June 15, 2015 Event

The Changing Partnership Between Cloud Providers and Corporate Security Operations

Security operations have changed dramatically in recent years. Perimeters matter less and less while external threat intelligence and insider risk based intelligence play an ever more prominent role. As more businesses move to the cloud for core systems and applications what is the impact on the role of security operations? How is the relationship between the cloud service provider and corporate security developed in this threat driven security model? How do intelligence driven security operations function in a cloud environment?

Come participate in an engaging conversation with three leading thinkers on this important and timely topic.

This event is free for CSA members and people interested in joining the NY Metro CSA Chapter. Drinks and food will be provided.

A sponsored happy hour will hosted immediately following the event for more discussion and networking opportunity.

Monday, June 15
3:00pm – 6:00pm

One Penn Plaza (34st between 7/8 Aves)
9th Floor
New York, NY 10119

Presentation Abstracts
How Does Cloud Computing Change How We Should Think About Insider Threats
Guy Filippelli, CEO, Red Owl Analytics

As Enterprises embrace Cloud computing the traditional lines of the network perimeter and security are becoming blurred creating new challenges for security professionals as they relate to insider threats. Employees and contractors are no longer accessing data and systems within the walls of environments that the company controls and monitors, but rather are moving in and out of applications with varying protocols and security controls. This creates a far greater challenge in monitoring and managing access to critical corporate data and IP. To ensure a secure and smooth transition to cloud computing, organizations must be vigilant in developing security protocols and implement systems that can identify insider threats before they inflict damage. They must find the balance between embracing the flexibility and cost savings cloud computing enables and the security challenges they present.

The Intersection of Intelligence Driven Security and Cloud Computing
Milan Patel, Managing Director K2 Intelligence

Using intelligence to drive security has become a mission critical element of cyber security. Understanding how the organization is being targeted, why, and by whom will be essential to defend the network in the future. More concisely, know your enemy, understand your weaknesses. As organizations move to the cloud, they will have to pay close attention to how the cloud is utilized for corporate services. Particularly, if the organization chooses to distribute storage and computing between the corporate network and a cloud service provider in a hybrid model. As new cloud models are created risks will evolve.

The Evolution of SOC in Cloud Environments
Mischel Kwon, CEO, Mischel Kwon Associates

Cybersecurity has moved from the focus on the malware, the system, the technical – to the cost, the response, and the effect on the business just as IT has moved to the cloud, hybrid and shared services models. As IT costs are more closely scrutinized, so are the cost of Cybersecurity and the cost of monitoring and responding to incidents. Metrics have changed from time to detect to quality of alert. With more shared infrastructure, threat, hygiene changes the model. This presentation will examines a business forward SOC risk model – examining how to prioritize, communicate, escalate SOC processes and Incident Response based on an actual incident use case.

Speaker Information

Guy Filippelli, CEO, Red Owl Analytics
Prior to founding RedOwl, Guy co-founded Berico Technologies, a software engineering firm, and Praescient Analytics, a data analytics service provider. Guy holds a B.S. in Economics from the United States Military Academy at West Point, and received his B.A. and M.A. in Philosophy, Politics, and Economics from Oxford University. He is a passionate supporter of military veterans, and in 2012 helped launch the COMMIT Foundation, a non-profit that focuses on transitioning top veteran talent to the private sector by fostering mentorship, extending and growing networks, and accelerating veterans into leadership roles post-service.

Milan Patel, Managing Director K2 Intelligence
Before joining K2 Intelligence, Milan served as the FBI Cyber Division’s Chief Technology Officer (CTO) where he was responsible for policy, strategy and the tactical direction of information and operational technologies used in cyber investigations by the FBI’s cyber field operations across all 56 FBI offices in the United States. As CTO he identified the technologies used in incident response and traditional cyber investigations, and implemented technologies used to support interagency cyber threat intelligence sharing within the United States intelligence community – the CIA, NSA, and DHS. Leading a team of senior FBI agents, he was also charged with developing more efficient processes and utilization of the Cyber Division’s enterprise cyber threat management platform.

Most recently, Milan organized and co-led the Joint Requirements Team, facilitated by the White House National Security Council – Cyber Security Directorate, a team charged with creating inter-agency business and technology requirements to address President Obama’s Executive Order 13636, “Improving Critical Infrastructure Cyber Security.” This resulted in the first national cyber incident severity scheme approved by the White House and senior leadership within the United States Intelligence and Federal Law Enforcement Communities and outlines how and when the United States Government will respond to cyber incidents within the United States.

Prior to serving as the FBI Cyber Division’s CTO, Milan was a Supervisory Special Agent at FBI headquarters in Washington DC where his responsibilities included managing enterprise investigations, as well as providing cyber threat briefings to the critical infrastructure sectors organizations. He entered the FBI as a Special Agent in 2003 and over the years has initiated and led high profile, global investigations including those pertaining to Anonymous, Operation Ghost Click (The Rove Digital Investigation), and Silk Road. He has also served as a member of the FBI’s counter terrorism efforts overseas as a senior interrogator under Joint Special Operations Command and as an operator on the FBI’s elite Special Weapons and Tactics Team (SWAT).

He received his B.S. in Computer Science from the New Jersey Institute of Technology

Mischel Kwon, CEO, Mischel Kwon Associates
Mischel Kwon is an IT executive with more than 32 years of experience ranging from application design and development, network architecture and deployment, Information Assurance policy, audit and management, technical defensive security, large wireless system security, to building organizational and national level Computer Emergency/Incident Response/Readiness Teams.

Formerly, Ms. Kwon was named the Director for the United States Computer Emergency Readiness Team (US-CERT) in June 2008 where she spearheaded the organization responsible for analyzing and reducing cyber threats and vulnerabilities in federal networks, disseminating cyber threat warning information and coordinating national incident response activities. In addition, Mischel served as Deputy Director for IT Security Staff at the Department of Justice (DOJ) where she built and deployed the Justice Security Operations Center (JSOC) to monitor and defend the DOJ network against cyber threats. Ms. Kwon also served as Vice President of Public Sector Security for RSA Security.

Ms. Kwon holds a Master of Science in Computer Science and a graduate certificate in Computer Security and Information Assurance. In addition, she serves as an adjunct professor at George Washington University in Washington, DC, where Ms. Kwon also runs the GW Cyber Defense Lab.