Panel Session: A security incident seen from different perspectives
Security workshop / 3rd COLARIS
Presenters
James N. Duncan, CISSP, is the Cyber Security Incident Response Team Coordinator for BB&T Corporation, currently the 11th largest domestic financial holding company in the United States. His constituency extends over 34 subsidiaries and nearly 30,000 employees in eleven states providing nearly every imaginable financial service from traditional banking, wealth management, and investments, to insurance, payroll management, software development, and ASPs for other financial services companies. The bank's web presence, bbt.com, has received numerous awards for excellence in on-line banking.
Previously, Jim Duncan worked at Cisco Systems where he provided incident response team support within the Critical Infrastructure Assurance Group, acting as technical liaison for various ISACs and government agencies (US and others), and was the team lead for the Cisco Product Security Incident Response Team, handling vulnerabilities in Cisco products from initial report to final composition and publication of a security advisory. Prior to that, he was employed as network engineer and principal systems administrator in various departments at the Pennsylvania State University.
In between, Mr. Duncan developed one of the first tutorials focusing on developing incident response teams way back in 1996 (with Rik Farrow for the USENIX Association), served a two-year term on the Steering Committee/Board of Directors of the Forum of Incident Response and Security Teams, and became an approved TRANSITS instructor, teaching several TRANSITS classes around the globe.
Jim is also a soccer referee, certified by the United States Soccer Federation, US Indoor Soccer, and the North Carolina High School Athletic Association, and has officiated many hundreds of matches in the last four years.
He is in wide demand on multiple continents as a speaker and instructor (and referee).
Adam Laurie is a Director of The Bunker Secure Hosting Ltd. He started in the computer industry in the late Seventies, working as a computer programmer on PDP8 and other mini computers, and then on various Unix, Dos and CP/M based micro computers as they emerged in the Eighties. He quickly became interested in the underlying network and data protocols, and moved his attention to those areas and away from programming, starting a data conversion company which rapidly grew to become Europe's largest specialist in that field (A.L. downloading Services). During this period, he successfully disproved the industry lie that music CDs could not be read by computers, and, with help from his brother Ben, wrote the world's first CD ripper, 'CDGRAB'. At this point, he and Ben became interested in the newly emerging concept of 'The Internet', and were involved in various early open source projects, the most well known of which is probably their own -ApacheSSL - which went on to become the defacto standard secure web server. Since the late Nineties they have focused their attention on security, and have been the authors of various papers exposing flaws in Internet services and/or software, as well as pioneering the concept of reusing military data centres (housed in underground nuclear bunkers) as secure hosting facilities. Adam has been a senior member of staff at DEFCON (http://www.defcon.org) since 1997, and also acted as a member of staff during the early years of the Black Hat Briefings, where he is now a regular training instructor (http://www.blackhat.com), and he is also a member of the Bluetooth SIG Security Experts Group (http://www.bluetooth.org). His current focus is on RFID, and he has recently published an opensource RFID software library, written in Python, which can be found at http://rfidiot.org.
Born and raised in Caracas, Venezuela, Mr. Arsene Laurent's present role is full responsibility of Telefonica USA's Information Security Operations.
Before moving to the United States in 2001, he was the Director of Operations at Terra Networks, Venezuela. Between 2001 and 2003, he worked as the senior UNIX Engineer of Terra Networks USA. In this position, he participated in forensic analysis activities and responded to DDoS attacks which included investigations that led to the identification of possible attackers using social engineering techniques within the Internet Relay Chat (IRC) while collaborating with the FBI.
Mr. Laurent was also the Operations Manager at Terra Networks USA where he was responsible for the design, architecture, building and ongoing operations of the technological platform for several web sites including terra.com, lycos.com, tripod.com among others.
Previous to his involvement in Information Security and Forensics, he managed UNIX systems for British Petroleum (BP) Venezuela. Mr. Laurent holds a degree in Computer Science from Universidad Central de Venezuela (Central University of Venezuela), and he is a Certified Information Systems Security Professional (CISSP).
Mr. Laurent served in several organizations as a volunteer and was a member of the steering committee for the ACM International Collegiate Programming Contest (ACM-ICPC). He also co-founded of the Venezuelan chapter for the International Olympiad in Informatics (IOI), which launched in 1998.
Mr. Laurent's interests are Systems Automation, Telecommunications and he is a hobbyist of Voice over IP (VoIP) technologies. His future academic goal is to pursue a degree in Criminology with a focus on Forensic Science Investigation in Computer Crime.
Francisco "Paco" Monserrat is the Security Coordinator of RedIRIS (the Spanish Academic and Research Network) and he is a FIRST member since 1997. During the last few years, he has worked actively on the TF-CSIRT, iniromoting the cooperation among CSIRTs in Europe.
Paco has spoken on various conferences and his activities focus on Forense Analysis, criptography and Computer Security Incidents Response Teams.
Consultant of CAIS/RNP, Director of Internet of the Brazilian Institute of Politics and Cyberlaw (IBDI), suplent member of the Brazilian Internet Steering Comittee (CGI.br) representing the scientific and technological community, Associate of Kaminski, Cerdeira, Pesserl Attourneys At Law.
Patrick Cain is a Research Fellow of the Anti-Phishing Working Group (APWG), and the President of The Cooper-Cain Group, Inc, a computer and Internet security consultancy. He has been associated with information security development and operations for over twenty years. He was previously the Security Advocate in the Office of the Chief Technology Officer, at Genuity Inc., a large Internet Service Provider. He is a Certified Information Systems Auditor (CISA), a Certified Information System Manager (CISM), and an associate member of the American Bar Association.
Mr. Cain participated in the FSTC Counter-Phishing project, is a research member of the Anti-Phishing Working Group, and currently leads the effort in the IETF to standardize phishing and electronic crime reports. He is the co-chair of the IETF Operations Security Working Group and has participated in a US White House working group identifying and addressing the vulnerabilities of the Internet.
