- This event has passed.
NTXISSA March 21, 2019 Monthly Meeting
March 21 @ 11:30 am - 1:00 pm$10 – $30
Speaker: Rick Holland, CISO and VP of Strategy, Digital Shadows
Rick is the CISO and VP of Strategy at Digital Shadows. He has more than 15 years’ experience working in information security. Before joining Digital Shadows, he was a vice president and principal analyst at Forrester Research, providing strategic guidance on security architecture, operations, and data privacy. Rick also serves as an intelligence analyst in the US Army. He is currently the co-chair of the SANS Cyber Threat Intelligence Summit and holds a B.S. in business administration from the University of Texas, Dallas. Rick regularly speaks at leading security conferences across the globe and has been interviewed by industry and business media including BBC News, Dark Reading, Motherboard, NPR, The Register and Wall Street Journal.
Title: When Sharing Is Not Caring: How Misconfigured FTP, SMB, Rsync, and S3 Buckets Exposed Over 1.5 Billion Files
While we often worry about adversaries conducting intrusions into our environments and silently exfiltrating our data, the reality is that this data is often already publicly-available via misconfigured cloud storage, file exchange protocols, NAS drives and file sharing services. Existing tools such as Dump Monitor (dumpmon) and FTP search engines provide limited and incomplete coverage, so Digital Shadows deployed its digital risk management technology for the task. To date, we have indexed over 1.5 billion files, including over 200 million located in the United States, using our file exposure discovery capability. This talk will raise awareness of the level of data exposure from these misconfigured and unauthenticated network services, while providing astonishing examples of the type of data left out in the open by organizations and third-parties.
At the Lunch and Learn with Digital Shadows you will learn:
- The top affected geographies for data exposure across unauthenticated network services
- Some of our most eye-catching findings, including: mission reports, critical national infrastructure project details, live point of sale data, company payroll information, full network diagrams of internal systems, vulnerability assessment reports, and many more
- Top tips on how to best mitigate the risks associated with this type of exposure
Reservation and Payment Information
You may reserve your spot by registering via the Constant Contact link in the email we send out or the Register button on this page before 9:00am the day of the meeting. We encourage you to register online even if you plan on paying at the door so that we will have a count for the restaurant.
Please note you are free to show up without registering and we will certainly try to seat you, but it is always possible we may need to turn unregistered persons away when seats run out – so please register.
Members who prepay online: $10
Guests who prepay online: $25
Anyone paying at the door: $30
Come back following the meeting for access to the video, presentation file, and photos from this event.