November 2012 - Malware: Methods, Money, and Trends

Topic

This presentation will provide an up-to-the-minute, realistic overview of the capabilities of modern malware and the threats they pose to organizations. The material will cover historical and current trends, the criminal business models that support the expansion and evolution of malicious software, and an overview of the actual effectiveness of standard controls. (Hint: Assume they will fail and make it your goal to fail gracefully.) Expect live demonstrations of anti-virus evasion and hidden communications.

Speaker

Daimon Geopfert - National Leader, Security and Privacy Services - McGladrey LLP

Daimon Geopfert is the national leader of security and privacy consulting for McGladrey. He specializes in penetration testing, vulnerability and risk management, security monitoring, incident response, digital forensics and investigations, and compliance frameworks within heavily regulated industries. Daimon has over 17 years of experience in a wide array of information security disciplines. He is a regular presenter for organizations such as ISACA, InfraGard, the Certified Fraud Examiners, and SC Magazine’s World Congress.

Daimon has served as the manager and lead technician for security assessments performed on some of the largest corporations and government entities in the world. He has designed and implemented testing frameworks and methodologies used to properly capture and communicate the technical, operational, and regulatory impact of identified security weaknesses. He acts as the lead developer for McGladrey’s forensic and monitoring service offerings and has designed and deployed incident response and security monitoring programs within several highly regulated clients. Daimon previously served as a special agent with the Air Force Office of Special Investigations as a researcher with the CIA’s Directorate of Science and Technology and deployed and ran Security Operations Centers for the Department of Defense (DoD).

He holds the following certifications:

  • Certified Information Systems Security Professional (CISSP)—ISC2
  • Certified Information Security Manager (CISM)—ISACA
  • Certified Information Systems Auditor (CISA)—ISACA
  • GIAC Certified Incident Handler (GCIH)—The SANS Institute
  • GIAC Reverse Engineering of Malware (GREM) – The SANS Institute

Daimon received his MS in Computer Science from the University of Michigan and a BS in Computer Science from the United States Airforce Academy.

Materials