ACSAC 2019 Program

Thursday, 12 December 2019
10:30 - 12:00

Laguna I

Moderator: Daniel Faigin, Senior Engineering Specialist, Cyber Operations and Resilience Department/Cyber Security Subdivision, The Aerospace Corporation SLIDES

Panelists:
Michael Ekstrom, Senior Cybersecurity Engineer, NIST/NCCoE – MITRE SLIDES
Peter Wong, Director of Market Research, The Soter Group
José L. Quiñones-Borrero, IT Director, School of Medicine, University of Puerto Rico

Abstract:
Is ransomware an information availability problem, an information integrity problem, or a people problem? Following existing security guidance, framing the problem incorrectly may lead you to overlook critical information assurance protections. The panelists will expose that gap then discuss how resource-constrained local governments and small businesses should frame the problem for greatest effect.

Bios:

Michael Ekstrom is a Senior Cybersecurity Engineer at The MITRE Corporation, currently working at the National Institute of Standards and Technology’s (NIST’s) National Cybersecurity Center of Excellence (NCCoE). He holds a bachelor’s degree in computer science from the University of Maryland with a minor in Applied Cybersecurity. He is a CISSP Associate and is currently working on the Securing Property Management Systems for the Hospitality Industry Project as well as all four of the NCCoE’s projects in the data security track.

Peter Wong, the Director of Market Research at The Soter Group, provides research and strategic analysis of the Federal cybersecurity market for a variety of clients, including Fortune 100 companies and security technology companies. Within the cybersecurity field, he has focused on areas such as deep packet inspection, multi-level security, cyber threat intelligence, critical infrastructure protection, and advanced analytical tools. Most recently, he has been supporting the National Institute of Standards and Technology (NIST) and U.S. Department of Homeland Security Science and Technology Directorate's (DHS S&T) Global City Teams Challenge / Smart and Secure Cities and Communities Challenge (GCTC/SC3) and the efforts to integrate cybersecurity and privacy into the design and implementation of Smart City deployments. He was previously a Director at Civitas Group, where he focused on market research and consulting within various homeland and national security markets, including cybersecurity and the Comprehensive National Cybersecurity Initiative (CNCI); intelligence, surveillance, and reconnaissance (ISR); biometrics; and border and transportation security.

José L. Quiñones has 20+ years of experience in the Health and Education IT field, holds a Bachelors in Science in Electronic Engineering Technology from the University of Puerto Rico and holds various professional certifications in systems administration area such as HIT, MCP, MCSA, and RHCSA, but also in the IT security field such as C|EH, C)PEH, GCIH, and GPEN.
For the last 12 years, Jose has worked as CIO the UPR, School of Medicine, but also works as an independent consultant in IT infrastructure, Cloud and Cybersecurity architecture. Jose has developed curricula, courses, and workshops in Software Development, IT Operations, and Cybersecurity but also teaches professional certification courses such as CompTIA, Microsoft, EC Council, and Mile2. Also is the Technical Advisor and Instructor for Engine 4 Corp’s IoT Lab, IoTeen Bootcamp, IoT Academy, and Bayamon Smart City Program.
He is President/Co-Founder of Obsidis Consortia, Inc. a non-profit organization whose mission is to promote the professional development of information security for IT professionals, students and enthusiasts, and security & privacy awareness to the general public. Jose runs the local security community user group “Defcon Group 787”, is the head organizer of “Security B Sides Puerto Rico”, designs Network Security Training Scenarios and Simulations (Capture the flag events) and Hackathons, is the host of a cybersecurity podcast in Spanish called “La Resistencia .IO” and runs a personal blog about systems administration and information security CODEFidelio.org. Finally, he has presented in University Forums, Professional Associations and Hacker Conferences such as Security B Sides, Defcon and Derbycon.