This post was originally published on this site is a participant in the Amazon Services LLC Associates Program, an affiliate advertising program designed to provide a means for sites to earn advertising fees by advertising and linking to

Three years ago when we set out to create a conference that would
bring together the greatest minds in the information security
industry, we could not imagine the overwhelmingly positive response
and growth MIRcon™ would receive year after year. Our goal for
MIRcon is simple: to inform innovators and executives who are on the
front lines daily, battling cyber attackers. MIRcon 2012 was no
exception as we heard from industry leaders across the public and
private sector present to consistently packed audiences.

Mandiant’s CEO, Kevin

On day one, Mandiant’s CEO, Kevin Mandia welcomed attendees
and set the tone for the show, explaining how we had to “attack
the security gap”. Later that evening, attendees were treated
to a keynote from the President of the Miami HEAT basketball team,
Pat Riley. Coach Riley gave a great speech on bringing out the
winner in each of us that touched on collaboration within the
industry. And to conclude MIRcon 2012, Gen. Michael V. Hayden
presented a riveting keynote on securing the cyber domain and the
challenges that come with that demanding task.

In addition to
impressive keynotes that raised key issues within the industry,
attendees were treated to top presentations in both the management
and technical tracks. I asked each track owner, Mandiant’s CSO,
Richard Bejtlich, and Manager, Chris Bream, to write a brief summary
of their track sessions:

Richard Bejtlich – Managerial Track

year’s management track balanced activity within the enterprise with
factors outside the enterprise. For example, from the perspective of
an enterprise CIRT, we heard from speakers like Rocky DeStefano,
Stephanie Scheuermann, and Michael Cloppert. They talked about
incidents, teams, and ways to organize, train, and equip responders
in an age of “continuous incident response.”

the outside perspective, speakers discussed pressures on CIRTs
derived from legislatures, lawyers, and even the nature of
“cyberspace” itself. Speakers like Jason Healey, Greg
Rattray, Chris Walsh, Rob Shelton, and Kristen Verderame told us how
forces ranging from the Securities and Exchange Commission (SEC) to
Senators on Capitol Hill affect security management.

Twitter Pix Taken @ MIRcon

Lastly, we had some hybrid talks, where inside and outside
forces came together. Lisa Branco and Jake Sommer provided one
example with their third consecutive legal briefing. Mandiant’s
Grady Summers and Tim Crothers synthesized wisdom from German
psychologists and organizational authors to show how to use
incidents to drive change.

As I think about next year, I
wonder how we will find enough time to accommodate all the topics I
would like to see!

Chris Bream – Technical Track

One thing I
realized as I emceed the technical track (where technical people
learned how to make managers think they were better, faster, and
stronger) is that people are starting to “get it”. There
wasn’t any more “targeted threat 101” or “let me
explain the attacker lifecycle”. The presentations in this
year’s technical track assumed you knew the basics and, as far as I
could tell, pretty much everybody did. To me, we’ve moved on from
“what” to “how”. We know what we’re up against,
now we need to determine how we’re going to manage those threats. We
also know that prevention is not the solution. We need to be able to
detect and respond.

The technical track provided a variety
of solutions for the “how”, focused primarily on detection
and response. The topics ranged from how to improve your IR
processes (Josh Bartolomie and Tom Hankins), to how to find the
attackers (Will Gibb/Jay Smith, Seth Hall, Nick Bennett/Jake
Valletta, Kelcey Tietjen/Graeme Stewart, and Ryan Kazanciyan), to
how to limit our exposure (Mike Pilkington), to how to change our
view of these threats (Willi Ballenthin).

I had a number of
attendees come up to me and say how much they enjoyed the track. For
the most part, their message was the same: this is information we
can actually use to get better. Practical, hands-on, usable, and
directly applicable; all of these phrases came up when I talked with
attendees of the technical track.

If you missed the technical
track this year, I’m sorry to hear it. You missed out on a lot of
great information. Hopefully, you’ll be able to make it next year
when we try to top ourselves again


I couldn’t conclude this wrap-up
on MIRcon 2012 without a big thank you to Phil Sides, director of
product support, who in his spare time is a world-class beer judge
and chooses beer pairings for the Oktoberfest reception. For those
of you not familiar with Mandiant’s Oktoberfest reception, it is our
way of thanking attendees who join us for Mandiant’s annual
conference by throwing a biergarten-style celebration on the first
day of MIRcon.


Throughout MIRcon (including the set-up) we made sure to
capture as many photos as possible to document the conference. You
can view the full set of photos here.

At L Technology Group, we know technology alone will not protect us from the risks associated with in cyberspace. Hackers, Nation States like Russia and China along with “Bob” in HR opening that email, are all real threats to your organization. Defending against these threats requires a new strategy that incorporates not only technology, but also intelligent personnel who, eats and breaths cybersecurity. Together with proven processes and techniques combines for an advanced next-generation security solution. Since 2008 L Technology Group has develop people, processes and technology to combat the ever changing threat landscape that businesses face day to day.

Call Toll Free (855) 999-6425 for a FREE Consultation from L Technology Group,