Cybersecurity and Privacy Festival 2022

Cloudy with a Chance of AWESOME

October 26 | 10 a.m. - 3 p.m. PT (In-Person & Virtual)

Doors open at 9 a.m. at the David and Joan Traitel Building at Hoover Institution, Stanford University

October 27 | 10 a.m. - 3 p.m. PT (Virtual)

Stanford has partnered with leading universities around the country to bring you the 2022 Ivy+ Cybersecurity & Privacy Festival, equipped with diverse perspectives and subject matter experts that will prepare you to recognize and defend against the latest cybersecurity threats.

All Stanford University, Stanford Medicine, and the broader higher education communities are invited.

Photos by Leah Chan, Stanley Lui, and Charles Viloria

View all CyberFest photos

Recordings and Videos

An Overview of Cloud Security

Welcoming PETs on Campus: Leave your furry friends at home, we’re talking Privacy Enhancing Technologies

KHACK 2022

ISO-lated Moments

View all recordings and videos

Featured Speakers

Condoleezza Rice

66^th Secretary of State and Director of the Hoover Institution Virtual Opening Remarks

Amy Steagall

Chief Information Security Officer,
Stanford University IT Welcome Remarks
Panel Discussion: Security Perspective from the Cloud

Scott Hellman

Supervisory Special Agent,
The FBI San Francisco Division Cyber Threat Landscape

Dan Boneh

Cryptography Professor, Professor of Electrical Engineering and Senior Fellow at the Freeman Spogli Institute for International Studies, Stanford University New Hardware Mechanism for Preventing Memory Corruption Attacks

MK Palmore

Director, Office of the CISO,
Google Cloud Enterprise Risk Management in the Modern Age: The Cyber Threat Landscape

Todd Ferris

Chief Technology Officer
Research and Education, Stanford Medicine Panel Discussion: Security Perspective from the Cloud

Rob Maclay

Chief Information Security Officer
Stanford Children’s Health Panel Discussion: Security Perspective from the Cloud

Michael Mucha

Chief Information Security Officer
Stanford Health Care Panel Discussion: Security Perspective from the Cloud

Jean-Raymond Pierre

Senior Enterprise Architect
Stanford Health Care Panel Discussion: Security Perspective from the Cloud

Erwin Lopez

Chief Information Security Officer,
SLAC National Accelerator Laboratory Panel Discussion: Security Perspective from the Cloud

Gretchen Ruck

Senior Managing Director
Ankura Consulting Welcoming PETs on Campus: Leave your furry friends at home, we’re talking Privacy Enhancing Technologies

Andrew Scott

Strategic Threat Intel Advisor – Public Sector,
CrowdStrike, Inc. The Modern Attack Landscape and Its Implications for Higher Education

Kelli Conlin

What’s New in Identity and Security with Apple Products? Advanced Security by Design

Allison Henry

Chief Information Security Officer
University of California, Berkeley Two Sides of the Information Risk Coin - Safeguarding Security and Privacy in a Digital World

Scott Seaborn

Campus Privacy Officer
University of California, Berkeley Two Sides of the Information Risk Coin - Safeguarding Security and Privacy in a Digital World

Michael Tran Duff

Chief Information Security and Data Privacy Officer,
Harvard University PrivSec: The New Frontier

Priyanka Vergadia

Staff Developer Advocate
Google An Overview of Cloud Security

Agenda: October 26

David and Joan Traitel Building, Hoover Institution

In-Person & Virtual Agenda

9:00 a.m. (PT)

Doors Open, Registration & Breakfast
9:30 a.m. (PT)

CyberFest Ribbon Cutting Ceremony
9:50 a.m. (PT)

Early Bird Raffle
10 - 10:10 a.m. (PT)

Welcoming Remarks

Amy Steagall
Chief Information Security Officer, Stanford University IT
10:10 - 10:15 a.m. (PT)

Virtual Opening Remarks

Condoleezza Rice
66th Secretary of State and Director of the Hoover Institution
10:15 - 11 a.m. (PT)

Cyber Threat Landscape

Scott Hellman
Supervisory Special Agent, The FBI San Francisco Division
11:05 - 11:10 a.m. (PT)

Raffle
11:10 a.m. - 12 p.m. (PT)

New Hardware Mechanism for Preventing Memory Corruption Attacks

Dan Boneh
Cryptography Professor, Professor of Electrical Engineering and Senior Fellow at the Freeman Spogli Institute for International Studies, Stanford University
12 - 1 p.m. (PT)

Lunch/Raffle/Break
1 - 2 p.m. (PT)

Enterprise Risk Management in the Modern Age: The Cyber Threat Landscape

MK Palmore
Director, Office of the CISO, Google Cloud
2:05 - 2:10 p.m. (PT)

Raffle
2:10 - 3 p.m. (PT)

Panel Discussion: Security Perspective from the Cloud

Todd Ferris
Chief Technology Officer, Research and Education, Stanford Medicine

Erwin Lopez
Chief Information Security Officer, SLAC National Accelerator Laboratory

Rob Maclay
Chief Information Security Officer, Stanford Children’s Health

Mike Mucha
Chief Information Security Officer, Stanford Health Care

Jean-Raymond Pierre
Sr. Enterprise Architect, Stanford Health Care

Amy Steagall
Chief Information Security Officer, Stanford University
3 p.m. - 3:10(PT)

Closing Remarks/Raffle

Amy Steagall
Chief Information Security Officer, Stanford University IT

Expo

10 a.m. - 3 p.m. | In-Person

Stanford Information Security Office

October 26 | In-Person

Pavillion

ISO Cloud Lounge Meet and Greet with Stanford's Information Security Office

Lock Pick Workshop

October 26 | In-Person

Blount Hall

David Sell, Optical Engineer at Applied Materials & Stanford Locksport Club Founder Channel your inner secret agent and learn how to pick locks! In this event, you will be provided with all the knowledge and tools needed to become a lock picker.

