October 28: Community Forum – Small Changes. Big Impact.

October 28: Community Forum – Small Changes. Big Impact.

The Ohio Union @ 9:00 a.m. - 5:00 p.m.

Cybersecurity Days have something for everyone. From tips to help secure your digital life, to technical sessions for IT professionals, we have crafted three tracks of talks that will satisfy all those curious. 

On October 28 during the Community Forum:

  • Lunch will be provided
  • Participate in a raffle to win prizes like iPads, Airpods, Bluetooth headphones, YETI coolers and more…
  • Back by popular demand, a graphic artist will live-illustrate sessions

Session Tracks

Cybersecurity for You

Our Cybersecurity for You track will address the way you interact with technology in your personal, work and home life. Learn which tips and tricks have the most impact on protecting you and your family online. Get a sneak peak of the university’s new security awareness platform, Cybersecurity 4 You. All of these topics and more await you in this track!

Cybersecurity for Ohio State

Our Cybersecurity for Ohio State learning track will provide attendees the opportunity to meet with the leaders of cybersecurity throughout our campus. This track will offer talks, roundtable discussions and workshops that focus on understanding the safeguards the university currently provides to protect us.

Technical

Our Technical track will provide deep dives, workshops and research lectures. Have an interest in applied Cybersecurity learning? Looking to get granular information about the newest tools and their implementation? This is the place for you. For those expecting to take away applied understanding of cybersecurity, you will not be disappointed.

8:00 a.m.

Check-In & Coffee

Location: Archie M. Griffin Grand Ballroom


9:00 a.m.

Morning Keynote - The Confidence Game: How Cybercriminals Exploit People and How to Stop Them

Presenter: Ryan Kalember, National Cyber Alliance and Executive Vice-President Cybersecurity Strategy at Proofpoint
Location: Archie M. Griffin Grand Ballroom

Session description

Phishing and social engineering are the most common methods of compromising organizations. Cybercriminals know it is easier to find someone who will click on a fraudulent link rather than finding working exploit for a modern operating system or browser. Despite this, we frequently remain focused on the technical side of information security.  

This session will cover the long, fascinating history of social engineering with a focus on strategies you can use to protect yourself and your organization. 


10:00 a.m.

Hacking Your Life: 5 Simple Ways to Protect Yourself Online

Presenters: Jason Hoenich & Chad LoderCo-Founders of Habitu8
Location: Performance Hall
Track: Cybersecurity for You

Session description

“If you don’t like something change it; if you can’t change it, change the way you think about it.” — Mary Engelbreit 

Habitu8 foundersHoenich and Loder will discuss how our mental models prevent us from making secure decisions and how we can hack our lives to better protect our friendsfamilies and ourselves.  

Social Cybersecurity: Social vs. Individual Factors in Security Behavioral Change

Presenter: Cori FaklarisPhD Student Researcher, Carnegie Mellon University
Location: Ohio Staters Traditions Room
Track: Cybersecurity for Ohio State

Session description

Cori Faklaris, a Ph.D. Student Researcher at Carnegie Mellon University, will discuss the role of social factors and how they apply to individual security behaviors within larger group.  

Learn how to apply social influence and gamification techniques to boost adoption of end user securityA heathier security ecosystem awaits your organization in this session! 

Even Your Vehicle Can Be Hacked

Presenter: Qadeer Ahmed, Research Scientist, The Ohio State University Center for Automotive Research
Location: US Bank Theater
Track: Technical

Session description

Qadeer Ahmed, of The Ohio State University Center for Automotive Research, will tackle the fascinating topic of hacking a vehicleAhmed’s research focuses on manipulating sensors, sensor data and injecting false data in order to gain access to vehicles. 

Learn the reasons why this would occur, how hard it is to test for in the real world, and the ways it intersects with other fields of engineering. With stakes in both the commercial and private sectors, this is sure to be an interesting session.  


11:00 a.m.

