BIC Winter Conference 2023
Join us as we host our flagship event!
Blacks In Cybersecurity™ began its journey as an event series and meet up group in mid 2018. From there, the event series has expanded exponentially into several events year round as well as multiple meet up groups world wide!
Blacks In Cybersecurity is a cultural institution for the Black Community and has a unique emphasis on community engagement (relatability) and objective based skill building (activities). This allows for community members to leave a Blacks In Cybersecurity facilitated event with a conceptual understanding of the field as well as access to resources for continued learning.
Representation is in our core values, Blacks In Cybersecurity seeks to bring in knowledgeable individuals that are a part of the minority community to educate and instruct attendees.
Visit our Youtube page and watch the video of the event that started it all! Click here.
Blacks In Cybersecurity offers many programs and events throughout the year ...
-
CLADP Academyand BIC Global Groups:
The BIC Training program is designed to provide accessible and affordable training to our community. The CLADP (Cybersecurity Literacy And Development Program) sets out to cater to youth (K-12 and College) and senior citizens to guide them on the path to learn basic Cybersecurity/Online literacy as well as prepare them for taking on more thorough courses of Cybersecurity related material. The program includes our catalog here.
-
Conferencesand Networking Events
BIC seeks to curate purposeful events that aid in our community development and expertise. Our events are unique to the needs of our community and strive to create a fun and casual approach to learning that spawns a genuine affection for learning in the Hacker & Maker community.
-
Capture The Flag, Competition Teams and Cyber Ranges
BIC provides the Community with an opportunity to participate in building and solving Capture The Flag challenges year round in collaboration with our global CTF development teams. Most notably, our work has been featured on the world stage in multiple venues including DEF CON Hacking Conference, watch our documentary here.
Speakers
Hugh Shepherd
N/A
Talk DescriptionSecurity of critical infrastructure and smart infrastructure is a serious concern. As more and more of these systems become interconnected, the level of risk increases. The purpose of this talk is to raise awareness and to start a discussion on possible strategies for improved security.
Robert McNair
Robert McNair is a 2nd Generation IT Professional, Cloud Evangelist, Public Speaker and Motivator. He has over 20 years in the IT industry, Fun Fact: His father was a hidden figure working on developing Barcodes in the late 1960s. He has a passion for talking and connecting our People to their purpose in Tech.
Talk DescriptionN/A
Chantel Sims
Using her background in Psychology and Education, Chantel weaves human behavior into her work as a Security Consultant with NCC Group; a global cyber and software resilience security firm. She specializes in pen testing a number of technologies across different industries and sectors. In her free time, she enjoys learning new hacking techniques, researching the cosmos, reading philosophical texts, and spending time with her loved ones. Bringing integrity, positivity, and an open mind to all things new drives her passion for hacking.
Talk DescriptionA pentest is only as good as the pentester. For a pentester to successfully cover a client's needs, it's important that a thorough pentesting methodology is utilized. Methodologies typically expand as we gain more hands-on experience. In this talk, we'll cover elevating our methodology as pentesters within a shorter time frame while also addressing the barriers that can get in the way of learning new tools & techniques that will ultimately expand our methodology.
Craig Bowser
Craig Bowser is an infosec professional with over 20 years of experience. He has worked in a number of infosec roles in the US government and is currently a Security Solutions Architect at GuidePoint Security. He is a Christian, Father, Husband, and Scout Leader who enjoys sci-fi fantasy. home networking, reading, and hiking.
Talk DescriptionThe field of Security Engineering has evolved as an essential function within the Information Security industry. Security Engineers are responsible for many aspects of protecting the enterprise including designing of secure systems, supporting security operations, and protecting business platforms, data centers and the cloud. The role of Security Engineers is sometimes confused with system administrators, security analysts or even penetration testers. Yet the industry recognizes the need for Security Engineers with over 1000’s of opportunities in the DMV region alone. This talk will address questions such as “What is a security engineer?” and “Aren’t they the system administrators?” and provide practical direction for building a security engineering career.
