Archives: Seminar

[1 CPE] Penetration Testing War Stories

  Presented by Jamie Maguire, Sr Security Engineer • High Point Networks

Penetration testing, often referred to as pen testing, is the practice of testing a computer system, network, or web application to find vulnerabilities that an attacker could exploit. It involves simulating cyberattacks to identify and fix security issues before they can be exploited by malicious actors. In this session, we will review penetration tests performed by High Point Networks and discuss the specific vulnerabilities exploited, and how to remediate them.

[1 CPE] Generative AI: A Practical Approach

  Presented by Zach Feingold, Engineering Manager, & Susan Anderson, Vice President of Sales • Cerium Networks

In today’s digital era, AI is not just a buzzword but a robust toolset that, when wielded with precision, can unlock unprecedented value and competitive advantage. As we embark on this journey, we must anchor our strategies in the bedrock of security, ensuring that our AI systems not only enhance our capabilities but also safeguard our assets. This presentation explores practical steps to weave AI into our business fabric, turning challenges into a springboard for growth and innovation. Our goal is to present you with concepts and avenues to consider as you learn to navigate your adoption. Let’s embark on this journey to harness AI’s potential responsibly and effectively.

[1 CPE] The Current Threat Landscape Requires a Unique Approach

  Presented by Todd Bertchume, Technical Marketing Engineer • Forescout

Specialized threats targeting OT environments have been around since at least 2010, with the reports of Stuxnet. Recognizing the criticality of these devices, Threat Actors have continued evolving, continuing to target OT devices, many of which are inherently insecure-by-design. Research, such as Vedere Labs’ OT:ICEFALL research project and Project Basecamp by Digital Bond from 10 years ago showed how significant the scope of vulnerable devices are that are pervasive in critical infrastructure systems. Today’s SOC needs to not only see those devices and the risks they pose while also ensuring accurate detection of the threats uniquely targeting those OT environments they’re deployed in. This session will explore this unique threat landscape and the capabilities required to combat the threats and automatically mitigate the risks specially targeting Operational Technology environments.

Todd Bertchume is a Technical Marketing Engineer at Forescout. He brings over 23 years of experience in the networking industry working on the partner, customer, and manufacturer side of the business. He holds many industry certifications in networking and security. Over the years, he has helped many customers building data centers and spent the last few years specializing in securing assets in the health care industry.

[1 CPE] Navigating the Post-Quantum Encryption Landscape in Data Management Technologies

  Presented by Mauricio Daher, Technical Expert, Data Intelligence and Content Solutions • Hitachi Vantara

Post Quantum Encryption, and how products need to adapt in this brave new world. There is a lot of talk about Generative AI, LLMs, GTP, but if we cannot secure our data – confidentiality, integrity, and availability – perimeter, then nothing else matters. This session will dive into security topics relevant to the landscape of data management technologies we have on-hand today from the top storage solution companies. The challenges for the next five years will require game-changing innovation to keep up with an exponentially expanding threat surface. The winner will be the one to secure the future for the rest until the next bubble comes along.

Currently, Mauricio is a Technical Expert for Data Intelligence and Content: A technical leader in support of Hitachi Vantara’s content business for the Americas. This involves providing technical guidance, and solutions crafting to the sales teams across the organization, working hand in hand with the solution sales specialists.

Before joining HDS, Mauricio was the Regional Solutions Advisor for Dell in the Northeast, focusing on Compellent and EqualLogic storage solutions, and supporting 5 systems engineers from a knowledge management, measurement, and orientation perspective. Prior to Dell, Mauricio was AVP of Data Protection for RBS Citizens Bank based in Rhode Island where he provided strategic leadership in the bank’s data protection architecture and the creation of a service catalog and storage economics model for production storage and BURA. Before RBS Citizens, Mauricio was a Principal Consultant with Glass House during which time he delivered some two dozen strategic engagements in storage and data protection to companies spanning segments like government, airlines, healthcare as well as financial institutions. Before Glass House, Mauricio ran a delivery practice at McData that implemented SAN-based storage and tape virtualization solutions to a variety of enterprise clients such as Wells Fargo, Bank of New York, and a dozen smaller companies.

