How to Make Penetration Tests Useful by Ira Winkler
- Former president of the Internet Security Advisors Group, chief security strategist at HP Consulting, and director of technology of the National Computer Security Association
- Featured in multiple media outlets, including CNN and Forbes
- Offers tailored presentations on topics such as security, protecting your identity, and superspies
Play Video View Fees
Considered one of the world’s most influential security professionals, Ira Winkler, CISSP, the president of Secure Mentem. He has been named a “Modern Day James Bond” by media outlets after performing espionage simulations, where he physically and technically “broke into” some of the largest companies in the world and investigating crimes against them, and telling them how to cost effectively protect their information and computer infrastructure. He continues to perform these espionage simulations, as well as assisting organizations in developing cost effective security programs. Ira also won the Hall of Fame award from the Information Systems Security Association, as well as several other prestigious industry awards. Most recently, CSO Magazine named Ira a CSO Compass Award winner as "The Awareness Crusader".
Ira is the author of the riveting, entertaining, and educational books, Spies Among Us and Zen and the Art of Information Security. Ira has also written the book, Corporate Espionage, which has been described as the bible of the Information Security field, and the best-selling book, Through the Eyes of the Enemy, which both address the threats that companies face protecting their information. He is also a columnist for ComputerWorld, and has written hundreds of professional and trade articles for several other industry publications, and has been featured and frequently appears on TV on every continent. He has also been featured in magazines and newspapers including Forbes, USA Today, Wall Street Journal, San Francisco Chronicle, Washington Post, Planet Internet, and Business 2.0.
Ira has been a keynote speaker at almost every major information security related event, on six different continents, and has keynoted events in many diverse industries. He is frequently ranked among, if not the, top speakers at the events.
He began his career at the National Security Agency, where he served as an Intelligence and Computer Systems Analyst. He moved onto support other US and overseas government military and intelligence agencies. After leaving government service, he went on to serve as president of the Internet Security Advisors Group, chief security strategist at HP Consulting, and director of technology of the National Computer Security Association. He was also on the graduate and undergraduate faculties of the Johns Hopkins University and the University of Maryland. Ira was recently elected the International President of the Information Systems Security Association, which is a 10,000+ member professional association.
The Death Of The HP Way: An Insiders Perspective On How The HP Ethics Debacle Came Together. The news that HP hired private investigators to investigate employees, board members and members of the press shocked the nation and the world, and had massive repercussions both inside and outside of HP. This was not the case of a single person run amok, but of a steady deterioration of the company’s moral fiber. Ira Winkler noticed this deterioration from the inside and resigned, warning that some management behaviors were ethically unsound and were harming the company, while other managers ignored the behaviors. Sadly, his foresight was proven very correct. This presentation discusses the events that led up to Congressional inquiry, as well as how attendees can recognize similar patterns in their own organizations. Most importantly, it provides guidance as to what can be done to prevent this situation from being repeated in their organizations.
Secrets Of Superspies. Spies are unstoppable geniuses who can steal any information they want. You are at their mercy. Then there are the spy wannabes such as criminals, hackers, and even your employees, all with similar diabolical reputations. However as good as spies are in stealing your information, they are as good as protecting their information. After all, people know who the spies are and target them back. While some spy cases hit the newspapers they are rare when compared with all the people out to get them. The fact is that they know the underlying ways to compromise information, so they know best how to protect immense amounts of information. Ira Winkler uses actual cases of espionage, including those that he committed, to demonstrate the most cost effective security programs for your organization.
What The Wizard Of Oz Says About Security. There are a lot of messages to be taken from the movie, The Wizard of Oz, and they are not what people typically believe they are. Ira Winkler contends that many of them are applicable to security. Using a set of case studies of actual information and espionage related crimes, Ira talks about the underlying issues of security. His reenactment of the movie is not to be missed, as you discover the true meaning of the movie.
Corporate Espionage. Information related crimes cost businesses over $300 billion per year. It can bring a successful company to its knees. Ira Winkler, who developed a reputation for regularly stealing billions of dollars from some of the top companies in the world, discloses the truth about these devastating losses. He discloses everyone, from malicious insiders to foreign intelligence agencies, who are responsible for the losses, what their methods are, and most importantly, how to prevent the crimes. Ira also presents case studies detailing how he, himself, was able to steal nuclear reactor secrets as well as billions of dollars of other information.
Zen & The Art Of Cyber Security. The biggest problem in corporate information security is the people performing the work. Ira has found that there are people outside the security field, and even many people inside the field, who think they know what they need to know about security but clearly don’t. Additionally, some people know a great deal about one aspect of security, but are woefully weak in other aspects and don’t know it (or want to know it). Because of this phenomenon, most organizations have a very false sense of security. Using entertaining analogies from martial arts and psychology, this presentation discusses this critical security failing. Attendees will learn how to tell if they are dealing with people who are properly skilled, and how to plan their security programs accordingly.
