Moving to a more distributed workforce changes the risk profile for a company, opens up new attack vectors, and places new burdens on those trying to defend the enterprise. A distributed workforce also changes day to day business interactions at both technical and operational levels.
In this webcast, Tom Steele, Zach Lanier, and Michael Robbins discuss these risks from both attacker and defender perspectives, and how their tools, techniques, and controls have evolved with the changing workforce landscape.
Tom Steele has over 10 years of experience performing adversarial and research-based security assessments. Tom is the author of Black Hat Go and a maintainer of many open-source projects. Tom's focus at Atredis Partners is building and leading offensive capabilities and operations as well as application and software security. Outside of tech, Tom is a black belt in Brazilian Jiu-Jitsu and competes nationally and operates his own gym in Idaho.
Zach Lanier leads and executes highly technical software security, network, and application assessments, as well as complex reverse engineering and exploit development projects, focusing primarily on embedded and IoT/IIoT platforms. Zach has performed extensive security research in a variety of targets, including security products (such as Data Loss Prevention and endpoint / antivirus products), mobile / embedded / IoT platforms such as Android, QNX, BlackBerry, and proprietary operating systems, mobile carrier networks, and esoteric hardware such as electronic voting machines.
Michael Robbins leads and contributes to security projects for Atredis Partners that include system risk assessments, risk management program development, internal control design assessment and process optimization, information security program reviews, and regulatory compliance readiness assessments. He has relevant experience covering regulations, industry specific and best practice frameworks including CCPA, CIS Top 20, CSA, GDPR, HIPAA, ISO 27001/2, MAR, NIST CSF, SOX, etc. Michael focuses on building lasting relationships with clients, understanding their risks/issues, making actionable recommendations and helping obtain leadership buy in.
Tim Boswell is a Security & Risk Solutions Architect for ServiceNow, and prior to that role he was the Senior Manager of Security Operations within ServiceNow. Tim spent the past four years building, maturing and optimizing ServiceNow's internal Security Operations Center into a global operation, charged with defending both the corporate enterprise infrastructure and the private cloud infrastructure that hosts customer instances and their data. Prior to ServiceNow, Tim built and managed the security program at Stanford University, and before that he worked as a consultant at RSA Security helping organizations build and improve their security operations and programs. Tim got his start in cyber security as a service member in the US Army and held various positions, mostly centered around incident response and other blue team functions.