Archives: Seminar

[1 CPE] Adventures in CIS: Settings Standards for Windows Workstations and Servers

  Presented by INTERFACE Advisory Council

The Bank of Hawaii has recently completed a project implementing a set of benchmarks defined by the Center for Internet Security (CIS). The intent of this project was to standardize and document security settings on all Windows Workstations and Servers across the organization. The scope of this project was enormous, but the benefits of having completed the implementation are great. Preston and Mike will be discussing the trials and tribulations they encountered along the two-and-a-half-year implementation. In addition, they will offer suggestions for organizations wishing to harden their own security profile through the implementation of CIS benchmarks.

Speakers:

  • Mike Lotter, Systems Automation and Security Engineer, Bank of Hawaii
  • Preston Robler, Manager, Infrastructure Application Services, Bank of Hawaii

Preston Robler was born and raised in Colorado. He obtained a degree in Computer Science from the University of Colorado and has 12 years of experience developing applications in the Java programming language. His adventures in software development have taken him from Colorado to Massachusetts, New Zealand, Alaska, and finally Hawaii. Currently, he manages the Systems Automation and Security team at the Bank of Hawaii.

Mike Lotter has spent over 10 years in systems and network administration across two continents, with a focus on Microsoft products and security. For the last 3 years, he has worked in the Systems Automation and Security team at Bank of Hawaii, two of which were spent on the CIS implementation project.

[1 CPE] AI-Driven Networking

  Presented by Will Bonilla, Enterprise Strategic Accounts • Juniper Networks

Every connection counts. Nearly every vital experience in modern-day life requires a strong network connection. At Juniper, we believe that connectivity is not the same as experiencing a great connection. When you shift from simply measuring connectivity to focusing on the experience of the end-to-end connection – everything changes. Join us to learn how Juniper is revolutionizing networking with an experience-first approach driven by the industry’s only AI-Native Platform.

[1 CPE] One Click Away: Lateral Movement Stemming from Office 365 Compromises

  Presented by Wayne Johnson, CEO • Stellar Technologies

In the rapidly evolving digital age, the security of cloud-based platforms like Office 365 is paramount for businesses worldwide. “One Click Away: Lateral Breaches Stemming from Office 365 Compromises” delves into the hacker’s mindset, unveiling how the hack occurs (LIVE DEMONSTRATION) and how a seemingly minor compromise can trigger a cascade of security breaches with profound implications for businesses. This presentation will explore the multifaceted threat landscape of Office 365, Active Directory, SAML, and SSLVPN, illuminating the pathways through which a simple breach can spread across an organization’s digital ecosystem. Attendees will gain insight into the initial indicators of compromise, empowering them with the knowledge to detect early signs of infiltration. By emphasizing preventative measures and best practices, the session aims to equip participants with robust strategies to safeguard businesses from everyday threats. Furthermore, it will outline effective incident response and mitigation strategies, providing a blueprint for responding to breaches with precision and agility. The presentation will also underscore the far-reaching consequences of breaches, from operational disruptions to severe financial and reputational damage, highlighting the critical need for a proactive and informed approach to cybersecurity in the era of cloud computing.

[1 CPE] The Intersection of AI and Cybersecurity

  Presented by Robbie Elliott, Head of Engineering, West & Eric Darancette, Security Engineer • Check Point

As artificial intelligence (AI) permeates our lives, it’s crucial to address the cybersecurity challenges it presents. In this dynamic landscape, AI will be utilized by both attackers and defenders. We will explore the opportunities of leveraging AI to enhance your business and defenses while acknowledging the potential risks. AI-powered attacks, opaque AI systems, and a lack of standardized security practices demand proactive measures, rigorous protocols, and transparent designs to ensure a secure AI ecosystem.

[1 CPE] Meaningful Compliance: More than Just Checking Off Boxes

  Presented by Mark Fitzgerald • Chief Compliance Officer, Brigham Young University Hawaii

A key to creating a culture of compliance is to make it meaningful for all who are involved. Too often compliance is seen as a restriction rather than a series of best practices that can keep all of us safe and enhance user experiences. By adopting practices learned from your help desk –– knowledge management, continual improvement, setting expectations, and practice communications –– you can transform compliance into a tool to help users trust in what IT is delivering to them.

Mark Fitzgerald is BYU Hawaii’s Chief Compliance Officer in the Office of Compliance & Ethics and oversees the Purchasing Department. In this position, Fitzgerald manages programs and activities for establishing standards and implementing procedures to help leaders and managers ensure the university’s compliance with applicable laws and regulations.