Mauricio holds an S.M. in Civil and Environmental Engineering with a focus on Information Systems from M.I.T. and a B.S. in Mechanical Engineering from Boston University.

[1 CPE] Enhancing Cyber Resilience: Integrating AI Strategies

  Presented by Dr. Cheryl Cooper, CISSP, President, & Naeem Babri, Vice President • WiCyS Kansas City

The convergence of business continuity, information security, and organizational resilience forms the cornerstone of cyber resilience, enabling entities to prevent, endure, and recover from cyber threats. This presentation delves into the enhancement of ransomware resilience, with a spotlight on fortifying the Lockheed Martin Cyber Kill Chain. Amidst the escalating prevalence of ransomware, which inflicts substantial financial and operational harm, the presentation will outline strategies to strengthen defenses. The emphasis will be on preemptive actions and incident management, covering backups, recovery processes, containment, and the imperative of employee training on phishing and secure password practices.

Looking ahead, the session will explore the emerging threat of AI-driven ransomware attacks and discuss strategies for future-proofing networks against these sophisticated threats.

There will be three main deliverables:

  1. A comprehensive guide to implementing the Lockheed Martin Cyber Kill Chain for ransomware threat mitigation.
  2. A strategic playbook for integrating artificial intelligence in cyber defense mechanisms.
  3. An actionable framework for employee education and incident response to enhance organizational cyber resilience.

Dr. Cheryl Cooper has over 25 years of experience within the technology and cybersecurity industries, and on top of that, Dr. Cooper served in the U.S. Navy as a Telecom Technology Controller. Under her belt, she holds a doctorate in Computer Science with a concentration in Information Assurance, a Master’s of Science in Criminal Justice with a Specialization in Cybercrime, and multiple certifications– Information System Security Professional (CISSP) under the governing body of the International Information Systems Security Certification Consortium (ISC2), a Certified Data Privacy Solution Engineer (CDPSE) under the governing body ISACA, and a Certified Information Systems Security Auditor (CISSA).

[1 CPE] A Small Business Journey to the NIST Cybersecurity Framework 2.0

  Presented by Daniel Eliot • National Institute of Standards and Technology

The NIST Cybersecurity Framework (CSF) 2.0 is here! This is the first major revision of the globally recognized framework since its initial publication in 2014. If that wasn’t exciting enough, NIST also published the CSF 2.0 Small Business Quick Start Guide along with it. As a supplement to the CSF 2.0, the new Small Business Quick Start Guide provides small-to medium-sized businesses (SMB) with resources and considerations to kick-start their cybersecurity risk management strategy using the CSF 2.0. During this talk Daniel Eliot, NIST’s Lead for Small Business Engagement, will provide an overview of updates to the NIST Cybersecurity Framework 2.0 and will showcase the new CSF 2.0 SMB Quick Start Guide and other free NIST small business cybersecurity resources. Eliot will also spend time sharing various ways organizations can get more engaged with NIST’s cybersecurity and privacy work.

Daniel Eliot is the lead for small business engagement within the National Institute of Standards and Technology’s Applied Cybersecurity Division. In this role, he works across NIST’s cybersecurity and privacy program to advise and support development of cybersecurity resources, communication materials, and collateral tailored for use by small businesses. He also regularly works directly with the small business community and their advocates through external outreach and engagement. Immediately prior to joining NIST, Daniel worked within MITRE Corporation’s Center for Securing the Homeland, serving as the chief communications strategist at the NIST National Cybersecurity Center of Excellence. In prior roles he has also served as the director of education for the National Cybersecurity Alliance and manager of technology business development for the University of Delaware Office of Economic Innovation and Partnerships.

[1 CPE] AI: Friend or Foe? An Open Discussion With Your Colleagues

  Presented by INTERFACE Advisory Council

Artificial Intelligence has made a mark already and its use will only continue to expand. Are we fully prepared to embrace AI in our workplaces? Viewpoints differ on how widely AI should be used at this point. Commonly used applications and software now include AI capabilities as a part of their standard offerings. How is this governed in your company? Do you even have an AI policy drafted?

