Speaking Engagements

This page provides a snapshot of speaking engagements had the opportunity to give about the work that I do in network security and data analytics.

Slide 1 – Intro of Behavior Analytics

September 2009 in Washington, DC

Introducing Behavior Analytics to the Cyber Security Community for the 1st time in 2009: Washington, DC

I got up at my turn, in front of audience of 600, only to find out my presentation disappeared from the shared laptop… benefits of wearing a lanyard with a USB and backup of presentation. This work started out in 2006, with a SBIR contact with DHS.
This was my entree into advocating, becoming a thought leader, in the use of behavior analytics to network security to anticipate cyber threats. To flip the current approach, focusing on assets, the threat itself, and to disrupt our current thoughts on network defense, creating data lakes rich for modeling. This lecture was formative for me, in that it opened so many doors, to allow me to be a thought leader and spread the approach to better protect our nation.

Slide 2 FloCon

January 2010 in New Orleans, LA

FloCon 2010: DMnet: A Behavioral Analysis System Supporting Trust Measurements

New Orleans opened up my eyes to the many uses of network flow in network defense. We used network flow to uncover abstract behaviors. Aggregated behavioral analysis provides an enabling technology through which weak-signal threat detection and over-the-horizon cyber-defense solutions can be created. By using trust as a metric, the system is able to provide an abstract means through which threats can be identified and information can be shared between various sensors and detection systems. The trust model allows for the measurement of trust through a set of concurrent behavioral analysis strategies. The trust measurements can help the analyst focus their attention on threats that are important to their specific needs and not get flooded with meaningless alerts, and data

Slide 3 CSIIR ORNL

June 2010 in ORNL, Oakridge, TN

CSIIRW 2010, ORNL, The Need to Consider Object Identity and Behavioral Trust (with Provenance) in the Protection of Smart Grids

At ORNL, in 2010, I met some amazing women and men trying to protect infrastructure. I was given a tour of one of the most powerful computer systems in the world… . My goal was to simply start to shift the focus of CPS defense to fusing both physical and network objects with their behaviors. This viewpoint is still evolving today!

Slide 4 – MIT Lectures

Multiple lectres in Cambridge, MA

Lecturing on Behavior Analytics at MIT

I have had the wonder opportunity to talk about some of my work on network behavior analytics at MIT. One thing a really enjoy when I have an opportunity lecture about this work, is start with the simple idea of looking at the data differently, transforming it first, then model…
https://vimeo.com/105563432

Slide 5 – MIT CIO Panel

November 2011 in Cambridge, MA

Lead a Panel Discussion at MIT Sloan CIO Symposium: New Trends in Cyber Security and Privacy Protection

This panel discussion is all about global supply chains, and the increased coupling between systems, and attack surfaces.
https://www.youtube.com/watch?v=OEx5prO1XHM
It focused on both ends of the spectrum: cyber policy, and technology evolution. Organizations must continue to posture IT infrastructures for greater vulnerability and threat reduction, deterrence, incident response, international engagement and business resumption.
This panel addressed how policy must continue to remain dynamic for security and operations within cyberspace, as well as, new trends in strategy, process and standards from industry and academic perspectives.

Slide 6 Backus

March 2012 in Norwich, CT

Patient Safety Day at Backus Hospital: Critical Decision Making and Cyber Security

This lecture talked about the current threat landscape in 2012, touched on supply chains and how it pertains to healthcare industry. The overall focus on was patient safety, connectivity of biomedical devices, and Information Assurance. Backus has great facilities and a hardworking workforce.

Slide 7 – ISRCS

June 2013 in San Fransisco

In 2013, at the ISRCS, I talked about Behavior Analytics, Trust and Defending Cyber-Physical Systems

At the Cyber Security and Information Intelligence Research Conference in 2013, in Saf Fransisco, CA, I started to apply multi-domain data fusion combining both network and physical behaviors to make sense of these complex systems. The evolutionary approach has paved the way for research and development to move the initial approach of behavior analytics into the CPS domain. It built off of the thoughts I shared down in ORNL in 2011 on trust and CPS defense. This was just a beginning to some exciting work!

Slide 8 – NATO

August 2013 in Tallinn, Estonia

CYCON 2013, NATO CCDCOE: Behavioral Analytics and Modeling

This lecture and trip Estonia was really inspiring. I met up with some past associates from the Atlantic Council, and listened on to a fellow lecturer General Kieth Alexander. I introduced one of the first behavior primitives, beaconing behavior, that we started to classify with a support vector machine based on ground truth data we have been collecting over the years. This work was formative in laying down the groundwork in fusing both cyber and physical data, establishing a multi-domain situation awareness capability. At this point in the project the POC was ready to be used to extract multiple primitives using a set of modeling techniques. During lectures i had the wonderful opportunity to tour Tallinn, the birthplace of Skype, climb into some castles that were built during Middle Ages, walking up worn stone steps, grabbing a small glass of wine hanging out on a balcony.

Slide 9 – Innovation Summit, Chicago

November 2013 in Chicago, IL

Innovation Enterprise Summit: Anticipating the Cyber Threat: Are We Looking at the Data the Right Way?

I was sandwiched between lectures delivered from LInkedin and Trulia, with Google ahead of my presentation…, I had some shoes to fill. Such a great experience to be in such a lineup, from a very small company. You can see some of the presentation incorporated in my MIT lectures links… otherwise you can get a free trial from Innovation Enterprises to the lecture itself.
https://ieondemand.com/presentations/anticipating-the-cyber-threat-are-we-looking-at-the-data-the-right-way