David B. Pickens

MCSA w/Security, MCITP, Security+, Server+, CCNA, Network+, A+
Home
Resume
About
Blog
Contact
My Sabbatical Blog
May 24

Midwest InfaGard SuperConference 2010 May 19-20, 2010
I was able to attend the Midwest InfaGard SuperConference 2010 May 19-20, 2010 which had a theme of "How We are All Connected".  This conference was located at the Kalahari Resort Wisconsin Dells.  It was a great opportunity to network with security professionals from Minnesota, Wisconsin and Illinois.  There were some great presentations. 
 
Wednesday, May 19th
6:00 pm - 7:00 pm – Ali Pabrai, CEO of ecfirst
Topic: Getting Started with ISO/IEC 27000 – A Global Information Security Framework
This executive brief focused on the two standards that influence information security initiatives worldwide, the ISO 27001 and ISO 27002. The ISO 27001 International Standard is about requirements related to security techniques for information technology and information security management systems. The ISO 27002 International Standard was developed to provide a model for establishing, implementing, operating, monitoring, reviewing, maintaining and improving an ISMS.
 
7:15 pm - 8:15 pm Jonathan Watson, Analyst for Federal Bureau of Investigation
Topic: Introduction to al-Shabaab
This presentation examined al-Shabaab, a Somalia-based Islamist terrorist group responsible for beheadings, suicide bombings, and recruiting young men in Minneapolis to fight jihad in East Africa. This unclassified presentation discussed the failed state of Somalia, links to East Africa al-Qa’ida, and al-Shabaab’s use of the Internet to reach and recruit American youth. One hour with Q&A.
 
Thursday, May 20th
8:30 am - 8:45 am – Introduction and Welcome by the FBI
 
8:45 am - 10:00 am – Dave Russell, Senior Security Engineer - CDW
Topic: Digital Forensics and Domestic Terrorism
Computer forensics has been use often to prove "simple" criminal cases, but these techniques are becoming increasingly valuable to broader issues of terrorism as well. This talk told the story of one such case (though names and locations will be changed to protect the not-yet-convicted) that involves a radical domestic group and the attack of several professors. The talk also described how digital forensics ultimately led to the identities and locations of the perpetrators. It also touched on the notion of academic freedom and privacy, and how these issues contributed to the case.
 
10:30 am - 11:45 am – Gary Ficken, President of Bimm Ridder Sportswear
Topic: Disasters Can Happen to You
Gary spoke about how the floods of 2008 destroyed over 1000 small businesses in Cedar Rapids and the hurdles the small businesses of Cedar Rapids have faced to rebuild. He talked at length about what his business faced and experienced. There was a video shown during the presentation.
1:00 pm - 2:15 pm – John Jackson, Executive Vice president of Fusion Risk Management.
Topic:  Conducting a Public and Private Interdependencies Workshop
Disaster Recovery, Business Continuity and Emergency Management – all of these are important and top-of-mind topics for Public agencies and Private companies.  Most companies have developed some combination of these plans and believe they are prepared should an emergency happen or a disaster strike one of their locations. The key words in the previous paragraph are “one of their locations”.  Most companies develop emergency plans based on the event affecting them, but they fail to consider what the impact would be of an outage to another organization that they rely on or conduct business with.
During this session, John Jackson for the Chicago Chapter explained the many types of public and private interdependencies that can impact us, and outlined a workshop approach to identifying and addressing external interdependencies.
 
2:30 pm -4:00 pm – Todd Nilson, Managing Director, Social & Talent Solutions for SPR Companies
Topic: Social Media Issues and Answers
The popularity of social media tools grows every day and employees consider it a right to be able to access their LinkedIn, Facebook, and Twitter profiles in the workplace. This places a special strain on security professionals charged with keeping sensitive data secure. In this presentation, Todd Nilson, director of social media for SPR Companies, provided an overview of the current risks of social networking in the business enterprise weighed against its potential benefits. The discussion included a look at current demographics concerning the use of social media in the workplace and developing trends that may have an impact upon security.
 


2:54 PM GMT  |  Read comments(2)

May 12

Secure 360 Conference
Yesterday I was able to attend the Secure 360 conference held in St. Paul at the RiverCentre.  This security conference is sponsored annually by UMSA. The Upper Midwest Security Alliance(UMSA) serves business, government, and education professionals in the center of the American landscape.  Brought together in 2004 to explore professional security integration opportunities, the UMSA member organizations created  Secure360. This collaborative, multi-faceted conference presents a unique opportunity to experience a national-quality conference without traveling to Orlando or  Las Vegas. 
 
