Skip to main content

Secondary navigation:

Security Camp - Boston College

2020 BC Security Camp Agenda

8:30 am - 5 pm, Thursday, March 5, 2020; SNOW DATE Friday, March 6, 2020

8:30-9:00 am DOORS OPEN, CONTINENTAL BREAKFAST, REGISTRATION

 

9:00 - 9:15 am

INTRODUCTION AND WELCOME

Michael Bourque
VP, Information Technology
Boston College
 
9:15-10:00 am

PANEL: SHARING INFORMATION SECURITY RESOURCES AMONG SMALL COLLEGES

Sharing information security resources, whether staff, technology, or information, is one way for small colleges to keep costs down while building mutually beneficial relationships with peer institutions. There are both formal and informal approaches to this, and our panelists have deep experience in both. Have you wondered how a shared resource arrangement would work? This session will explore formal resource sharing arrangements between institutions (staff, technology) as well as informal sharing of information and best practices in various venues. We hope you’ll get a few ideas to take back to your institution to foster more sharing and maybe even explore a new sharing relationship with another institution.

Moderator:
Bryce Cunningham

Mass College of Art and Design & Wentworth Institute of Technology

Panelists:

Dylan Bukaweski
Providence College

Sherry Horeanopoulos
Fitchburg State University

Ben Marsden, Smith College

Chris Woods

Mount Holyoke College

10:00-10:30 am COFFEE  

10:30-11:15 am

DANGEROUS LIAISONS: SECURING ACTIVE DIRECTORY AT HARVARD

This talk focuses on our 3-year effort to secure Harvard’s Active Directory from sophisticated attackers. We talk through a typical attack and what it looks like using Bloodhound. We then dive into the specific areas that we focused on implementing such as PAWs, PKI, Smart Cards, and a RED forest.

Aidan McCarthy
Harvard University

Joel Nentwich
Harvard University

11:15-12:00 pm

PROVIDING SECURITY TOOLS TO THE UNIVERSITY

We present information security tools that we have created for trouble-shooting firewall problems, requesting firewall rules, reporting phishing emails and more.

Phil Deneault
Boston College
12:00-1:00 pm LUNCH  
1:00-1:45 pm

VULNERABILITY DISCLOSURE PROGRAM

In this presentation we will share our journey in standing up a crowdsourced vulnerability reporting program. Expect to learn our processes, tools and metrics.

Harvard University

1:45-2:30 pm

PANEL: LOG ANALYSIS FOR BIG DATASETS

All new regulations and programs want us to keep logs... some for a relatively long time.  That’s a lot of data! This panel will touch on what people are doing to deal with large log/event volumes. Maybe some new tools for searching. Or new ideas for storing. Or novel approaches to storage, search, and deletion.

Moderator: Siobhan Kelleher
Tufts University

Panelists:

Patrick Cain, Cooper-Cain Associates & APWG

Doug Downham,
University of Massachusetts Amherst

David Marion
Bridgewater State University

Paul Nash
Harvard University

2:30-3:15 pm

AMERICAN SUPERCONDUCTOR / IP PROTECTION

The FBI will discuss the insider threat case and theft of trade secrets at American Superconductor.

Scott P. McGaunn
Special Agent, FBI
3:15-3:45 pm AFTERNOON SNACKS  
3:45-4:30 pm

DO-IT-YOURSELF PCI

We have experience at BC with the PCI Internal Security Assessor (ISA) program. The program is intended to enhance the quality of internal PCI self-assessments. This talk will review how the ISA certification has helped us manage PCI compliance at BC.

David Millar
Boston College
Credots
ISACA