Fitzgerald has worked in higher education information technology for over 25 years. Most recently, he worked as the Chief Information Security Officer at Boise State University where he had responsibility for IT compliance. He has also held positions as Executive Director for the Office of Information Technology and Director of Customer Care and Academic Technologies. He taught in the Master of Business Administration program at Boise State University. He also spent some of the early years of his career at BYU in Provo, Utah.

Fitzgerald has a Master of Business Administration in Information Technology from Boise State University and a Bachelor of Arts in Marketing Communications from Brigham Young University in Provo. He has several certifications and associations, including being a Lean Six Sigma Yellow Belt. He also had the privilege of teaching in the Boise State University MBA and Master of Cybersecurity programs.

[1 CPE] Backup ≠ Cyber Recovery

  Presented by Rubrik

Legacy backups are vulnerable to attacks, can’t help you find threats, and force you to do wholesale restores that drag out recovery times. Rubrik Zero Labs found that only 5% of organizations were able to return to business continuity or normal operations within one hour of discovering a CyberAttack. A modern cyber recovery solution is critical for Security and IT teams to be cyber-resilient. Learn how you can make your data indestructible.

[1 CPE] Panel: Help is Here to Govern AI in Your Workplace!

  Presented by INTERFACE Advisory Council

Is generative AI a true hope, or is it all hype? Are you struggling to keep your end users protected from using AI tools that could cause security concerns? Is your data being protected from entering the AI space? These are just a few of the questions occupying the IT workforce today. While it may seem like a daunting task with no end in sight, there are others facing your challenges and wanting to share their experiences.

Our panel of local IT experts will share their experiences in what it takes to have a smart AI posture. We will discuss data governance, cyber security, and privacy concerns when it comes to AI in your workplace. Please bring your questions as well so you can get some guidance on the challenges you face today. Our esteemed panelists are some of the most experienced IT leaders in Hawaii and they want to share their experiences.

Panelists:

  • Rebecca Cal, Chief Data Officer, State of Hawaii
  • Randy Faatau, Vice President, Cybersecurity Architecture & Operations, First Hawaiian Bank
  • Vince Hoang, Chief Information Security Officer, State of Hawaii
  • Jodi Ito, Chief Information Security Officer, University of Hawaii

[1 CPE] Avoiding the Silver Bullet Fallacy Within Insider Threat Detection

  Presented by Damien Weiss, National Security Defense Strategist  • Splunk & Cisco

Damien Weiss is an insider threat specialist at Splunk, where he has been for the past seven years. He works to find ways for analysts to use a constellation of software tools to help find insiders faster. Over the past year, he has focused on using ML and LLMs to help identify those who are looking to harm others or themselves.

[1 CPE] How to Build a High Confidence Cyber Recovery Plan

  Presented by Bharath Nagaraj, Sr Technical Field Director  • Cohesity

In an era where data is both a prime asset and a target, the global cybercrime cost is expected to soar to $10.5 trillion USD by 2025, with ransomware attacks becoming more frequent. Despite this, 80% of organizations doubt their cyber resilience strategies. The importance of being prepared for “black swan” cyber events, which exploit new vulnerabilities and can cause overwhelming damage, is highlighted. Cohesity emphasizes the role of Generative AI in bolstering a company’s security by automating threat detection, ensuring compliance, and promoting collaboration across departments. This approach not only mitigates risks but also aligns with strategic IT resilience planning. In an upcoming discussion led by Cohesity’s Senior Technical Field Director, Bharath Nagaraj, insights into overcoming large organizational challenges, effective response strategies, stakeholder roles, and steps for integrating cyber resilience into IT strategies will be explored, aiming to instill confidence in recovery without succumbing to ransoms.

[1 CPE] Modern Data Storage Strategies for AI and Data Protection

  Presented by Jason Proctor, Field CTO, Cyber Recovery & Compliance, and Andy Scherzinger, Advisory Systems Engineer • Dell

In today’s digital landscape, protecting unstructured data is paramount, especially with the increasing threat of ransomware attacks. Implementing robust defenses involves a multi-layered approach, including encryption, access controls, regular backups, and comprehensive monitoring systems. Furthermore, understanding how storage solutions operate is crucial, particularly for modern regenerative AI workloads. By leveraging innovative storage technologies such as distributed file systems and object storage, organizations can efficiently manage vast amounts of data while ensuring its integrity and accessibility for AI-driven applications. This holistic approach not only safeguards against potential threats but also enables seamless data management and utilization in the era of advanced analytics and artificial intelligence.