While at the conference I was able to visit exhibitor booths from all the major security vendors and discuss their products.  The keynote speaker was Allan Paller of the SANs institute.  Mr. Paller discussed current needs for building cyber guardians/warriors and the efforts of the department of defense to find talent and train them.  He discussed current attacks as well as some response.  He indicated that reverse engineering skills are the most important security skills.  Further key skills are forensics - to find the attacks and malware.  Vulnerability, exploits and pen testing to know what to look for.  Deep packet inspection to find attacks on the wire and indicators of attacks.  Log Analysis and script development to illuminate evidence of attacks immediately.  Secure configuration ability to harden systems.  He also discussed the shift in the US from reporting on security audits to application of security.  The focus is now on technicians and experts who apply the skills necessary rather than report on the lack of security. 
 
My question for SANS is how does this focus on training and finding good candidates by the DOD relate to the public arena.  85% of our infrastructure in the US is private.  How can educational institutions assist in training the next cyber guardians/warriors?  Where and How can we help students get these necessary skills?  He indicated there are currently less than 1000 world warriors in the US.  How can those with the skills be leveraged to mentor others?  As an educator, I know that I am not one of the less than 1000 with the necessary skills, but I am passionate about helping my students achieve those skills.  What can I do to assist them? 
 
Mr. Paller in the second half of his presentation discussed the New Security Heroes discussed How to do Security without authority.  In this presentation he indicated the department of state has built an automated security metric which can provide metrics every 72 hours.  The state department will give you the GOTS software they use for measurement and monitoring and motivation. 


8:50 AM GMT  |  Read comments(1)

April 23

20 Critical Security Controls for Effective Cyber Defense

An interactive guide to the tools that automate the 20 Critical Security Controls can be found at http://www.sans.org/critical-security-controls/interactive.php.  If a tool is there, it plays an important role in automating one or more of the 20 critical controls.

 

The US State Department's cyberspace monitoring strategy was designed with the 20 "Critical Controls in mind," says the department's Chief Information Security Officer John Streufert.  Streufert's team analyzed 1,700 unclassified attacks from the 11 months prior to 2009 for connections to the controls and found they applied.  The team then turned to penetration testing and found that 80 percent of attacks deemed successful exploited known vulnerabilities.  He then automated monitoring of the key controls, highlighted every office in State that was doing well and badly, motivating them to improve security, and reduced risk by over 90% across all offices around the world.

http://cybersecurityreport.nextgov.com/2010/04/state_dept_success_revealed.php



1:08 PM GMT  |  Read comments(3)

Core Impact 10.5 updates
Core Security is releasing their new version of Core Impact Professional.  While watching a webcast on its release yesterday I learned about the new features.  One of these features is the integration of metasploit.  This integration allows CI 10.5 to utilize the metasploit framework fairly seamlessly.  I can't wait to give it a try.  They have also added some better reporting features in this release. 
 
Replicate Cyber Attacks and Reveal Critical Exposures with Comprehensive Penetration Testing Software

CORE IMPACT Pro is the most comprehensive software solution for assessing the security of web applications, network systems, endpoint systems, email users and wireless networks. Backed by Core Security’s ongoing vulnerability research and leading-edge threat expertise, IMPACT Pro allows you to take security testing to the next level by safely replicating a broad range of threats to your organization’s sensitive data and mission-critical infrastructure. With IMPACT Pro, you gain extensive visibility into the cause, effect and prevention of sophisticated data breaches, enabling you to drive efficient risk mitigation enterprise-wide.



12:08 PM GMT  |  Read comments(0)

April 16

CTL IT Workshop - 4/8-4/9
The CTL IT workshop INFORMATION ASSURANCE AND SECURITY IN IT DISCIPLINES: OUR FUTURE TOGETHER, focused on identifying and improving student competencies related to information assurance and security in IT disciplines.  The main purpose of this workshop was to connect IT professionals with Faculty and select students to discuss current trends and needs to ensure the pipeline of IT professionals in Minnesota is properly prepared and trained. 

