Art into Science - 2019

A Conference for Defense

When

Jan 30, 2019 – Feb 1, 2019
Talks will begin at roughly 9:00am CST

Where

Dell - Round Rock
200 Dell Way, Round Rock, Texas 78682

Free but Limited to 300 Seats Only

Register Now

ART INTO SCIENCE IS A CONFERENCE FOR DEFENSE, ORGANIZED BY DEFENDERS.

Many conferences out there glorify the attacker, we want a conference that glorifies us!

ACoD goals:

Push the Art to a Science: Creating a Professional Discipline

To mature our practice, we need to be able to share our methodologies in a systematic and consistent way.

We have many professionals in the security industry, but do not have a professional discipline. We'd like to philosophically discuss concepts in security, push them forward, and model them.

Glorify the Defense: Tools, Techniques, and Ideas People Can Leave the Conference with and Implement

Security conferences glorify the attacker, and accept attack-oriented talks. We'd like to put defense on a pedestal and take in talks that interest us - operational talks on defense.

As a field, we need practitioners to offer implementable ideas and or reference implementations to reduce the amount of work that someone has to do to implement what they learn.

ACoD is a working conference

In the "Glorify the Defense" (operations) track we will have talks of interest on various investigations and case studies on the one hand, and tools and ideas used to defend our environments on the other.

The "Push the art into a science" (philosophy) track will be dedicated to working tracks, where the members introduce their own concepts, and then discuss specifics. Most importantly, finish the day with a summary that can be used to push our field into the future.

We want to get more out of ACoD:

Often, the best value we as attendees get out of a conference is personal relationships that form. We'd like to generate more of this value.

Some of us are introverts, some are shy. Regardless, it is hard to meet too many people in conferences, and see how we can help each other. We will work to address this by building more discussion into the agenda, such as networking opportunities, small working groups, and other similar ideas, into the DNA of how the conference will run.

Get to Know Our Convention!

Not sure if Art into Science is for you? Check out our Youtube channel below to view presentations from last year's conference, or follow us on Twitter to stay up-to-date with the latest news from the Art into Science conference!

 

Additional Information and Agenda

Art into Science Recognizes the followingCode of Conduct. Additionally, the 2018 Art into Science Agenda can be found here! Videos of our ACoD 2017 and 2018 conference presentations can be found on our Youtube Channel: https://www.youtube.com/channel/UC4EhrLEDYKuuwdTvGWVgiEQ  

Our CFP is now open.  Authors, please submit your presentation on the ACoD 2019 EasyChair site.

Conference Staff

Gadi Evron

Chairman

gadi-evron
Gadi is CEO and founder of Cymmetria, a cyber security startup, Chairman of the Board of the Israeli CERT and Founding Chairman of the Cyber Threat Intelligence Alliance. He is widely recognized for his work in internet security operations and global incident response, considered the first botnet expert. He was previously VP of Cybersecurity Strategy for Kaspersky Lab and led PwC’s Cyber Security Center of Excellence, located in Israel. Prior to that Gadi was CISO for the Israeli government Internet operation, founder of the Israeli Government CERT and is a research fellow at the Yuval Ne`eman Workshop for Science, Technology and Security, at Tel Aviv University, working on cyber warfare projects. Gadi authored two books on information security, organizes global professional working groups, chairs worldwide conferences, and is a frequent lecturer.

Jeff Moss

Head of Program Committee

Mr. Moss advises companies on security issues, both, electronic and physical, as well as speaking globally on the topic. He sits on several advisory boards helping enterprises make informed decisions on cyber risks. In April 2011 Mr. Moss was appointed as the Chief Security Officer for the Internet Corporation for Assigned Names and Numbers (ICANN), a non-profit whose responsibilities include coordinating and ensuring the security, stability and resiliency of the Internet’s unique global identifiers as well as maintaining the root zone of the Internet. This position involved managing the IT security of the ICANN networks and information systems, the physical security of ICANN facilities and meetings, and ensuring that ICANN meets its security and resiliency commitments to the multi stake holder community that oversees ICANN. This position involved extensive international travel and coordination with governments, law enforcement, and operational security communities in support of discussions around Internet Governance and security. Mr. Moss left this position at the end of 2013. Moss is the founder and creator of both the Black Hat Briefings and DEF CON, two of the most influential information security conferences in the world, attracting over ten thousand people from around the world to learn the latest in security technology from those researchers who create it. DEF CON just had its 21st anniversary. Prior to creating Black Hat Briefings, Jeff was a director at Secure Computing Corporation where he helped establish their Professional Services Department in the United States, Asia, and Australia. His primary work was security assessments of large multi-national corporations. Jeff has also worked for Ernst & Young, LLP in their Information System Security division. Because of this unique background Jeff is uniquely qualified with his ability to bridge the gap between the underground researcher community and law enforcement, between the worlds of pure research and the responsible application of disclosure. Jeff is currently a member of the U.S. Department of Homeland Security Advisory Council (HSAC), providing advice and recommendations to the Secretary of the Department of Homeland Security on matters related to homeland security. Jeff is a life member of the Council on Foreign Relations, which is an independent, nonpartisan membership organization, think tank, and publisher. In 2013, Jeff was appointed as a Nonresident Senior Fellow at the Atlantic Council, associated with the Cyber Statecraft Initiative, within the Brent Scowcroft Center on International Security. In 2014, Jeff joined the Georgetown University School of Law School Cybersecurity Advisory Committee. Jeff is active in the World Economic Forum, and recently became a member of the Cyber Security Global Agenda Council for 2014-2016. ICSA President’s Award for Public Service, 2011.

