The 'On Location podcast with Sean and Marco' episode featured a panel of distinguished guests including Ed Skoudis, President of the SANS Technology Institute College, Heather Mahalik Barnhart, Curriculum Lead at SANS and Senior Director of Community Engagement at Celebrite, Johannes Ullrich, the Dean of Research for the SANS Technology Institute College. The episode provided a sneak preview of the upcoming RSA conference keynote panel moderated by Ed Skoudis.
Guests:
Ed Skoudis, President at SANS Technology Institute [@SANS_EDU]
On LinkedIn | https://www.linkedin.com/in/edskoudis/
At RSAC | https://www.rsaconference.com/experts/ed-skoudis
Heather Mahalik Barnhart, Faculty Fellow & DFIR Curriculum Lead at SANS, Sr Dir of Community Engagement at Cellebrite [@Cellebrite]
On LinkedIn | https://www.linkedin.com/in/heather-mahalik-cellebrite/
On Twitter | https://twitter.com/HeatherMahalik
At RSAC | https://www.rsaconference.com/experts/heather-mahalik
Johannes Ullrich, Dean of Research at SANS Technology Institute [@sansforensics]
On LinkedIn | https://www.linkedin.com/in/johannesullrich/
On Twitter | https://twitter.com/sans_isc
On Mastodon | https://infosec.exchange/@jullrich
At RSAC | https://www.rsaconference.com/experts/johannes-ullrich
____________________________
Hosts:
Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]
On ITSPmagazine | https://www.itspmagazine.com/sean-martin
Marco Ciappelli, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining Society Podcast
On ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/marco-ciappelli
____________________________
Episode Notes
In this new episode of the On Location Podcast with Sean and Marco, listeners were treated to an in-depth preview of the RSA Conference SANS Keynote, featuring engaging dialogues with industry luminaries Ed Skoudis, Heather Mahalik Barnhart, and Johannes Ullrich. Each brought to the fore their unique perspectives and expertise, providing a fascinating glimpse into the current state and future direction of cybersecurity.
Ed Skoudis, President of the SANS Technology Institute College, stands at the forefront of cybersecurity education, guiding the future of the field through his leadership and vision. As moderator of the RSA Conference keynote panel, Skoudis emphasized the panel's history and its focus on burgeoning cybersecurity threats and innovations. His dual role as a SANS fellow and the founder of CounterHack challenges underscores a commitment to practical, real-world applications of cybersecurity knowledge.
Heather Mahalik Barnhart brings a wealth of experience as the Curriculum Lead at SANS and a Senior Director of Community Engagement at Celebrite. Her expertise in mobile threats and digital intelligence is pivotal in an era where mobile devices are ubiquitous. Barnhart's focus on the escalation of mobile security threats underscores the critical need for continuous vigilance and advanced protective measures in cybersecurity practices.
Johannes Ullrich, Dean of Research for the SANS Technology Institute College, brings his profound insights into web application security to the discussion. His leadership at the Internet Storm Center provides him with a unique vantage point on the latest cyber threats and defensive strategies. Ullrich's work exemplifies the essential nature of forward-looking research in developing effective cybersecurity defenses.
The conversation highlights not just individual achievements but also the collective effort of the panel to address current cyber threats while preparing for future challenges. The keynote panelists discussed their approach to selecting topics that not only resonate with current issues but also anticipate future threats. This proactive approach is a testament to their deep understanding of the cybersecurity landscape and their commitment to equipping professionals with the knowledge to stay one step ahead.
Terrence Williams, a new addition to the panel and a notable figure in cloud security from Amazon, and Steve Sims, an authority on offensive security curriculum at SANS, were also mentioned as key contributors to the upcoming keynote session. Their inclusion promises to bring fresh insights and a broader perspective to the discussions, enriching the discourse on cybersecurity's most pressing and complex issues.
Key Questions Addressed
Be sure to follow our Coverage Journey and subscribe to our podcasts!
____________________________
Follow our RSA Conference USA 2024 coverage: https://www.itspmagazine.com/rsa-conference-usa-2024-rsac-san-francisco-usa-cybersecurity-event-infosec-conference-coverage
On YouTube: 📺 https://www.youtube.com/playlist?list=PLnYu0psdcllS-B9eaPcHUVmy_lGrbIw9J
Be sure to share and subscribe!
