Archives: Seminar

Hacking Exposed: A Look Inside the Techniques of OceanLotus/APT32

Presented by BlackBerry/Cylance & Structured

Take a journey with us, as we expose the mind of the enemy, revealing some of the latest methods that cybercriminals use to infiltrate modern security defenses, and how you can thwart them. You will learn about the ever-changing threat landscape and how you can prevent and respond to today’s most pervasive threats – including ones never seen before. With the best tools, expertise, and powerful AI-based technology, we will uncover the secrets behind today’s modern hacking arsenal and provide you with the means to protect your organization.

The Current Malware Threat Landscape & Enterprise Grade Remediation

Presented by Malwarebytes

Malware has become one of the biggest threat challenges faced by security and IT teams. Malwarebytes Labs conducts extensive proprietary research and analysis. The findings are periodically published to help security teams better understand the nature and evolution of these threats.

This presentation will cover key findings from our newly released annual report. It will highlight malware category trends and discuss new and emerging threats to be on the watch for. There will also be a discussion of industry best practices and technologies that can help your business to prevent, detect, and remediate these threats.

Attendees will leave with insight into the current malware threat landscape, as well as an understanding of steps they can take to mitigate breaches.

Cyber AI: Fighting Back with Autonomous Response

Presented by Darktrace

The digital enterprise is constantly expanding, with new IoT, cloud, and operational technologies all challenging traditional notions of cyber security. Safeguarding these evolving environments against machine-speed attacks has never been more difficult.Yet the digital battleground now features its most formidable defender in Cyber AI — a self-learning technology that distinguishes friend from foe in order to thwart threats autonomously. With the Cyber AI Platform protecting your entire infrastructure in real time, it doesn’t matter whether the attack originates on a connected device, an industrial system, or in the cloud. Wherever it strikes, the AI fights back in seconds.

In this session, you’ll discover:

  • Why only Autonomous Response can counter today’s machine-speed attacks
  • Where advanced threat-actors exploit vulnerabilities in the cloud and IoT
  • What achieving 100% visibility can reveal about your organization’s risk profile
  • How the Cyber AI Analyst reduces the time spent triaging threats by 92%

Application Portfolio Management: When to Pull the Plug on Your Sacred Cows

  Presented by Ed Toner • Chief Information Officer; State of Nebraska

An Enterprise Vision for Business Applications in the public sector is much like other large legacy companies in the private sector. The State of Nebraska has essentially evolved through mergers and acquisitions (we simply refer to the business organizations as Agencies). This silo approach over time has resulted in a disproportionate number of duplicate applications and services. Following Gartner’s TIME framework (Tolerate, Invest, Migrate, Eliminate), APM (Application Portfolio Management) utilizes a fact-based process of application categorization, assessment and rationalization. APM is an iterative process utilized to manage, architect and maintain an organization’s portfolio of applications. Each iteration provides new segments of information which are subsequently added into the application portfolio.

Raising Your Personal Bar: How to Stand Out While Still Being Yourself

  Moderated by INTERFACE Advisory Council

The purpose of this collaborative discussion is to focus on the common traits that top level talent (i.e. the most sought after employees) have and provide a forum in which to discuss those attributes, identify where we may be falling short and ways to take steps to increase productivity, positive influence and personal development.

Third Party Risk Management: Building a Relationship to Last

  Presented by Alan Epley • Senior Security & Compliance Analyst; Buildertrend

This session will introduce the basic concepts of a Third Party Management program through the conceptualization of the relationship into human relationships. The session will take you through three phases:

  • Courtship – Getting to know each other and familiarization
  • Long-term commitment – Signing contracts and planning growth together
  • Blissful success or Separation anxiety – Not all relationships can be the best

At the end of the session, you will have a better understanding of what to expect from your third parties as well as what your third parties expect out of you. This knowledge will assist in developing an overall Third Party Management program that fits your company’s needs and strategic efforts.

How to Keep Social Engineers from Choo-Choo-ing Through Your Defenses

  Presented by Karla Carter • Associate Professor; College of Science & Technology, Bellevue University

Social engineering will be a cybersecurity threat as long as we have people (as opposed to Skynet) making decisions. The human, as opposed to the machine, is the preferred platform for the social engineer to conduct their nefarious plans to derail your business. Come learn how to spot the signal flags of the social engineer, train yourself how to not get railroaded into a breach and put the brakes on confusion and delay.

Karla Carter is an associate professor in the College of Science and Technology at Bellevue University, in Bellevue, NE. Drawing on more years than she should be admitting of information technology experience, she teaches cybersecurity, information technology ethics, and general information technology and history/civics courses. In addition to being Vice Chair for the Nebraska Chapter of the IEEE Computer Society, Chair of ACM SIGCAS, and a member of the ACM Committee on Professional Ethics (COPE), she is curious, intense, and irreverent, and cannot resist puns.

ComPriSec: The Combining of Compliance, Privacy and Security Is the New Normal

  Moderated by INTERFACE Advisory Council

Many Compliance, Privacy and Security Professional’s are struggling to find their role in the ecosystem. They wear many hats, often in conflict with each other. Compounded by executives trying to find the right staffing level for these roles without fully understanding what they do. As compliance and privacy get more visibility, organizations are facing new challenges. This panel will discuss the complications companies face defining the separation of duties between compliance, privacy and security. What is the difference between them and why. When security will not do it then compliance becomes the catch all, is that appropriate? This panel of security, compliance and privacy experts will give you guidance to address these issues for companies of all sizes along with other common issues that compliance, privacy and security professionals are now facing.

Moderator:

  • Ron Woerner • Information Security Professor, Bellevue University

Panelists:

  • Lisa McKee • CEO, Securikee Dr
  • Rob LaMagna-Reiter • CISO, First National Technology Solutions
  • Warren Fish • Principal Consultant

Administering Responsibly

  Presented by Quest Software

Managing elevated and shared access credentials is one of the biggest challenges facing complex heterogeneous organizations today. Administrators must be able to access the systems they manage with sufficient rights to do their jobs, but organizations must control that access to ensure security and regulatory compliance. The days of administrators sharing accounts and passwords and operating without auditing are gone (or they should be).

Large enterprises face unique challenges. They too must control the use of elevated privileges, but they need to find ways to enhance authentication for these accounts to meet mandates while still enabling administrators to administer. Even with multifactor authentication to “check out” a privileged account or session, we still need to take steps to mitigate potential account compromises – making sure the admin that authenticated today is still who they say they are. We’ve come to the point where we need to continuously analyze administration by watching normal behavior and comparing it to current behavior – with real-time in-line remediation to add a powerful layer of risk mitigation.

Cloudy with a Chance of Breach

  Presented by Check Point Software

As organizations implement their cloud adoption strategy, there are several factors that will either ensure success, or lead to undesirable outcomes. This session explores the opportunities and pitfalls of moving to the could by examining the threats and responsibilities that a cloud presence incurs. Through examination of actual threat surface, and cautionary tales from the real world, we will understand the factors that we need to consider when building a cloud adoption strategy.