Conference focused on cyberthreats

Tab 1

December 04, 2017

Cyberattacks have evolved significantly since 1980 when the earliest internet hackers sought bragging rights for accessing the data systems of governments and companies. Today, a potent group of online criminals delivers mayhem and extortion to specific categories of potential victims: large companies, government agencies and the well-to-do.


Expert speakers addressed this complicated and evolving cyber-risk landscape at U.S. Bank’s 6th annual Strength in Security Conference on Oct. 19th in Minneapolis. The event, which fell during the National Cybersecurity Awareness Month, welcomed industry heavyweights and more than 500 invitation-only attendees.


Originally an employee-training event, the conference has since grown to include U.S. Bank customers, says Jenny Menna, Cybersecurity Partnership Executive at U.S. Bank. This year, students were able to partake in a cybersecurity war game session between Minneapolis-area students at the main event and students at Northern Kentucky University, who watched the conference via a simulcast.

“This event [was created] as an opportunity to provide training to our information systems security workforce and others in the bank — in risk, audit folks, people in lines of business and development,” Menna says. “This event will provide opportunities for them [and others in attendance] to learn about the latest trends in cybersecurity, controls and good practices to avoid attacks.”


World-class experts at the event spoke on everything from assessing potential risks to learning how to adopt a cybersecurity strategy over time.

Tab 2

December 04, 2017

“Because the conference has gotten so diverse — some want to hear more on technical aspects, others on risk management — we’re having multiple parallel tracks to appeal to different audiences,” Menna explains.


The Risks of Cyberattacks


Despite national and global businesses spending tens or even hundreds of millions of dollars on cybersecurity, companies can still fall prey to hackers. And if the largest corporations can be exploited, individuals and families are even more vulnerable. That’s why a conference such as the one held was needed more than ever.


Culprits can range from a sophisticated international crime ring (which often already has well-established internet operations) to an individual knowing the value of certain information a victim holds.


Naturally, computers tend to play a large role in these attacks, but criminals also use social engineering or manipulate people into divulging desired information. For instance, a busy executive assistant could let slip details about a sensitive database to a criminal posing as tech support. 

It’s not impossible for culprits to be caught, but the chances are often slim, especially if they reside overseas or have hired someone to serve as the middleman.


Plus, it can be difficult to trace any ransoms, since serious extortionists tend to demand payment in a digital cryptocurrency, such as bitcoin.


Clearly, there is little to deter a cybercriminal in terms of retribution. The most effective tactic is to prevent the attacks before they start.  That means using all of the techniques and technologies at the disposal of a major corporation.


“There are innovative options available [for protection],” says Jason Witty, Chief Information Security Officer at U.S. Bank and the conference host. Increasingly unreliable passwords are waning in favor of biometric techniques such as fingerprints and facial recognition.


“Last year, U.S. Bank publicly announced our goal first to replace challenge questions with biometrics for our clients,” he says. “Then, in 2018, give them the option of not using a password either.”

Tab 3

December 04, 2017

Speaking Up


The featured speaker at this year’s conference was a former U.S. Army infantry officer and FBI Special Agent Clint Watts, a Robert Fox Fellow for the Foreign Policy Research Institute, who will speak on “The Wild West of the Internet: Keeping Your Business Secure in the Age of Cybercrime.” Watts works as a consultant designing and implementing customized training and research programs for military, intelligence and law enforcement organizations at the federal, state and local level. He sounded the warning bells in 2014 that there was a massive Russian cyberwarfare propaganda operation underway that sought to exploit American free speech on social media with the goal of undermining American democracy.


Other conference topics and speakers included:


  •  “Abnormal Behavior Detection” – David Kennedy, founder of TrustedSec and Binary Defense Systems and co-author of “Metasploit: The Penetration Testers Guide”
  • “Locking in Pervasive Security in a Digitized World” – Edna Conway, Cisco’s Chief Security Officer for its Global Value Chain
  •  “Are Cyber Threats Like the Movie ‘Groundhog Day’? Having the Worst Day of Your Life … Over and Over Again” -- William F. Pelgrin, co-founder and partner of cyberWA Inc., a cybersecurity service that helps protect corporate executives, celebrities and other high-value individuals from cyberattacks
  •  “Cybersecurity Leadership in 2020: Are You Ready?” – Todd Fitzgerald, Senior Vice President and Chief Administrative Officer for Information Security and Technology Risk at Northern Trust
  • “Cyber Insecurity @ the Cross Roads of Defense and Diplomacy” – Paul Nicholas, leader of Microsoft’s Global Security Strategy and Diplomacy Team
  • “Continuously Adaptive Security: Manage Risk, Build Trust, and Embrace Change” – Ramon Krikken, Research Vice President in the Gartner for Technical Professionals Security and Risk Management Strategies team
Markets & Economy