Archives: Seminar

Digital Ducks: Transformation Taking Flight at the University of Oregon

  Presented by Matt Riley • CTO & Leo Howell • CISO, University of Oregon

Dive into the world of IT in higher education at a flagship public institution, including where we have been, where we are and where we are going. Together, Leo and I will cover a little history, discuss where our institution is at today, and where the University of Oregon is headed in terms of the transformation of our business, the changing expectations of our students, staff and faculty, and how our teams are enabling these changes.

We will explore the challenges we experience as a brick and mortar campus operating in a virtual world. Key topics will include creating, servicing and maintaining the right technology infrastructure on campus, the influence and potential of the cloud, security and privacy and the alignment of IT and institutional strategy.

Matt Riley joined the University of Oregon as Chief Technology Officer early last fall. Matt has been involved in technology leadership within higher education for more than 28 years, including managing and directing IT at the University of Redlands for over 16 years. Matt then led IT for the School of Humanities and Sciences at the University of Redlands, eventually moving on to the University of Montana, where he served as chief information officer for five years before coming to Oregon. In his CIO role at Montana, Matt provided vision and strategic direction for information technology. Matt continues that work in Eugene, assisting Jessie Minton, chief information officer and vice provost for information services.

Leo Howell is an experienced and enthusiastic cybersecurity visionary committed to reducing risks and improving business productivity. Put another way, Leo empowers the “good guys” to do their stuff while doing what’s necessary to stop the “bad guys” from being a pain in the neck. Leo currently serves as the Chief Information Security Officer for the University of Oregon. Previously, he serves as the Director for Information Security Risk and Assurance at NC State University. In a past life, Leo served in senior roles in Internal Audit and held many other IT and security roles in and outside of higher education. Leo is a Certified Information Security Professional (CISSP), Certified Information Systems Auditor (CISA) and former certified almost everything else. He received his B.Sc. in Computer Science and Electronics from the University of the West Indies with honors, and his MBA from NC State University. Leo is a proud member of the international honor society Beta Gamma Sigma. He likes to build secure things. He is a proud husband and father and is excited and about the future.

Adapting to Fight Back: How Cyber AI Neutralizes Never-Before-Seen Threats

  Presented by Darktrace

In a world that is increasingly digital, cyber-attack has become the most significant risk confronting today’s businesses, smart cities, and critical infrastructure. Online crime cost the world more than half a trillion dollars last year, while recent attacks have managed to influence the U.S. presidential election and disrupt the Ukrainian power supply. This troubling state of affairs is the product of several fundamental weaknesses with the traditional approach to cyber defense, which relies on predefining what threats look like at a time when criminals launch never-before-seen attacks daily. Moreover, these attacks increasingly strike at machine-speed, preventing security professionals from responding before their damage is done.

Mitigating Cybercrime Through Automated Response and Integration

  Presented by Fortinet

Come join our talk on mitigating cybercrime and learn about best practices to help your company maintain a strong security posture through the digital transformation and beyond. The bad guys are using automated tactics to try to find a foothold in your network. Isn’t it time to leverage an integrated security approach to automate your response?

Active Directory Security: Early Stage Attack Activities to Watch For

  Presented by STEALTHbits Technologies

Attackers have demonstrated a consistent and ongoing ability to obtain access to workstations inside the network boundary through phishing and other web and email attacks. From here, attackers set their sights on gaining control of Active Directory as a means to an end; compromising Active Directory is an easy way to gain access to all critical corporate data and resources. Darin will discuss two early stage attack activities: LDAP reconnaissance and Password Spraying – that allow attackers to move laterally inside your AD environment. Detection strategies and mitigation steps will also be explained.

