Presented by Matt Morton • Board Member, NEbraskaCERT
Ever wonder why we rarely reach our security goals? In this presentation we will go over and identify the key steps to get operationally secure so that:
This workshop not only outlines these steps but identifies key resources that are either free or low cost that can assist you in getting to your security program goals.
Presented by Mark Lanterman • Chief Technology Officer for Computer Forensic Systems
You’ve read the headlines. Unfortunately, the question now is not if
your information is going to be accessed or stolen, but when. To inform
the attendees of current developments in the digital underground as
well as provide realistic advice for cyber protection, Mark Lanterman
will be discussing recent high-profile cybercrime events, including
website breaches impacting courts, law firms, and government
agencies. Mark will discuss particularly dangerous types of threats that
might affect individuals involving the Dark Web, the Internet of Things,
phishing, and Wi-Fi attacks; additionally, Mark will demonstrate the
value of leveraging digital evidence and ESI in the courtroom.
Presented by Riaz Yusuff • CIO, Office of HR, University of Minnesota
The IT team in the Office of HR at the University of Minnesota has transformed from waterfall to Agile scrum methodology. While the transition went smoother than expected, it also brought some good lessons to light.
This presentation will cover the background and motivation behind the transition into Agile, key lessons learned, metrics on the outcome and best practice suggestions.
Presented by Bob Weiss • CEO, WyzCo Group, Inc.
Are certifications worth it? Do they help with professional advancement and employment opportunities? This presentation looks at some pf the popular certification tracks, including those with a cybersecurity focus. The presenter will discuss the best ways to prepare for a certification exam, and how to keep certification in force using continuing education credits.
Presented by Steve Means • Director IT, Information Security GRC
Today’s organizations face heightened state, federal and international regulatory expectations. Increasingly, internal and external stakeholders are requiring greater assurance that IT controls are designed and operating effectively to meet regulatory demands and reduce their risk. This session will share one Information Security team’s journey to establish and enhance their controls assurance program to increase value to the organization.
Presented by Rohit Tandon • Deputy CISO, State of Minnesota
Security teams are over worked and have long lead times for work submitted to provide security guidance. No matter how hard the security team works, they continue to stay buried under a mountain of work. The team is a victim of its own success: the better work they do, the more demand there is for their time. This magnifies the problem by negatively impacting lead time and potentially could reduce the quality. Rohit will discuss how you can supersize your security team within your organization on the same budget. The approach will help your small and underfunded security teams avoid burnout and achieve the mission of securing the organization.
Rohit Tandon is the Deputy Chief Information Security Officer of the State of Minnesota. Rohit has 15 years of information security industry experience in both the public and private sector. Rohit has worked for Mayo Clinic Rochester to build secure systems for Electronic Health Records and championed Medical Device security. Before he joined the State of Minnesota to protect his fellow Minnesotans data, Rohit served as the Information Security leader at Strategic Education Inc (SEI) where he merged the information security departments of Capella Education Company and Strayer Education, Inc. into a combined post-merger organization.
Rohit received his Bachelor of Science in Computer Science from Winona State University and completed his Master of Business Administration from University of Minnesota. He is also an adjunct instructor for the past eight years at Metropolitan State University where he enjoys sharing his knowledge to build the nation’s future cyber workforce.
Presented by Walt Swanson • IT Systems Engineer, St. Louis County
Learn tips and insights from a 20 plus year Information Security professional who has held positions from entry-level technology to executive leadership. Learn what’s really important in a successful Information Security program and how to achieve it. We will look at the following: what to look for in Security tools; the pitfalls to avoid when asking for funds; when to say “no” and why; how to work with direct reports, peers, executives and the Board, plus what to look out for; Policies and how to manage them; Vendor Management and why it’s important; the need to identify Stakeholders correctly; Communications Plan should be a before thought, not an afterthought; and finally how to approach bringing change to your workplace, and getting it to happen.
Presented by Guardicore
In the modern, hyper-connected and threat-laden enterprise landscape, organizations face increasing pressure to protect their systems and data.
Originally conceived in 2010, the zero-trust security concept has recently gained new ground and is now seen as a vital element of enterprise information security. It is a model that aids user and device verification, strengthens authentication processes and ensures encryption.
However, zero trust is not without its challenges, and mastering the art of zero trust takes strategic management and forethought.
In this session, we will explore the concept of zero trust, assess why it is needed in the modern enterprise and outline how micro-segmentation can help win the zero trust race for organizations.
Key takeaways:
Presented by Druva
More and more enterprises are now leveraging the cloud to increase their level of data protection and management for their applications. The ability to keep secondary, or backup data in cloud storage; eliminates traditional data centers, reduces operational complexity associated with legacy on-premise backup solutions, allows unlimited scalability, centralizes storage of all secondary data sources, provides unlimited compute, allows for additional insight and business value from that data. and finally, and finally, the ability to do automated Disaster Recovery (DR) without maintaining a DR facility.
Presented by Paul Edoff • CISO of Hennepin County
Our roles as LEADERS of our organizations.