Attendees will leave session with entirely new approach for securing their networks from advanced adversaries
ATLANTA and BLACK HAT, July 28, 2014 – Tom Cross, director of security research at Lancope, Inc., a leader in network visibility and security intelligence, will present next week at Black Hat 2014 in Las Vegas. He will deliver a session entitled “The Library of Sparta” with co-presenters David Raymond and Greg Conti, who are both associate professors at the United States Military Academy at West Point. The presentation is taking place on Wednesday, August 6 at 10:15 a.m. PDT, and will discuss how military doctrine can be applied to the problem of cyber security from both an offensive and defensive perspective.
“Classical military doctrine is a veritable gold mine of new insights into the process of attacking and defending computer networks,” said Tom Cross, director of security research for Lancope. “For example, the ‘kill chain’ has been a highly influential concept among computer security practitioners as a way of thinking about the stages of a sophisticated, targeted attack on a computer network. There are a variety of other doctrinal concepts that can provide similar kinds of insight. At Black Hat, we plan to review these concepts and encourage conference attendees to dig deeper.”
In an effort to up-level security discussions, many people in the computer security community use words like “OPSEC,” “kill chain” and “intelligence-driven” without fully understanding the underlying concepts. This talk will ensure that participants know what these terms mean, and more importantly, how they can be used to keep valuable network assets and data out of the hands of state-sponsored attackers. The talk will cover topics including: deception, operations security, cyber terrain analysis, the intelligence analysis process, intel gain/loss calculations, and the OODA Loop, among many others.
“Conventional wisdom at Black Hat is that the attacker will always win,” added Cross. “This session will help defenders generate the intelligence, information and disinformation advantage necessary to turn the tables.”
Tom Cross heads up Lancope’s StealthWatch® Labs security research team. He has over a decade of experience as a computer security researcher and thought leader, and is credited with discovering a number of critical security vulnerabilities in enterprise-class software. He previously served as the manager of X-Force Research at IBM Internet Security Systems, and frequently speaks at security conferences around the world.
About Lancope Lancope, Inc. is a leading provider of network visibility and security intelligence to defend enterprises against today’s top threats. By collecting and analyzing NetFlow, IPFIX and other types of flow data, Lancope’s StealthWatch® System helps organizations quickly detect a wide range of attacks from APTs and DDoS to zero-day malware and insider threats. Through pervasive insight across distributed networks, including mobile, identity and application awareness, Lancope accelerates incident response, improves forensic investigations and reduces enterprise risk. Lancope’s security capabilities are continuously enhanced with threat intelligence from the StealthWatch Labs research team. For more information, visit www.lancope.com.