Kymberlee Price

Program Chair

KymberleeWith 15 years’ experience in the information security industry specializing in application security incident response and investigations, Kymberlee Price currently leads the Microsoft Security Response Center’s Community Programs team.

Ms. Price got her start by pioneering the first security researcher outreach program in the software industry at Microsoft in 2003. She was later a principal investigator in the Zotob criminal investigation, and analyzed APT’s at Microsoft. She then spent 4 years investigating product vulnerabilities in BlackBerry’s Security Response Team specializing in open source library vulnerabilities, followed by three years directing the efforts of crowdsourced penetration testers at Bugcrowd. In 2017 she returned to Microsoft and her passion for application security and open source security management.

Kymberlee speaks regularly on vulnerability management and product incident response best practices at conferences around the world including Kaspersky Security Analyst Summit, Black Hat, RSA, Nullcon, and Metricon. She holds dual Bachelor of Science degrees in Behavioral Psychology and Public Health Education.

Mike Johnson

mike-1Stefano Zanero received a PhD in Computer Engineering from Politecnico di Milano, where he is currently an associate professor with the Dipartimento di Elettronica, Informazione e Bioingegneria. His research focuses on malware analysis, cyberphysical security, and systems security. Besides teaching “Computer Security” and “Computer Forensics” at Politecnico, he has an extensive speaking and training experience in Italy and abroad. He co-authored over 60 scientific papers and books. He is a Senior Member of the IEEE, the IEEE Computer Society (for which he is a member of the Board of Governors), and a lifetime senior member of the ACM. Stefano co-founded the Italian chapter of ISSA (Information System Security Association). He has been named a Fellow of ISSA and sits in its International Board of Directors. A long time op-ed writer for magazines (among which “Computer World”), Stefano is also a co-founder and chairman of Secure Network, a leading information security consulting firm based in Milan and in London, and a co-founder of 18Months, a cloud-based ticketing solutions provider, and recently has co-founded BankSealer, a startup in the FinTech sector.

Sounil Yu

45n75ydqhqvk7isp1uebwrbjwubhr4Sounil Yu is a Christian, husband and father with over 30 years of hands-on experience creating, breaking and fixing computer and network systems. As the Exec Director for Security Innovation at a major financial institution, he leads teams to execute innovation initiatives and crazy experiments that reduce risk and tackle hard challenges in infosec. Previously, he helped improve infosec at several institutions spanning from Fortune 100 companies with three letters on the stock exchange to secretive three letter agencies that are not. Although on occasion he is forced to write about himself in the third person, he would rather meet people in person to share experiences rather than writing it up in a short bio. He lives in Virginia with his wife and their four homeschooled children.

John Scimone

john-scimone
John Scimone currently serves as the Global Chief Information Security Officer for the Sony Group family of companies, where he is responsible for leading Sony’s global information security and privacy strategy, policy, and operations. Prior to joining Sony, Mr. Scimone held a number of leadership positions at the U.S. Department of Defense, including as Director of Security Operations for the Secretary of Defense’s communications office, where he oversaw the Secretary’s cyber and facility security programs. Mr. Scimone formerly served as a member of the Joint Task Force for Global Network Operations under United States Strategic Command, where he led the development of enterprise network security programs that protected information belonging to the DoD’s more than two million employees.

Randal Vaughn

Head of Operations

vaughn_randal
Randal Vaughn, professor of Information Systems and Information Security at Baylor University, joined the Baylor faculty in 1982 as the second PhD holding faculty member of the MIS department. While at Baylor, he helped design the department undergraduate program offerings and led the department in developing their MIS master’s-level programs. In addition to his Baylor duties, Randal has been an active member of the operational Internet security community for over 15 years.
Prior to joining the Baylor faculty, Randal worked as a software designer for Mobil Exploration and Producing Services and Vought Aircraft Corporation. Randal earned a PhD in mathematics from The University of Texas in Arlington and served as an USAF officer.

CFP

Example Topics of Interest for Submission

We invite you to participate in Art into Science and submit a talk to one of the two conference tracks.

Details on how to submit your proposed talk will be released soon!

Operations Track:

We’d like to put defense on a pedestal and take in talks that interest us – operational talks on defense. As a field, we need practitioners to offer implementable ideas and or reference implementations to reduce the amount of work that someone has to do to implement what they learn.