Offense for Defense - Becoming Your Own APT for Fun and Profit Workshop

October 26 | In-Person

Blount Hall

Alex Keller, Sr. Systems Security Engineer, Stanford School of Engineering Develop your offensive skills and hacker mindset to become a more astute defender. Exploit network services, catch a reverse shell, escalate privileges, and learn to detect malicious activity.

Cybersecurity VR Adventures

October 26 | In-Person

Blount Hall

Varun Tansuwan, Manager, Information Technology Stanford Management Company

Cloud Security Exhibitors

October 26 | In-Person

Blount Hall

Amazon Web Services (AWS) Google Cloud Computing (GCP) Micorsoft Azure Qualys UIT Hosting Team

Endpoint Security Exhibitors

October 26 | In-Person

Blount Hall

Apple BigFix CrashPlan CrowdStrike Dashlane Jamf UIT Endpoint Engineering Development

Privacy Exhibitors

October 26 | In-Person

Blount Hall

Ankura

Email Security Exhibitors

October 26 | In-Person

Blount Hall

Information Security Office Proofpoint

Training Exhibitors

October 26 | In-Person

Blount Hall

Stanford Center for Professional Development (SCPD)

Agenda: October 27

Virtual Agenda

10 - 10:15 a.m. (PT)

Welcoming Remarks

Amy Steagall
Chief Information Security Officer, Stanford University IT
10:15 - 11 a.m. (PT)

Welcoming PETs on Campus: Leave your furry friends at home, we’re talking Privacy Enhancing Technologies

Gretchen Ruck
Senior Managing Director, Ankura Consulting
11:10 a.m. - 12 p.m. (PT)

The Modern Attack Landscape and its Implications for Higher Education

Andrew Scott
Strategic Threat Intel Advisor – Public Sector, CrowdStrike, Inc.
12:10 - 12:50 P.M. (PT)

What’s New in Identity and Security with Apple Products?

Kelli Conlin
Apple Security
1 - 2 p.m. (PT)

Two Sides of the Information Risk Coin - Safeguarding Security and Privacy in a Digital World

Allison Henry
Chief Information Security Officer, University of California, Berkeley

Scott Seaborn
Campus Privacy Officer, University of California, Berkeley
2:05 - 2:30 p.m. (PT)

PrivSec: The New Frontier

Michael Tran Duff
Chief Information Security and Data Privacy Officer, Harvard University
2:35 - 3 p.m. (PT)

An Overview of Cloud Security

Priyanka Vergadia
Staff Developer Advocate, Google

Virtual Workshops

Securing Your Research on AWS

October 27 | 10 a.m. - 12 p.m. | Virtual

Running or planning to run Your research workloads on AWS? Join us in this session to learn about our "Shared Responsibility Model" – how AWS, Stanford, and You have to work together to ensure Your workload is secured. We will discuss AWS account setup, default security guardrails and compliance with Stanford policies, common threat scenarios, your responsibilities, tools to secure your research, get notified, and take action in response to security incidents. No prior AWS experience is necessary.

Cloud Hero Game on GCP Security

October 27 | 1 - 3 p.m. | Virtual

Cloud Hero brings users together to learn and engage in friendly hands-on competition in a gamified lab environment in Google Cloud Skills Boost. In this game, learners will stretch their muscles on Cloud IAM, practice how to secure VM instances using VPC Network and Firewall rules, Cloud Security Scanner, as well as some advanced features of Google Cloud Security. The Google Cloud team will announce winners and awards at the end of the game.

Capture the Flag (CTF)

Start Date: October 26, 6 a.m. PT | End Date: October 27, 1 p.m. PT
Join our debrief workshop on October 27: 2 p.m. PT (Meet & chat with the designers and get a walk-through of each challenge)

Are you ready to put your hacking skills to the test? This year, we are bringing back our Capture the Flag (CTF) competition!

Winners and prizes will be awarded at 1 p.m. on Oct. 27 at the start of the workshop debrief and also on our main cyberfest.stanford.edu page.

Whether you are a seasoned CTF player or just curious about cyber security and ethical hacking, we want you to join us. Sign up to expand your skill set, meet new friends in the security community, and talk to the pros that designed the game.

Collaborators & Sponsors

Bay Area CSO Council ❖ Harvard University ❖  Stanford Graduate School of Business ❖ Stanford Graduate School of Education
Stanford Land, Building and Real Estate ❖ Stanford Libraries   ❖  Stanford Management Company ❖ Stanford Office of the Chief Risk Officer
Stanford Residential & Dining Enterprises  ❖  Stanford School of Engineering ❖  Stanford Health Care
Stanford School of Humanities and Science ❖  Stanford University Dean of Research
Stanford Redwood City Media Production Studio ❖ Stanford University IT