2019 National Cyber Summit

Summit Speaker Winn Schwartau

Session Information

How to Measure the Security of your Network Defenses
Thursday, June 6, 2019 1:15 p.m. - 2:00 p.m.
To defend networks, we should be able to measure their security performance. I’m going to show you the exact techniques to measure the security of portions of your internal networks, such as anti-virus, malware and anomalous event detection. Then we will apply the same techniques to compare the security of classes of protective security products even though vendors don’t supply such specifications.


It all begins with my first career, Rock’n’Roll and being an Analogue audio engineer. Then we travel to Warsaw and Perth to discover the roots of Analogue Network Security… then!
You will see how to measure security and compare the effectiveness of protective devices as a function of time. We will call BB any vendor’s Black Box that performs any abstract security service. The internal process mechanism is immaterial to system measurement; signature-based A/V, rule-based binary decision making, heuristics, deep learning or any possible hybrid

It’s still a Black Box. With Time Based Security as the premise, we first show how to measure D(t), detection efficacy as a function of time. Then we will show how the injection of ‘hostile’ test code can create a time-based metric for product comparison. By varying the sensitivity of detection criteria, especially with ‘smart’ systems, we can see how which kinds of hostile code will trigger the BB’s detection mechanism. (This is a non-vendor presentation!) The time difference between those two numbers is your current, accurately measured Detection Time, or T(1) – T(0) = D(t) The second step in measuring security in the time domain is to continue to Reaction. The Detection Trigger stops the primary clock and begins the reaction measurement process, up to and including remediation, all in the time-domain.

R(t). The measurement of D(t) + R(t) gives us the maximum exposure to the system (process, etc.) equaling E(t), Exposure Time. How do your products and services really perform? Measuring security in the time domain for cyber is a critical tool for understanding and improving security postures. Attendees will receive the math, the tools, charts and schematics on how to measure their own security.
Winn Schwartau photo
Winn Schwartau
Chief Visionary Officer
Winn Schwartau LLC
Winn has lived Security since 1983, and now says, “I think, maybe, I’m just starting to understand it.” His predictions about the internet & security have been scarily spot on. He coined the term “Electronic Pearl Harbor” while testifying before Congress in 1991 and showed the world how and why massive identify theft, cyber-espionage, nation-state hacking and cyber-terrorism would be an integral part of our future. He was named the “Civilian Architect of Information Warfare,” by Admiral Tyrrell of the British MoD.
His new book, “Analogue Network Security” is a mathematical, time-based and probabilistic approach to justifiable security. His goal is to provide a first set of tools and methods to “fix security and the internet”, including fake news, spam, phishing, DDoS and more. It will twist your mind.
Distinguished Fellow: Ponemon Institute
Top-20 industry pioneers: SC Magazine.
Top 25 Most Influential: Security Magazine
Top 5 Security Thinkers: SC Magazine.
Power Thinker and one of the 50 most powerful people: Network World.
Top Rated (4.85) RSA Speaker

Author: Pearl Harbor Dot Com (Die Hard IV), 3 volumes of “Information Warfare,” “CyberShock”, “Internet and Computer Ethics for Kids”, “Time Based Security” (More on his web site.)
Founder: www.TheSecurityAwarenessCompany.Com
Founder: www.InfowarCon.Com
Executive Producer: “Hackers Are People Too”


Meet Our NCS 2019 Speakers

Jocquette Blue Photo Jocquette Blue Senior Cybersecurity Analyst H2L Solutions
Ms. Paige Boshell Photo Ms. Paige Boshell Managing Member Privacy Counsel LLC
Teresa Chalkley Photo Teresa Chalkley
Paul Coggin Photo Paul Coggin Cyber Security Research Scientist Financial Institution
Brian Contos Photo Brian Contos CISO Verodin
Randall Cottrell Photo Randall Cottrell Chief Executive Officer Bluejireh Incorporated
Joshua Crumbaugh Photo Joshua Crumbaugh Chief Hacker/Chief Operating Officer PeopleSec® LLC
Ben Curry Photo Ben Curry Chief Architect, Managing Partner Summit 7 Systems
Byron DeLoach Photo Byron DeLoach Director of Adaptive Services Cybriant
Major Bradley Eames Photo Major Bradley Eames 47CTS OL-A Deputy Commander 47 Cyberspace Test Squadron
Mr. Scott Edwards Photo Mr. Scott Edwards President Summit 7 Systems
Shawn Edwards Photo Shawn Edwards Cyber Adversarial Engineer The MITRE Corporation
Irene Garcia-Goan Photo Irene Garcia-Goan Sr. Cybersecurity Analyst H2L Solutions
Jonathan Hard Photo Jonathan Hard Chief Operating Office and President H2L Solutions
Sean Hopkins Photo Sean Hopkins Red Team Security Engineer Millennium Corporation
Dr. Dr. Michaela Iorga Photo Dr. Dr. Michaela Iorga Senior Security Technical Lead NIST
Charlene Mowery CISM, PE Photo Charlene Mowery CISM, PE Vice President of Global Business and Marketing, Cybersecurity SME Ultra Electronics, 3eTI
Ms. Sonia Mundra Photo Ms. Sonia Mundra President Chenega Analytic Business Solutions, LLC (CABS)
Michael Portera Photo Michael Portera Information Security Manager Deloitte
Kell Rozman Photo Kell Rozman Security Software Engineering Senior Manager Toyota Motor North America
Brian Ruf Photo Brian Ruf FedRAMP PMO SME FedRAMP/GSA
Greg Schaffer Photo Greg Schaffer Principal vCISO Services, LLC
Winn Schwartau Photo Winn Schwartau Chief Visionary Officer Winn Schwartau LLC
Mr. Wes Widner III Photo Mr. Wes Widner III Senior Cloud Engineer CrowdStrike

View AgendaView Speaker Listing


Attend NCS 2019 to meet and hear speakers like this! Be among the first to know when registration opens.

Sign Up Now