Tuesday, June 6, 2023
8:30 am - 5 pm
Princeton University, 701 Carnegie Center
All sessions will be in-person only - held in MPRs A, B, & C
Open to Princeton students, faculty, and staff
Only 140 seats are available, so register today!
What is Princeton’s Cybersecurity Day and why should I attend?
This year's inaugural Cybersecurity Day is a day-long, conference-style event focusing on managing human risk. People often view cybersecurity just as a technical challenge, but it’s also a human challenge. Today our lives are filled with the use of technology, allowing us to easily share and store information. However, without caution, these conveniences can threaten our security and privacy. Join us as our speakers explore good cybersecurity habits we can apply at both home and work.
Agenda
Click the + symbol for more detail on each session.
-
8:30 - 9 am | Breakfast Buffet
-
-
9 - 9:10 am | Welcoming Remarks
-
Jay Dominick
VP for IT and CIO, Princeton University
Office of Information TechnologyDavid Sherry
CISO, Princeton University
Information Security Office, Office of Information Technology -
9:10 - 10 am | Keynote Session: A Day in the Life of a Social Engineer
-
Scammers, Con Men and Social Engineers: You've likely encountered these people whether you knew it or not. If they were really good, you might not have been aware. Let's peel back the curtain and talk with a professional social engineer and see what they do and how they think. What are the various types of engagements that they perform and how they work? But most importantly, how can you protect yourself from a social engineering attack? In this presentation, be ready for the unexpected and see the practitioner's side of social engineering.
Patrick Laverty
Senior Team Lead
Social Engineer, LLC
-
10 - 10:15 am | Break
-
-
10:15 - 11 am | Can Technology Save Us? Exploring Cybersecurity Technology Solutions
-
Many of us have heard the phrase the user is the weakest link, and although it is true that humans aren’t fault-proof, there are many things we can do to strengthen our cybersecurity hygiene. This session will explore technological solutions and offer advice that can help us be more cyber-savvy and safeguard our digital lives.
Tara Schaufler
Awareness & Training Program Manager, Princeton University
Information Security Office, Office of Information Technology
-
11 - 11:15 am | Break
-
-
11:15 am - 12 pm | The More It Changes, The More It Stays The Same
-
Over the past 30 years, the root causes of cybersecurity failures haven't fundamentally changed. Sadly, cybersecurity professionals still haven't fixed these root causes, rather, they've created a multi-billion dollar industry to "fix" the problem. Examples of "old" attacks will be given along with an explanation of the root cause. As more experienced cybersecurity professionals move on to other things, it's important to pass their accumulated wisdom to the next gen of cybersecurity experts. A truly effective cybersecurity program starts with a culture change then moves to the technical aspects of that change. We'll show some examples of successful marketing campaigns whose tactics should be emulated and adapted to the digital world.
Randy Marchany
CISO, Virginia Tech
-
12 - 1 pm | Lunch Buffet
-
-
1 - 1:45 pm | Social Engineering, Higher Education, and Community Outreach
-
The human element in cyberattacks/security is typically downplayed in cybersecurity education. So how does one go about changing that? This talk will share one educator’s efforts to change the cybersecurity education landscape, counter the “you’re teaching your students how to deceive others?” mindset, and how to teach social engineering in a safe, fun, and ethical manner. It will also cover going beyond the traditional classroom to include community outreach and engagement via training and awareness programs for youth, elderly, and previously incarcerated individuals. Cybersecurity isn’t optional anymore; it’s for everyone.
Aunshul Rege, Ph.D
Associate Professor, Department of Criminal Justice
Temple University -
1:45 - 2 pm | Break
-
-
2 - 2:45 pm | Video Screening & Discussion: Why ChatGPT is a Game Changer for AI
-
ChatGPT is a cutting-edge language model developed by OpenAI. It is designed to understand natural language and engage in conversations with humans, just like a human would.
Overall, ChatGPT is a powerful tool that leverages advanced artificial intelligence technology to provide natural and intelligent interactions with humans, making it an essential tool for businesses and organizations looking to improve their customer engagement and communication. (By the way, the above content was written by ChatGPT!)
Since its introduction to the public in March 2022, millions of users have used the bot to assist with everything from writing essays, answering random questions, to solving tricky math problems. ChatGPT can even write, debug, and explain computer code. And these examples just scratch the surface of what the service can provide. Join us to watch a short video created by CNBC, “Why ChatGPT is a Game Changer for AI,” followed by a thought-provoking discussion lead by:
David Sherry
CISO, Princeton University
Information Security Office, Office of Information TechnologyRandy Marchany
CISO, Virginia TechPatrick Laverty
Senior Team Lead
Social Engineer, LLCDiana Kelley
Chief Security Officer / Chief Strategy Officer
Cybrize -
2:45 - 3 pm | Break
-
-
3 - 4 pm | Keynote Session: Psychology of Social Engineering
-
Forty-eight percent of people will exchange their password for a piece of chocolate, 91 percent of cyberattacks begin with a simple phish, and two out of three people have experienced a tech support scam in the past 12 months. What do all of these have in common? They make use of social engineering: when an attacker preys on our human nature in order to defraud. Also in common, these small, very human actions have led to billions of dollars of loss to global business. This talk looks at the psychology behind Cialdini’s Six Principles of Persuasion to show how cybercriminals lure employees and customers into social engineering hacks.
- What makes us click?
- Tips and recommendations that leverage the power of influence and persuasion for good
- Building out effective, repeatable user awareness programs
- Creating a social engineering resistant culture
Diana Kelley
Chief Security Officer / Chief Strategy Officer
Cybrize -
4 - 4:10 pm | Closing Remarks
-
David Sherry
CISO, Princeton University
Information Security Office, Office of Information Technology -
4:10 - 5 pm | Reception
-
Outside of 701 Cafe, 701 Carnegie Center
Keynote Speakers
Patrick Laverty
Senior Team Lead
Social Engineer, LLC
Diana Kelley
Chief Security Officer / Chief Strategy Officer
Cybrize
Additional Speakers
Randy Marchany
CISO, Virginia Tech
Jay Dominick
VP for IT and CIO, Princeton University
David Sherry
CISO, Princeton University
Tara Schaufler
InfoSec Awareness & Training Program Manager
Princeton University
Aunshul Rege, Ph.D
Associate Professor, Dept. of Criminal Justice
Temple University