“Offense As Defense”

Some of the most important discussions that will take place in 2013 will be around the need for the private sector to become more aggressive in the defense of their systems. Among the many questions to be considered are:

• Since the federal government has not successfully defended private networks from attack, should the private sector be legally authorized to strike back in self defense?
• Where’s the line drawn between vigilantism and appropriate proportional response?
• Does Title 18 need to be modified to permit companies to adopt an active defense posture?
• What are the national and international legal issues?
• Is this a necessary change or a terrible idea?
• How does the increasingly lucrative market for offensive malware affect the active defense movement?

These questions and more will be examined and debated at Suits and Spooks DC to be held at the Waterview Conference Center in Arlington, VA on February 8-9, 2013. We’ll be inviting industry veterans, government officials, hackers, lawyers, Special Operations Forces personnel, and security researchers to join in the discussion along with our registered attendees.

Speakers

• Mr. Dmitri Alperovich, Co-founder and CTO of CrowdStrike; former Vice President of Threat Research at McAfee
• Mr. David Aucsmith, Sr. Director, Microsoft Institute of Advanced Technologies for Governments and a member of the technical advisory board of the NSA.
• Mr. Stewart A. Baker, Partner, Steptoe & Johnson; former Assistant Secretary for Policy, U.S. Department of Homeland Security where he was responsible for policy analysis across the Department, as well as for the Department’s international affairs, strategic planning and relationships with law enforcement and public advisory committees.
• Mr. Richard Bejtlich, Chief Security Officer, Mandiant; former Director of Incident Response and leader of GE’s Computer Incident Response Team.
• Dr. Boldizsár “Boldi” Bencsáth, Associate Professor, Laboratory of Cryptography and Systems Security (CrySyS), Department of Telecommunications, Budapest University of Technology and Economics. Boldi and his team discovered DuQu and have performed an extensive amount of research on offensive malware in the Middle East.
• Mr. Robert Bigman, Security consultant who formerly served for 15 years as the Chief Information Security Officer at the Central Intelligence Agency.
• Mr. Frank J. Cilluffo, Director, Homeland Security Policy Institute at George Washington University. Mr. Cilluffo served as Special Assistant to the President for Homeland Security during the Bush administration. During his White House tenure, Mr. Cilluffo was a Principal Advisor to U.S. Secretary of Homeland Security Tom Ridge and Directed the President’s Homeland Security Advisory Council.
• Mr. Josh Corman: Director of Security Intelligence, Akamai.
• Mr. David Dittrich: Research Scientist/Engineer Principal at the University of Washington, Applied Physics Laboratory; Chief Legal and Ethics Officer of the Honeynet Project
• Mr. Robert J. DuBois: Retired U.S. Navy SEAL; Smart Power authority; author “Powerful Peace” (2012)
• Mr. Brandon Dunlap: Managing Director of Research at Brightfly, Inc.
• Mr. David Etue: Vice President, Corporate Development Strategy at SafeNet.
• Donato Ferrante: Co-Founder and Security Researcher, ReVuln (a European based company focusing on security solutions and vulnerability research). Former Security Researcher at Research In Motion (BlackBerry)
• Dr. Anup Ghosh: Founder and CEO at Invincea; formerly Senior Scientist and Program Manager in the Advanced Technology Office of the Defense Advanced Research Projects Agency (DARPA)
• Mr. William Gragido: Senior Manager, RSA FirstWatch Threat Research
• Brig. Gen. Jim Jaeger (USAF, ret.): Vice President of Network Defense & Forensic Services, General Dynamics, Fidelis Cybersecurity Solutions; formerly Director of Intelligence (J2), Atlantic Command
• Dr. Catherine Lotrionte: Director of the Institute for Law, Science + Global Security, Georgetown University. Dr. Lotrionte teaches courses on national security law, U.S. intelligence law, and international law.
• Ms. Khatuna Mshvidobadze: Senior Associate, Georgian Security Analysis Center
• Mr. Marco Obiso: Cybersecurity Coordinator, International Telecommunications Union (ITU)
• Mr. Gunter Ollmann: Chief Technology Officer, IOActive ; formerly Chief Technology Officer at Damballa Labs
• Mr. Roel Schouwenberg: Senior Anti-Malware Researcher, Kaspersky Lab Global Research & Analysis Team
• Mr. Nick Selby: Police Officer, DFW Area Department of Public Safety; Partner, Enterprise Security at N4Struct, Inc.
• Ambassador David J. Smith (ret.): Director, Georgian Security Analysis Center, GFSIS
• Mr. Spencer Wilcox: Spencer Wilcox is Lead Security Strategist and Special Assistant to the Vice President of Corporate and Information Security Services for Exelon Corporation, the leading U.S. competitive energy provider
• The Grugq: The Grugq is an alias for a security engineer based in Thailand
• The Jester aka th3j35t3r: “Hacktivist for good. Obstructing the lines of communication for terrorists, sympathizers, fixers, facilitators, oppressive regimes and other general bad guys.” Jester’s appearance will be via IRC chat during one of the breakout sessions.

Sponsors

Agenda

A revised draft of the agenda is now available (1/2/13).

Venue

• Friday, February 8, 2013: 9:30am – 6pm; Saturday, February 9, 2013: 9:30am – 3:30pm
• The Waterview Conference Center in the Rosslyn neighborhood of Arlington, VA.
• Hotel accommodations (special conference rate) at the adjacent Le Meridien Arlington.

This two day venue will be a combination of plenary presentations and break-out labs. A continental breakfast and box lunch will be served both days. 

REGISTRATION CLOSED