Program - Joe Slowik courses 2023

Slowik

Instructor: Joe Slowik

We are pleased to have Joe Slowik as instructor on IT/OT cybersecurity courses.

Joe Slowik is Winner of Top 10 Cybersecurity Experts for 2021 by Cyber Defense Magazine.

Throughout his career, Joe Slowik has touched just about every aspect of cybersecurity including roles as a threat hunter, intelligence professional, and detection engineer. From work in the US Navy, to the US Department of Energy and Los Alamos National Laboratory, to industrial control security company Dragos, and threat intelligence provider DomainTools, he draws his expertise from exposure to different facets of cyber intrusions and critical infrastructure defense.

Joe continues his work tracking statesponsored and criminal threats to enterprises with an emphasis on critical infrastructure and related targets.

Joe Slowik currently works as a Senior Principal Security Engineer of Applied Threat Research at Gigamon.

Joe Slowik is also one of the keynote speakers at Industrial Security Conference Copenhagen on 14-15-16 November 2022.

Winner of Top 10 Cybersecurity Experts for 2021 by Cyber Defense Magazine

Throughout his career, Joe Slowik has touched just about every aspect of cybersecurity including roles as a threat hunter, intelligence professional, and detection engineer. From work in the US Navy, to the US Department of Energy and Los Alamos National Laboratory, to industrial control security company Dragos, and threat intelligence provider DomainTools, he draws his expertise from exposure to different facets of cyber intrusions and critical infrastructure defense.

Joe continues his work tracking statesponsored and criminal threats to enterprises with an emphasis on critical infrastructure and related targets.

Joe Slowik currently works as a Senior Principal Security Engineer of Applied Threat Research at Gigamon.

Operational Threat Intelligence

When used properly, cyber threat intelligence (CTI) allows an organization to leverage another’s breach or incident to their own benefit. Yet while many cyber threat intelligence courses and guides exist, these are primarily designed for developing long-range, in-depth intelligence products for strategic or similar overview with an overemphasis on theory and little experience in practice. Operational threat intelligence instead supports a different audience: day to day security work and network defense. While cyber threat intelligence must always meet standards for accuracy, relevancy, and timeliness, SOC watch-standers and IR personnel need enriched information now in order to execute their jobs.

You will learn about the following subjects:

• Introductions and Overview

• Overview of Intelligence and Threat Intelligence

• Intelligence Applications and Organizational Values

• Sources of Intelligence

• Intelligence Extraction

• Report Analysis Exercise

• Understanding Indicators of Compromise and Indicator Analysis

• Pivoting and Pivoting Exercise

• Intelligence Support to Defense and Alerts

• Intelligence Reporting and Communication

• Threat Hunting and Supporting Strategic Analysis

Target group

Operational Threat Intelligence is intended for CTI analysts seeking a more hands-on approach to information security, or operational security personnel (security operations analysts, incident responders, etc.) looking to incorporate CTI into their workflows. This course can also serve as background for managers and decision-makers building CTI operations within their organization.

09.00

09.30

Day 1

Introductions and Overview

Overview of Intelligence and Threat Intelligence

10.45 Break

11.00

Intelligence Applications and Organizational Values

12.30 Lunch 13.30

Sources of Intelligence

15.00 Break

15.15

16.15

Intelligence Extraction

Report Analysis Exercise

Day 2

09.00

Understanding Indicators of Compromise and Indicator Analysis

10.45 Break

11.00 Pivoting and Pivoting Exercise

12.30 Lunch

13.30 Intelligence Support to Defence and Alerts

14.30 Break

14.45 Intelligence Reporting and Communication

16.00

Threat Hunting and Supporting Strategic Analysis

After the course, you will receive a certificate of participation with hours and content for use in CPE points.

Intelligence-Driven ICS Defence 25 - 26 JANUARY 2023

Industrial Control System (ICS) and Operational Technology (OT) networks increasingly feature both greater connectivity with traditional IT network, and greater attention from malicious actors. From opportunistic criminal intrusions through state-sponsored breaches, ICS/OT operators must adapt to an ever changing threat landscape in order to ensure the security of their networks, as well as the availability and integrity of their physical operating assets.

This course provides you with a threat-focused, intelligence-driven approach to ICS/OT security. Starting with an exploration of general concepts in the threat and intelligence space, instruction then moves into ICS-specific applications of adversary understanding and defensive evolution. Through a thorough review of ICS-targeting incidents, you will gain a greater understanding of historical activity and implications for future defensive planning.

