Because the difference between a hard target and a soft target … is everything.

The recent flood of data breach news may numb us to the threat of attacks with kinetic effects--direct or indirect physical damage, injury, or death. Hack NYC focus’ on our preparation for, and resilience to, the genuine potential for Kinetic Cyber attack. Be part of defining solutions and illuminate risks aimed at Critical National Infrastructure

  • financial services (banking, clearing);
  • security services (police, military)
  • electricity generation transmission and distribution;
  • gas production, transport and distribution;
  • oil and oil products production, transport and distribution;
  • telecommunications
  • water supply (drinking water, waste water/sewage, stemming of surface water (e.g. dikes and sluices));
  • agriculture, food production and distribution;
  • heating (e.g. natural gas, fuel oil, district heating);
  • public health (hospitals, ambulances);
  • transportation systems (fuel supply, railway network, airports, harbors, inland shipping);

The event is about sharing big ideas on how we will fortify our daily life and economic vitality.  The threat of attack aimed at Critical National Infrastructure is real as services supporting our communities and businesses face common vulnerabilities and an unspoken kinetic threat.  On May 7-10, 2018, join us at 11 Times Square, across the street from the New York Port Authority, a national landmark of transportation.

Core content in support of The NIST Cyber Security Framework is aligned to five functional areas;

  • Identify - "Develop the organizational understanding to manage cybersecurity risk to systems, assets, data, and capabilities."
  • Protect - "Develop and implement the appropriate safeguards to ensure delivery of critical infrastructure services."
  • Detect - "Develop and implement the appropriate activities to identify the occurrence of a cybersecurity event."
  • Respond -"Develop and implement the appropriate activities to take action regarding a detected cybersecurity event."
  • Recover - "Develop and implement the appropriate activities to maintain plans for resilience and to restore any capabilities or services that were impaired due to a cybersecurity event."

Who Should Attend

 operators preview   Join other Hunters, Red Teamers, Penetration Testers, Cryptographers, Security Analysts, Security Engineers, Software Developers and Risk Managers. Influence this critical conversation and sharpen your skills. Get your hands dirty with the latest tools and techniques. Explore challenges and real-world solutions from industry peers working challenges with critical infrastructure security.
     
    We provide the platform, you steer the conversation with 1:1 and group sessions. Engage with industry leaders, practitioners, and potential investors to ignite an open conversation in “think tank” style breakout talks. Mold how we fortify our critical infrastructure with unmatched networking and learning opportunities
     
sponsors preview    Reach hundreds of cybersecurity experts, decision makers, and influencers. Bring your best and brightest minds and innovation to the big apple and influence our ability to secure critical infrastructure. You can influence conversation affecting every industry: government, healthcare, finance, transportation, energy, law, policy and more. 
     
    Meet face-to-face with the top international talent committed to defining and defending the future of security. Meet with the most influential companies and recruiters who are hiring now. Register online, schedule your meetings in advance and plan to make life-changing connections.

 

*Continuing professional education credits (CPE)


2018 Speakers

CTO Security (Cloud & Enterprise)
Microsoft Corporation
USMC Recon Marine, GORuck Cadre
GoRuck
Founder
I Am The Cavalry
CEO
Gula Tech Adventures
Lead Security Strategist
Adobe Systems Incorporated
Lead System Engineer
Veracity Industrial Networks
Radicalization and Counter/Cyber Jihadist Operations Analyst (RCCJOA) Instructor
Cyber Security Forum Initiative
CEO
TrustedSec
Founder & CEO
SCYTHE
Managing Director
Blackrock
Founder Director President at Cyber Security Forum Initiative
Cyber Security Forum Initiative
Senior Security Architect
IBM
Program Manager
Consortium for IT Software Quality (CISQ)
Senior Research Scholar
Columbia University
Member & Chair, Privacy, Cybersecurity, and Data Law
Mandelbaum Salsburg
Chief Information Security Officer
BGC Partners
SVP
Bank of America
Deputy Chief Information Security Officer
City of New York
Chief Operational Risk Officer
Goldman Sachs
Vice President Of Product Management
NetSPI
BioHacking Village Project Manager
DEF CON
VP, Security Intelligence
Lookout
Principal Consultant
SpyderSec
Manager
Gotham Digital Science
Founder, Principal Security Consultant
Lares
Criminal Defense Lawyer
EKELAND, P.C.
EVP, Strategy and Analytics,
CAST
Director of Infrastructure
Interfaith Medical Center
Security Consultant
NCC Group
Technical Director
NCC Group
President Emeritus
NY Metro InfraGard
Sr. Vulnerability Researcher
CERT / Carnegie Mellon University
Senior Principal Engineer
MITRE Corporation
Founder, Consultant
ReachRF LLC
Managing Consultant
Spirent Federal
Host Intrusion Engineer
Adobe
Trainer
EC-Council
Detect & Response, The Butterfly Effect way!
IOActive
Graduate Student in CyberSecurity and Information Assurance
Wilmington University
Cyber Security Dispatch
Policy Analyst
National Governors Association
Director of Cybersecurity Services
Versive
Convergence Engineer
Smithee Solutions LLC
VP of Security Solutions
Check Point
Product Manager
SecurityScorecard