____________________________
Resources
The Five Most Dangerous New Attack Techniques You Need to Know About: https://www.rsaconference.com/USA/agenda/session/The%20Five%20Most%20Dangerous%20New%20Attack%20Techniques%20You%20Need%20to%20Know%20About
Learn more about RSA Conference USA 2024: https://itspm.ag/rsa-cordbw
____________________________
Catch all of our event coverage: https://www.itspmagazine.com/technology-cybersecurity-society-humanity-conference-and-event-coverage
To see and hear more Redefining CyberSecurity content on ITSPmagazine, visit: https://www.itspmagazine.com/redefining-cybersecurity-podcast
To see and hear more Redefining Society stories on ITSPmagazine, visit:
https://www.itspmagazine.com/redefining-society-podcast
Are you interested in sponsoring our event coverage with an ad placement in the podcast?
Learn More 👉 https://itspm.ag/podadplc
Want to tell your Brand Story as part of our event coverage?
Learn More 👉 https://itspm.ag/evtcovbrf
The Five Most Dangerous New Attack Techniques You Need to Know About | An RSA Conference 2024 Conversation With Ed Skoudis, Heather Mahalik Barnhart, and Johannes Ullrich | On Location Coverage with Sean Martin and Marco Ciappelli
Please note that this transcript was created using AI technology and may contain inaccuracies or deviations from the original audio file. The transcript is provided for informational purposes only and should not be relied upon as a substitute for the original recording, as errors may exist. At this time, we provide it “as it is,” and we hope it can be helpful for our audience.
_________________________________________
Sean Martin: [00:00:00] And hello everybody. You're very welcome to an on location chats on the road to RSA conference with Sean and Marco. Um, those of you watching will realize Marco's not here. He's like, you know what? This is technical sans stuff. You go have fun. And I said, yes, I'm going to go have some fun with keynote at RSA conference every year.
And I think this is the third or fourth chat we've had. Well, we get to talk about your panel and the things that you get to talk about. Even if we don't get to talk about them, wait, what am I saying? And, uh, first and foremost, though, it's just, it's great to see you on. I'm really looking forward to catching you all in person in San Francisco as well.
So, uh, it's good to have you all back on.
Ed Skoudis: Well, thank you, Sean. We're glad to be here. Very excited about upcoming RSA conference. And, uh, it's always nice to do a little sneak preview with ITSP magazine.
Sean Martin: Uh, love it. Love it. [00:01:00] So we have, uh, Heather Johannes and Ed joining from, uh, from SANS, and I'm going to give them each a moment to kind of share who they are and what they're up to, and then we'll get into, uh, Into the keynote panel.
So Heather, I'll start with you.
Heather Mahalik Barnhart: Okay. Um, I am Heather Mahalik Barnhart. I am D for Curriculum Lead at SANS and Faculty Fellow Instructor Course Author. So very, very busy in SANS. And I'm also a Senior Director of Community Engagement at Celebrite. So all day, every day chasing mobile threats, dealing with different intelligence and figuring out all the scary things that are on all the devices all the time.
So if you think about it, and I say this every year, we're so tied to these things. And the more and more we rely upon them, the bigger the threats become. So that's where I am living every day. Nice
Sean Martin: one. Nice one. That's good. Good to have you on again. Johannes.
Johannes Ullrich: Yeah. My name is Johannes Ulrich. Yeah. I'm the Dean of [00:02:00] Research for the SANS Technology Institute College.
And also a course author and SANS fellow. One of the courses I'm co authoring is web application security. So. Not to give too much away, but there may be something related to that, uh, in my, uh, panel contribution here. And, uh, yeah, I would say, you know, everything is a web application in some way. So, uh, that's what I have here.
Sean Martin: Yeah. And I've, I've, I've often looked at even some of the client apps are. Web apps that look like clients. That's really
Johannes Ullrich: like Heather's mobile apps usually are connecting to some kind of API.
Sean Martin: Exactly. They all look the same now these days. Ed.
Ed Skoudis: Sure. So I'm Ed Skoudis. I'm the president of the SANS Technology Institute College.
Uh, I will be the moderator of the panel and I guess I'm the chief herder of the cats. Um, you know, we've been doing this panel, um, [00:03:00] Well, on the keynote stage for nine years or so, maybe it's 10, maybe it's eight, something like that. And then we've actually been doing the panel at RSA conference, maybe 17 or 18 years.
