Security Today Conference: A Gathering of Master Security Thinkers

Security Today Conference: A Gathering of Master Security Thinkers

  • By Ginger Hill
  • Nov 20, 2014

I enjoy attending conferences, whether big or small, I always learn something new to add to my bank of knowledge, and the Security Today Conference at the Gaylord Texan in Grapevine, Texas proved to be no different. For the past two days, I have immersed myself in conference bliss - listening to keynote speakers, visiting booths, sitting in on educational classes and interacting with others. Here’s a sampling of what I learned:

Did you know that Texas State Representative Jason Villalba wrote the first draft of the Texas Marshal Program on December 14th, the day of the Sandy Hook tragedy? He based it on the Federal Air Marshal Program’s concept of having a certified peace officer in common dress, as not to be identified, on an airplane who could only react in a time of emergency. In relation to schools, no one except the principal and school officials know who the marshal(s) are and these marshals have the responsibility and duty to act against active shooters or in any emergency that threatens the lives of students or teachers.

School marshals receive 80 hours of training, must get their CHL, go through a robust background check and participate in a thorough mental exam. Once completed, the marshal is allowed to have a firearm within a 15 second reach while on the school campus to eliminate life or death threats.

Villalba talked with schools across Texas and their response was that it is best to have armed guards at all entrances; however, the state can’t afford this, so the next best thing is the marshal program.

Do you know the lifecycle of a cyberattack? Shawn Riley, executive vice president of CSCSS (Centre for Strategic Cyberspace + Security Science), explains the 7 stages:

  1. Recon – Who to send malware to.
  2. Weaponize – Fill the attached document with malware to exploit.
  3. Deliver – Recipient opens attachment.
  4. Exploit – System becomes vulnerable.
  5. Control – Attack takes over the system.
  6. Execute – The malware attacks the system.
  7. Maintain – The malware maintains access to the system.

By analyzing a cyberattack and breaking it down into stages, it’s easier to understand what people do to attack and how to prevent future attacks.

Did you know that out of all school safety and security threats, an active shooter is least likely to occur? This is according to Catherine Toohey of the Texas School Safety Center, an official university-level research center at Texas State University, whose message was that schools need to be prepared and train for ALL possible emergency events including bullying, weather-related events, dating violence, etc.

Do you realize that our social security numbers are totally unprotected? George Gundling, CEO, SaaS Software, Inc. presented that the only way to prevent identity theft is to protect our social security numbers. He proposed the concept of an ID authentication system as the vaccine for ID theft.

“Technology is available, but it’s all in how it is used,” said Gundling.

The ID authentication system works in three steps:

Step 1: Verification – proving you are you.

Step 2: Authentication – connect biometric data to social security numbers.

Step 3: Registration – register all identifying information to social security number to prove ownership.

Did you know that your IT department may be an unknowing accomplice to cybercrime?

According to Mark Villinski of Kaspersky Labs, 300,000 to 325,000 new threats daily come into Kaspersky to be analyzed. Here’s how IT could be helping to bring in these threats:

  1. Social media mania – not protecting ALL social media accounts of company.
  2. Attention misdirection – focusing on protection only rather than detection and response of threats.
  3. Failing to foster a culture of awareness.
  4. Reliance on compliance – thinking employees are always compliant to policies that protect them as well as the company.

Do you realize that the U.S. spends approximately $10 billion per year to protect the nation’s digital infrastructure? No doubt that’s a costly amount, but if critical infrastructure, including banking, agriculture, water, dams, emergency services, information technology, energy, etc., had adequate security and protection, this dollar amount could significantly decrease.

Mario Castellanos, COO and EVP, CNIguard presented that the elements and components of security seem to overpower the “doing” of security, so our critical infrastructure is in danger of being breached. Therefore, security of critical infrastructure should cover the following to be effective:

Trespassing – harmless curiosity/conscious entry into critical infrastructure facilities.

Vandalism – graffiti, etc.

Property theft – equipment theft, etc.

