Another Year In Web Security—What did 2012 teach us about surviving 2013?

Thursday, December 20, 2012

1:00 pm EST/10:00 am PST • FREE

60 minutes, including Q&A

Another Year In Web Security—What did 2012 teach us about surviving 2013? by Jeremiah Grossman
Innovation and Disruption in Security in 2013 by Eddie Schwartz

If history repeats itself, and the unexpected always happens, how incapable must Man be of learning from experience1. Black Hat's December 2012 webcast will host Jeremiah Grossman, providing an objective analysis of breaches and web security trends in 2012.

Year after year we continue to witness some of the world's biggest brands in the headlines for security breaches, with what seems no end in sight. And it's not just the Fortune 500 in the cross-hairs; hacktivists, cyber-criminals, and nation-state sponsored attackers have no problem going after anyone and everyone they choose. Some days it's banks. Other days, retailers. Colleges, restaurant chains, technology companies, television networks, state governments, and so on have also been victimized.

Here's the problem: While last year we saw the average number of serious vulnerabilities on websites dropped 66%, showing a glimmer that the open doors for hackers are being closed, the fact of the matter is even just one vulnerability is just as detrimental as 100. This understanding calls for a new way of thinking about defense. Effective defensive is NOT software security perfection, but a strategy that significantly raises the costs of our adversaries to compromise a system with each dollar we invest. In this session, Jeremiah Grossman, CTO and Founder of WhiteHat Security will discuss the key security breaches that's took place in 2012, the most important new lessons learned, and what it all means for the future of cyber security. Attendees will walk away with an idea of what 2012 research and events meant for security and what we can expect to see in 2013.

Brought to you by:



Jeremiah Grossman

Founder and Chief Technology Officer

WhiteHat Security

Jeremiah Grossman is the Founder and Chief Technology Officer of WhiteHat Security, where he is responsible for Web security R&D and industry outreach. Over the last decade, Mr. Grossman has written dozens of articles, white papers, and is a published author. His work has been featured in the Wall Street Journal, Forbes, NY Times and hundreds of other media outlets around the world. As a well-known security expert and industry veteran, Mr. Grossman has been a guest speaker on six continents at hundreds of events including TED, Black Hat Briefings, RSA, SANS, and others. He has been invited to guest lecture at top universities such as UC Berkeley, Stanford, Harvard, UoW Madison, and UCLA. Mr. Grossman is also a co-founder of the Web Application Security Consortium (WASC) and previously named one of InfoWorld's Top 25 CTOs. He serves on the advisory board of two hot start-ups, Risk I/O and SD Elements, and is a Brazilian Jiu-Jitsu Black Belt. Before founding WhiteHat, Mr. Grossman was an information security officer at Yahoo!

Sponsor Presentation: Innovation and Disruption in Security in 2013

Description: The year 2013 promises security experts and vendors alike to be challenged by a cluster of disruptive innovations, according to an upcoming Security for Business Innovation Council (SBIC)report, that will continue transforming enterprise IT and hammering at the very foundations of information security strategies. In this coming year we will see several major developments in the enterprise adoption of cloud computing, social media, big data and mobile devices. These trends will have a big impact on information security programs, revealing significant and growing gaps including a lack of business skills, relationships, supply chain management and tech-savvy action plans. These gaps must be addressed in order for information security teams to keep pace with their organizations' technology aspirations. In this session, Eddie Schwartz, CSO, RSA, The Security Division of EMC will discuss these disruptive innovations and their impact providing a sneak preview to an upcoming 2013 trends report. Attendees will walk away with prescriptive advice for how to face these challenges.

Sponsor Presenter:

Eddie Schwartz


RSA NetWitness

Mr. Schwartz is Vice President and Chief Security Officer for RSA and has 25 years experience in the information security field. Previously, he was Co-Founder and Vice President/CSO of NetWitness (acquired by EMC), EVP/CTO of ManTech, EVP and General Manager of Global Integrity (acquired by INS), SVP of Operations ofGuardent (acquired by VeriSign), VP/CISO of Nationwide Insurance, a Senior Computer Scientist at CSC, and a Foreign Service Officer with the U.S. Dept. of State. Mr. Schwartz has advised a number of early stage security companies, and served on the Executive Committee for the Banking Information Technology Secretariat (BITS). Mr. Schwartz has a B.I.S. in Information Security Management and an M.S. in Information Technology Management from the George Mason University School of Management.

Referece 1 - George Bernard Shaw

Sustaining Partners