Operationalizing Cyber Resilience for School Safety & Continuity of Education

  Presented by Minna LeVine • CEO,
SMART Community Exchange

Increasingly numerous and successful cyber-attacks on high-value targets in American communities are captured in near-daily headlines. In her State of Homeland Security remarks on March 18, 2019, former DHS Secretary Kirstjen Nielsen called for a “Whole of Society” approach to correcting the realities, and looming consequences inherent in a cyber-reliant, and thus target rich, America. As targets for both cyber and physical predators. The presentation will provide insights into a private sector developed solution set that provides continuous real-time school security and situational awareness while simultaneously ensuring the continuity of education operations in communities throughout America.

Fast Data: The Next Wave Is Already Here & Accelerating

  Presented by Violin Systems

Your data is growing rapidly from all types of sources. Whether it is point of sale, IOT sensors, or public sentiment you need to be able to store it safely and securely. You also need to provide fast access for analytics, AI/ML applications and let’s not forget your customer’s demand for instantaneous response! Fast data needs to be faster, more reliable and more secure. In this session, you will learn how data storage technology is providing low latency and performance for these applications while dealing with the myriad of data sources that are springing up every day. You’ll hear from storage experts about how performance not only addresses your Fast Data needs, but helps you build a cost-effective environment to meet the most stringent needs around performance, compliance and regulatory issues.

Improving BCDR and Resilience with Cyber Attack Simulations

  Presented by Dr. Bryson Payne • Director, Center for Cyber Operations Education, University of North Georgia

Interactive Cyber Attack Simulation Exercises (ICASEs) prepare both government-level and business-focused leaders to better handle incident response, business continuity and disaster recovery by simulating a coordinated, multi-stage cyber-physical attack on critical infrastructure and traditional computing resources. By simulating multiple attacks at the same time, organizations can prepare to survive so-called “black swan” or “perfect storm” scenarios that would otherwise be devastating. After this session, participants will be able to apply cyber table-top planning and simulation exercises to their work environment to plan for and effectively respond to advanced cyber and cyber-physical attacks.

Dr. Bryson Payne is a TEDx speaker, best-selling author of Teach Your Kids to Code (2015, No Starch Press), and the founding Director of the Center for Cyber Operations Education at the University of North Georgia, an NSA-DHS Center for Academic Excellence in Cyber Defense. He is a tenured professor of computer science at UNG, where he has taught aspiring coders and cyber professionals since 1998. He is a Certified Information Systems Security Professional (CISSP®) and Certified Ethical Hacker (CEH), and he holds the SANS|GIAC GPEN certification, among other industry certifications. He was also the first Department Head of Computer Science at UNG and enjoys working with K-12 schools worldwide to promote computer science education.

Featured in CIO magazine and the Wall Street Journal, Dr. Payne’s first two books have been published in six languages, and his third book on hacking comes out in the second half of 2019. He’s also a popular online instructor with over 36,000 students from more than 160 countries, known for his top-rated Udemy course, Real-World Ethical Hacking (2017).

He holds a Ph.D. in computer science from Georgia State University and has published articles in scholarly and trade journals, in addition to speaking regularly at national and international conferences on computer science and cybersecurity education.

Introduction to FAIR Risk Analysis Methodology

  Presented by Donna Gallaher • President and CEO of New Oceans Enterprises

Present your risk assessments to your board of directors in the language they understand – financial loss. “FAIR” or “Factor Analysis of Information Risk” is the quantitative risk analysis methodology that works with common frameworks while adding context for truly effective risk management.

FAIR Quantitative Risk methodology improves upon the traditional “Red-Yellow-Green” executive dashboard reports by putting risks in financial terms. Applying FAIR methodology within your security program improves the quality of the discussions with your business stakeholders by diving into the assets, threat actors and impact of loss scenarios that are most meaningful to the organization. Once FAIR is methodology is added to your existing risk framework, your board of directors and executive team will be enabled to make better informed funding and risk mitigation decisions using objective data and financial models.

Exploitation of IT Vulnerabilities is Escalating

  Presented by Quest Software

Cybercriminals are savvier than ever. They understand that IT complexities create serious vulnerabilities, and these criminals are continually developing new ways to breach your organization’s boundaries. That is why a proactive, unified endpoint management (UEM) strategy should be part of your organization’s core business strategy.