Cybersummit 2020 Session Day 1: Operationalizing ATT&CK Through CISA Alerts

Cybersummit 2020: Operationalizing ATT&CK Through CISA Alerts

Want more? Watch Day One.

About The Speakers

Casey Kahsen, Cybersecurity and Infrastructure Security Agency (CISA)

Speaker: Casey Kahsen, CISACasey Kahsen is currently the chief of network forensics CISA’s hunt and incident response team. He holds a bachelor’s degree in digital forensic science from Defiance College (Ohio) and a Master's degree in Digital Forensic Science from Champlain College (Vermont). Additionally, he holds professional certifications in incident response (GCIH), reverse engineering of malware (GREM), digital forensics (GCFA), and industrial control systems incident response (GRID). His professional career has him through many areas of the field. He started his cyber career at the University of Northwestern Ohio as an instructor of digital forensics and network security. He held this position for almost 4 years where he administered courses in digital forensics, incident response, network security, and intrusion detection. In addition to delivering the content, he was also the principle author of the digital forensics curriculum.

In 2014, he took a position with Northrop Grumman Corporation as a threat intelligence. After serving for a year in that position he quickly became an incident response analyst supporting DHS US-CERT/CISA Central. During that time, he was a member of a small team that deployed to onsite locations to assist in cyber cases involving a myriad of different intrusions at locations all over the United States for both government and private sector entities alike.

He held that position as a contract support staff to the DHS incident response team for nearly 3 years. In the summer of 2018, he accepted a position as a federal civilian for DHS as an incident response engagement lead for the HIRT (hunt and incident response team). In this position he led teams of 5-6 on engagements across the country (mostly chasing nation state adversaries). In addition to these duties, he also served as the technical lead for the host forensics section. In this role he oversaw all things technical for the host forensics team (tools, analysis methodologies, etc.).

In November 2019 he accepted a position as the section chief of network forensics within the Hunt and Incident Response team. This is the same team that Casey served on in previous roles. In this role as a leader in a highly technical team, he now leads a section of 30+ federal and contract personal who perform network forensic duties on incident response engagements. These duties include deploying technology to collect network traffic and determining the scope of an incident based on network communications. It is an exciting balance of technical and leadership and allows him to not only dive in deep with the analysts, but also to think strategically and help to move the hunt and incident response branch at CISA towards collective success.

Adam Isles, The Chertoff Group

Speaker: Adam Isles, Chertoff GroupAdam Isles is a Principal at The Chertoff Group, where he helps clients manage security and safety risk. Representative projects have included cybersecurity risk diagnostics, security strategy development, security resourcing studies, framework development, exercises, senior management training, penetration tests and security audits.

He is also principal drafter for the firm’s security risk management methodology, which was approved by the U.S. Department of Homeland Security for SAFETY Act designation in 2017.

Prior to joining The Chertoff Group, Adam worked at Raytheon Company where he was the Director of Strategy and Policy Consulting for homeland security. Previously, Adam served as the Deputy Chief of Staff at the U.S. Department of Homeland Security (DHS) from 2007-2009. At DHS, he coordinated policy decisions, including on technology standards, regulations and business rules, for numerous border, travel security and critical infrastructure protection programs. He also staffed the Secretary on the launch of the Comprehensive National Cybersecurity Initiative. 

Before joining DHS, Adam served at the U.S. Department of Justice, where he started his legal career as a trial attorney in the Criminal Division in 1997. From 2002-2003, he was a Director of International Economic Affairs at the National Security Council. From 1998-2001, he was also secretary of the G8 High-tech Crime Experts Group.

View or download the Operationalizing ATT&CK Through CISA Alerts document.

Was this webpage helpful?  Yes  |  Somewhat  |  No