Lu Goon
The field of Security Engineering has evolved as an essential function within the Information Security industry. Security Engineers are responsible for many aspects of protecting the enterprise including designing of secure systems, supporting security operations, and protecting business platforms, data centers and the cloud. The role of Security Engineers is sometimes confused with system administrators, security analysts or even penetration testers. Yet the industry recognizes the need for Security Engineers with over 1000’s of opportunities in the DMV region alone. This talk will address questions such as “What is a security engineer?” and “Aren’t they the system administrators?” and provide practical direction for building a security engineering career.
Leron Gray
Leron Gray is a senior security consultant on Bishop Fox's Red Team. With nine years of offensive security experience, he previously served on the Azure Red Team at Microsoft, as a penetration tester, and as a Cryptologic Technician (Networks) for the U.S. Navy. Leron holds a Masters in Cyber Defense from Dakota State University and is a PhD candidate for Cyber Operations. He has a graduate certification in penetration testing and ethical hacking from SANS Technology Institute.
Talk DescriptionWith many organizations building their environments from the ground up in Azure and Azure AD without traditional networks, penetration testers need to change their mindset around initial access and lateral movement to match the nature of cloud environments. Azure AD environments with no Azure provisioned infrastructure (like storage or virtual machines) have much smaller footprints than traditional networks or even hybrid AD environments. This talk will discuss some of the challenges found in pen testing pure Azure AD/Office 365 environments and provides a scenario in which we go from reconnaissance to stealing user access tokens. Post-MFA headers are like currency, so lemme hold a dollar token real quick.
LaGarian Smith
LaGarian is an active duty Marine with nearly 20 years of service and experience in IT and Cyberspace Operations.
Talk DescriptionThis talk will cover the resources needed to prepare and pass the OSCP exam with focus on time management principles that can be applied to avoid undue stress
Dr. Cynthia Sutherland
Dr. Cynthia Sutherland is a multiaward winning, global cybersecurity leader serving as Amazon Web Services' Global Automotive Security Assurance Lead with a 16 year cybersecurity career across multiple industries. Prior to AWS, she was the first senior executive to serve as the Chief Information Security Officer (CISO) for Federal Emergency Management Agency (FEMA) were she led integration of cybersecurity into America's emergency management systems. She came to FEMA from serving as the Joint Chiefs of Staff CISO were she led the integration of cybersecurity into military weapons for U.S., 23 countries, and NATO. Her passion is professional development and mental health of the cybersecurity profession.
Talk DescriptionMost look at Cybersecurity from the perspective of technology, cyber-attacks, and as a high demanding career field with solid compensation. However, what is not discussed is what it takes to get in, stay in, and be successful in the field. Navigating a cybersecurity career can be even more of a challenge when you have limited exposure and unconscious biases. This session navigates through the Confidentiality, Individuality, and Awareness (C.I. A.) Pillars for a Successful Cybersecurity Career, mental health as a security concern, and shows how representation does matter in cybersecurity. The goal is for participants to walk away with tips on how to close the gaps in their performance and identify their uniqueness, value to an organization, and ideas on how to increase awareness of their capabilities in their organization.
Dr. Xavier-Lewis Palmer
Dr. Xavier-Lewis Palmer is a multipotentialite of biology, engineering, and cybersecurity. He holds an Engineering PhD, an MS in Cybersecurity, an MS in Biotechnology, a BS in Biology, and a BA in Philosophy, with an interdisciplinary mix of numerous biology, engineering, and cybersecurity-based publications. A strong passion for both STEM education outreach and technological intersections that can improve community health and outcomes, fostered by diverse work experiences, help drive him He believes that in this ever-complex world, it is beneficial that we all keep learning, find ways to be involved in education, and help bring forth creative and helpful innovations, ideas, and conversations, where practical.
Talk DescriptionThis talk aims to simplify graduate school for those interested in Graduate School, but not knowing where to start. Topics to cover are: Reasons and Tips for Applying, Navigating the Graduate School Process from start to Graduation, and Helpful Resources. The last half is open for specific questions that the audience has that are not covered.
