Industry Perspectives

From MIRcon to FireEye Cyber Defense Summit: The Evolution of the Management Track


“Lessons from the front lines” has been a key theme for Mandiant, since the company’s creation in 2004. We first implemented this theme by offering free webinars on threats and countermeasures, plus useful utilities to address specific forensic needs. In 2010 we expanded our repertoire to include the M-Trends annual report, and in the fall of 2010 we launched the first Mandiant Incident Response conference, abbreviated as “MIRcon.”

I spoke as a panelist at the first MIRcon in 2010, which was a single-track, two-day event, enjoyed by about 100 attendees. After joining Mandiant in 2011, I organized a separate Management track for MIRcon. The purpose of the track is to bring security issues to the attention of security leaders, chief security and information security officers, and other professionals who worry less about bits and bytes and more about how to lead incident response programs. I’ve run the Management track ever since.

This year the conference formerly known as “MIRcon” became the “FireEye Cyber Defense Summit.” I’m very pleased to report that the Management track is back, and stronger than ever. It consists of nine sessions, taking place October 12-14 in Washington, DC. The Management track will run alongside the “Incident Response” and “Tales from the Trenches” tracks. These sessions are situated among keynotes by FireEye CEO Dave DeWalt, FireEye President Kevin Mandia, and former Secretary of State Colin Powell.

The Management track begins with a talk by Eric Hutchins, an expert network defender from Lockheed Martin. When Eric answered the call for papers, I knew I wanted to hear what he had to say about running a “defendable enterprise.”  Following Eric we will see Jim Aldridge and Jamey Dillon, two Mandiant consultants. They will explain what to do before and after security breaches. Next Kristen Verderame will lead the annual policy panel, discussing action on the domestic and international legislative fronts. Tuesday will end with a presentation by Kelly McCracken and Robert Maxwell, explaining the case management system they built and use at

The second day of the Management track features David Bianco, formerly of Mandiant but now a security leader at Sqrrl. David will present the concept of “hunting” and why managers must incorporate this defensive operation into their security programs. Mark Massey follows with a panel on cyber insurance, asking if it is “the next big thing, or the next requirement.” Prior to lunch we’ll hear from Maricopa County’s David Stevens and Michael Echols. They will each discuss the security programs at their respective organizations. The penultimate session features Visa’s Mark Nelson describing how to detect payment breaches and fraud. The track ends with Paul Ferrillo and Robert Carangelo discussing the legal aspects of planning for incident response.

I hope you will join me and these excellent speakers for the FireEye Cyber Defense Summit. Remember that the tracks are open, so you can join the Management track for one session, then the other tracks as you please. Registration at the discounted “advanced” rate is open until Friday, September 18, so be sure to register soon!