Um, but then we just kind of, they gave us bigger and bigger stages to do it on. Um, in addition to, uh, working at the SANS college, I am also a SANS fellow. Um, I help, um, you know, Bring on board new instructors and, and coach them. Um, in addition to that, I, uh, I have a consulting firm I call CounterHack. Uh, we're 22 people that does primarily offensive stuff, penetration testing and so forth.
I also am on, uh, the board of directors for the local bank and, uh, I'm on the board of a charity and another college and, uh, things are good. Just really loving this kind of work. Nice.
Sean Martin: And, uh, people may not recognize you. Without, uh, the hat, without a head, without a headpiece hat, without the hat.
Ed Skoudis: I did receive a [00:04:00] gift just last weekend of this hat.
Ooh. Oh wow. Try that on. Look at that. How, how cool is that? Yeah. Yeah. You should run out on stage. I was thinking about it, but uh, yeah, it's brand new hat. A little, little fancy there, but look at that sun off It keeps,
Heather Mahalik Barnhart: it's very Josh Wright.
Ed Skoudis: It is, isn't it? Yeah. Right. Yep. Normally I do a fedora. He usually uses one of these, uh, driver's caps, so.
But it was
Sean Martin: Irish, English, Scottish.
Ed Skoudis: Yeah. Some, something like that. Custom made.
Sean Martin: Nice one. Nice one. Well, fantastic. Well, it's good. Good to have you all on. Um, as I mentioned, and I think where I want to start, uh, I'm sure most folks know that, uh, the whole point of the RSA coverage, RSA conference coverage is to open up the world of.
Cyber security to those who may not already be familiar with it. So clearly my audience sees those and security leaders and practitioners know [00:05:00] whose hands are folks outside of that group attending our safe conference for the first time may not know. So who wants to give us kind of an overview of That and go for it.
Ed Skoudis: Sure. So, um, SANS Technology Institute is sell or the SANS Institute is celebrating its 35th anniversary this year. So that's kind of a big deal. 35 years in information security or cybersecurity. Um, SANS, uh, is a training institute that trains tens of thousands of people per year. Um, we also have many materials and resources that people rely on through the industry.
Um, like our great posters, um, uh, we have various. Distributions for doing analysis of things such as digital forensics or reverse engineering malware. Um, you'll notice in Johannes's background, SANS also has the Internet Storm Center that Johannes runs, which is sort of like an early warning indicator for major events on the Internet, as well as a diary for things that are happening in the lives of incident handlers.
Um, and [00:06:00] SANS also has a college. Um, a lot of people don't realize that Johannes and I are very heavily involved in the college. Heather is, uh, as well. Um, but the Sands College, we have over 2000 students now, roughly half at the graduate level, roughly half at the undergraduate level. So we have master's degrees, bachelor's degrees, as well as certificates, but 2000 students is really kind of an inflection point in the college.
Um, in the college life, it's growing fast, uh, over 25 percent per year. Um, and. One of my favorite parts of my job is working with the SANS college students. So, I mean, SANS does a lot of things, but Training Institute, the college, the Internet Storm Center, and then all those free resources, by the way, which people can access by going to sans.
org slash free. Sans. org slash free. There's all kinds of great stuff there that people can take advantage of.
Heather Mahalik Barnhart: Lots of free tools too.
Sean Martin: Yeah. Yeah. I love it. I'm trying to remember back, I think it was late nineties. We had a bunch of sans posters hanging around [00:07:00] the posters. Great. It's all pretty much wallpaper.
Yeah. You gotta, you gotta have good stuff. All right. So I 18, 19 years of this panel, uh, you're in a spot on the keynote stage, which is really cool. And. For those who haven't listened to the previous episodes, maybe give us an overview of what the, what the history of the panel is, what, why was it started, why was it formed, I should say, and what's the objective and has that shifted over the years?
Ed Skoudis: Johannes, you want to take that? You've been doing this forever with me.
Johannes Ullrich: Yeah, and I think it, uh, it's still sort of true to its origin. It, uh, it's supposed to probably focus on what really the top threats are. It's also supposed to be forward looking. Right. So it's not necessarily just, you know, telling you about, yes, you know, the same thing that everybody's keeps telling you based on what happened last year, but really to project a little bit, uh, ahead of the curve.
And I have to say, if you sort of look back [00:08:00] of some of the topics that we have covered, uh, in the last few years, some of them have become current today or a couple of years after we had it, like, um, I think it was two or three years. We're going to talk about some of the uses of. AI in, uh, some of malware analysis and such.