 

In an effort to document the outcomes of the workshop, we posted comments and feedback on the workshop wiki which is located at ctlitworkshop.pbworks.com



8:59 AM GMT  |  Read comments(0)

Avoiding the SANS Top 25 Most Dangerous Programming Errors

Avoiding the SANS Top 25 Most Dangerous Programming Errors

Sponsored by:

Veracode, Inc.

 

WHEN:

Available Now

SPEAKER:

Chris Wysopal, Veracode's CTO and Co-Founder

 


About This Vendor Webcast

 


The list of the Top 25 Most Dangerous Programming Errors is already becoming the "standard" for developing secure applications in many large enterprises, and even the State of New York plans to implement procurement contracts that include language mandating application security.

Whether you manage internal development activities or work with third party developers, your mandate is clear - safeguard your code and make sure you've avoided the most dangerous programming errors.

In this webcast,

  • Prevalence of attacks using vulnerabilities listed in the Top 25
  • Impact of attacks on your application and your customers
  • Methods to identify, track and remediate these vulnerabilities

 

View this webcast now to learn more about the Top 25.



8:56 AM GMT  |  Read comments(0)

April 14

Minnesota Government & Education Microsoft User Group: Security
Yesterday I attended the Minnesota Government & Education Microsoft User Group: on Security.  This group which meets monthly explores Microsoft products and solutions for Government and Education.  The first presentation dealt with the current state of security.  The current threats are not at the network layer but at the application layer.  The web and vulnerabilities in applications present the major threats.  The second presentation discussed the ForeFront suite of applications offered by Microsoft and how they can be used to help secure your environment.  The last presentation dealt with encryption and rights management.  How to secure your data at rest and in motion.  For future events check out: http://www.MicrosoftUSEvents.com


7:32 AM GMT  |  Read comments(1)

April 01

Secunia Online Free Vulnerability Scanner

Welcome to Secunia Online Software Inspector (OSI) - http://secunia.com/vulnerability_scanning/online

The Secunia Online Software Inspector, or short OSI, is a fast way to scan your PC for the most common programs and vulnerabilities, thus checking if your PC has a minimum security baseline against known patched vulnerabilities.
Use the Secunia OSI to get a feel for the Secunia Software Inspector technology, then upgrade to the Secunia PSI or CSI, which covers practically all programs on your PC, whereas the OSI checks less than 100 programs.

Feature Overview:

  • Detects insecure versions of common/popular programs installed on your PC
  • Verifies that all Microsoft patches are applied
  • Assists you in updating, patching, and protecting your PC
  • Activates additional security features in Sun Java
  • Runs through your browser. No installation or download is required


11:12 AM GMT  |  Read comments(1)

March 17

Vyatta Open Source Networking

Vyatta's open, software-based approach to networking has created a complete network OS that can connect and secure physical networks as well as virtual and cloud computing infrastructures. Vyatta software and appliances offer users a flexible, affordable alternative to proprietary, hardware-based routers, firewalls, VPN concentrators and intrusion prevention devices.

Vyatta can help you:

  • Affordably scale large BGP implementations
  • Keep your network safe with a stateful-inspection firewall
  • Securely connect remote offices with VPN
  • Scale from DSL to 10-Gbps with a single software package
  • Avoid costly proprietary networking upgrades
  • Run virtualized networking environments in Xen and VMware
  • Add networking and security to blade servers in your data center
  • Offer network-based managed security services
  • Add network redundancy regardless of vendor equipment
  • Build your own best-of-breed Branch office solution

http://www.vyatta.org/getting-started/why-use



11:43 AM GMT  |  Read comments(0)

March 13

Midwest CCDC - March 12-14

Today marks the start of the Midwest Collegiate Cyber Defense Competition here at Inver Hills CC.  It is with much anticipation as the advisors await the arrival of the results.  Unfortunately, we are locked out of the competition rooms waiting as expectant parents for the arrival of an anticipated child for two days.  I shall be pacing the halls, drink too much caffeine, and nervously chat with the other expectant advisors.

Quote

Midwest CCDC
The Midwest Regional CCDC is a two day event and the first competition that specifically focuses on the operational aspect of managing and protecting an existing “commercial” network infrastructure. Not only do students get a chance to test their knowledge in an operational environment, they will also get a chance to network with industry professionals who are always on the look out for up and coming engineers. CCDC provides a unique opportunity for students and industry professionals to interact and discuss many of the security and operational challenges the students will soon face as they enter the job market.


8:17 AM GMT  |  Read comments(1)