Protecting Your Identity. Identity theft is no a rampant problem, and statistically everyone has been or at least knows of a person who has fallen victim to the crime. While the majority of the theft cases involve a few unauthorized credit card charges, some people have their lives devastated. Ira Winkler who simulates identity theft crimes and assists in the investigation of identity theft cases presents case studies of identity theft. The presentation tells companies and people how to avoid being a victim of identity theft, and then what to do should the worst happen and you need to recover from the theft.
Combating E-Fraud. The proliferation of the Internet has led to a proliferation of traditional crimes moving to the Internet. Because of the nature of the Internet, fraud related crimes are the most common experienced. These frauds take a variety of forms; from phishing to auction fraud to credit card theft and abuse to basically anything which is only limited by the creativity of the criminal. Ira Winkler, who has worked with banks and other organizations to help reduce and combat fraud, describes a series of actual events to help the audience discover the methods that best suit them to stop fraud or how to deal with the fraud should they find themselves being a victim
Protecting Your Children On The Internet/How To Spy On Your Children. When parents hear that Ira is a computer security expert, their top question involves how they can check up on what their kids are doing on the Internet. During this presentation, Ira answers that question. More importantly, he tells them what they should do proactively to keep their kids safe. He closes with what people should do if the worst does happen.
Internet Security 101. Given all the news reports about hackers and other Internet crimes, individuals and companies are rightfully concerned about properly protecting their computers. Unfortunately, most people perceive security to be too complicated and expensive for them to do anything about. They think they are at the mercy of computer criminals. The reality is very different. There are very simple and inexpensive things that people can do to get rid of just about all risks that they face from the Internet. Ira Winkler, who is one of the most well respected industry experts, describes what everyone can do to make their Internet experience a safe one.
You’ve Got Mail Security (Love Online). Millions of people are now using the Internet to find a mate. The movie, You’ve Got Mail, highlighted the best and the worst of online romances. While that was a fictional account of Internet dating, there are real horror stories out there that anyone considering or involved in Internet dating should consider. Ira Winkler has been involved in assisting individuals in dealing with their own experiences, and provides practical advice on how to safely explore online relationships.
E-mail Security. E-mail can easily be the most critical application used by organizations today. When e-mail goes down, organizations can come to a critical halt. E-mail is also the source of many, if not most, computer attacks. Ira Winkler details why e-mail is one of the biggest blessings and curses of the Internet, and talks about how to safely take advantage of the technology.
The Magic Of Computer Hacking. Most people believe that hackers are the magicians of the Internet, because of their apparent ability to manipulate it at will. Ira Winkler, who is highly critical of hackers, actually believes that magicians are a great way to describe computer hackers. After all, magicians perform great feats, such as appear to make things disappear and move them miles away. Yet, Ira contends that we don’t hire magicians to move furniture or perform other mundane acts, because we know that it is only a trick. Hackers have their own form of smoke and mirrors. They don’t necessarily have any more technical skills than the average person, they just know a few tricks that most people don’t. Ira performs a magic show and combines it with a hacking demonstration to show why hacking is magic, or more specifically, just a modern day form of smoke and mirrors.
Beyond The Hype Of Terrorism. Terrorism is in the back of everyone’s mind. News reports regularly highlight some aspect of terrorism, whether they are breaking news stories involving the deaths of people or they are just updating the latest uncorroborated threats. People are expected to lead their normal lives, yet they are warned about imminent threats. The government raises the threat level, causing companies and local governments to incur large costs, then we find out that they made a mistake. What should people and companies really do about terrorism? What is the reality beyond the hype? Ira Winkler, a former intelligence analyst with the NSA, who now simulates intelligence acts, who the Wall Street Journal referred to as “One of the few voices of reason” on the subject of terrorism, discusses the reality of terrorism, and describes what actions people and companies should really take in response to the terrorist threat.
Learning From The Intelligence Community. When you consider what Intelligence professionals go through, security professionals have it easy. Think about it intelligence collectors have to go out and collect random information that is generally known to be valuable and therefore very well protected. Counterintelligence professionals are responsible for protecting their information and computers from people and organizations with unlimited resources. However, in the grand scheme of things, there are extremely few compromises of intelligence data given the comparable threats that are out there targeting the intelligence agencies. There are clearly lessons that can be taken from the intelligence field and applied to the corporate information security environment.
Join Ira Winkler, a world-renowned security expert who has worked for and with a variety of intelligence agencies around the world, to discuss what he has found to be the most practical lessons security professionals can learn from the intelligence profession. In this talk, Winkler will discuss:
The Intelligence Process
The Counterintelligence Process
The Types of Intelligence & Intelligence Analysis
Applying Intelligence Techniques To Security Programs