Join the INTERFACE Advisory Council for an open discussion on all things AI. We will cover the risks associated with using AI –– and the risk of NOT using it. What knowledge do you need right now? Bring your questions as we explore the starting points that every IT department needs to consider for an effective AI policy.

Panelists:

  • Jason Kentner, Chief Information Security Officer, KCAS Bioanalytical & Biomarker Services
  • Bill Kim, Chief Information Security Officer, Security Bank of Kansas City
  • Melissa Spicer, Director, Cybersecurity, Evergy
  • Mark Wilcox, Information Security Officer, SVP, NBKC Bank

[1 CPE] Disaster Preparedness and Data Protection Strategies for Business Continuous Availability

  Presented by Stacey Budd, Data Resilience Expert and Sales Engineer Team Leader • Arcserve

As natural disasters like hurricanes, wildfires, and severe winter events become more frequent and intense, businesses face increasing economic and operational challenges. High-profile disasters, including the Camp Fire in 2018, which incurred a staggering $16.5 billion in damages, and Hurricane Maria’s profound impact on Puerto Rico, estimated at $139 billion for full recovery, underscore the escalating financial stakes.

This presentation will explore effective strategies to bolster business resilience in the face of natural catastrophes.

Key elements of the session will include:

  • Critical insights from Arcserve’s annual global research study on disaster preparedness.
  • A comprehensive Disaster Preparedness Checklist tailored for companies.
  • Practical tools designed to safeguard business operations and data resilience.

We will delve into the details of a 5-step disaster and ransomware recovery plan template, as well as the 3-2-1-1 backup strategy, which ensures robust data recovery through multiple backup copies stored both locally and offsite. By implementing these strategies, businesses can minimize financial losses, reduce operational downtime, and achieve a rapid recovery, thereby ensuring continuity even during catastrophic events. This session aims to arm business leaders with the essential tools and knowledge to safeguard their enterprises amidst an increasingly unpredictable global landscape.

[1 CPE] The Current Threat Landscape Requires a Unique Approach

  Presented by Todd Bertchume, Technical Marketing Engineer • Forescout

Specialized threats targeting OT environments have been around since at least 2010, with the reports of Stuxnet. Recognizing the criticality of these devices, Threat Actors have continued evolving, continuing to target OT devices, many of which are inherently insecure-by-design. Research, such as Vedere Labs’ OT:ICEFALL research project and Project Basecamp by Digital Bond from 10 years ago showed how significant the scope of vulnerable devices are that are pervasive in critical infrastructure systems. Today’s SOC needs to not only see those devices and the risks they pose while also ensuring accurate detection of the threats uniquely targeting those OT environments they’re deployed in. This session will explore this unique threat landscape and the capabilities required to combat the threats and automatically mitigate the risks specially targeting Operational Technology environments.

Todd Bertchume is a Technical Marketing Engineer at Forescout. He brings over 23 years of experience in the networking industry working on the partner, customer, and manufacturer side of the business. He holds many industry certifications in networking and security. Over the years, he has helped many customers building data centers and spent the last few years specializing in securing assets in the health care industry.

[1 CPE] Navigating Cloud Complexity: Challenges, Drivers, and Solutions

  Presented by John McHaney, Enterprise Architect • Hitachi Vantara

Join this session for an overview of challenges and drivers for customers related to Cloud, including a General Hybrid Cloud architecture overview with Hitachi On-Prem, Near-Cloud and Hybrid-Cloud Solution Offerings.

John McHaney is an Enterprise Architect at Hitachi Vantara specializing in Cloud, Converged, and Business Applications, with expertise in Oracle and SAP technologies. He joined Hitachi Vantara in October 2018, bringing a background in software development, Oracle database administration, and infrastructure architecture. With experience in technical pre-sales at EMC, Oracle, and Hitachi, John excels in communicating complex solutions. Based in Atlanta, Georgia, he continues to innovate in enterprise architecture, leveraging his extensive experience in Oracle, SAP, and cloud technologies.