December 14, 2017 | 8:30 a.m. – 4:00 p.m.
Florida International University
11200 SW 8th Street | GC Ballrooms
Miami, FL 33199

On Thursday, December 14 Florida International University, the Greater Miami Chamber of Commerce, and the U.S. Chamber of Commerce will host the Cybersecurity Conference bringing together top experts both locally and nationally from government, law enforcement, and the private sector to help business leaders develop, evaluate, and strengthen their cybersecurity programs.

Space will be limited. Register now to guarantee admittance.

Co-Hosts

Sponsors

 

Program Agenda

0830-0900: Registration and Breakfast Networking

0900-0905: Opening Remarks
Ann M. Beauchesne, Senior Vice President, U.S. Chamber of Commerce (emcee)

0905-0930: Welcoming Remarks
Alejandro Mayorkas, Partner, WilmerHale; Chairman, U.S. Chamber of Commerce Cyber Leadership Council; and former Deputy Secretary, U.S. Department of Homeland Security

0930-1000: Role of DHS in Cybersecurity
Jeanette Manfra, Assistant Secretary for Cybersecurity and Communications, National Protection and Programs Directorate, U.S. Department of Homeland Security (invited)

Cyber threats are increasing in frequency, scale, and sophistication and cybersecurity must be a partnership between government and industry. Manfra will discuss how DHS executes its mission as the central federal interface for the private sector in responding to and recovering from cyber threats. She will also discuss how DHS is improving and expanding its capability to send and receive cyber threat information to the private sector.

1000-1045: Panel Discussion: Small Business Cybersecurity
Moderator: Ann M. Beauchesne, Senior Vice President, U.S. Chamber of Commerce

  • Chris Furlow, President, Ridge Global
  • Allen Gutierrez, Associate Administrator of the Office of Entrepreneurial Development, U.S. Small Business Administration (tentative)
  • Michael Myhre, CEO and Network State Director, Florida SBDC Network
  • Adam Sedgewick, Technology Policy Advisor, Office of Policy and Strategic Planning, U.S. Department of Commerce

Small does not necessarily mean secure. More and more, small and midsize businesses are targeted for cyberattacks because they typically lack there sources to adequately defend themselves. Cybersecurity is no longer an IT problem; it is an organizational problem. So how do businesses find a balance between cost and security? What resources exist for businesses to enhance cybersecurity? This panel will provide an overview of existing frameworks and advice on finding affordable solutions to cybersecurity challenges.

1045-1100: Networking Break

1100-1130: Industry Keynote
Ed Cabrera, Chief Cybersecurity Officer, Trend Micro

1130-1215: Panel Discussion: Public-Private Collaboration on Cyber Incident Response
Moderator: Ray Watts, Principal Consultant, Cybis LLC

  • Jason Manar, Supervisory Special Agent, Special Agent, FBI
  • Brad Leopard, Supervisor, Electronic Crimes Task Force, U.S. Secret Service

Local law enforcement, the FBI, and the Secret Service are often the first entities to learn of criminals’ access to networks. Engaging law enforcement to build trusted public-private partnerships is essential to confirming a crime and beginning a criminal investigation. Business leaders need to understand the respective roles of the FBI and the Secret Service, how law enforcement shares information with businesses, and the importance of reporting cyber incidents to law enforcement.

1215-1230: Networking Break

1230-1330: Lunch

12:45-1330: Luncheon Keynote: Combating Cyber Threats to U.S. National Security
TBD

Introduced by: Dr. Mark B. Rosenberg, President, Florida International University

Florida businesses face blended threats—criminal and national security—to their digital networks. In today’s interconnected economy, industry is a key partner in confronting these threats. A seemingly small cyber intrusion by a criminal actor on a U.S. business may transmit personally identifiable information to a terrorist network or fund militant activity on battlefields far from U.S. jurisdiction. Scott will discuss these cyber threats and actors and how critical cooperation between businesses and federal agencies works to disrupt cyberattacks.

1330-1345: Networking Break

1345-1430: Panel Discussion: Business Case for Cybersecurity | Managing the Risk of Insecurity
Moderator: Ian Wallace, Co-Director, Cybersecurity Initiative, New America (tentative)

  • Cindy Donaldson, President, Global Resilience Federation
  • William Murphy, VIPRE Security (tentative)
  • TBD
  • TBD

Addressing cybersecurity threats to American and global businesses has gone from an IT issue to a priority for the C-suite and the boardroom. For many businesses, it is not a matter of if an intrusion will happen, but when. In an interconnected world, economic security and national security are linked. People and business leaders need to manage cyber risks to their organizations. Technology is only part of the solution. Directors and officers are responsible for protecting the assets—e.g., devices and data—of their companies. Do boards and senior executives appreciate the costs—e.g., legal, public relations, regulatory, and reputational—of a consequential attack? What are some effective ways to talk to company leaders about securing cybersecurity resources?

1430-1515: LIVE CYBERSECURITY DEMONSTRATION

Faculty Introduction by Prof. Selcuk ULUAGAC

Demo-1: Demonstration of Hacking IoT devices via Sensors.  Amit Kumar Sikder

Demo-1 description: Sensors (e.g., light, gyroscope, accelerometer) and sensing enabled applications on a smart device make the applications more user-friendly and efficient. However, the current permission-based sensor management systems of smart devices only focus on certain sensors and any App can get access to other sensors by just accessing the generic sensor API. In this way, attackers can exploit these sensors in numerous ways: they can extract or leak users’ sensitive information, transfer malware, or record or steal sensitive information from other nearby devices. In this demonstration, we will show a sensor-based attack using light sensor of the IoT devices. We use two different IoT devices – a smartwatch and a smartphone to perform the attack. A malicious App in a smartphone and smartwatch observe the change in light sensor reading and when a certain pattern is flashed by a near-by light source, the devices will turn off. Acknowledgement: Funding for this project is provided by US National Science Foundation (Award# NSF-CNS- 1453647).

Demo-2: Demonstration of Sensitive Information Leakage from Smart Home Devices. Leonardo Babun

Demo-2 description: The number of Internet of things (IoT)-compatible smart home devices are increasing rapidly. To control and interact with the IoT devices, IoT programming platforms provide developers a rich set of APIs that access a ubiquitous source of privacy-sensitive data such as device states, user preferences, and device locations. However, IoT platforms do not protect against carelessly programmed apps or malicious apps that deliberately misuse their granted permissions to leak sensitive data. In this demo, we will present SaINT, a static taint analysis tool that detects data flows that leak sensitive information from IoT apps. Acknowledgement: Funding for this project is provided by US National Science Foundation (Award# NSF-CNS- 1663051). This is also a collaborative work with Systems and Internet Infrastructure Security Laboratory of Pennsylvania State University).

Demo-3: Demonstration of User Identification via Motion Sensors of Wearables As a Second Factor Authentication.  Abbas Acar

Demo-3 description: One-time login process in conventional authentication systems does not guarantee that the identified user is the actual user throughout the session. However, it is necessary to re-verify the user identity periodically throughout a login session without reducing the user convenience and system usability, which is lacking in existing one-time login systems. Continuous authentication can address this issue. In this demo, we will show how a smartwatch user can be identified from the sensor data of the smartwatch. Particularly, we will show how to collect and process the sensor data of a smartwatch and how to use to identify its user. Acknowledgement: Funding for this project is provided by US National Science Foundation (Award# NSF-CNS- #1718116).

1515-1530: Closing Remarks
Ann M. Beauchesne, Senior Vice President, U.S. Chamber of Commerce