Make Plans Now to Attend Central OH ISSA Security Summit 2014

Brent will be speaking again this year at the ISSA Security Summit in Columbus

This year he has an interesting topic and here is the abstract:

A Guided Tour of the Internet Ghetto :: The Business Value of Tor Hidden Services

Following on the heels of my last set of talks about the underground value chain of crime, this talk will focus on a guided tour of the Internet Ghetto. You may have heard about Tor, the anonymizing network that rides on top of the Internet, but this talk takes you deep inside to visit the slums, brothels & gathering places of today’s online criminals. From porn to crimes against humanity, it is all here.

This talk will discuss Tor hidden services, help the audience understand what they are, how they operate, and most importantly, how to get business and information security value from them. If you think you know the dark side of the net, think again! Not for the feint of heart, we will explain some of the ways that smart companies are using hidden services to their benefit and some of the ways that playing with the dark side can come back to bite you.

Take aways include an understanding of Tor, knowledge of how to access and locate hidden services and underground content, methods for using the data to better focus your business and how to keep an eye on your kids to make sure they aren’t straying into the layers of the onion.

 Come out and see us at the Summit and bring your friends. It’s always interesting and a great event to catch up with peers and learn some amazing new stuff. See ya there!

Global Cyber Threat Intelligence…Holy Crap All This on a Monday…?!

Good morning Folks..Global Cyber Threat Intelligence…Holy Crap All This on a Monday…?! All this and a bag of chips…

People’s Republic of China’s digitalized troops begin to take shape

What to Expect June 4, People’s Republic of China’s Unofficial and Orwellian ‘Internet Maintenance Day’

People’s Republic of China’s Government is Stifling Tech Innovation and Prolonging Social Problems

Raspberry Pi: Beating the Censorship of The People’s Republic of China’s Great Firewall

US & People’s Republic of China to discuss cybersecurity at high-level diplomatic meetings
United States is next target of OP Middle Kingdom…colonization by the People’s Republic of China….

US Sec Def Chuck Hagel accuses People’s Republic of China of ‘cyber intrusions’ on US
Didn’t Hagel get the memo from POTUS…?

What happens when People’s Republic of China hacks U.S. weapons designs?

People’s Republic of China, US agree to talks on cyber theft and espionage

Hackers Are Spying On You: Inside the World of Digital Espionage

Hagel says Chinese cyberattacks a “growing threat” People’s Republic of China |

US Cyber Chief: Military Is Unprepared for Hacking

Government-developed standards not an effective cybersecurity approach..Hire the People’s Republic of China

Why the US needs People’s Republic of China’s Huawei more than Huawei needs the US

Australian Defence electronics manufacturer hacked by Chinese

If Britain wants greater prosperity, we need to look East to People’s Republic of China
United Kingdom colonization by People’s Republic of China is now complete…OP Middle Kingdom

Kuwait Commercial and government enterprise market key to Huawei’s growth in 2013 | Huawei Technologies

Los Alamos director: cyber-securing U.S. electrical grid key to energy security

An Elizabethan Cyberwar

A Fierce Domain: Conflict in Cyberspace, 1986 to 2012 | Atlantic Council

U.S. & People’s Republic of China to Hold Regular Talks on Hacking

People’s Republic of China Rapidly Taking Over World Economically

People’s Republic of China Reaps Biggest Benefits of Iraq Oil Boom

People’s Republic of China And The Biggest Territory Grab Since World War II

People’s Republic of China’s Economic Empire

How to Play Well With People’s Republic of China

China Voice: Pentagon report deviates from building trust – People’s Daily Online

People’s Republic of China skeptical of expanded US role in the Pacific;-Hagel-warns-Beijing-on-computer-based-attacks/id-526b8c8f680443d9ac415836133521be

Chinese navy begins US economic zone patrols –
US Navy Admiral Samual Locklear says”It is ok the PLAN is patrolling, we encourage them to do that, especially since we are not under he OSD Sequester and have US Marines aboard our flat bottom amphibs”….

