Paul Schaaf

Electronic Crimes - FBI - Federal Bureau of Investigation

Special Agent Paul M. Schaaf is a Cyber Agent assigned to the FBI Phoenix Division. SA Schaaf has a Masters Degree in Computer Information Systems and Bachelors Degree in Finance. SA Schaaf worked in computer systems in the financial sector before joining the FBI in 2003. SA Schaaf has worked Cyber, Civil Rights, Fraud, Extortion, Intellectual Property and Innocent Images cases in his career. SA Schaaf has the unique distinction of having the first Spam Case go to trial which involved an international spam operation that operated out of 4 countries. 

“Intrusion, It Could Never Happen to Me”

Erik Graham

MSIA, CISSP-ISSAP, CRISC, CISM, Principal Information Security Engineer – General Dynamics C4Systems

Erik is responsible for protecting the confidentiality, integrity, and availability of General Dynamics' information assets from a wide range of risks. Erik has been working in the computer industry for over 18 years with over 15 years directly focused on computer security / information assurance.Currently he is working on the security related to several technologies to include cloud computing, network protocol assessment, reverse engineering, and the insider threat (data exfiltration / covert channels). Erik has a Bachelor of 
Science from the University of Phoenix, a Master of Science in Information Assurance from Norwich University and holds 
multiple industry certifications. Presentation Title and Abstract:

“Top 5 Current and Emerging Security Risks”

With every passing day the challenge of protecting information systems increases.  Information systems are becoming more 
complex which in combination with users who want more functionality with greater ease of use leads to an ever increasing 
risk.  Staying current on security risks is critical to the protection of those information systems.  In this presentation we will cover the top 5 current and emerging security risks and more importantly what you can do to limit their impact on your information systems. 

Eric Rossitto

Regional Sales Director for the Southwest – Imperva, Inc. 

Eric supports all current customers as well as provides solution recommendations to new customers in the territory dealing with data security, auditing, and compliance requirements. Eric has extensive experience in recommending solutions that meet security and compliance guidelines such as SEC, PCI, HIPAA/HITECH, and Sarbanes Oxley.  Previous companies include Fortinet, Breach Security, eEye and Akonix.  He is a graduate of the University of San Diego. Presentation title and abstract:

“Imperva's Web Application Attack Report”

As a part of our ongoing Hacker Intelligence Initiative, the Imperva 
Application Defense Center (ADC) monitored and categorized more than 10 million individual attacks across the internet over a period of six months, December 2010 through May 2011. This research encompasses attacks witnessed via onion router (TOR) traffic as well as attacks targeting 30 different enterprise and government Web applications across various industry segments:  e-commerce, online services, web search, banking, communication, entertainment, marketing and technology. 
Imperva also extracted insights about global security trends from the data analysis and provided recommendations for thwarting new and growing threats and improving web security 

Brett Scott

Chief Technology Officer - LiveSquare Security 

Brett is one of the nation’s premier experts in Cybersecurity protecting high volume database oriented systems via the Internet. Mr. Scott has taken concepts to products via the web for many major projects. As a veteran of 24 years in the technology industry, Mr. Scott has experience with quality practices like Six Sigma, the design, development, and implementation of major projects including textural data, image data, voice data and video data as well as financial tracking of all projects. Mr. Scott has recently directed the revamping of a major internet provider of high volume product delivery. This project included the entire process from qualifying the customer’s suitability for the product through the fulfillment of the delivery of the product to the end user. Presentation title and bstract:

“Proactive Defense Network”

Cyber warfare is considered one of the greatest threats to the United States. Each year, US businesses lose 40 to 50 billion dollars to intellectual property theft. Many businesses make the mistake of believing they are not a target. It is likely that this belief is the strongest contributor to the continuation of the greatest grand 
larceny in human history. Most business owners would be shocked at the sophistication, investment expense, and fanatical dedication to stealing US economic and military secrets, data, and intellectual property. Emerging countries are skipping decades of research and process refinement by simply taking what US businesses are failing to protect. The consequences are severe, and the damages to the future of the US economic system have yet to be fully felt or understood. If US businesses do not stem the massive economic losses, the consequences will be disastrous. 

Benjamin Stephen  

Director of Incident Management

FishNet Security

 “Anatomy of an Exploit” - why conventional security procedures do not work.

Kim L. Jones

Information Security Engineer – General Dynamics C4Systems

Kim L. Jones has over 20 years of experience as a security professional. He has developed and implemented global security practices for companies in many different industries, and spent a total of 7 years as CSO/CISO for two global companies. Currently, Jones is a member of the ISSA CISO Advisory Council. He holds a Bachelors Degree in Computer Science from the U.S. Military Academy (West Point) as well as Masters Degree in Information Assurance from Norwich University.