Saving Incident Response Utilizing Computer Forensics & Trust Based Computing
This presentation will cover:
Information Assurance (IA): Your Mission and Responsibilities
The REAL Threat Landscape today: “It’s the Wild West!”
Evolution of IA Tools; how did we get here?
Why Saving Incident Response?
Defense-in-Depth: What’s Fundamentally Missing?
Changing the Game: How Incidents are Handled Today, Why it’s broken, How it can be fixed?
Opportunities for Improvement (next generation of IR tools)
Rich Cummings – Director Government Solutions, Guidance Software
Mr. Cummings is the former Director of Security Engineering at Guidance Software where he architected the current Information Assurance & Computer Network Defense capabilities of Encase Enterprise. Mr. Cummings currently works with government organizations helping them design & architect large scale solutions to Computer Incident Response, Counter-Intelligence, and Data Spillage Investigations. Mr. Cummings brings a wealth of enterprise security & investigative experience with a specific emphasis on Information Warfare & Information Assurance. Mr. Cummings specializes in a wide range of high-level security services from both the offensive & defensive perspectives. Previously Rich was the team lead for Network Associates 911 Emergency Response Team and has also consulted for PriceWaterhouseCoopers.
Speaking and Educational Engagements:
GFIRST 2007 – “Saving Incident Response” June 2007
CEIC 2007 – “The Next Generation of Incident Resposne” – May 2007
Security Week Brazil 2007 – Key Note Speech “Today’s Threat Landscape & How to Best Defend Against it” Sao Paulo, Brazil – April 2007
Federal Information Assurance Conference – “The Missing Link in your Defense-in-Depth Strategy” October 2006
National Security & Information Assurance – Senator Bob Dole Event – April 26, 2006
“Classified Data Spillage” Webinar – Guidance Software – June 2006
The Pentagon Computer Emergency Response (PENTCIRT) Forum – December 2005 “Next Generation of Information Assurance Solutions for Incident Response and Forensics”
Office of Secretary Of Defense-CIO IA Council November 2005 – Enterprise Investigation Infrastructure
INSCOM Red Team/Blue Team Exercise – June 2004, US Army Intelligence & Security Command – “Live Exercise Defend the Net Challenge”
“Data Exploitation on the Battlefield” Training Class for US Special Forces – Jan 2003
“Unraveling the Mystery of Incident Response” part A – October 2004 – Guidance Webinar Speaker
SANS October 2004 New Orleans – Requirements for an Incident Response Investigation
BlackHat 2003 Las Vegas – “Advanced Forensics Tradecraft on Windows Platforms”
BlackHat 2003 Amsterdam – “Advanced Forensics Tradecraft on Windows Platforms”
BlackHat 2003 Seattle – “Advanced Forensics Tradecraft on Windows Platforms”
EnCase V4.14 New Features-July 2003-Guidance Webinar Speaker