Welcome to Cybersecurity 4 You

Presenters: Gary Clark, OCIO Director of IT Risk Managemen, Ben Hancock, OCIO Director of Applications Development, and Dan Roll, OCIO Enterprise Security IT Risk Management
Location: Performance Hall
Track: Cybersecurity for You

Session description

OCIO’s Director of IT Risk Management, Gary Clark, OCIO Director of Applications Development, Ben Hancock, and Security Engineer, Dan Roll will introduce a new way of thinking about security awareness: Cybersecurity 4 You. With C4U’s approach, small changes you make in your daily activities will have a big impact on staying secure both at home and work.

What are the things about technology that keep you up at night? What are the points of pain in your digital life that you would like to address but aren’t quite sure how? Clark, Roll and Hancock will explain how the platform was developed to ease those fears and address them, head on. Get an exclusive walk through of the new Ohio State cybersecurity awareness platform from the people who helped create it!

Is ‘The Cloud’ Just Someone Else’s Computer?

Presenter: Lou Lyons, CISO at ReynCon Educational Services & Training (REST)
Location: US Bank Theater
Track: Cybersecurity for Ohio State

Session description

“The cloud” is a popular buzzword that can make organizations feel they are being left behind if they aren’t utilizing cloud computing in all facets. Should everyone and everything actually be in the cloud?

Hear what other major corporations and organizations investigate before taking the plunge. Lou Lyons from ReynCon will be providing the risks and rewards of utilizing the cloud in your day-to-day functions.

DevOps? SecDevOps? Is There a Difference? Why the Confusion?

Presenter: Jason Montgomery, Director of Engineering and Product Security at DataRobot
Location: Ohio Staters Traditions Room
Track: Technical

Session description

Montgomery will discuss using agile and lean development approaches to cybersecurity that result in open contributions and collaboration where security-only requirements have hindered previously. Learn why shared threat intelligence is a better way.

Use agile and lean development approaches to cybersecurity that result in open contributions and collaboration where security-only requirements have hindered previously. Learn why shared threat intelligence is a better way.


12:00 p.m.

Afternoon Keynote, Lunch Provided:  Launch Your Inner Superhero

Presenter: Marcin Kleczynski, Malwarebytes Co-Founder and Chief Executive Officer
Location: 
Archie M. Griffin Grand Ballroom

Session description

Malwarebytes CEO and founder, Marcin Kleczynski, will explore how he got his start in fighting cybercrime and what it takes to become a “cyber superhero.” Not only do “cyber superheroes” need the right technical skills, but they also need mental fortitude and business savviness to combat cybercriminals in a rapidly changing technology landscape. 


1:30 p.m.

Cybersecurity! Why Should I Care?

Presenter: Ed McCabe, Founder at The Rubicon Advisory
Location: Performance Hall
Track: Cybersecurity for You

Session description

Every day, we hear why cybersecurity is important. For some people, the reaction is, why should I care? I can do everything right and still get hacked, or I can do everything wrong, and maybe nothing ever happens.  

Ed McCabe from The Rubicon Advisory will share real-life stories of people who have had this feeling but ended up having a catastrophic day as a result. You’ll leave this talk with a different view of how cybersecurity impacts your digital life, and how small changes will help you live it safer. 

Protection Begins with People

Presenter: Joe Wise, Threat Researcher, Proofpoint
Location: Ohio Staters Traditions Room
Track: Cybersecurity for Ohio State

Session description

Threat researcher from Proofpoint, Joe Wise, has a focus on monitoring cybercriminals that specifically target universities. Proofpoint has a unique view of cybercriminals, as they attempt to bypass Proofpoint themselves and various other email systems.

Learn what information these cybercriminals are going after and how to protect the university in these instances.

AI-based Autonomous Response: The Machines Are Fighting Back

Presenter: Alyson Atwell, Darktrace
Location: US Bank Theater
Track: Technical

Session description

Powered by recent advances in artificial intelligence, the latest cyber AI security systems continuously refine their defenses by learning ‘on the job’ to differentiate between normal and abnormal behavior, enabling them to flag even subtle malicious activity.  

Alyson Atwell from Darktrace believes that the challenge of securing the digital realm can only be met with AI security systems that can learn, evolve and fight back.  Ithis discussion, learn what gaining 100% network visibility of your entire digital estate — including cloud environments and Internet of Things devices — can reveal about the latent vulnerabilities advanced attackers are targeting today. 


2:30 p.m.

Small Steps to Own Your Digital Footprint

Presenter: Laura Bryan, LifeLock/Norton 
Location: Performance Hall
Track: Cybersecurity for You

Session description

Does the idea of dealing with cybersecurity in every facet of your life stress you out? Are you overwhelmed when threatening headlines appear nearly every day?

Laura Bryan from LifeLock will inform how to break this large task of securing your work and home lives into smaller, more manageable pieces. Come out of this session with the tools to break through self-imposed cybersecurity walls!

Avoid the Hook: Your Role in Effective Phishing Defense

Presenter: Michael Iannicello, Cofense
Location: Ohio Staters Traditions Room
Track: Cybersecurity for Ohio State

Session description

One of the ‘uncomfortable truths’ about phishing defense is that no matter how robust the defenses, some malicious emails will still make it through to your inbox. Everyone has a role in protecting the university, and specifically, the ability to better defend against phishing attacks.

You are empowered to become an active part of defense – identifying, reporting and providing visibility of suspicious emails that technology has failed to stop. Michael Iannicello from Cofense will cover how you are a vital part in stopping a real attack, fast. Learn the types of techniques and tricks being used by attackers today, and tips to spot a suspected phishing email in today’s world of more sophisticated phishing attacks.

MITRE ATT&CK Framework

Presenters: Troy Vennon and Jeff Schmidt, Columbus Collaboratory
Location: US Bank Theater
Track: Technical

Session description

Troy Vennon and Jeff Schmidt from the Columbus Collaboratory will be discussing how not all security controls are created equal and how the MITRE ATT&CK Framework can help you better classify attacks and assess an organization's risk by focusing on specific techniques adversaries utilize.


3:30 p.m.

We Are What’s in Our Pockets: Taking Command of Your Digital Life

Presenter: Jerod Brennen, Security Architect and Researcher
Location: US Bank Theater
Track: Cybersecurity for You

Session description

Being a good digital citizen means taking command of your online persona. Your security and privacy are at the center of your digital identity. Are you doing the things with your tech that keep you safe? Or are you an open book for the bad guys? 

In this talk, Jerod Brennen will demonstrate the small, actionable steps to take control of your digital lifeYou will walk away from this session safer than when you walked in! 

Disaster Recovery Best Practices

Presenter:The Ohio State University Practitioners Round Table, Moderator Amber Buening
Location: Performance Hall
Track: Cybersecurity for Ohio State

Session description

We can often forget how hard it is to think clearly under the intense pressure of a sudden and unexpected disaster event - especially one that can severely impact the success of an organization.  

Disaster Recovery planning allows us to focus on the recovery process while minimizing losses. This panel will discuss how Ohio State is approaching Disaster Recovery. After this panel discussion, you'll walk away with actionable practices to take back to your own college or unit! 

If It Looks and Behaves Like a Bug, It’s a Bug

Presenter: Johnny Wong, Veracode
Location: Ohio Staters Traditions Room
Track: Technical

Session description

Johnny Wong from Veracode will discuss the secure development lifecycle in relation to cybersecurity and Software Composition Analysis to decrease an organizations’ open source code risk.  Wong will discuss using the combined power of machine learning, exploitability-based risk prioritization, and automated remediation support. These methods may be the only way to stop bugs from becoming exploits in an organization. 


4:30 p.m.

Closing Remarks & Prizes

Presenter: Helen Patton, Chief Information Security Officer, The Ohio State University
Location: Archie M. Griffin Grand Ballroom