James Carder
LogRhythm Labs
United States


James Carder brings more than 19 years of experience working in corporate IT security and consulting for the Fortune 500 and U.S. Government. At LogRhythm, he develops and maintains the company’s security governance model and risk strategies, protects the confidentiality, integrity, and availability of information assets, oversees both threat and vulnerability management as well as the Security Operations Center (SOC). He also directs the mission and strategic vision for the LogRhythm Labs machine data intelligence, threat and compliance research teams. Prior to joining LogRhythm, Mr. Carder was the Director of Security Informatics at Mayo Clinic where he had oversight of Threat Intelligence, Incident Response, Security Operations, and the Offensive Security groups. Prior to Mayo, Mr. Carder served as a Senior Manager at MANDIANT, where he led professional services and incident response engagements. He led criminal and national security related investigations at the city, state and federal levels, including those involving the theft of credit card information and Advanced Persistent Threats (APT). Mr. Carder is a sought-after and frequent speaker at cyber security events and is a noted author of several cyber security publications. He holds a Bachelor of Science degree in Computer Information Systems from Walden University and is a Certified Information Systems Security Professional (CISSP.)


How SOCs Can Respond to Top Cyber Security Concerns of 2016


How concerned are you about your security operations team’s ability, or lack thereof, to detect, respond to and neutralise an attack?  What about an Insider Threat or a targeted Phishing attack?  If one or more of these are keeping you up at night, you’re not alone.  These are just a few of the top concerns of CISOs in 2016. The speaker will break down some of the key threat vectors challenging security operations teams this year and evaluate them against the backdrop of the anatomy of an attack.  He will also explore how a modern SOC, be it physical or virtual, can be best positioned to detect, respond to and neutralize these threats early enough in the kill chain to avoid a material breach or significant service disruption.  

The presentation will focus on real world use cases of incidents gone badly and how they could have been prevented.