The 5 Conversations I want to have at CB Connect 2019

Type carbonblack
Reporter Leslie Marcotte
Modified 2019-05-23T13:00:42


In a few weeks, I’ll be attending CB Connect in my hometown of San Diego, CA. If you’ve read my earlier blogs, you know I’m passionate about this event because it brings together some of the best and brightest in the security space to network and collaborate on solving some of our industry’s biggest problems. CB Connect offers a great opportunity to connect with the broader security community at large, and while I’m there I plan to spend time watching/talking to my peers across different industries, encouraging attendees to get certified on our CB Predictive Security Cloud (PSC) platform, participating in our Women in Cybersecurity event, and presenting!

The big reason this event is so important to me is because of the conversations we get to have onsite. The industry is moving quickly, and it’s face-to-face events like these that create and foster a real community of defenders. It helps to talk to folks who are struggling with the same issues and those that have moved through them. I also love that it’s occurring halfway through the year. Let’s face it, infosec is a grind and having a little bit of in-person therapy halfway through the year is perfectly timed! It helps me refuel and stay energized as we all deal with the day-to-day infosec life.

Most specifically, I’m eager to dig into some of the bigger topics we’re all facing today. Here are a few of the conversations I want to have onsite:

1. Why the role of the CISO sucks, and what we can do about it.

This is a passion topic for me. In fact, Gary Hayslip and I submitted this talk to RSA and the reception has been amazing as a community - so much so, that we’re presenting again at CB Connect. We deal with a constantly shifting attack landscape, long hours and the risk of being walked if one little piece slips. The environment of security creates a huge amount of workplace and personal stress. Gary and I have both experienced this, and as this conversation started we found out many of us do. While we talk about the challenges we really dive into effective strategies to combat both and what the future of the CISO role looks like. How as infosec stress affected your life? How has it affected your team’s life?

2. Becoming efficient in Security Operations. Doing more with less.

There are two major themes that are constant in my conversations about infosec as I travel the world. One is around lack of resources, and the other is strategies to help fill that gap. Carbon Black recently did a webinar on Optimizing your Security Stack where we gathered thoughts from a range of industry experts on effective strategies to do more with less using Automation and Orchestration Strategies. I am keenly interested in what the community is doing to address this gap.

3. Recruiting challenges (& successes!)

We don’t have enough people in infosec!! I hear this over and over again. But is it true? I have spoken to so many folks in various markets and sectors about what’s working for them. In very small markets I have heard great successes. I am always interested in conversations that help each other. This conversation is crucial for the future of the industry and our programs.

4. Community and actionable threat intelligence.

We should all get better as a result of every attack against one of us. The only way to achieve this is to continue to pull together as a community to talk and share learnings. We need a discussion about the exchange of “normal” behavior just like we have achieved with threat intel. The combination of both proves powerful in driving down false positives and negatives and achieving a higher confidence rate in alerting and detection. The cyber criminals are sharing techniques, tactics and procedures…heck they are even training each other. We need to be more like our adversaries in this respect.

5. Changing techniques and tactics of cyber criminals

Nation State Tools are baked in to common malware now. Cyber criminals are evolving. They are adapting, and attacks are occurring over months and years. How do we as a community keep up with this change in behavior? How do we plan and implement effective prevention, detection and response programs given the changing battlefield? CB Connect is a great place to learn from peers and Carbon Black on crafting effective battleplans and strategies.

I’m looking forward to digging into these conversations with you onsite. And if you can’t find me, there are a number of other smart people onsite that will be talking about these topics and more. Some of the sessions I can’t wait to see include:

  • The Script Kiddie and the PowerShell Arsenal
  • The Future of Endpoint Security
  • How to Evolve your Threat Hunting with the MITRE ATT&CK™ Framework
  • Beginners Guide to Threat Hunting

So now that you know what I’ll be talking about at this event, I want to hear from you. What problems are you trying to solve, and what conversations SHOULD we be having in San Diego in June?

The post The 5 Conversations I want to have at CB Connect 2019 appeared first on Carbon Black.