This preeminent cyber resilience event takes a “whole community” approach, bringing together the private and public sectors, owners and operators, cybersecurity experts, students, and community members to network and train together to defend our infrastructure from ever-evolving cyber threats. The event is hosted by the University of Oregon and the Technology Association of Oregon (TAO) in partnership with the Cybersecurity and Infrastructure Security Agency (CISA) of the U.S. Department of Homeland Security (DHS), the Federal Bureau of Investigation (FBI), and the Oregon TITAN Fusion Center (OTFC), as part of National Cybersecurity Awareness Month.

About the Summit

Cyber threats represent some of the most significant challenges to national security, our economic systems, and our basic way of life. Cyber risks affect all sectors: critical infrastructure, power and energy, banking, higher education, and many more. The interconnectedness of all sectors of our community causes cyber incidents in one area to affect the whole community. Consequently, to successfully defend our way of life, it is paramount that we work together to defend our cyber world.

This year we are pleased to announce that Deloitte will be conducting two cyber capture the flag competetions for teams of 1 – 3 people.

The Goal: The goal of each challenge is to find the “flag” which is a string of text.  The flags for each challenge are submitted on the Deloitte site in order to receive points.

The Scoring: Challenges award varying amounts of points depending on difficuilty.  The teams with the most amount of points at the end of the competition wins.

Event Overview

Day 1: Capture The Flag Competition Hosted by Deloitte — new for 2020!

• Date: Tuesday, Oct. 13
• Time: 9:00 AM – 1:00 PM (4 hours)
• Location: Deloitte Virtual Event

Day 2: Capture The Flag Competition Hosted by Deloitte

• Date: Wednesday, Oct. 14
• Time: 12:00 PM – 4:00 PM (4 hours)
• Location: Deloitte Virtual Event

Day 3: Main Oregon Cyber Resilience Summit

• Date: Thursday, Oct. 15
• Time: 8:30am-4:00pm
• Location: Zoom (Virtual Event) Links will be provided with completed registration

Who Should Attend

• Cybersecurity, IT, and audit leaders, including CISOs, CIOs, CTOs, CAEs, directors, managers, and supervisors
• Cybersecurity, IT, and IT audit professionals from all 16 critical infrastructure sectors
• Emergency response leaders and professionals
• University, Community College, and High School students, faculty, and staff
• Leaders and professionals from public and private industries with supervisory control and data acquisition (SCADA) systems and industrial control systems (ICS)
• Attorneys dealing in cyber law and cyber response

Program for Oct. 15

Tracks

Day 3 of this year’s Oregon Cyber Resilience Summit (Thursday 10/15) will feature three tracks:

• Track 1: Cyber Physical: Security in the “Internet of Things” (IoT), including threats targeting individuals and institutions. Threats and vulnerabilities affecting the power grid and other critical infrastructure and industries.
• Track 2: Technical: Technical insights into well-known attacks and how they were carried out or how the culprits were caught. Includes topics such as malware defense and introduction to the dark web.
• Track 3: General Security Awareness: Overview of threats such as social engineering, malware, ransomware, sexploitation, and data harvesters. Basic tools for everyone to protect themselves.

Detailed Agenda

Subject to change.

Tuesday 10/13/2020

• Capture The Flag Competition, Day 1, Conducted by Deloitte

Wednesday 10/14/2020

• Capture The Flag Competition, Day 2, Conducted by Deloitte

Thursday 10/15/2020 (Summit Main Session)

• 9:00 – 9:10 – Welcome and “Capture The Flag” winners announcement
  • Leo Howell – Chief Information Security Officer, University of Oregon
  • Chass Jones – Protective Security Advisor, Cybersecurity and Infrastructure Security Agency, DHS
• 9:10 – 9:30 – Opening Remarks
  • Patrick Phillips – Provost and Senior Vice President, University of Oregon
• 9:30 – 10:00 – Keynote Speaker
  • Christopher C. Krebs, Director of The Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA)
• 10:20 – 11:15 – Breakout Session 1
  • Track 1 – Cyber Physical – “Security in the “Internet of Things” (IoT)”
    • Shimon Modi – IoT Subject Matter Expert, Elastic
  • Track 2 – Cyber Technical – “Security Assessments, Adopting Zero Trust and Implementing Security Controls”
    • Chad Lumsden, Senior Security Field Solution Architect, CDW-G
  • Track 3 – General Security Awareness – “Double Trouble – The Growing Trend of Ransomware combined with Data Leaks”
    • Christian Rencken, Strategic Threat Advisor, CrowdStrike
• 11:15 – 11:30 – Networking Session
• 11:35 – 12:30 – Breakout Session 2
  • Track 1 – Cyber Technical– “External/Internal Attacks, Techniques and the Human Component”
    • Garrett Ronning Consulting Engineer Information Security, CDW
  • Track 2 – Cyber Technical – “Modern Malware Exposed”
    • Zach Forsyth – Security Specialist – Juniper Networks
  • Track 3 – General Security Awareness
    • Theresa A. Masse, Cyber Security Advisor, Region X (Oregon), Cybersecurity and Infrastructure Security Agency, Department of Homeland Security
• 12:30 – 1:25 – Panel Discussion – Jessie Minton Viceo Provost for Information Services and CIO Panel Monderator
  • Gary Johnson, Chief Information Security Officer (CISO), State of Oregon
  • Benner Greer, Director of Information Security, Bill and Melinda Gates Foundation
  • Theresa Masse, Cyber Security Advisor, Region X (Oregon), Cybersecurity and Infrastructure Security Agency (CISA), Department of Homeland Security
  • Joe LI, Professor, Computer and Information Science, University of Oregon
  • John Jacobs, Vice President, Global Soutions Architects, Fortinet
• 1:25 – 1:35 – Networking Session
• 1:35 – 2:30 – Breakout Session 3
  • Track 1 – Cyber Physical – “Zero Trust: What it really means, and how to get started”
    • Steve Caimi Cisco Public Sector Cyber Security Specialist
  • Track 2 – Cyber Technical – “The playbook/heatmap based threat intelligence approach”
    • Derek Manky, Sr Director Security Strategist, Fortinet
  • Track 3 – General Security Awareness
    • Stephen Roberts (PD) (FBI), Supervisor Special Agent, Federal Bureau of Investigation
• 2:30 – 2:45 – Networking Session
• 2:45 – 3:40 – Breakout Session 4
  • Track 1 – Cyber Physical – IoT Security
    • Dr. May Wang, VP of IoT Security Paloalto Networks (and Founder and CTO of the former Zingbox)
  • Track 3 – General Security Awareness – Panel Discussion “Job Opportunities in Cyber Security” – Technology Association of Oregon (TAO)
• 3:40 – 4:00 – Closing Remarks
  • Leo Howell – Chief Information Security Officer, University of Oregon