Tampering and sabotage – intentional act that causes mass destruction of life and property.

About the Author

Ginger Hill is Group Social Media Manager.

Featured

  • Work Anywhere, Secure Everywhere: 2025 Tech Predictions

    Five years after the pandemic, organizations need a flexible work reset to stay productive and support any work arrangement. Despite the pandemic-fueled workplace shift that began five years ago, companies across industries and geographies continue to increase flexible work configurations. However, many tools adopted during COVID onset remain in place today, and they now need a reset to keep employees productive and secure regardless of location. Security leaders must re-evaluate existing practices and reinvest in zero trust security, passwordless environments, and automation adoption to improve efficiency and productivity. Read Now

  • Guiding Principles

    Construction sites represent a unique sector of perimeter security, especially amidst a steady increase in commercial construction. As in any security environment, assessing weaknesses and threats remains paramount and modern technology, coupled with sound access control principles, are critical in addressing vulnerabilities at even the most secure construction sites around the world. Read Now

  • Empowering 911

    In the wake of the tragic murder of UnitedHealth Group CEO Brian Thompson, media coverage flooded the airwaves with images, videos and detailed timelines of the suspect’s movements. While such post-incident analysis is not new, today’s 911 centers now have access to similar data in real-time. This technological evolution marks a pivotal transformation in emergency response, transitioning from analog calls to a digital ecosystem capable of saving more lives. Read Now

  • Security Industry Embraces Mobile Credentials, Biometrics and AI, New Trends Report From HID Finds

    As organizations navigate an increasingly complex threat landscape, security leaders are making strategic shifts toward unified platforms and emerging technologies, according to the newly released 2025 State of Security and Identity Report from HID. The comprehensive study gathered responses from 1,800 partners, end users, and security and IT personnel worldwide, and reveals a significant transformation in how businesses are approaching security, with mobile credentials and artificial intelligence emerging as key drivers of innovation. Read Now

Most   Popular

New Products

  • ResponderLink

    ResponderLink

    Shooter Detection Systems (SDS), an Alarm.com company and a global leader in gunshot detection solutions, has introduced ResponderLink, a groundbreaking new 911 notification service for gunshot events. ResponderLink completes the circle from detection to 911 notification to first responder awareness, giving law enforcement enhanced situational intelligence they urgently need to save lives. Integrating SDS’s proven gunshot detection system with Noonlight’s SendPolice platform, ResponderLink is the first solution to automatically deliver real-time gunshot detection data to 911 call centers and first responders. When shots are detected, the 911 dispatching center, also known as the Public Safety Answering Point or PSAP, is contacted based on the gunfire location, enabling faster initiation of life-saving emergency protocols.

  • HD2055 Modular Barricade

    Delta Scientific’s electric HD2055 modular shallow foundation barricade is tested to ASTM M50/P1 with negative penetration from the vehicle upon impact. With a shallow foundation of only 24 inches, the HD2055 can be installed without worrying about buried power lines and other below grade obstructions. The modular make-up of the barrier also allows you to cover wider roadways by adding additional modules to the system. The HD2055 boasts an Emergency Fast Operation of 1.5 seconds giving the guard ample time to deploy under a high threat situation.

  • PE80 Series

    PE80 Series by SARGENT / ED4000/PED5000 Series by Corbin Russwin

    ASSA ABLOY, a global leader in access solutions, has announced the launch of two next generation exit devices from long-standing leaders in the premium exit device market: the PE80 Series by SARGENT and the PED4000/PED5000 Series by Corbin Russwin. These new exit devices boast industry-first features that are specifically designed to provide enhanced safety, security and convenience, setting new standards for exit solutions. The SARGENT PE80 and Corbin Russwin PED4000/PED5000 Series exit devices are engineered to meet the ever-evolving needs of modern buildings. Featuring the high strength, security and durability that ASSA ABLOY is known for, the new exit devices deliver several innovative, industry-first features in addition to elegant design finishes for every opening.