Supercon 2021

25 Years of Securing Critical Infrastructures

September 1 - 3 ● Osthoff Resort, Elkhart Lake, WI

Thank you to the SuperCon 2021 sponsors!





Ransomware: Current Trends, Tactics, and Updates



Presented by Tetra Defense - Cindy Murphy (President)

Ransomware attacks on organizations are estimated to happen approximately once every 11 seconds with over 4000 attacks against businesses happening every day. A large number of these attacks now include not just a ransom demand for restoration of data, but also a secondary extortion demand to prevent the publication of exfiltrated data. The global costs of ransomware recovery are predicted to exceed $20 billion in 2021, and have a huge financial and business impact in both the private and public sectors. We're witnessing escalation in the nature of ransomware attacks to the point where they are now an active threat to critical infrastructure and sectors of the economy. In this session, you will learn about the latest ransomware strains, trends in attack methods, tools, and techniques used by attackers, and as importantly, how to prevent these attacks.

A Least-Trust Response to the Risk of Ransomware


Presented by Sikich - Thomas Freeman (Senior Consultant)

The threat of ransomware is continuing to grow especially for on-premise infrastructure. With a lot of critical infrastructure still hosted on-premise, how can we take the solution of a zero-trust model and apply them to a perimeter based model? The least-trust response philosophy provides very practical results in responding to the risk of ransomware. We will discuss current ransomware attack chains and how the least-trust response philosophy can reduce likelihood and impact.



PRESENTATION (Workforce recruiting)

Presented by DHS-CISA - Bill Nash, David Melby and Joseph Jaurin

Focus on the Fundamentals of Cybersecurity


Presented by Security Studio - Ryan Cloutier (President)

In this engaging session SecurityStudio’s President Ryan Cloutier will talk about what organizations need to do to have effective protection against cyber-attacks and cybercrime. Ryan will discuss what are the fundamentals, and the importance of focusing on them. He will cover what are the basic and foundational things that will reduce risk immediately, how to be in a better position to be to respond and react to cyberattacks when they happen. Ryan will talk you through were to start, and how to know were spend your next information security dollar wisely for maximum effect.

Take away points:

You will learn what you can do in the next 30 days to reduce the chance you are the victim of cybercrime and if you find yourself a victim of cybercrime you will learn how to recover from it.

Trends and attack techniques in ecommerce site breaches

Presentation unavailable

Presented by Sikich - Kevin Bong (Director, Cybersecurity)

Credit card breaches resulting from ecommerce website compromises continue to be common today, and attackers are continually improving their tools and techniques to bypass security controls and evade detection. As a PCI Forensic Investigator (PFI) firm, Sikich routinely performs incident response and digital forensics for these types of card breaches. This presentation will show common tools and techniques that attackers are using at every stage of these attacks (gaining access, creating backdoors, stealing card data and covering their tracks). In addition, the presentation will offer demonstrations of techniques useful for finding hidden malicious code and other indicators of compromise, and share key controls that can help prevent these types of attacks.

Stop domain joining your Window devices!


Presented by Microsoft - Andy Jaw (Sr. Technical Specialist - Cloud Endpoint and Security)

Moving your organization to a zero-trust device deployment model is key to ensure both security and productivity for your users and organization. Domain joining devices is a legacy model. This session will talk about the key concepts and benefits of modern management and how to begin your transition from traditional Active Directory and domain joined devices to the cloud and Azure Active Directory joined devices.

This session will demonstrate why modern management is both necessary for security in a zero-trust model and for agility in a post- COVID world for user productivity. You'll learn about the difference between device identity and user identity and why it matters when it comes to managing devices and user experience. You'll learn about how to manage devices using Microsoft Intune, conditional access for zero-trust onboarding, and Microsoft Autopilot.

If you're hesitant on moving to the cloud or unsure of where to begin, this is the session for you.

They're winning


Presented by Security Studio - Evan Francen (CEO)

In this session we’ll discuss why the ransomware community is winning. If this were a game, not only are they winning, they’re embarrassing us. They’re skilled, well organized, and highly motivated.

We could argue the same. So, why are they winning?

Simply put, we’re losing because:

  • We overcomplicate things.

  • We aren’t accountable for losing

  • We neglect the basics.

In cybersecurity, the fundamentals don’t require us to buy the next gadget. We don’t need more technology, we need better use of technology. In the talk we’ll cover:

  • The current score in the game between them and us.