Kassandra Pierre
Kassandra Pierre is a champion of advocacy. She has seen firsthand the positive impact diverse spaces can have on women, individuals with disabilities, and multi-minority individuals and she recognizes allyship as imperative to unlocking human and organizational potential.
Kassandra’s work with youth and adults in education and mental health care settings fuels her ongoing mental health advocacy and has enabled her to empower many people to overcome personal and professional obstacles. She is a trained crisis Interventionist and support group facilitator with over fifteen years of experience providing technical assistance and governance in the nonprofit, public and private sectors.
Kassandra is a Certified Scrum Master and a Certified Scrum Product Owner currently employed as an AVP in Technology Talent Development with a global financial institution. She serves as a Disability:IN NextGen Leaders Program Mentor, has been an Advisory Board Member and presenter for the 2022 SANs Neurodiversity Summit and is the Founder and Affiliate President of the WiCyS (Women in Cybersecurity) Neurodiversity Affiliate.
Kassandra is a technology enthusiast and is a nerd for threat intelligence, data privacy, and cybercrime. She is currently completing a degree in Cybersecurity and in her free time, enjoys gardening, playing with her dogs and cooking for friends and family.
N/A
Dondi West
Dondi West is Global Security Counsel at TikTok where he advises senior leaders and network defenders on matters related to Cybersecurity, Incident Response, Security Governance and Security Legal Compliance.
Talk DescriptionIt’s time for the security community to consider whether the level of diversity in a company's security workforce should be viewed as a security control or factor that reduces risk. We must have a diverse security workforce to counter quickly evolving and diverse threats. Diversity and inclusion in a company’s security workforce can no longer be viewed as an HR/recruitment issue, or a nice to have. It’s time for us to ensure that every company has real skin in the game on this issue, and to consider diversity as a cyber readiness issue. Ideally, there should be a control category for diversity, equity and inclusion and companies not meeting the standard should be required to create a plan of actions and milestones to address a lack of diversity as an unmitigated security risk. It’s time to walk the walk on this. It’s 2022 and we know better now. This is conventional wisdom that needs to be reflected in security standards and frameworks.
Ashley Sequira
Ashley Sequeira hails from Las Cruces, NM with her husband, Dan and her two dogs, Carbon Fiber and Graham Cracker. She is a recent graduate of Boise State University. During her time at Boise State University, she concluded her career at Palo Alto Networks and started with Google July 2022. While at Palo Alto Networks, she ran the Security Operations training program, consulted for SOAR platforms, worked as a Professional Services Consultant and ran an employee resource group focused on Veterans. Prior to her time at Palo Alto Networks, Ashley worked in a Security Operations Center and served 13 years in the Army Reserve. In the Army, she competed on the National Taekwondo Team(2011, 2015), played in the Army Band and learned her fundamentals in IT. She holds a Bachelor's degree from Southern New Hampshire University in General Studies, an Associate of Science in Information Systems Security, an Associate of Arts in English Literature and Communication, an Associate of Arts in English and an Associate of Arts in General Studies. Ashley holds technical certifications from SANS(GCIH), CompTIA(A+, Mobility+, Security+, CySA+), and Palo Alto Networks(PCSAE, PCDRA).
Talk DescriptionThis talk will cover my journey through cybersecurity. I began in retail and now work at Google, without writing any code. All folks involved in cybersecurity already have unique skills that can likely be leveraged to further their careers in the industry. All folks who want to break into cybersecurity also have other skills that can be leveraged to "break in".
TJ McClearin
A builder of systems, infrastructure, and tech, with a concentration in security, DFIR, and cellular communications, building redundant highly available systems inside mixed unforgiving environments is my specialty. Whether on-premises, cloud-based, or mixed-use, I take pride in maximizing uptime on infrastructure through policy and automation. Coupled with my executive background, I excel working on and with teams of both engineers and decision makers, my best quality is the ability to make high-level concepts easy to understand, to provide a roadmap to success identifying hurdles and addressing them with solutions.
