Hosted by Stanford’s Information Security and Privacy Offices, the festival aims to raise awareness and understanding about how to ensure our online lives are safe and secure.
The festival, themed “Defending the Human,” will include a variety of breakout sessions and workshops from different speakers and security leaders, with an overarching focus on online safety and end user protection based on security best practices.
All Stanford University and Healthcare communities are invited and is open to the public. RSVP now to let us know you are coming and be entered in a early bird raffle drawing.
The festival will be offered in two locations on two different dates with similar information. The open-house style festival will allow you to move around as you please between exploring the expo area and listening to presentations.
October 9 from 10 a.m. to 2 p.m. on the historic campus in Arrillaga Alumni Center
Please note, the presentations will differ in each location depending on speaker availability, and there will not be a academic village area at the SRWC event.
Help get the word in your organization about this very important event. (Downloadable Flyer)
The festival will provide value for students, faculty, and staff alike, including:
The festival will include five different skill-building villages to help you hone your knowledge and skills about a variety of topics. Here's a look at what you can expect.
by David Sell, Stanford Applied Physics PhD Candidate
Assistant Vice President and Chief Information Security Officer at Stanford University
Going Passwordless with Cardinal Key
Stanford is going passwordless! Imagine not having to login with your username and password each day, yet be dramatically more secure. Cardinal Key brings this dream to reality. In this session, learn how you can begin using Cardinal Key today and how it works behind the scenes.
October 31, 2019 | 10:10 am - 10:55 am @ Room 101, Cardinal Hall , Stanford Redwood City
October 9, 2019 | 1 pm - 2 pm @ Barnes Room, Alumni Center, Historic Campus
Recorded Session on the Stanford ISO YouTube Channel: https://youtu.be/W6yL5MJFDhI
Director of Information Security Consulting at Stanford.
Keeping Stanford’s Research Mission Secure in an Era of Increasing Cyber Threats
While it may seem that Stanford stands apart in our teaching, research, and clinical care missions, the university is no stranger to data breaches and cyber attacks. In this presentation you will get an overview of the University’s cyber security program, hear about cyber security incidents and threats, and learn what you need to do in your role, as a researcher, to keep your data safe.
October 31, 2019 | 11:10 am - 11:55 pm @ Room 101, Cardinal Hall , Stanford Redwood City
October 9, 2019 | 10 am - 11 am @ McDowell Room, Alumni Center, Historic Campus
Recorded Session on the Stanford ISO YouTube Channel: https://youtu.be/pTy4ktJqGwk
Jay is a Software Developer from the Endpoint Engineering and Development (EED) from University IT.
Shilpa is a Senior Software Developer from Enterprise Technology (ET) from University IT.
MyDevices and Device Compliance Explained
This talk will cover the high-level design and structure of the Device Registry, its data sources and feed systems, and will describe in some detail how device compliance is determined and how compliance enforcement works. We'll discuss how to troubleshoot common compliance problems, and will leave plenty of time for questions and answers.
October 31, 2019 | 12:10 pm - 12:55 pm @ Room 101, Cardinal Hall , Stanford Redwood City
October 9, 2019 | 1 pm - 2 pm @ McDowell Room, Alumni Center, Historic Campus
Recorded Session on the Stanford ISO YouTube Channel: https://youtu.be/RnOrWCdVV68
Compliance and NCAA Certifying Officer at Stanford Student Services Center.
Student Privacy 101
An introduction to the Family Educational Rights and Privacy Act (FERPA from the student perspective).
October 31, 2019 | 1:10 pm - 1:55 pm @ Room 101, Cardinal Hall , Stanford Redwood City
Streaming/Recording: Not Available*
October 9, 2019 | 1 pm - 2 pm @ Cranston Room, Alumni Center, Historic Campus
Associate Director of Surveillance and Cybersecurity | Center for Internet and Society at Stanford Law School
Compelled Device Decryption and the Fifth Amendment
You can unlock your smartphone with a passcode, your finger, even your face. When the police demand you decrypt your phone or other device for them, can you successfully invoke your Fifth Amendment right against self-incrimination? Well, it depends. Given by an attorney who researches surveillance and cybersecurity issues at the Law School's Center for Internet and Society, this talk quickly walks through the when, where, why, and how of compelled decryption and the Fifth Amendment under current case law, then ends with some practical takeaways.
October 9, 2019 | 11 am - 12 pm @ McDowell Room, Alumni Center, Historic Campus
Recorded Session on the Stanford ISO YouTube Channel: https://youtu.be/vXuGHdM_usY
Chief Information Security Officer at Stanford Children's Health | Lucile Packard Children's Hospital Stanford
Cybersecurity: Practical Personal Protection
Cybersecurity is increasingly in the news having an impact to family and friends. Come learn practical methods that you can use to protect yourself and family. Share with friends. Take control of your information.