Topics of interest include:

+ Threat Intelligence
+ Attack Profiles
+ Detection Systems
+ Case Studies, Tools, and Techniques
+ Insider Threat
+ User Behavior Analytics
+ Fraud Mitigation
+ Operationalizing Security
+ Metrics
+ Scalable Security Engineering
+ Security Response
+ SDL

Audience: Please think of the audience as your peers, experts in their field, who have been punching miscreants and building defense systems for at least 15 years. We are looking to see what you do, how you do it, and how others can replicate or further advance your efforts. While new material is preferred, we are very happy to see your implementation, research, investigations, and use cases, even if others have done it before, just please do not give an introductory talk.

Philosophical/Art into Science Track:

The Philosophy Track for Art Into Science is unlike most other conferences in that there is a high degree of interaction expected among speakers and attendees. In fact, one of the expected outputs are documents with authorship credit that include attendees that contributed during the conference.

To this end, the CFP for the Philosophy Track encourages submitters to consider the following to increase your chances of getting your submission accepted:

1. Build upon other talks given in previous years
2. Create space/opportunities for attendees to contribute to your topic
3. Orient towards a “Guide-on-the-Side” style talk over “Sage-on-the-Stage”

You can review some of the past talks and topics on our YouTube channel.

This track will run the full duration of the convention, from Jan. 30th to Feb. 1st. This track will dismiss at 2:00 PM on Friday, the 1st.

Speakers: Speakers are strongly encouraged to stay through the week to facilitate discussions on their topic.

Audience: Please think of yourselves as contributors having something to offer but needing a venue and structure to facilitate your ability to express your thoughts and experience. The speakers aren’t the only ones with content. We are looking for your thinking on how we can build what we already know into a discipline or to learn of something new which we haven’t heard before.

Previous documents that were created by attendees include the following:

– Professionalization Framework: http://bit.ly/acod-prof
– Product Testing Framework: http://bit.ly/acod-tef
– Hazard Assessment Framework / Forecasting Framework: http://bit.ly/acod-hazard
– Near Misses: http://bit.ly/acod-near-miss

 

Talk and Discussion Guidelines

Discussion needs to be of a nature that:

  • Identifies first principles.
  • Models the results.

But most importantly:

  • Makes sure the resulting models are useful and usable.

Some things to avoid:

  • Stays away from statements such as “we should all use Linux” or “this wouldn’t happen if people patched their systems.”
  • Mentions of Sun Tzu are not allowed in lectures, unless they are new, previously unseen 0day quotes.
  • Purely academic topics such as: “5% faster crypto!”

Other More Mundane Topics of Interest for the Philosophy Track

  • How do you hire and keep your security professionals?
  • Internal tool building. Build vs Buy. When to choose which, and why?
  • The geopolitics and legal implications of security.
  • Getting executive attention: Unlocking budget and success metrics.
  • Efficacy evaluation.

Logistics

Here are some of the convention logistics for giving a talk:

  • Talks can be scheduled for either a 20 or 40 minute block. This will be specified in the CFP submission form. When selecting a 40 minute talk in the form, please elaborate further as to why your talk will benefit from being 40 minutes long, as opposed to 20 minutes long.

Classic Talks

ACoD will invite select speakers who, in our opinion, gave talks or wrote papers that defined our field, so that we can learn from their experience, as well as record them for posterity. Please submit ideas for who to invite, with contact details, if you have them, to: [email protected]

Diversity

We especially encourage women and members of other diverse groups to submit a talk and attend the conference.

P.S.

A total of 0 mentions of the term “cyber” counted in this page above this line.

Submit CFP

Online CFP Submissions for the 2019 convention are now Open. CFP responses can be submitted online using our EasyChair Conference Page.

Code of Conduct

The Art into Science: A Conference for Defense recognizes the following Code of Conduct: Click Here (.PDF)

Pricing & Registration

Entry is free but limited to 300 seats only.

Online CFP Submissions for the 2019 convention are now Open. CFP responses can be submitted online using our EasyChair Conference Page:https://easychair.org/my/conference.cgi?conf=acod2019;welcome=1

No tickets to display here! You will need to add some.

Call for Papers Open for 2019

Please use https://easychair.org/my/conference.cgi?conf=acod2019 for submissions.

Online CFP Submissions for the 2019 convention are now Open. CFP responses can be submitted online using our EasyChair Conference Page.

Homepage

Get in touch

  • Graphic river
  • Video hive
  • 3d ocean
  • Activeden

Location and Venue

Venue

Dell Round Rock 5 Building (Round Rock)

200 Dell Way, Round Rock, Texas 78682

Nearby Accomodation

Austin Marriott North

2600 La Frontera Blvd., Round Rock, Texas 78682

Book Online

Hyatt Place

420 Sundance Parkway, Round Rock, TX 78682

Book Online

Homewood Suites by Hilton

2201 S Mays St., Round Rock, TX 78682

Book Online

Hampton Inn

110 Dell Way, Round Rock, TX 78682

Book Online

Home2 Suites by Hilton

1000 W Louis Henna Blvd., Round Rock, TX 78682

Book Online
Additional details

Copyright 2018. Art into Science - 2019