John has over 18 years of experience leading investigations of data breaches and cybersecurity incidents within the government and civilian security sectors.

Currently, as a Distinguished Architect, John leads the Verizon Threat Research Advisory Center (VTRAC) Research, Development, and Innovation effort.

In this role, he focuses on all aspects of cybersecurity incidents, performing digital forensic examinations, advising on data breach containment and eradication efforts, and creating data breach response preparedness training and breach simulation exercises for customers worldwide.

Prior to joining Verizon, John served 12 years with the U.S. Army as a counterintelligence Special Agent investigating security-related incidents. John spent eight years of this time specifically focused on network intrusion investigations and digital forensic examinations.

 

Out of the shadows. Into the digital crosshairs.

Cyber-Espionage breaches pose a unique challenge.

Through advanced techniques and a specific focus, Cyber-Espionage threat actors seek to gain access to heavily defended environments, laterally move with stealth, efficiently obtain targeted data, and move out smartly (or even stay back and maintain covert persistence).

The Verizon Cyber-Espionage Report (CER) is our first-ever data-driven publication that focuses on advanced cyberattacks as reflected in the DBIR “Cyber-Espionage” pattern. We've examined seven years (2014-2020) of Data Breach Investigations Report (DBIR) data for Cyber-Espionage breaches and all breaches.

The CER sheds light on the state of Cyber-Espionage. Specifically, the CER identifies targeted victims, and the attributes, assets and data they target. And just as importantly, the CER identifies who the threat actors are, the tactics, techniques and procedures (TTPs) they use, and most importantly, what can be done to prevent and mitigate and detect and respond to their attacks.

Attendees will:  (1) Understand how to mitigate and prevent Cyber-Espionage threat actor activity, (2) Learn how to identify, detect, and respond to Cyber-Espionage breaches, and (3) Learn the components for an effective Cyber-Espionage Playbook.