In the wake of an Advanced Persistent Threat...to Your Personal Safety

Presented at Diana Initiative 2019, Aug. 9, 2019, noon (30 minutes).

As an infosec professional, you may be a pro at finding security threats and APTs in your corporate environment, but have you evaluated your personal threat model? What would you do if someone close to you was using technology in a way that was a risk to your personal privacy and safety? Would you do something different if that person was front page news and internationally known as a hacker? As the discussion around stalkerware grows, hear presenters’ personal experiences navigating spyware and stalking dating back two decades. Attendees will learn that stalkerware is not a new problem, how to use enterprise network defense and incident response frameworks to respond to personal threats, and what resources can help individuals experiencing tracking, digital harassment, or digital abuse at the hands of a technical adversary. This talk is suitable for software developers and managers to learn about unintended personal safety risks in software, individuals experiencing this threat, and anyone interested in the extent of this problem.


Presenters:

  • Xena Olsen - Cyber Threat Intel Analyst at Financial Services
    Xena Olsen is a cyber threat intelligence analyst in the financial services industry. Graduate of SANS Women’s Academy with 5 GIAC certifications and a current graduate student pursuing an MBA in IT Management. She has over 15 years of business experience from start-ups to enterprise in management, technical projects, consulting, strategy, and leadership. Her current focus is malware analysis and paying it forward through her Women in Information Security Group.
  • Lodrina Cherne - Instructor/Security Analyst at SANS Institute/Cybereason
    Lodrina Cherne is an instructor for the SANS Institute where she teaches Windows Forensic Analysis and helps students to advance their foundational understanding of DFIR. She also works as a Security Analyst at Cybereason helping protect organizations from attack through incident response, malware analysis, and security research. Throughout her 15 years in cybersecurity, she has been able to fight for people wrongly impacted by technology including her work investigating the “Sledgehammer” case in Turkey where she helped in the acquittal of more than 200 foreign imprisoned senior military officers after showing that the electronic documents used to indict them were forged.

Links:

Similar Presentations: