22 Oct

Cyber Security at Seattle Biz-Tech Summit 2015

By Dan In Apple, Internet of Things, Microsoft, Military, Seattle, Security / No Comments

Please join me at the Cyber Security session in the Seattle Biz-Tech Summit this Saturday, 10/24/15, from 11:00am – 12:30pm, in Room A at the Hyatt Regency Bellevue.

Session Description

We are constantly reminded of the critical importance that Cyber Security plays in our personal and professional lives. From stolen credit card numbers and hacked automobiles to industrial espionage, the motives and opportunities for internet based attacks are so varied that the threats sometimes seem overwhelming. And yet, from the front lines of the war against cyber criminals, the situation isn’t hopeless. Applying information technology best practices, and common sense as a consumer, can help keep your organization out of the spotlight, and your personal data out of the hands of thieves. But the cost of ignorance increases every day. Come learn more about the latest cyber security opportunities from our distinguished panel of experts.

Agenda

Opening remarks by Moderator (~2 minutes)
5 minute slide deck from each panelist (~45 minutes)
Moderated panel discussion
Audience Q&A

Panelists

Stan Bounev, COO, AppBugs
Alexander Gounares, CEO, Polyverse Corporation
Lynn Kasel, CEO, SignalSense
Lawrence I Lerner, President, LERNER Consulting
Yale Li, CTO Chief Scientist of Cyber Security, Huawei
Sean Malone, Director, FusionX
Bob Zollo, President, Avante Technology

Recent Cyber News

Our moderated discussion will connect recent security research, front page news, cutting-edge technology, and best practices for business decision makers and consumers alike.

Security Research

Verizon and Microsoft security reports highlight unpatched systems as a major vector for malware infection and subsequent data compromise. Patching should be easy. Why isn’t it being enforced? How can this low-hanging fruit get addressed?

This report says that users have an average of 26 online accounts protected by just five distinct passwords. What privacy and data risks does password reuse present to consumers and enterprise IT security personnel? What can be done?

Internet of Things

While there is much hype, the reality of IOT security is that lots of devices are being connected using software that wasn’t designed with the current internet threat landscape in mind. What are the privacy, data protection, and personal safety considerations?

International and Government Incidents

What should be the government response to overseas hacking?

Front page news has focused recently on China as the origin of cyber-attacks (see also the Mandiant APT1 report) targeting a variety of private and public sector entities in the US. However, looking beyond the front page, security researchers also point to, for example:

North Korea attacking Sony
Iran attacking US online banking
Eastern Europe organized crime attacking western ATMs (card skimming, etc.)
Sophisticated attack tools developed in Russia
NSA/Snowden revelations

How should Intellectual Property-intensive firms, particularly in globally competitive sectors such as manufacturing, be responding to these threats?

Seattle is also a software and tech hub – should the risk of international attack be a priority, even for small and medium-sized firms? Finally, what do consumers need to know about international card skimming and identity theft syndicates?

Multiple online accounts belonging to CIA Director John Brennan’s were compromised by hackers that pretexted Verizon and AOL. This report also indicates that Brennan forwarded work email to a personal account. What does and Brennan case, as well as the Hillary Clinton email server hack, tell us about the role of user behavior in data security, including when the stakes are high?

Corporate Attacks

Relating to the recent Uber/Lyft corporate espionage news, what role do Non-Disclosure Agreements, user onboarding and off-boarding systems, and corporate training play in achieving a meaningful reduction in opportunistic insider attacks and corporate espionage?

Tim Cook believes that Apple must protect its customers by providing data encryption without a backdoor for law enforcement. Do users even care? Is the national security counter-argument, such as the viewpoint of the FBI, credible?

Audience-Focused Questions

Who in the audience has a device in your pocket that has access to your company’s most valuable assets?
Who in the audience believes that security can be improved if we could only get the user to be more security aware?
How do I know that my system is safe from attack?
Can checklists really help block attackers?
How do I know what assets I have that attackers want to steal?
After an attack is started, what do I do to contain the damage without shutting down the business?

14 Mar

Mobile Computing Revealed – Tonight!

By Dan In Android, Cloud Computing, JW Secure, Microsoft, Mobile Computing, RSA, Seattle, Security, Windows 8 / No Comments

Come check out Mobile Computing Revealed, hosted tonight in Bellevue by Seattle Technical Forum. Event details and registration are here. I’ll be presenting Mobile Health Claims, including two of the demos that we did this year for RSA.

25 May

Conference circuit, 2011

By Dan In Seattle, Security, ToorCon / No Comments

Several are looking interesting:

05 May

Seattle entrepreneurs – connecting the neurons

By Dan In Entrepreneurship, Seattle / No Comments

Just read a great post by Mark Suster on TechCrunch, entitled A Few Key People Really Can Make a Huge Difference, in which he uses the Seattle start-up community as a model for the challenges facing entrepreneurs outside of major hubs such as San Francisco and NYC. Two main themes:

First, the community is dependent upon the engagement of the big technology-savvy companies. In our case, that means Microsoft, Amazon, Starbucks, the cellular companies, etc. He argues that, at this point, the level of engagement isn’t where it needs to be, and that the neurons aren’t all connecting.

From a services opportunity perspective, I doubt that’s the case: personal experience aside, just look at the job postings and you can see that there are big opportunities in selling services in this area. But Suster is a VC, and VCs generally aren’t interested in services opportunities.

As a service provider, I would love to see greater engagment between the major players, both in and outside of the Pacific Northwest, and the Seattle entrepreneur community: more start-ups with more funding means more demand for services. Indeed, I continue to invest time in order to help realize that vision, having volunteered previously with the local IEEE chapter and the Northwest Entrepreneur Network, and currently with the UW Business Plan Competition. But there’s always more that can be done.

The second point main point he makes is that, for a start-up CEO, recruiting the 2 – 3 top people is the main priority. This is an important and timely point because, when the economy is bad, taking a risk at a start-up can be a tough sell.

My perception is that Seattle has enough backlogged demand for technical people that the good ones will always be able to find a job. However, even in good times, Seattle has fought with the perception, especially among out-of-town-based executive-level talent, that the business community is too small to ensure a smooth landing if things don’t work out.

I would say that’s still our main challenge, and it’s seemingly a chicken and egg problem: it only takes a couple of world-class people to get the neurons firing again, connecting the dots in the start-up community, and kick-starting real growth. But those people have to see a critical mass of opportunity in order to be attracted in the first place.

It’s up to the entreprenuers of Seattle to roll out the red carpet.

Let's start the conversation