Jason Jordaan’s forensic career began in 1991. He is considered a leading authority in the field of digital forensics and cyber crime investigation and prevention by his peers, both in South Africa and internationally. As the principal forensic analyst of DFIRLABS, a specialist digital forensics and incident response service provider, he is responsible for the leadership of the practice, digital forensics quality assurance, complex digital forensics engagements, research and development, and digital forensic practitioner training and proficiency, and regularly testifies as an expert witness. Prior to this, he was the national head of the Cyber Forensic Laboratory of the Special Investigating Unit, South Africa’s national public sector anti-corruption agency.
Jordaan is also an internationally respected researcher and trainer in the field of digital forensics, where he is the first African to have been admitted into the DFIR faculty of the prestigious SANS Institute, as well as the first African to become a certified instructor for the International Association of Computer Investigative Specialists. He regularly teaches digital forensics to both law enforcement and the private sector in the US, Europe and the Middle East. He has an MSc (computer science) Cum Laude, an MTech (forensics investigation), a BComHons (information systems), BSc (criminal justice computer science) Summa Cum Laude, and a BTech (policing). He is a certified forensic computer examiner, a certified fraud examiner, a professional member of the Institute of Information Technology Professionals of South Africa, a professional member of the Chartered Society of Forensic Science, a GIAC Computer Forensic Examiner, a GIAC
computer forensic analyst, and a GIAC certified incident handler. He teaches digital forensics and incident response at Rhodes University for the MSc degree in information security and serves on the advisory boards of the Department of Computer Science and the University of Pretoria. He serves on the assessment board of the Netherlands Register for Court Experts, where he is responsible for assessing the competency of expert witnesses in the field of digital forensics in Dutch courts.
When one looks at critical attacks in the physical world, such as the Japanese attack on Pearl Harbour in World War II, or the 9/11 attacks against the World Trade Centre and the Pentagon, intelligence failures were identified that could have mitigated the impact of the attacks, if not stopping them altogether. We see the same thing happening in the cyber world, where intelligence efforts are fragmented, not only within government, but also in the private sector. If you look at the South African situation, our cyber threat intelligence environment is segmented and fractured, and there is significant distrust. We are not alone in this. So how do we try and improve the situation? How do we improve our ability to share threat intelligence to protect us all, and to collaborate on common threats? This presentation will explore some of the mechanisms and frameworks currently in operation around the globe aimed at improving our ability to share cyber threat intelligence that is meaningful, as well as how we can better collaborate against a common enemy, the cyber threat actors:
• Identifying the common problems in threat intelligence collaboration and sharing
• What do we actually mean by threat intelligence?
• Uniting against a common threat
• Building networks of trust
• Intelligence frameworks and platforms
Cybereason is the leader in endpoint protection, offering endpoint detection and response, next-generation antivirus, managed monitoring and IR services. Founded by elite intelligence professionals born and bred in offense-first hunting, Cybereason gives enterprises the upper hand over cyber adversaries. The Cybereason platform is powered by a custom-built in-memory graph, the only truly automated hunting engine anywhere. It detects behavioural patterns across every endpoint and surfaces malicious operations in an exceptionally user-friendly interface. Cybereason is privately held and headquartered in Boston with offices in London, Tel Aviv, and Tokyo.
See more at: www.cybereason.com.
Cloudflare, Inc. (@cloudflare) is on a mission to help build a better Internet. Today the company runs one of the world’s largest networks that powers more than 10 trillion requests per month, which is nearly 10 percent of all Internet requests worldwide. Cloudflare protects and accelerates any Internet application online without adding hardware, installing software, or changing a line of code. Internet properties powered by Cloudflare have all traffic routed through its intelligent global network, which gets smarter with each new site added. As a result, they see significant improvement in performance and a decrease in spam and other attacks. Cloudflare was recognized by the World Economic Forum as a Technology Pioneer, named the Most Innovative Network & Internet Technology Company for two years running by the Wall Street Journal, and ranked among the world's 50 most innovative companies by Fast Company. Headquartered in San Francisco, CA, Cloudflare has offices in San Jose, CA, Austin, TX, Champaign, IL, New York, NY, Washington, D.C., London, Munich, Beijing, and Singapore.
Please visit www.cloudflare.com
Popcorn Training - a KnowBe4 company create high quality, engaging and effective security awareness videos, games and interactive learning modules.
All content is locally produced and available on KnowBe4's award-winning training and simulated phishing platform.
KnowBe4, whose mission it is to help organisations manage the ongoing problem of social engineering are a leader in the Gartner Magic Quadrant for security awareness.
Please visit popcorntraining.com
SensePost is part of Orange Cyberdefense, Europe's largest managed security, threat detection and threat intelligence services provider. SensePost is it’s elite consulting arm, renowned for its expertise, 18 year track record and innovation on the frontlines of cybersecurity.
With team members that include some of the world's most preeminent cybersecurity experts, SensePost has helped governments and blue-chip companies both review and protect their information security and stay ahead of evolving threats. SensePost is also a prolific publisher of leading research articles and tools on cybersecurity which are widely recognised and used throughout the industry and feature regularly at industry conferences including BlackHat and DefCon.
Please visit sensepost.com
Magix Security delivers comprehensive and trusted Cybercrime Defense and Detection solutions and services to address, manage, and contain the risks of financial losses and reputational damage arising from the misuse of applications, or other IT information assets, by employees and/or third parties.
Checkmarx is the global leader in software security solutions for modern enterprise software development. Checkmarx delivers the industry’s most comprehensive software security platform that unifies with DevOps and provides static and interactive application security testing, SCA and developer AppSec training to reduce and remediate risk from software vulnerabilities.
Learn more at Checkmarx.com
Securicom provides best in industry cloud-based Managed IT Security Services to address the increasing security threats that businesses find themselves contending with.
Please visit www.securicom.co.za
Telspace Systems provides security assessment services to organisations in order to make organisations as unattractive to cybercriminals as possible thus reducing their cyber security risk. Our main goal is to provide high quality services to organisations and to add value. Services include Application Assessments (web, mobile and thick), Social Engineering, Attack and Penetration Testing, Infosec Training and Advisory (consulting).
Please visit www.telspace.co.za
Wolfpack provides specialist information and cyber threat consulting, training & awareness services to governments and organisations in Africa and pro bono incident support to victims of cyber attacks.
Please visit www.wolfpackrisk.com