So that's a hot topic right now again. Uh, and, uh, that's really what the focus, what the panel is supposed to provide. It's that momentum, that energy for you to then go out and look for these new and upcoming things to yourself and inform yourself about it.
Heather Mahalik Barnhart: You know what Katie said last year that I really liked?
We call it like the What do we call it? The deadliest threats, the five deadliest threats, or it's like the scariest threats, but we also teach the best ways to mitigate those things. So even though it sounds like it's almost a doomsday, [00:09:00] it always ends in a positive manner on ways to like, think differently and mitigate and protect yourself and protect your organizations.
So we could always. as eerie, though. Like, learn how to protect yourself from the five threats. But we do. A key thing. We're not going to throw a threat out there and tell everyone to run. We want people to face technology. So that's a huge part.
Ed Skoudis: That's, that's really well said. And it's all practical. It's like, okay, what, what can they do with this?
And, you know, the structure of the panel, I think is, is kind of interesting. It makes it pretty intense for the presenters. Just the, the way that it's laid out. Heather, did you, did you want to kind of describe that? I think people find that interesting. If they haven't. Yeah, it's.
Heather Mahalik Barnhart: It's the strangest type of talk I've ever done in my life.
It is the most pressure. And I would say the first minute is the most pressure. And then you're like, okay, oh, let's calm down. So we usually have, depending on how many people, six to eight minutes. to state [00:10:00] our threat. So we need to tell you what the threat is, why you should be concerned, why we care about it, and how to mitigate it in that short period of time.
And we're all competitive professionals. So we try to stay two door time. It's like a, who nailed it the most, but it's, it's interesting because you're in front of all those people. And you really have to deliver in a short, short period of time.
Ed Skoudis: Yeah. So it's, it's, it's, uh, I moderate then each of our four presenters presents for six minutes and then it's all Q and a, and I remember the first time we were on the big stage.
I mean, there's like 8, 000 people in the room and another 20, 000 on the stream. This is what I heard from. Some of the other sands people who weren't on stage. They said, Ed, you walked out there right to the front of the stage and you looked terrified.
Sean Martin: Dangerous territory.
Ed Skoudis: Yeah, but then you looked up and you smiled and everything just clicked.
And from that point forward, it was just Ed presenting. And that's kind of what it is. When you walk out there, it's like, holy [00:11:00] crap, look at this. And then you're like, oh, I got this. I can only see the first two rows anyway, because the lights are so bright. Totally. It's like that for all of us. The first time when we're up there.
And this year we're going to have, uh, Terrence Williams, his first time up there, and he's going to be awesome. I can't wait. He's a SANS certified instructor, uh, teaches great cloud stuff. And, um, he's also an engineer for, for a small organization called Amazon, perhaps you've heard of them. And, uh, he's going to be awesome.
I'm very excited about his presentation this year. We're also going to be joined by Steve Sims. This will be his second or third year. I think third year. Yeah.
Sean Martin: So you're reading my mind. I guess I was going to ask you to introduce the other two cool cats. Yep. So
Ed Skoudis: Steve said, I am the caterer. He, uh, so Steve Sims is the curriculum lead for, um, the offensive curriculum at SANS.
Um, And then, uh, Terrence is a great instructor [00:12:00] on, uh, cloud, specifically forensics in the cloud.
Sean Martin: Nice. So you kind of kick things into gear 6 to 8 minutes each. Um, you kind of gave the structure of, of the segment, Heather. Um, how do you reach that point? Uh, I presume it's a few days involved preparing, uh, Thinking about this
Heather Mahalik Barnhart: stuff days, months, it's
hard
to, don't you?
I don't know if you guys feel this way, but every news thing that's coming out, that is touching on my topic a little bit. I'm like, Oh no, because you don't want it to become an everyday thing. And everyone on the planet knows about it. And now you're talking about something old. So that's a little bit of pressure, although we never learn our lessons.
And what I talked about six years ago, I could do again. So we didn't learn. So here we go again. Let's talk about it again.
Johannes Ullrich: That would be too depressing, but it starts like six months. Before the [00:13:00] panel, and I think it ends as we walk up on the stage, the last little polish, the last little sentence that you may want to add or remove from the presentation.
It's by far the presentation that I probably prepare and rehearse the most for, uh, among all the, because it's so short and there's this famous saying, like, and if, if I would have had more time to prepare, it would have been a shorter presentation. Uh, and that's so true for. for this presentation because of the impact it also has.