Talk DescriptionN/A
Akil George
N/A
Talk DescriptionScam messages, we get them all the time. Be it emails, texts, private messages on social media; they'll always find some way to you. But with these attempts to get your sensitive information getting more and more sophisticated, how can we better defend ourselves? What do some of these look like and what are some easy ways to ensure you don't get scammed? Learn all this and more at the presentation!
Melissa Daley
N/A
Talk DescriptionScam messages, we get them all the time. Be it emails, texts, private messages on social media; they'll always find some way to you. But with these attempts to get your sensitive information getting more and more sophisticated, how can we better defend ourselves? What do some of these look like and what are some easy ways to ensure you don't get scammed? Learn all this and more at the presentation!
Kaitlin O'Neil
Kaitlin O’Neil, is the Recruiting Manager at Bishop Fox and co-founder of the Bishop Fox mentorship program. She has spent the past ten years in technical recruiting for multiple Fortune 100 software organizations. She is passionate about connecting with diverse talent in the cybersecurity space.
Talk DescriptionN/A
Teresa Allison
Teresa Allison is the ISSA DC Chapter VP of Programs and Events. She is a Cybersecurity Consultant with over 20 years of experience in IT for a large consulting firm in the Washington DC Metropolitan Area. She has served as a trusted advisor to CIOs and CISOs as well as their staffs by providing them with solutions for addressing their management needs for multi-billion-dollar federal information technology programs.
Talk DescriptionHave you been thinking about transitioning to a career in cybersecurity, but are not quite sure how to make your dream a reality? Are you currently working a cyber job but want to make a plan for advancement? This program walks you through the steps that you need to take in order to explore your cyber career options. It gives you a structured framework for exploring your interest in cyber, researching cyber positions, learning about cyber policies and standards, learning cyber tools, obtaining cyber / IT certifications, as well as applying for cyber jobs. This approach helps you to create your own cyber career action plan so that you can position yourself to join the field of cybersecurity.
Dontae Tyler
A community college drop-out born in Southeast Washington DC but by way of Prince Georges County, Dontae Tyler believes that success in the tech industry does not have to be traditional. With over 9 years of experience in IT, supporting various federal agencies Dontae has begun to distinguish himself as a premier advocate for GRC, Data Privacy and Security Awareness Training. He currently holds several certifications including CISM, CDSPE, CEH, SEC+. Dontae's unconventional cyber awareness training and education teaching methods seek to educate the everyday user and challenge the most experienced tech professionals on the evolving cyber threats.
Talk DescriptionDontae Tyler developed a security awareness training called Cyber Hygiene after getting tired of sitting through boring cyber security awareness videos that were not effective. After conducting his own research, He was able to come to the conclusion that the annual security training of the past was not as effective in remediating issues related to non-technical people utilizing interconnected devices and systems to complete their work. In his training he plans to equip end users with simple yet effective mitigation strategies and tools to reduce risk to acceptable levels.
Agenda
Security Strategies for Critical and Smart Infrastructures
Cloud Security: The Importance of Defending your Organization
Refining Your Offensive Pentest Methodology
Security Engineering != (Admin || Analyst || Responder)
Leron Gray ( BISHOP FOX )
Gimme the Loot – Lemme Hold a Token Real Quick
Prepping for OSCP: Achieving Balance
Navigating Cybersecurity: Getting In and Staying In!
Simplifying Graduate School
Threat Modeling Your Careers Creating a Plan for your Professional Success
DEI 2.0: It’s time to see Diversity, Equity and Inclusion Measured and Tracked as a Security Control
From Gamestop to Google: How to leverage your personal skill set into a unique Cybersecurity Career
Who is Xcape, Inc. and what is PTaaS?
Sophisticated Scams for the Average User
Hiring Hacked: Using Linkedin Like a Pro
Developing Your Cyber Career Action Plan
Cyber Hygiene 101
CTF Game Information:
Information:
CTF | BlacksInCyberRegistration Link:
Login | CTF RoomBIC CAPTURE THE FLAG WINTER CONFERENCE 2023
Start Time: 5:00:00 PM EST 02/24/23
End Time: 5:00:00 PM EST 02/25/23