You will learn about the following subjects:

• Explaining and Understanding ICS and OT Environments

• Understanding Intelligence and Intelligence Applications

• Threat Modeling

• Attribution and Network Defense

• Vulnerability Analysis

• ICS Threat Environment

• ICS Attack Types and Impact Scenarios

• Risk Evaluation and Defensive Planning

• Implementing Countermeasures and Defensive Applications

Target group

Intelligence-Driven ICS Defense is designed for ICS operators and managers building an industrial-oriented security program, or IT security decision-makers learning about ICS-specific security concerns. The course is also appropriate to managerial and risk management audiences seeking improved understanding of ICS-specific security concerns and mitigations.

09.00

09.30

Day 1

Introductions and Course Overview

Explaining and Understanding ICS and OT Enviroments

10.45 Break 11.00

Understanding Intelligence and Intelligence Applications

12.30 Lunch 13.30

Threat Modeling

15.00 Breaak

Attribution and Network Defense 16.00 Vulnerability Analysis

15.15

Day 2

09.00

ICS Threat Enviroment

10.30 Break

10.45 ICS Attack Types and Impact Scenarios

12.30 Lunch 13.30 Risk Evaluation and Defensive Planning 14.45 Break 15.00 Implementing Countermeasures and Defensive Applications

16.30 Conclusions

After the course, you will receive a certificate of participation with hours and content for use in CPE points.

Strategic Network Defense Planning

Network defense is informed by knowing the network, and knowing the adversary – but few practitioners have the fortune of possessing this knowledge before a major breach. This class aims to correct this gap by providing a focused walkthrough of resource analysis, risk and threat assessment, and mitigation planning aimed at managerial and executive audiences.

Starting with an overview of strategy and applying strategic concepts to network defense, you will explore value-oriented approaches to security assessment. Based on this understanding, you will discuss a strategic perspective on threats and attack surface understanding. Finally, the course will conclude with discussions of countermeasures and controls, and how to evaluate residual risk while building organizational resilience.

You will learn about the following subjects:

• Understanding Strategy and Strategic Planning

• Defensive Strategic Approaches

• Strategic Perspective on Threats

• Countermeasures & Controls

• Residual Risk and Resilience

Target group

Strategic Network Defense Planning is designed for security program decision-makers, or individuals wishing to take on higher-level security planning responsibilities. The goal is to introduce managers and organizational leaders to information securityspecific conceptions and applications of strategy and how these concepts can be applied for program development.

09.00 Introductions and Overview

09.30 Understanding Strategy and Strategic Planning

10.45 Break

VENUE & REGISTRATION

PRICES

Operational Threat Intelligence, 23-24 January 2023

EARLY BIRD Registration by 9 December 2022: DKK 9.995,Registration after 9 December 2022: DKK 10.995,-

Intelligence-Driven ICS Defense, 25-26 January 2023

EARLY BIRD Registration by 9 December 2022: DKK 9.995,Registration after 9 December 2022: DKK 10.995,-

Strategic Network Defense Planning, 27 January 2023

EARLY BIRD Registration by 9 December 2022: DKK 5.595,Registration after 9 December 2022: DKK 6.595,-

Prices are excluding VAT.

REGISTRATION

To register for the conference the best and quickest way is to fill in the online registration form on insightevents.dk cashandtreasury. We also accept bookings by post, Tel: (+45) 35 25 35 45 and e-mail: info@insightevents.dk. Once we have received your registration you will receive an invoice. Your registration is binding. All prices are in Danish Kroner and excl. VAT.

CANCELLATION

All cancellations must be submitted in writing. If cancelled up to 14 days before the event, a fee of 10% will be withheld. Should cancellation be made less than 14 days prior to the event, 50% will be withheld and, if cancelled later than 2 days before the date of the event, full price will be paid. If you are prevented from participating, you also can transfer your participation to a colleague. All substitutions must be received in writing.

We take reservations for misprints and changes in the program. For further information please contact Senior Project Manager Nina Meyer, Tel: (+45) 3055 3092 or e-mail: nm@insightevents.dk

Insight Events ApS | Silkegade 17, st. | Postboks 2023 | DK-1012 Copenhagen | Tel 35 25 35 45 | info@insightevents.dk | www.insightevents.dk |