Ed Skoudis: Yeah, I mean it's fun to do though. I think I mean look the six months preparation time That's, that's not super fun, but, um, the whole process, especially when you get to the end, that is, it's kind of fun. It's neat to have this opportunity to share with so many people, um, what we're seeing at SANS. And I think another thing worth pointing out is while we have our four panelists, it is not.
Merely [00:14:00] their thoughts on what we should be talking about. I mean, that's a big part of it. I mean, Heather is dealing day in and day out with threats in the environment that she's seeing in her Celebrite work, seeing as a curriculum lead and fellow at SANS, Johannes running the internet storm center, he sees a whole bunch of stuff.
That's, we get great input from Steve Sims and Terrence Williams and so forth. But also we're hearing from other SANS instructors. Other curricula within sans we're hearing from sans leadership. We're hearing from our students I mean all that stuff gets folded in and we struggle and wrestle with topics for that full six months I think here we are two weeks from the big event Um, and I think we've got our topics down and we've got some initial drafts of all of the presentations Still iteration to be done on that.
Um But from here on in, this is when the process gets fun, um, to bring it to a conclusion.[00:15:00]
Sean Martin: Now what? Right? Yeah. How do we mitigate this? So describe to me what you present, because I mean, the, the, what you do could be extremely broad, right? It could be down to a control at the edge. It could be a configuration that the, that the network layer, it could be put these protections in place. It could be, you have to build your product differently.
It could be. Run your program and your operations differently. Staff your sock differently. I'm naming a bunch of things. Is it any, all of that? Or what, what, what do you kind of
Heather Mahalik Barnhart: it's a little bit of all of the things, even things you can do as. Everyday people to be a little bit more secure and something I think that's really interesting that we never intend to do.
And Johannes, I don't know if you realize this, but we always end up doing it is somehow our threats kind of like intertwine with one another, even though they're completely different. There's something [00:16:00] when we are listening to each other live on the stage. And I'll say, you know what, what Johannes just said actually applies.
And then the mitigation and the steps to prevent also. The same things apply. It's like whatever Johanna says and his. Recommendations could definitely apply to something I say, or Terrence or Steve will say as well. So it's interesting how general tech smarts and thinking things through sometimes can be the solution.
Johannes Ullrich: Like most mitigation sort of have two different components as of the technical thing. You have to change this line of code. Uh, but then there is also the, I call it off the layer eight part, the management part. How do you, how do human actually does that and how do you convince them to do it there? How do you present the threat and all the, some of the weaknesses without sort of not calling someone's baby ugly and, uh, not having them sort of automatically.
against whatever you're proposing to [00:17:00] fix that problem. So, uh, I think, uh, that's sort of where the panel really lives off. And that's sort of what Heather describes. And where some of us sort of look, some is more to human side. Some of us more the technical side of the problem really both have to come together.
Ed Skoudis: Yeah, I mean, I love this panel so much. Just listening to Heather and Johannes talk now. It's like, I want to hear what they have to say. I know that they are fighting the battles. They're seeing this stuff. It's happening right now and kind of getting a glimpse of what happens next. So these are the people that that I turn to.
And I think we, a lot of us turn to. To say what's coming next. Where should my attention be? There's so many different things happening in this industry. You know, cloud AI, the evolving attack surface and attack methodologies. It's like, what, what do I need to worry about next? And how can I be practical on that?
And when Johannes and Heather and Steve and Terrence start talking. That's, that's where the magic happens.
Sean Martin: I'm a,
I'm
a nerd for [00:18:00] risk cause you, you don't just jump to mitigating compensating controls, right? You have to understand how does this risk impact me now? And you're looking into the future. So how does it impact me in the future?
And how do we fold that into all the other stuff that I have to worry about? Do you touch on any of that in terms of. How organizations or individuals as well should look at this from a risk perspective.
Heather Mahalik Barnhart: I think so. And I don't know if you guys want to chime in or not, but I think we try to make every risk we talk about and all the threats we talk about relatable in some way that people are like, Oh yeah, that could happen in my organization or even kind of demonstrate how it happens.
Like how easy it can happen and I think when people see it on the screen and actually play out as we're talking about it It sometimes clicks a little bit in their head.
Ed Skoudis: I think you're right Yeah, and and also the different levels at which these risks manifest [00:19:00] themselves uh, the neat thing about this panel is it deals with some risks that are society wide Right.