October 9, 2019 | 12 pm - 1 pm @ Cranston Room, Alumni Center, Historic Campus
Recorded Session on the Stanford ISO YouTube Channel: https://youtu.be/9I93rdPK3a4
Director for Consumer Privacy, Center for Internet and Society at the Stanford Law School
Consumer Privacy Strategies in 2019: Discussion between Dr. King and Elizabeth Lee
Elizabeth Lee Sr. Privacy Officer from the Office of Chief Risk Officer (OCRO) will be interviewing Dr. King on Consumer Privacy Strategies.
October 9, 2019 | 12 pm - 1 pm @ Barnes Room, Alumni Center, Historic Campus
Recorded Session on the Stanford ISO YouTube Channel: https://youtu.be/UzHZCpdmnW8
PhD Candidate, Department of Management Science & Engineering, Stanford.
"I was told to buy a software or lose my computer": lessons from a national survey on ransomware
Ransomware has received lot of media coverage in recent years, in large part due to attacks on government organizations and high-profile corporate targets. However, consumers are thought to be the most likely victims, as they are less likely to have robust security in place. This talk draws on recent research into the situational and behavioral factors that affect susceptibility of computer users to ransomware, and ends with some practical mitigation strategies and tips for staying safe online.
October 9, 2019 | 12 pm - 1 pm @ McDowell Room, Alumni Center, Historic Campus
Recorded Session on the Stanford ISO YouTube Channel: https://youtu.be/y1mFg205jVA
Splunk Engineer
Tips and Tricks on getting the most out of Splunk
Are you a current user of the centralized logging service or thinking about it. Come hear tips and tricks on getting the most out your logs and what data can be mined from them.
October 9, 2019 | 11 am - 12 pm @ Cranston Room, Alumni Center, Historic Campus
Recorded Session on the Stanford ISO YouTube Channel: https://youtu.be/SBqNNj45KRM
Director, Stanford Internet Observatory. Former Chief Security Officer at Facebook.
Tackling the Trust and Safety Crisis
Around the turn of the century, the technology industry faced a pretty basic problem: we had no idea how to write secure software. Every year brought the invention of completely new classes of software flaw, there was little training available in industry or the academy, and security was considered something you added with a firewall and antivirus.
Twenty years have past and, while things are far from perfect, we at least have a great deal more understanding of how to address core information security risks in complex software projects. The tech industry is now facing a whole set of new issues, ones involving our inability to build products that are safe, trustworthy, and respectful of user privacy when deployed to billions globally. Unlike before, however, this is not just a computer science problem but one that crosses into the worlds of sociology, psychology, political science, and anthropology.
In this talk, the speaker will draw from his deep well of experience making serious mistakes in this area to lay out some of the basic challenges facing industry and academia while humbly suggesting some possible ways forward. This time, we don't have decades to figure out how to do better.
October 9, 2019 | 10 am - 11 am @ Barnes Room, Alumni Center, Historic Campus
Streaming\Recording Info: Not Available* from Cyberfest
A similar talk was given by Alex Stamos from the USENIX Security '19 event available here: https://www.usenix.org/conference/usenixsecurity19/presentation/stamos
Co-founder and instructor at Stanford's Advanced Computer Security Certificate Program at Stanford Center for Professional Development.
Hacked! Security Lessons From Big Name Breaches
"What do Yahoo!, Equifax, Facebook, and Capital One have in common? These highly-recognized, powerful brands are also all victims of massive data hacks that humbled their organizations.
Over the past several years, we’ve been seeing an increasing number of high-profile breaches and witnessed the consequences: Billions of customers affected. Billions of dollars in fines. Damaged corporate reputations.
In this talk, Dr. Neil Daswani, Co-Director of Stanford’s Advanced Security Program, will review the recent spate of big hacks, the root causes that they were able to occur, and the impact these breaches had on their organizations. Neil will also provide recommendations that everyone in the Stanford community can employ to help avoid data breaches."
October 9, 2019 | 10 am - 11 am @ Cranston Room, Alumni Center, Historic Campus
Hacked! Security Lessons From Big Name Breaches Slides (PDF)
Recorded Session on the Stanford ISO YouTube Channel: TBA
Technical Specialist Supervisor, Computer Resource Consulting, University IT.
Unattended Laptops Will Be Upgraded to Windows 10 and other Windows 7 EOL strategies to avoid
Have you solidified your Windows 7 migration plans? Kevin Tully shares his team's strategy, tools, and other considerations involved in an effort to upgrade or replace more than 1000 Windows 7 devices before the January 2020 deadline.
October 9, 2019 | 11 am - 12 pm @ Barnes Room, Alumni Center, Historic Campus
Streaming\Recording Info: Not Available*
Questions can be sent to our mailing list cyberfest@lists.stanford.edu.
*exceptions may occur if a speaker opts-out from streaming and or recording of their session.