Join FS-ISAC for a variety of additional training opportunities available to attendees before and during the Fall Summit. Please note trainings require separate registration (due to limited space and additional fees may apply) and may necessitate prerequisites and additional materials.
This workshop will present an overview of the STIX 2 Cyber Threat Intelligence data model targeted to security professionals who have a need to understand and manipulate threat intelligence. Emphasis will be placed on translating real-world published threat reports into the STIX data model.
The workshop will conclude with a presentation from FS-ISAC member, Alex Foley (VP-Global Information Security at Bank of America). Alex will share his experiences leveraging the capabilities
of STIX and TAXII within BofA, and address the impact he feels the standards have made across the industry (e.g., helping to reduce the cascading effects of threats). In addition, Alex will
lead an open discussion where attendees will be able to share opinions/experiences, outline areas for improvement, and provide feedback to the developers.
Prerequisites: This workshop is open to all Summit attendees, including sponsors. Workshop is designed for security analysts, SOC personnel, security managers, and threat analysts.
Technical requirements: Attendees should bring a laptop to the workshop to complete the team exercises.
VP - Global Information Security
Bank of America
Alex Foley has worked in a variety of enterprise information security areas, starting in insider threat where he was responsible for quantifying the impact and value of controls along with implementing new means of dealing with emerging threat vectors such as social media and intellectual property leakage. Later he joined the bank’s new critical supplier vulnerability modeling program where the team created the first methodology for analyzing holistic vendor risk where analytic outputs feed into policy and contractual changes in the vendor domain. Alex currently coordinates the strategy components of the bank’s APT, DDoS and Cyber Analytics programs within Cyber Security Technology.
Chief Strategist for Cyber Threat Intelligence
The MITRE Corporation
Mr. Struse serves as the Chief Advanced Technology Officer for the DHS National Cybersecurity and Communications Integration Center (NCCIC) where he is responsible for technology vision and strategy. Mr. Struse is the creator of the STIX and TAXII automated information sharing initiatives which have been widely adopted across the public and private sectors. In October 2014, Secretary of Homeland Security Jeh Johnson presented Mr. Struse with one of the department’s highest honors, the Secretary’s Award for Excellence, in recognition of his pioneering work on STIX and TAXII. Prior to joining DHS, Mr. Struse was Vice President of Research and Development at VOXEM, Inc., where he was the creator of a high?performance, extreme high?reliability communications software platform.
Insights and conclusions in the intelligence tradecraft can be difficult to structure and communicate effectively, often due to uncertainty and ambiguous information on attacks, adversaries, and techniques. This training is designed to help organizations frame complex insights for senior executives, increasing their understanding and preparing the organization to take action and mitigate risks. Attendees will be provided with tools to structure intelligence tactics, techniques and methods, in addition to communication guidance in this results-oriented training. Tune a threat intelligence strategy through discussion on strategic plan development and approaches, intelligence risk and standard operating procedures. Explore stakeholder and executive models for supporting the intelligence process to ensure alignment with information security, incident response, security operations and the business. Active participation required.
*Closed to Sponsor attendees.
The CyberSecure My Business workshop, which is designed to teach small and medium-sized businesses about cybersecurity. The workshop is highly interactive and based on adult learning
principles, allowing business owners and operators to interact with and learn from their peers, legitimize their current experiences by sharing approaches and apply the learnings to their
business. During the 3-hour workshop an NCSA-trained facilitator takes the attendees through the following steps:
1. Understanding assets, "digital crown jewels," they have that others might want to steal.
2. Learning how to protect those assets with limited budgets and time.
3. Detecting when something has gone wrong.
4. Reacting quickly and appropriately to limit the impact and creating a plan of action to remain operational after an incident occurs.
5. Learning what resources are needed to recover after a breach.
Prerequisites: None required.
Required Materials: None required; high recommended to bring materials for taking notes.
*Closed to Sponsor attendees.
Oasis - STIX 2.0 Workshop
Treadstone 71 - Intelligence for the C-Suite and Stakeholders Training
NCSA - The NIST Cyber Security Framework - CyberSecure My Business Workshop