Cyberattackers spend about a hundredth of the time and money that defenders do giving them a huge advantage when it comes to carrying out their nefarious deeds. Cyberattacks favor the attacker, so what's a defender to do? This talk will explore research completed for the U.S. Department of Defense that delves into why simply blocking a cyberattack with technology almost never favors the defender. We,ll begin with detailed stories of the asymmetry in time and money spent by the attacker and the defender, and offer practical approaches to engaging attackers once you find them. We,ll also study the "Cyber Kill Chain" to identify weaknesses in attacker tactics and then explore some practical ways to use those dependencies against them. We will wrap up with a shared brainstorming session to improve how everyone in the audience can respond when under attack. Attendees will learn: - Why spending more time and money on simply blocking attackers won't help you catch up with them - Real-world exploits and defense countermeasures - Six steps to better understand how an attacker works - How to identify weaknesses in an attacker's tactics - Ideas that help even the defensive playing field and make cybersecurity more symmetric

Todd O,Boyle is CTO and a co-founder at Strongarm, a cloud-based security company. Prior to Strongarm, Todd spent 15 years at The MITRE Corporation, providing technical support to the Department of Defense and the Intelligence Community. He also served as principal investigator for a project developing methods to improve how operators respond to adversaries. Todd has a Bachelor of Science degree in computer science from Purdue University.