Business and Deterrence Tracks

B1 – Code Blue Clear: How One Hospital Survived the Largest Ransomware Attack in History

Reg Harnish

This isn’t just another day in your Emergency Department, it’s the newest threat to patient safety – cybercrime. From ransomware attacks that leave EMRs inaccessible, to sophisticated social engineering schemes, healthcare has been devastated by criminal activity. For the first time – cybersecurity has become life or death.

But just like with healthcare, there’s hope. The very same issues that make us vulnerable may also be our greatest strengths – but only if you know how to manage them.

Join GreyCastle Security as we explore the resilience demonstrated by one hospital after the largest ransomware attack in history. Attendees will learn the hidden risks healthcare organizations face and the cybersecurity tactics that saved patients’ lives.


Reg Harnish is the CEO of GreyCastle Security, a leading cybersecurity risk assessment, advisory and mitigation firm headquartered in Troy, New York.

As CEO of GreyCastle, Reg is responsible for defining and executing the company’s vision. Under his leadership, the company has experienced six consecutive years of triple-digit growth and has received countless industry accolades. Today, GreyCastle Security is working with organizations in nearly every state in the U.S.

Reg is a nationally-recognized speaker and has presented at countless industry events. He was recently recognized as the 2017 Cybersecurity Consultant of the Year by the Cybersecurity Excellence Awards and has been featured in Time, Forbes, CIO Magazine, Dark Reading and others.

Reg is a member of the Forbes Technology Council and a fellow of the National Cybersecurity Institute in Washington, DC.

B2 – Improving Risk Assessments with Cyber Threat Intelligence

Del Russ

Information Security has still not fully matured in its practice of estimating risk; especially when compared to other industries, such as finance and insurance. A primary reason for this is the historical lack of structured, comprehensive and consistent data models for use in categorizing and quantifying cyber threats within risk equations. Many know that using Cyber Threat Intelligence (CTI) can improve management of threats in real-time. However, the value of CTI, yet to be fully realized, is how newly-emerging threat data models have the potential to fix the long-standing problem of quantifying threat likelihood. Ultimately, better risk estimates are now possible – as are discussions of risk that business leaders will find meaningful and valuable.


Del Russ is the founder and Director of The Security Intelligence Center at Xerox Corporation. He and his team provide Tactical, Operational, and Strategic Cyber Threat Intelligence (CTI) services to a global enterprise of IT operations, security, and business leadership teams. His current work passion is in recognizing where business missions benefit from having a better understanding of cyber threats, and in pioneering new solutions to apply CTI insights practically and effectively. Over the past seventeen years, Del has envisioned, created, deployed, and managed numerous operational cyber-security programs, including a 2015 CSO50-award-winning, global cyber-threat response process. In addition to security, his twenty-five years of IT experience includes IT Consulting & Systems Integration, Database Applications Development, Software Engineering, and Solution Architecture. He has serviced clients in multiple industry sectors, including Defense, Finance, Public Sector, Telecom, Healthcare, and Technology Manufacturing. Mr. Russ has a B.S. in Computer Science from the State University at Buffalo, NY, with a minor concentration in Psychology. He has maintained a specialized industry certification in Digital Forensics & Threat Hunting (GCFA) since 2005, and is a CISSP.

B3 – Homegrown Cybersecurity

John Folkerts

Most of the tools you need to build a highly functional and integrated cyber security process are available for free. This presentation will act as an introduction to using Network and Host Security Monitoring tools in a small network environment to help jumpstart your understanding of the NIST Cybersecurity Framework and how it can be used in larger environments.


John has over 20 years of experience working in IT. He is currently Director of Cyber Operations at Conduent. Formerly, John was Deputy CISO at Xerox and was responsible for developing its Cyber Security program and deploying a number of technologies including advanced malware detection, security monitoring services, data loss protection and laptop encryption. John’s previous roles include IT strategist, security architect, and serving as a communications officer in the US Air Force. John has a bachelor’s in Computer Science from Cornell University, a master’s from RIT, and also holds the CISSP certification. John currently lives in Fairport, NY and enjoys music, hiking, DIY projects and meddling with technology in his spare time.

B4 – Security Mindfulness

Dwayne Foley

se·cu·ri·ty mind·ful·ness
/səˈkyo͝orədē/ /ˈmīn(d)f(ə)lnəs/

  1. the quality or state of being aware that you need to build security into your daily practice
  2. the secure state achieved by focusing one’s security awareness on what one controls, used to achieve a secure state and a good night’s sleep

This presentation that will play on the popularity of personal mindfulness and self awareness. It will focus on IT professionals’ responsibilities in understanding the environment they manage, as it relates to securing it. The mindset that security is your responsibility and part of your job function, is not optional. When I talk with IT and business folks and I hear “hey it’s the ‘Security Guy’,” I respond, “I don’t do security, you do”.


Dwayne Foley is a Security Principal at EagleDream Technologies. Dwayne draws from 30 plus years of knowledge and experience gained across all facets of IT, to further security and awareness. Dwayne holds the following certifications CISSP, CISM, SANS GSEC and GPPA.