Chinese general reveals ‘strategy’ for Panatag takeover
Major General Zhang Zhaozhong reflects on US Navy Admiral Samual Locklear comments “It is ok the PLAN is patrolling, we encourage them to do that, especially since we are not under he OSD Sequester and have US Marines aboard our flat bottom amphibs”….

People’s Republic of China accused the U.S. of interfering in China’s internal affairs by the June incident
中国指责美国借六四事件干涉中国内政 – 中国数字时代中国指责美国借六四事件干涉中国内政/?

People’s Republic of China’s Ministry of Truth: Japan-Africa, South China Sea – China Digital Times (CDT)

People’s Republic of China warns U.N. against ‘irresponsible remarks’ on North Koreans | Reuters

China-North Korea Dossier No. 2: “China’s ‘Measure of Reserve’ toward Succession”

Hacking the Drone War’s Secret History

Hackers Spawn Web Supercomputer on Way to Chess World Record

USSR’s old domain name attracts cybercriminals

U.S. Targets Iran’s Petrochemical Industry

Iran prepared to counter US cyber threats: Lawmaker

Marine Corps prepares to cut cord on NMCI…NON MISSION CAPABLE INTERNET…

Back to the Basics: Chess, Poker & the Future of Warfare

Interpol filter scope creep: ASIC ordering unilateral website blocks

Anticipating Cyber Threats Beyond APT

Semper Fi,



Discuss Detection in Depth at CMH ISSA Summit



On May 18th, I will be presenting on detection in depth at the CMH ISSA Summit. I look forward to a good discussion of the ideals, organizational needs, and maturity models. Given all of the focus on re-allocating resources from “prevention only” strategies to an equal spread across the core values of prevention, detection and response, this is likely to be a useful discussion to many organizations.

Come ready with good questions. I will also be available throughout the Summit for break-out discussions, one-on-ones, and small team meetings. Please reach out via email, phone or Twitter to schedule a sit down. Otherwise, feel free to approach me in the halls and we can have an ad-hoc discussion if you want to learn more about specific detection in depth approaches.
I speak on Friday, May 18th at 11:15 am. I hope to see you there!

Are You Attending the 2012 ISSA Central Ohio InfoSec Summit?


If you are in the midwest and can make it to Columbus for the ISSA Summit this year, you owe it to yourself to do so. Great speakers, great content, an amazing location and some of the best folks from around the world, for two days focused on infosec. It’s been amazing the past several years. You can find info online about it here

Some of the things I am looking forward to are getting to hear more from Richard Clarke (I might not always agree with his view, but he is an excellent speaker and a very good man.), and the rest of the speakers. In fact, there is not a speaker on the docket that I don’t think is amazing. We have developer insights, business folks, techno geeks, hackers, auditors and even a few MSI folks. 
So, if you can come to town and be here May 17th and 18th, do so. If not, you’ll miss out on what is sure to be an amazing event.
Special thanks to the Columbus ISSA team for putting the event together. These folks work really hard to pull it off, and the volunteers on the day of the event go above and beyond to make it all happen. Please take a moment at the event and give them a pat on the back. If something would happen to go wrong, or could be done better, drop them a line in email and they will look at improving it next year. Thank them, in person, for all of the things that go right. Seriously, it helps. Even better, volunteer for the Summit and help them and the community out. It’s a great way to give back for all that the community does for all of us, all year long. 
Thanks for reading and we’ll see you at the Summit! 

Audio Blog Post:Thoughts On ISSA and the Central Ohio InfoSec Summit

Brent Huston interviews Connie Matthews, who is on the Central Ohio ISSA Board and serves as the Special Events Coordinator. We were fortunate to be involved with the conference this year and the event just keeps getting better and better! Tune in to hear what was learned from this year’s event and ideas for the future!

Click here to listen.