FloCon 2018 has ended
Tucson, AZ – January 8-11, 2018


Watch this space for details on the technical program for FloCon 2018. In the meantime, see the FloCon website at www.cert.org/flocon.
Back To Schedule
Thursday, January 11 • 10:30am - 11:00am
The Future of Cybersecurity Needs Eyes and AIs on the Inside

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Feedback form is now closed.
This presentation will address why and how enterprises need to shift focus from the edges and endpoints of their network to the inside of their network. This is where adversaries are able to do the most damage, and where security teams’ capabilities to detect and expel are currently extremely limited.
The volume, complexity and uniqueness of the internal data environment exceeds human capabilities. However, this rich data can serve as the foundation for the application of artificial intelligence to surface malicious behavior and enhance security teams’ ability to investigate and thwart cyber threats.
AI establishes an understanding of “network normal” behavior, then identifies the sets of behaviors that adversaries must use, but which are statistically improbable for legitimate users and systems to accidentally perform in the course of normal operations. Applying AI within this adversary mission-focused framework enables organizations to cut through network noise and highlight only the critical threats that warrant immediate investigation.
Instead of manually sifting through alerts or even packets, security professionals can see the whole picture of an adversary’s campaign. By focusing human analysts on deciding how best to confront threats, security teams significantly amplify their ability to get positive results and protect their businesses without corresponding increases in staffing or other expensive resources.
The addition of AI to provide visibility and correlation across all systems promises to be the greatest opportunity for network defenders to take back the upper hand against adversaries now and into the future.

Attendees Will Learn:
Attendees will gain a broad understanding of how AI-powered analysis of internal network traffic can complement and enhance the ability of experienced humans to successfully investigate and mitigate cyber threats.
Three basic concepts for improving security operations will be introduced:
   (1) The use of AI to establish a dynamic understanding of “network normal” behavior specific to your environment
   (2) The use of AI for detection and cross-data-source correlation of suspicious behaviors in that environment
   (3) How a mission-focused framework dramatically reduces false-positives and highlights only the critical threats that warrant immediate investigation

avatar for Jason Kichen

Jason Kichen

Director of Cybersecurity Services, Versive
Mr. Jason Kichen serves as the Director of Cybersecurity Services at Versive, formerly known as Context Relevant. Mr. Kichen had a 13-year career as an intelligence officer at the Department of Defense and in the intelligence community as an expert in technical and offensive cyber... Read More →

Thursday January 11, 2018 10:30am - 11:00am MST
Presidio III, IV, V