Non-malware Type Attacks - a Mandiant perspective

During 2016 Mandiant assisted clients in over 500 breach responses providing incident response services to mitigate impact and damages to these clients. In this keynote Mandiant will discuss observations and latest threat actor intelligence gathered from those breaches. Most of the victims had state of the art and up to date information security technologies in place and were breached by threat actors with non-malware type tools, techniques and procedures (TTPs). Find out who is behind these attacks, how they are executed and how to protect against these TTPs that are being utilized against organizations.

Presented by: Alexander Rau, Senior Manager, Security Consulting Services - Mandiant

Alexander Rau is a Senior Manager with Mandiant’s Canadian Security Consulting Services practice. Mr. Rau is an IT Security professional with more than 17 years of experience in cyber and IT security, operations and management. His primary responsibilities include leading and delivering incident response and proactive security engagements, practice leadership, and business development. 

Prior to joining Mandiant, Mr. Rau held positions as the National IT Security Strategist for Symantec Canada as well as Sr. IT Security Consulting and Service Delivery Management roles with IBM. He led security teams focused on vulnerability assessment, penetration testing, web application security, and IT Security standard and framework compliance (ISO 27000 series and PCI). He was also the Manager of IT for a small manufacturing company. 

Mr. Rau has consulted with many large public and private sector organizations on how to address their security challenges and he holds CISSP and CISM certifications. 

Since 2008, Mr. Rau has also been a part-time faculty member at Georgian College in Barrie, ON, teaching computer and network systems security. Combining his experience as Manager of IT and roles in consulting and as an IT security strategist, he is able to bring a unique perspective on how to address the ever changing security landscape and how it impacts organizations.