What Does the Data Reveal About Modern Advanced Threats and How to Counter Them?
About This Session
State-sponsored and advanced threat groups (e.g., China's Volt Typhoon) routinely bypass well-known controls by abusing identities and tokens across IT and OT. While federal guidance (CISA, NIST, and EPA) has expanded rapidly, attackers still succeed—not because we lack standards, but because most standards prioritize yesterday's attacks.
Over breakfast, Keith Casey will compare real intrusions to federal best practices in 2025 and show a pragmatic approach to detect and block advanced persistent threats earlier—before they reach our sensitive systems.
Learning Objectives (attendees will be able to…)
-Visualize the top identity- and protocol-level attack patterns used across IT/OT.
-Map current CISA/NIST/EPA guidance to these patterns and spot gaps.
-Exploit an efficient chokepoint to disrupt lateral movement of attackers
Key Topics
-Identity, token abuse, and living-off-the-land attacks in IT/OT
-The contours where existing controls and frameworks do and don’t help
-Inside-out security: Securing important data/systems first and then working outwards towards a perimeter
Over breakfast, Keith Casey will compare real intrusions to federal best practices in 2025 and show a pragmatic approach to detect and block advanced persistent threats earlier—before they reach our sensitive systems.
Learning Objectives (attendees will be able to…)
-Visualize the top identity- and protocol-level attack patterns used across IT/OT.
-Map current CISA/NIST/EPA guidance to these patterns and spot gaps.
-Exploit an efficient chokepoint to disrupt lateral movement of attackers
Key Topics
-Identity, token abuse, and living-off-the-land attacks in IT/OT
-The contours where existing controls and frameworks do and don’t help
-Inside-out security: Securing important data/systems first and then working outwards towards a perimeter
Speaker
Keith Casey
Cybersecurity & Identity Strategist, Product Marketing - Keystrike
Keith “Danger” Casey currently serves on the Product Team at Keystrike helping organizations secure their IT and OT networks from today's sophisticated attackers. Previously, he served on the Product Teams at Pangea launching AuthN and AuthZ products, ngrok launching GTM efforts, Okta working on Identity and Authentication APIs, as an early Developer Evangelist at Twilio, and answering the Ultimate Geek Question at the Library of Congress. His underlying goal is to get good technology into the hands of good people to do great things. In his spare time, he writes at CaseySoftware.com, lives in the woods, and has recorded numerous API courses with LinkedIn Learning.