Speaker:
Neil Daswani
Daswani Enterprises

Abstract: This talk covers the key lessons learned and root causes from the biggest mega-breaches and the 9,000+ reported breaches over the past 15 years.  By analyzing the histories, stories, and deep dives of breaches such as those at Target, JPMorganChase, OPM, Yahoo, Equifax, Facebook, Marriott, Capital One, and the SolarWinds hack, I will also lay the groundwork for a roadmap to recovery based on the root causes. 

About: Dr. Neil Daswani is Co-Director of the Stanford Advanced Security Certification program and is President of Daswani Enterprises, his security consulting and training firm. He has served in a variety of research, development, teaching, and executive management roles at Symantec, LifeLock, Twitter, Dasient, Google, Stanford University, NTT DoCoMo USA Labs, Yodlee, and Telcordia Technologies (formerly Bellcore).  At Symantec, he was Chief Information Security Officer (CISO) for the Consumer Business Unit, and at LifeLock he was the company-wide CISO.  Neil is also a co-author of two books Big Breaches: Cybersecurity Lessons for Everyone (Apress ISBN 978-1484266540) and Foundations of Security: What Every Programmer Needs to Know (Apress ISBN 978-1590597842). Neil's DNA is deeply rooted in security research and development, he has dozens of technical articles published in top academic and industry conferences (ACM, IEEE, USENIX, RSA, BlackHat, and OWASP), and he has been granted over a dozen US patents. He frequently gives talks at industry and academic conferences, and has been quoted by publications such as The New York Times, USA Today, and CSO Magazine. He earned PhD and MS degrees in computer science at Stanford University, and he holds a BS in computer science with honors with distinction from Columbia University.

The weekly security seminar has been held every semester since spring of 1992. We invite personnel at Purdue and visitors from outside to present on topics of particular interest to them in the areas of computer and network security, computer crime investigation, information warfare, information ethics, public policy for computing and security, the computing "underground," and other related topics. More info