The Cyber Defense & Threat Landscape Track is designed to provide IT practitioners and leaders alike with a perspective on emerging and active information security threats, how to detect them, and how to defend against them. This track focuses on the latest information from the leaders in information threat detection. Presentations will cover all threat forms, whether technical or human, and provide strategies for coping with these ever-changing challenges.

TH1 – The Effects of Zero-Day Attacks

Trevor Smith & Michael Poczobut

Zero-Day attacks have been filling the news over the past year. Ransomware like Cryptolocker and Locky are rampant, and their devastating effects are felt by organizations of all sizes. How are these attacks taking place? Learn by reviewing the analysis of some of the most noteworthy attacks of this year. Next, dive into what you can do as an organization to prevent zero-day attacks though technology and end-user training with Blue Cross Blue Shield Vermont’s Information Security Officer, Michael Poczobut.


Trevor Smith, Executive Vice President of Brite, brings more than 15 years of experience in cyber security to the team. He has helped evolve Brite from a whitebox manufacturer to a thought leader in the data and network security industry. While at Brite, Trevor has worked with numerous Fortune 500 companies to design, recommend and implement essential information technology solutions.

Michael Poczobut, Information Security Officer for BlueCross BlueShield of VT, has 14+ Years in Information Technology and is a Veteran Solution and Security Architect with expertise in requirement gathering, analysis, application design, and coding. Michael leads the Information Security Department, whose responsibility is to research, develop, implement, test and review BCBSVT’s information security in order to protect member information and prevent unauthorized access.

TH2 – Next Step in Cyber Defense & Response

Len Rosenberg

With the number of devices estimated to grow from 5 billion today to 30 billion by 2020, the number of potential entry points for cyber attackers will grow as well. Every day it seems there is another breach being reported, supporting the IDC prediction that “Within two years, 90% of all IT networks will have an IoT-based security breach”. With these types of statistics and stories, how can companies protect themselves against the bad guys? During this presentation, we will dive into the options companies have for gaining visibility into their assets and how they can best protect them.


With more than 15 years of experience in security engineering, including 10 years at ForeScout, Len is well-versed in cybersecurity technologies, information security, risk mitigation strategies, vulnerability assessments and security incident response. He uses this broad expertise to address the cybersecurity needs of corporate and government organizations. At ForeScout, Len is responsible for building, mentoring and leading global teams of highly skilled, pre-sales technical personnel. He holds certifications in CISSP (ISSMP), Certified Information Systems Auditor and FSCE #13.

TH3 – Public Sector Cybersecurity – Do We Really Have to Worry?

Daniel Whalen

Understanding how cybercriminals are threatening security is the first step to securing your information and your company’s goals. From social media vulnerabilities to digital extortion, the 2016 Symantec Internet Security Threat Report (ISTR) leverages an unparalleled amount of data and is the resource needed to quickly uncover digital threats. We will drill-down into some of the finer points of the “Key Findings” and offer solutions to combat cyber threats including:

  • Discussion around the historical events that lead to our current environment where “I’ve been hacked” is the new norm
  • Internet of Things (IoT) and its impact on Corporations and ME
  • Why my current defenses are falling short and not protecting my organization
  • Practical implementation of tools & practices to reduce risk, and what I can do to be better protected.


Dan Whalen is a principal security analyst for Symantec’s Managed Security Services. He has spent the past three years on the front lines of threat landscape and has gained valuable insight into attacker techniques and defensive strategies. Dan is also a RIT grad and an active member of the information security community.

Providing security as a service to organizations requires a diverse skillset, so Dan has developed expertise in incident handling, pentesting, and reverse-engineering. He is constantly hungry for learning, and is passionate about sharing insights with his colleagues and the greater security community.

When he is not combating cyberattacks, Dan enjoys progressive metal, PC gaming, and CTF challenges.

TH4 – SIEM Best Practices and Integration Strategies

Steve Lay

It takes minutes for cybercriminals to compromise networks. Additionally, organizations often detect cyberattacks weeks or months after the event. An SIEM approach addresses issues and allows actionable visibility. Close the widening gap of compromise discovery by implementing the latest strategies of SIEM and security intelligence platforms.


With over ten years of experience in the IT security field, Steve is the national security software architect for Sirius. For the last six years, his main focus has been helping clients find effective and integrated security software solutions across IAM, SIEM and data security platforms. Steve has spent countless hours researching and developing SIEM best-practice workshops designed to help clients understand the true value of SIEM solutions and how to make effective use of them, even with limited resources. He continues to gain experience in client-facing support and focuses on customer satisfaction and developing trusted relationships.

In 1999, he began his career at IBM working in IT operations and security; there, he managed large software development labs and data centers. Additionally, Steve spent several years architecting, delivering and supporting identity and access-management solutions for clients in North and South America.

TH5 – Penetration Testing and Shooting Fish in a Barrel

Kevin Wilkins

“Penetration Testing” is an often misunderstood term in Information Security. Sometimes a Penetration Test is requested without fully understanding the scope that will be involved. It is often misused as a buzzword or a catchall for any type of external security analysis.


Kevin Wilkins is the Chief Technology Officer (CTO) at iSECURE LLC. Mr. Wilkins oversees the implementations of Network Security product portfolios specializing in the heavily regulated environments such as PCI, SOX, HIPPA/HITECH. Mr. Wilkins has been in the IT industry since 1998 and has had extensive operational experience in Network Engineering, Systems Administration, Telecommunications, and Information Security.