B5 – Application Security – It’s Not Just for Developers Anymore

Danny Harris

Application security has traditionally fallen on the shoulders of development and IT teams, as organizations tend to view it as a technology issue. However, due to the inherent financial and operational risk that software applications bring to the enterprise, organizations are rethinking their approach.

This talk discusses how application security has become a business risk management concern and examines the gap between an organization’s perceived and actual security efforts. Additionally, it describes security challenges throughout the software development lifecycle (SDLC) and includes high-impact activities, for various roles, that will provide the foundation for a sustainable application security program.


Danny Harris has been an information and application security practitioner for over 20 years. He is knowledgeable in all phases of the secure software development life cycle (SDLC) and is responsible for the creation and delivery of application security training and SDLC programs at Security Innovation. Previous teaching experience includes seven years as an adjunct professor for the Computer Security and Forensic Investigation program at Wilbur Wright College and as a security instructor for the SANS Institute.

Topics of expertise include information security, security policy, metrics, application and network vulnerability assessments, real-time embedded systems programming, intrusion detection, and incident response.

D1 – When Current Security Practices Undermine Cyber Deterrence

Altaz Valani

At its core, building cyber deterrence implies a proactive response to the current cyber threat landscape. Many current approaches, at their root, are unfortunately either focused on the wrong problem or don’t look forward far enough. That leads to a highly reactive posture which defeats the purpose of deterrence. As an industry, we are already witnessing the emergence of Application Security Requirements and Threat Management (ASRTM) as a key component of software security. We identify 6 principles your ASRTM strategy needs to address in order to be effective for cyber deterrence.


Altaz Valani is the Director of Research at Security Compass responsible for managing the overall research vision and team. Prior to joining Security Compass, Altaz was a Senior Research Director in the Application Development Practice at Info-Tech Research Group providing IT managers, directors, and senior managers with guidance and analysis around application development, application rationalization, agile, cloud, mobile, and the SDLC. His other past positions include Senior Manager at KPMG, and various positions where he worked side by side with senior-level stakeholders to drive business value through software development.

D2 – Deterring Cyber Criminals, Penetration Testers, and APT’s with Defense in Depth

Joe Christian

Defense-In-Depth is the concept of protecting a computer network with a series of defensive mechanisms such that if one mechanism fails, another is already in place to thwart an attack. This talk will encompass topics on both offensive and defensive security as efforts to harden computer networks. By exposing offensive security techniques, the listener will gain knowledge about common attack goals and access points into a network. Additionally, holistic defense options will be presented as an attempt to bolster an organization’s overall security. The tactics gained from this talk can be used to limit intrusions from Cyber Criminals, Penetration Testers, and Advanced Persistent Threats (APTs).


Joe Christian is a Security Engineer for Paychex Inc. His primary job responsibilities include vulnerability management and penetration testing. He is also well versed in numerous areas of information security. Prior to Paychex, Joe was a member of the Application Security team at Zappos headquartered in Las Vegas, Nevada. Joe graduated with a B.S. in Information Technology from Nazareth College in Rochester, New York. In addition to working full-time in the field, Joe is in the final phases of completing his MS in Cybersecurity from Utica College. He holds various security certifications including a Security+, CSA+, and GIAC GPEN. When Joe is not working or completing school work, he enjoys participating in bug bounties, reverse engineering code, and visiting warm climates with beaches to escape cold winters.

D3 – The Misnomer of Corporate Cyber Deterrence

Eric J.T. Caballero

The holistic definition of deterrence theory involves applying both defensive and offensive efforts. With ‘denial’ and ‘retaliation’ being complementary parts – can any organization realistically apply “cyber deterrence”? Long studied by the military, deterrence theory cannot be uniformly applied to cyber within the corporate environment. Building cyber offensive capabilities are not realistic endeavors for most organizations and attempts tend to lead to an arms race approach of Mutually Assured Destruction. Join me for a discussion of truths, realizations, risks and actions; a discussion meant to create awareness and direction regarding what can and should be done for the environment and industry you’re in.


Eric is a previous event speaker and is passionate about tech and corporate excellence. With roles that have included Startups, IT Directorships, CIO, Enterprise Architect & Executive Advisory across multiple industries, Eric works to deliver what IT does: “To Equip, Empower & Ensure” so that it can be “Available, Accurate & Anywhere”. Outside of work Eric believes in being engaged within the community and serves on local boards as well as pedaling his bicycle as much as he can for both fundraising events, as well as to keep eating what he wants.

D4 – Full Disclosure

David Frier

This talk will share an understanding of the roles played by hackers, security researchers, and vendor bug bounty programs within the security landscape. Principles of full and responsible disclosure will be discussed. ​Inspired by Holly Turner’s brief talk at Rochester B-Sides in 2016, “How to Hug a Hacker.”


David C Frier, CISSP, CISM, CRISC, CCSK. He is the Client Security Manager for Atos, caring for Xerox’s midrange server collection… but speaks only for himself, not for Atos!

He has been doing Information Security for a dozen years and has been doing IT of one sort or another for Jack Benny’s age.

David is an avid player of poker and Ingress, enthusiastic rider of a Trek.

$FIRST.$LAST@{ |} Not on LinkedIn, but feel free to check my profile at Google+