8:30 Doors Open, Continental Breakfast, Registration
9:00 Introduction & Welcome
9:15 Getting Cozy with Cozy Bear
Nathan Hall, Harvard University
At BC Security Camp last year Nathan spoke about detection and response to APT activity on Harvard systems and plans to mitigate the impact of future attacks. 2016 saw additional APT attacks targeting Harvard and other higher-ed institutions. Come hear about the successes and failures, and the changing tactics of both sides in this cat and mouse game.
10:30 Coffee Break
10:45 Risk Automation
Philip Aldrich, Dell EMC
As two separate companies, Dell and EMC pursued two separate strategies to automate and visualize their risk programs in new and innovative ways. As a combined entity, they have brought these two approaches together into a combine solution, leveraging all the great advancements from each program into an innovative collection of risk automation capabilities.
11:30 Two-step Verification Lessons Learned
Christian Hamer, Sandy Silk Harvard University
How did we get 50,000+ people using Duo two-step verification in two months? We will review our project and talk about some of the critical success factors and lessons learned in rolling this out to the community. We will talk about why we decided to do this, highlight some of the benefits that we’ve seen that may help anyone trying to make a case for two-step and provide a “readiness checklist.”
1:15 Managing Digital Evidence Following the Boston Marathon Bombing
Kevin Swindon, FBI
The briefing will include an overview of the investigative highlights of the Boston Marathon Bombing investigation and will include discussions of digital media evidence collection, trial preparation and testimony. The talk will also provide insight to the audience regarding the digital media handling challenges and investigative strategy surrounding the events of April 15, 2013 and the Boston Marathon Bombing Investigation while highlighting the lessons learned and after action response.
2:30 Attacking Multi-Factor Authentication
Paul Nash, Harvard University
You’ve just deployed multi-factor authentication campus wide - what happens next? The attackers up their game. Paul will discuss attacks against multi-factor authentication that have been seen in the wild and provide some steps that you can take to identify them.
3:15 Life after the Virus Signature: Machine Learning for Identifying Malware
Louw Smith, Boston College
Wherein we ask the questions: What do 200k malware binaries have in common? Can we use that information to find "unknown" malware? And most importantly, can we make the machines do all the work for us? We will briefly talk about the results, methods, and pitfalls of machine learning for malware analysis.
4:00 Cybercrime: The College Edition
Morvareed (Moury) Bidgoli, Pennsylvania State University
The results from two studies that have been conducted with college students on two different campuses will be presented. These studies cover college students’ cybercrime victimization experiences, their online behaviors (i.e., preventative measures), their overall awareness about cybercrimes and cybercrime reporting, and better understanding their decision-making process behind filing a cybercrime report. While we find that college students are not immune to being victims of cybercrimes, there is a disparity between their positive inclination towards cybercrime reporting and their self- efficacy with regards to cybercrime reporting. Our work provides public policy implications. Initiatives need to be taken towards better educating the public about how to formally report cybercrimes since such an action provides valuable information for law enforcement to effectively combat cybercrimes and increases the public’s awareness of the prevalence of cybercrimes as a means to mitigate their future cybercrime risk.