- This event has passed.
Cloud Security: Breach or Glory – Real-world Experiences of Incident Response in the Cloud
May 1, 2018 @ 11:00 am - 1:00 pm
Note: Our host request we park at the rear of the building. There is ample parking available.
Speaker: David England
Objectives: 1) Gain a deeper understanding of cloud environments and securing them. 2) Understand the threats to cloud environments. 3) Introduce techniques, tactics, and procedures of conducting IR in the cloud.
Background: During World War I, Army Air Corps pilots fought in a new environment, the “Empire of the Cloud”. These heroic men believed “Turn like the devil and shoot straight from the sun” and “Death or glory, it’s all the same”. Now, in this age of information, we are “fighting” in a new cloud and in this new environment, it is Breach or Glory. The cloud presents information security professionals, incident responders, and forensic analysts with new challenges and without proper training, preparation, and tools, our adversaries will be “Aces” and our “dirigibles” of data will be flaming disasters.
We will begin with a discussion of what is the cloud and some of the cloud environments where breaches may occur, such as Amazon Web Services, Microsoft’s Azure, data center hosted servers, and even Dropbox. Without this understanding, we can’t develop the correct techniques to “turn like the devil and shoot straight from the sun”. We will continue with how we can properly secure our clouds without “filling
the skies with flak”.
Next, we will focus on our adversaries and their techniques. We have seen an increase in activity targeting data in cloud environments and the threats are employing more and more sophisticated exploits and targeted malware against us. As information security professionals, we must be cognizant of the changing nature of the threat and how to identify and combat them, as well as assisting management in prioritizing their security initiatives and resources in light of these changes. The discussion will conclude with real-life experiences where security efforts were “flaming dirigible disasters”, lessons learned from these events, and some of incident response TTPs used to properly and thoroughly conduct investigations in these environments.
Speaker Bio:: David England is a Digital Forensics and Incident Response professional with more than 30 years of experience in investigations, information security, and consulting. Since 2001, David has been involved in the investigation of cybercrime, conducting computer forensics in support of complex incidents of fraud, phishing and data breaches. In 2005, he retired from the U.S. Army as a Chief Warrant Officer 3, moved to Huntsville, and began work in the Defense Industrial Base. Dave was instrumental in establishing an InfraGard Chapter in Huntsville and leading it for the first several years of its existence. He was recognized in June 2011 by the Director of the FBI for his efforts.
In 2011, David became an incident response consultant and has conducted many large breach investigations on behalf of businesses, corporations, and attorneys across the globe. He also worked for a managed and secure cloud provider. In late 2017, David joined nou Systems, Inc, a Huntsville-based defense contractor, as a Senior Cyber Analyst.
Make sure your RSVP by April 30th at 8:00am and don’t forget to mark you lunch order.