It also deals with some risks that are enterprise centric, and then it deals with some risks that are personal. So, and you'll see as we go through the five different, um, attack types that there are some at each of those different levels and some span multiple levels with, I mean, we get a lot done in a 45 minute talk.
Remember, it's six times four. Right. So six minute talks and there's four of those. That's 24 minutes. Plus there's like two minutes up front where we have to introduce everybody. So now we're at 26 minutes and then, uh, 18 or so precious minutes of Q and a. Um, so I, I, I do hope people will check it out.
It's going to be at, um, 415 pacific time on Wednesday, May 8th, and it'll last for 45 minutes. And we try to give you a lot of stuff in 45 minutes. Make sure you take notes. Um, I think, I think people will like it.
Sean Martin: Jam [00:20:00] packed. Who's in the room? Usually practitioner to executives.
Ed Skoudis: Yeah. And they will stream it live.
So if somebody's not there at, you know, Moscone center in San Francisco, it will be live streamed in real time. So, but, but really it's, we try to write this for everybody. There is a technical bent to it, but as Heather mentioned, there's also sometimes a practical personal bent to it as well. And organizational we're, we're trying to cover a lot of bases, but to do it, well, you know, you can cover a lot of bases and not be very deep, but we're trying to cover a lot of things with a level of depth, um, that, that will make everybody learn something.
Sean Martin: I love it. You know, we've reached, we've reached the point. Of this conversation where you get to share your secret sauce.
Ed Skoudis: Who wants to go first? It depends what you mean by secret sauce. If the secret sauce is one of the five, you're not allowed to say one of the five. Come on. What are the [00:21:00] five? Yeah, I'll buy you a nice hat.
But maybe we could talk about how we choose the five and let me start and then and then I invite Johannes and heather to to to talk about maybe even how
Sean Martin: do you do five with four people? That's
Ed Skoudis: One person gets two one person gets two and uh You know, this year, uh, Johannes already topics. Um, and so that that's one thing right out of the gate.
The real secret sauce of this panel that's, you know, we're 18 years in and eight or nine years on the big stage. It's the people behind the panel. It's these panelists. It's Heather, it's Yohannes, it's Steve, it's Terrence. You start out with really great people who have their finger on the pulse of the industry and say, what are you thinking about?
What is worrying you? What are you dealing with? That's the start. And then we pull them together on conference call after conference call every three or four weeks for six months. And what happens there, Johannes, Heather, you want to add the next level down? [00:22:00]
Johannes Ullrich: Yeah, and I think, um, you know, the people behind the panel and then the people behind the people on the panel, all of us are teaching all these classes, like 10, 000 students.
None of us is teaching 10, 000 students, but we, we teach a lot and teaching is always that two way street, uh, while you're talking to your students, you learn about their problems and you, you start seeing patterns, uh, for me, also like with, Um, uh, storm center, seeing all the data we are collecting and seeing the questions that come in about the data, what are people looking for, what I bring some, and I think that really sort of starts getting things into focus.
And then of course, yeah, on conference calls, bouncing off ideas and seeing at our header cringe or. Smile, uh, to provide some feedback on whether or not that may be a topic that actually resonates.
Heather Mahalik Barnhart: I would [00:23:00] say this is the first year that I was like, I know exactly what I need to speak on. Every other year I'm like, Oh no, I need three ideas.
And I'm trying to like scramble and think of things that the panel will approve. But yeah, this year, I don't know. I shouldn't say I got lucky, but one was like glaring that people were struggling with. Then I tried to. Focus on what are people truly calling me for help? Like I have this thing and I don't know what to do.
How did this happen? What can we do now? So that's where I try to channel and yeah, that's it's tough though
Ed Skoudis: Four months ago heather said I want this topic. I think this is important and you know, we said really why you know How are you going to address it this and that it went up to sand senior management and they're asking a bunch of questions about it So it really is this refining process and you know You Heather's going to make an amazing presentation about this topic.
Whatever this topic is, we're not allowed to say. What is it? Nice. [00:24:00] It's an intense topic. I'll tell you that. But I mean, you know, some of these things, while we can't say the specific topics, cause we're not allowed to, but I mean, you will see things associated with the latest, Cloud attacks, the stuff that the Internet Storm Center is writing up on a regular basis.