BOOT-CAMP Occupational Specialty Training Courses

5/10 | GORUCK Constellation Custom (One-Day-Course) 

Trains you to be a hard target and a protector of what you hold dear. This is not an "offensive" event by design. Firearms and combatives training are not part of this event. You and your cell will move throughout the city with a rucksack of supplies and learn what escape and evasion looks and feels like in a time of chaos. Once you see the constellations, you know exactly how to find them no matter where you are. This knowledge makes you a hard target. Upon successful completion, you’ll earn the GORUCK CONSTELLATION patch, which will never be for sale.

Don't miss this mission.

(One-Day-Course) | $295pp | Instructor: Mr. Mickey B

 

Course Syllabus


5/9 Web Hacking Jutsu with Burp Suite - Genin Level (下忍)

● Introduction to and hands-on use of Burp Suite Professional

● Gain first-hand experience with web vulnerabilities by discovering and exploiting them in web apps, using both manual and automated techniques

● Students will leave with an understanding of how to find and exploit the most common and dangerous flaws in web applications

● Begin working through the OWASP Testing Guide as a methodology for how to test app security

(One-Day Course) | $995pp | Instructor: David Rhoades

Course Syllabus


5/9-5/10 | Secure Coding in C and C++ 

Secure Coding Training in C and C++ provides a detailed explanation of common programming errors in C and C++ and describes how these errors can lead to code that is vulnerable to exploitation. This course concentrates on security issues intrinsic to the C and C++ programming languages and associated libraries. 

(One-Day Course) | $1500pp | Instructor: Prof. Robert Seacord

 Course Syllabus


5/9 | Radicalization and Counter/Cyber Jihadist Operations Analyst

The end state of CSFI's unique Radicalization and Counter/Cyber Jihadist Operations Analyst (RCCJOA) training and certification is to support the warfighter, the intelligence community, and law enforcement to strategically defeat terrorist organizations and their affiliates and adherents through the use of cyberspace.

(One-Day-Course) | $1300pp | Instructor: Mubin Shaikh

Course Syallbus


5/9-5/10 | Firmware Exploitation and Attack Countermeasures 

The IoT Firmware Exploitation and Attack Countermeasures training is designed to provide techniques for testing of embedded IoT systems, employing proactive controls, embedded application security best practices, and address the challenges of building security into embedded devices. This course is suited for embedded systems engineers, software developers, and security professionals.

(Two-Day-Course) $1500pp Instructor: Aaron Guzman

Course Syllabus


5/9-5/10 | STORM-HACKING

Module 01: - Introducing The STORM!
Module 02: - Network Security Threats, Vulnerabilities, and Attacks
Module 03: - Network Traffic Monitoring and Analysis
Module 04: - Network Risk and Vulnerability Management
Module 05: - Introduction to Ethical Hacking 
Module 06: – Footprinting 
Module 07: – Scanning
Module 08: – Enumeration 
Module 09: – System Hacking/Hacking Wireless Networks 
 

(Two-Day-Course) $1995pp Instructor: Kevin Cardwell

Course Syllabus



5/10 | Industrial Control Systems (ICS)

What Students Will Learn:

·      Introduction to commonly used field devices used in various industries. Students will be introduced to old-school devices and the latest generation and why it matters.

·      PLC, PAC, DCS, IED, RTU, what are these and what do they do?

·      Is everything on the plant floor really insecure?