  • Two case studies; SolarWinds and one you haven’t heard about.

  • A winning strategy outline; macro and micro-level.

  • Discussion of what losing the game might look like.

Take Away Points:

You will learn how to define and adopt a winning cybersecurity strategy to protect yourself, your organization, and maybe your country.

Intelligence, Threats, and Fusion Resources

Presentation unavailable

Presented by Wisconsin Department of Justice - Brett Van Ess (Analyst)

How may intelligence resources assist your organization with threats and risk? This presentation will discuss Wisconsin fusion centers and information sharing across federal, state, local, and tribal partners. It will describe contemporary threat issues to inform about domestic and international threat topics, early detection, and how you may share observed behavior indicative of attack planning.

Attendees will gain a better understanding about the most likely and most dangerous threat types, actors, and hear updated guidance about how to share suspicious activity with appropriate agencies. It will explain the role of Wisconsin’s fusion center network, how it functions in relation with local and federal partners, and what additional resources are available or may be requested.

Redefining the Workforce: The Great Cyber Retraining of the American Worker

Presentation unavailable

Presented by Cybersecurity Center for Business - Brian Dennis (Director)

There is growing concern that the American workforce is unprepared for our ever expanding digital world. This concern keeps business and government leaders awake at night wondering if they might be the next headline in tomorrow's paper. To combat the growing threat of cyber-attacks an effort must be taken to retrain the existing workforce and upskill the talent of our current cybersecurity professionals.

The Cybersecurity Center for Business at the University of Wisconsin-Whitewater is taking on this challenge through several unique programs.

The first is the state-of-the-art Acuity Cyber Defense Range. The Cyber Range is capable of offering live-fire cyber training for new entrants into the cyber world all the way to seasoned professionals. The abilities of the range include real-time ransomware attacks, malware attacks, phishing simulations and hundreds of more opportunities. Unlike most cyber ranges in the country the Acuity Cyber Defense Range was built with everyone in mind. The range is capable of handling Fortune 100 companies interested in beefing up their SOC's training all the way down to a Main Street small business interested in learning more about what can be done to protect themselves from harm.

The CCB is also working to put over 1,600 new entrants into Wisconsin's cybersecurity labor pool. Working with funding from the US Department of Labor, the center has created a road-map for new entrants in cyber that includes an active apprenticeship program.

In 2020, the CCB was awarded funding from the US Department of Defense to help secure the supply chain of two Prime Contractors in the state. A portal was created that is helping over 1,600 business prepare for the upcoming Cybersecurity Maturity Model Certification rollout from the Department of Defense.

The Cybersecurity Center for Business is working to improve Wisconsin's standing as a leader in cybersecurity initiatives. This session will highlight these and other programs that the CCB is implementing in the state.

financial crimes

Presentation unavailable

Presented by Milwaukee FBI - Chris Farrell

\x57\x53\x49\x43: We're here to help

Presentation unavailable

Presented by Wisconsin Department of Justice - Drew Schoeneck and Don Todd (Special Agent)

When you are hit with ransomware or fall victim to a network intrusion, you might be feeling a bit overwhelmed and not sure what to do next. The cyber folks at the Wisconsin State Intelligence Center are here to help! A group of Cyber Special Agents and Cyber Intel Analysts routinely assist with and respond to incidents like these and can likely help you navigate through the cyber attack and investigate the crime that occurred. This presentation will outline what we look for and do as part of our response to reported cybercrime.

Home Field Advantage: How Wisconsin Municipalities Can Improve Cybersecurity with the MS-ISAC


Virtual presentation by MS-ISAC - Michelle Nolan (Program Specialist)

An overview of the Multi-State Information Sharing and Analysis Center (MS-ISAC) and the high impact, no-cost services and resources available to Wisconsin municipalities, tribal governments and other public sector organizations (i.e., hospitals, utilities, public safety, transportation, etc.).

Devil's Advocate


Presented by Security Studio - Chris Roberts

Devils Advocate: I’ve got no reason to change, and there’s very little you’re going to do about it…

We’re going to help you step out of your comfort zone with this talk. The issues and challenges of the current situation we find ourselves in is simply down to a toxic codependency between the trifecta adversary, target, and Industry relationships

19:00 - 22:00 social with special entertainment
(Grand Libelle Ballroom A)

We will be treated to a unique entertainment opportunity with Ryan Cloutier, Chris Roberts and Evan Francen presenting their podcast The Security Sh*t Show LIVE! from the Osthoff