You're gonna I'll bet you see a little bit a I sprinkled in here and there because it's but it's various other attacks to which attackers are, you know, marrying a I to it to make themselves even more lethal. So you'll see things along those themes, but the specifics, well, you'll have to tune in. I mentioned it May 8th, 4.
15 PM Pacific daylight time.
Sean Martin: So local time in San Francisco.
Ed Skoudis: Oh yeah.
Sean Martin: All right. So you're not going to tell me what the topics are.
Ed Skoudis: But you kind of, kind of see the, the, the forest and we'll show you five treats that.
Sean Martin: There you go. There you go. I'm going to put this, cause we wrap here. I'll put this question.
One of you can answer. All of you can answer. [00:25:00] Hopefully at least one of the answer. Um, somebody enjoying the presentations and the Q& A that follows. How can they leverage what they hear from you to redefine cyber security?
Heather Mahalik Barnhart: Oh, that's a good one. Maybe so we do, and this is a little bit of a giveaway, but if they've watched previous ones that it's not too bad of a giveaway, but at the end, Alan used to ask us and Ed continued their tradition on what's a key thing that everyone should take away is something to learn and implement immediately.
So I would say we immediately give those items. Right away, but even the people that approach you after I know on LinkedIn and all social media and through email, people reach out all the time saying, thank you. I have now fixed this thing or even ask you for follow up. Keynotes or talks or recommendations.
I [00:26:00] know after my one last year, I ended up doing all kinds of tip sheets for parents and securing generations. And because I talked about fishing my son, but people are like, what about our parents? Yeah. I was like, Oh, I actually didn't think about my dad. It's actually a really good point. He's a really easy target.
So I think follow up questions and asking us for more is always. That's a good idea. And I think any of us would definitely be open to it.
Ed Skoudis: We are for sure. Johannes, what do you have to add to that? That was great, Heather.
Johannes Ullrich: Yeah, no, I think it's the focus kind of these are threats that you should worry about that you should go out and learn about.
There's always so much to learn in information security. And, uh, you have to zoom in on the threats that matter. And I hope that at least some of the threats that we'll talk about will be threats that matter to you. And you getting proactive and learning about these threats before they become a huge issue to you, uh, will hopefully help you.
Ed Skoudis: Yeah. And, and, you know, I'd mentioned earlier people [00:27:00] taking some notes on this. Um, in addition, we do a little write up that we share with the press, um, so that they can do their write ups on the things hoping to minimize misinterpretation of what we say. Cause it's, you know, just, it's natural, you know, people hear things and they interpret different ways, but we, we do a paragraph or two on each of the five topics that we share with the press and then they can use that however they want and adapt it into their work.
So. Even if you don't take good notes, you'll probably see some pretty good press write ups. And by good, I mean they're accurate to what our intentions were. We don't tell them what to write, but we say, hey, here's, here's the detailed topic and the areas of concern in it. And then they write their own materials from it, but we provide that to them.
Um, and then, you know, as Heather said, the follow up afterwards, we welcome that. That's fantastic.
Sean Martin: Well, I, I love this group. Thank you. I love the other two cats, cool cats. Um, this keynote, It was fantastic. I appreciate you all joining me [00:28:00] every year to kind of give a preview, even if you won't spill the tea.
And just to kind of wrap what you all just describe, and I appreciate you, uh, you're responding to that question. So it's about engagement, continued conversation, the community where possible, um, taking action, right. Leveraging, leveraging what you hear and see and have conversations around and putting it to practice.
And no surprise. with instructors and teachers. Uh, continued learning, right? Um, I think that's, that's the most thing. Don't, don't sit stagnant, take, take action and, and engage with others like this. So I want to thank you all for joining me today. Look forward to seeing you in San Francisco and catching the keynote as, uh, as Ed said, May 8th or 15 PM local time there.
And, uh, hopefully everybody, uh, fills the [00:29:00] room, fills the stream with goodness.
Ed Skoudis: Thank you, Sean.
Heather Mahalik Barnhart: Thank you so much for having us.
Ed Skoudis: We appreciate it.
Sean Martin: Absolutely. Absolutely. And everybody watching, listening, thanks for joining us. Our chats on the road to RSA conference. Uh, and please stay tuned. I think as many conversations we've produced thus far, we have as many coming in the next two weeks.
So, uh, lots of great conversations with keynotes, amazing people like this. And I appreciate you all for staying tuned and we'll see you all in San Francisco.