·      What can be done to secure what is in your plant already.

(One-Day-Course) | $1000pp | Instructor: Tom Vannorman

Course Syllabus

 


The HACKNYC Team

This event would not be possible without the industry support of "The Team"

Distinguished Engineer
Cisco
Criminal Defense Lawyer
EKELAND, P.C.
IT Specialist
U.S. Department of Homeland Security
Chief Operating Officer
BSides DE | RedLion
Senior Director
TrapX Security
Senior Principal Engineer
MITRE Corporation
Senior Vice President and Chief Evangelist
Center for Internet Security
Chief Scientist
Flashpoint
International Board of Directors, Chairman for Education & Professional Development
ISSA International
Computer and Information Science
New Jersey Institute of Technology
Leader & Director, DevSecOps (Red Team, Cloud Security, Security Engineering)
Intuit
Principal Engineer at McAfee and SANS Certified Instructor
Assistant Special Agent in Charge (ASAC) - National Security Branch at FBI
Federal Bureau of Investigation (FBI)
Vice President - Technology Risk
Goldman Sachs
Producer
Mage Groupe
Executive Director
SAFECode
Senior Manager
Amazon
Cyber Security Problem Solver | Podcaster
Kivu Consulting | Cyber Security Interviews
Co-Founder, Producer
All Day DevOps
Principal Software Assurance Engineer
MITRE Corporation
Moderator | Security Advisor
NetSPI / OWASP
Partner
BWG Strategy
Advisory Board
NYU
CISO / Head of Risk and Security Management
Manager
Community Resilience Panel - NIST
CEO
Dragos, Inc.
Vice President - Application Security
Pershing, a BNY Mellon company
Co-Executive Producer / Virtualization Security
VMware , Owasp NYC president
Information Security
Undisclosed
Global Head of Services, Security, and Integration
Nuix
Unit Head | NJSP Cyber Threat Intelligence Unit
New Jersey Cybersecurity & Communications Integration Cell
Senior Solutions Architect
Micro Focus, Fortify
Chief Investigator
District Attorney's Office
Founder
Whiteside Security
Emergency Management Coordinator
Undisclosed
Founder, Principal Security Consultant
Lares
Member & Chair, Privacy, Cybersecurity, and Data Law
Mandelbaum Salsburg
Assistant Professor
Pace University
Professor
New York University

Supporters

New York Internet logo image
AGM logo image
TrustedSec logo image
Log Rhythm logo image
Software Assurance Marketplace (SWAMP) logo image
Adobe logo image
City of New York logo image
Checkpoint logo image
SC Media logo image
MITIS logo image
ITSP Magazine logo image
BugHeist logo image
Spirent Federal logo image
Peerlyst logo image
I Am The Cavalry logo image
Contrast Security logo image
Versive logo image
Proactive Risk logo image
Microsoft Corporation logo image
Consortium for IT Software Quality (CISQ) logo image
Cyber Security Interviews logo image
OWASP Foundation logo image
MAGE Groupe logo image
OWASP 24/7 Security Podcast logo image
BSidesNYC logo image
Colliers Real Estate  logo image
Center for Internet Security logo image
SAFECode logo image
CREST International  logo image
Amazon logo image
US Bank logo image
New Jersey Cybersecurity & Communications Integration Cell   logo image
All Day DevOps logo image
Dragos, Inc. logo image
Flashpoint logo image
Lares logo image
Pace University logo image
VMWare logo image
New Jersey Institute of Technology logo image
NYU logo image
Intuit logo image
McAfee / SANS Institute logo image
Micro Focus, Fortify logo image
BWG Strategy logo image
Nuix logo image
NETSPI  logo image
ISSA International logo image
Mandelbaum Salsburg logo image

Travel, Lodging & Entertainment

Whether you’re attending the conference solo or with your family, we’ve compiled a list of the very best attractions, Broadway show tickets, dining recommendations and New York airport shuttles so you can plan your entire NYC experience.

May we suggest seeing the sights on a double-decker bus tour? Perhaps you’d like to sail away on a New York sightseeing cruise. Or save on a combination of attractions, museum tickets, and tours with a New York tour package.

Helicopter rides from the airport, anyone? The possibilities are endless.

11 Times Square, New York, NY 10036

News Alerts

Want to be alerted of upcoming events and related activities? Sign Up