipment
Explore the critical topic of protecting Operational Technology (OT) systems from malware threats.
This presentation covers the unique challenges and solutions for safeguarding OT equipment, including:
Understanding OT Environments
Challenges of deploying OT Malware protection
Detection and Prevention Strat...
Private Session
12:15 pm - 2:15 pm
Dark Web Workshop | TLP:RED – Core Members Only
INVITE ONLY: This session is open to RH-ISAC Core Members Only
The RH-ISAC's Dark Web Working Group is going to host its first hands on workshop during the RH-ISAC Summit. The workshop will cater to all levels of skills and experiences from beginner to advanced. Join us and learn:
1. Everything you need to know about the Dar...
Breakout Session
1:30 pm - 2:15 pm
TPRM “Theater”: Are We Pretending This Actually Works?
Third-party risk management is a multi-billion dollar industry based on arduous questionnaires, human-intensive reviews, and point-in-time risk assessments. But at least it is effective, right? Right? This is not what we found in Kenvue. There is another way. We implemented an automated, model-based TPRM system for cyber risks w...
Breakout Session
1:30 pm - 2:15 pm
Passkey: Because Authentication Should Be Easy & Secure
Over the last year passkeys as a concept has really gained momentum as consumers and organizations alike are assessing what passkeys are and their benefits. The FIDO2/WebAuthn authentication standard is gaining a larger market share, but do employees and consumers know the value of how this standard differs from other ways of se...
Sponsored By: Yubico
Keynote
2:45 pm - 3:30 pm
Closing Keynote: From Crypto Crime to Cyberwar: Stories From the Front Lines
In this fireside chat, WIRED senior cybersecurity writer Andy Greenberg will draw from his latest two books, Tracers in the Dark and Sandworm, to tell stories from the cryptocurrency-fueled criminal underground to the ongoing conflicts in Ukraine and the Middle East. As a reporter who's spent 17 years embedded in the cyber beat,...
Networking
3:30 pm - 4:30 pm
Closing Reception & Prize Drawing
Are you feeling lucky? Did you visit the vendor booths and enter for a chance to win some fun prizes? Help us wrap up the Summit and celebrate another great event at the closing reception - with prizes drawn by our illustrious emcee, Luke Vander Linden....
