Archives: Seminar

[1 CPE] Foundations of Cybersecurity

  Presented by Mark Breunig & Troy Lofven • CISA

Cybersecurity is comprised of many aspects and fields. To build into the more advanced defenses, every organization must first develop a solid foundation in each area. This presentation will touch on the practical steps necessary to begin that approach.

Speakers:

  • Mark Breunig, Alaska Cybersecurity State Coordinator
  • Troy Lofven, Cybersecurity Advisor

Mark Breunig is the Cybersecurity State Coordinator in Alaska, representing the U.S. Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA). CISA serves as the nation’s risk advisor and collaborates with industry and government partners to strengthen the resilience of the nation’s critical infrastructure against cyber and physical risks. In this role, Mr. Breunig is a cybersecurity liaison between state and local government officials, critical infrastructure stakeholders, and the federal government and provides strategic planning, threat awareness, risk management advice, and incident response coordination.

Prior to joining CISA, Mr. Breunig served as the Chief Information Security Officer for the State of Alaska for two and a half years. As the Chief Information Security Officer, Mr. Breunig was responsible for strategic planning and design of the State’s cyber defense posture and operational management of the State Security Office. The State Security Office provided cyber security services for all departments within the State Executive branch. Prior to his role as the Alaska Chief Information Security Officer, Mr. Breunig was the IT Compliance Officer for the Municipality of Anchorage. He was responsible for the security of over 12,000 endpoints throughout the municipality and also oversaw the Records Management Office.

Overall, Mr. Breunig has more than two decades of professional experience in cybersecurity and information assurance in the government and private sectors.

[1 CPE] Beyond the Backup: A Look into Resiliency Program Development

  Presented by Jason Tupeck, BCDR Consultant • CompuNet

The presentation “Beyond the Backup: A Look into Resiliency Program Development” delves into the intricacies of building a robust resiliency program beyond traditional backup strategies. It explores the spectrum of disruptive events, from large-scale disasters to smaller, potentially more frequent disruptions, and emphasizes the importance of a comprehensive framework for efficient response and recovery. The talk will cover key areas surrounding the “Four Ps”, offering insights into developing a mature resiliency program, emphasizing the importance of prioritization, planning, preparation, and practice as critical steps to enhancing an organization’s ability to navigate through and recover from various disruptions.

[1 CPE] AI: Friend or Foe? An Open Discussion With Your Colleagues

  Presented by INTERFACE Advisory Council

Artificial Intelligence has made a mark already and its use will only continue to expand. Are we fully prepared to embrace AI in our workplaces? Viewpoints differ on how widely AI should be used at this point. Commonly used applications and software now include AI capabilities as a part of their standard offerings. How is this governed in your company? Do you even have an AI policy drafted?

Join the INTERFACE Advisory Council for an open discussion on all things AI. We will cover the risks associated with using AI –– and the risk of NOT using it. What knowledge do you need right now? Bring your questions as we explore the starting points that every IT department needs to consider for an effective AI policy.

Panelists:

  • Mark Merchant, Chief Information Security Officer, Municipality of Anchorage
  • Tamara Serr, Director, Information Services & Cyber Security, Central Peninsula Hospital
  • Benjamin Shier, Chief Information Technology Officer, University of Alaska Anchorage
  • Bill Smith, Chief Information Officer, State of Alaska

[1 CPE] Securing the Future: Cyber Insurance and Cybersecurity Strategies for 2024

  Presented by Andrew Livingston, Cyber Security Specialist • Sentinel Technologies

In the dynamic and interconnected digital era of 2024, the landscape of cyber threats continuously evolves, posing unprecedented challenges to businesses worldwide. “Securing the Future: Cyber Insurance and Cybersecurity Strategies for 2024” delves into the intricacies of cyber insurance as a pivotal component of modern business risk management. This presentation offers a thorough exploration of the latest trends in cyber threats that businesses face, such as sophisticated AI-driven attacks, the proliferation of ransomware, and the vulnerabilities introduced by emerging technologies. It highlights the critical challenges that could lead to the denial of cyber insurance claims and potential loss of coverage, emphasizing the importance of compliance, accurate representation of cybersecurity measures, and prompt incident reporting.

Furthermore, the presentation shifts focus towards proactive strategies for enhancing an organization’s cybersecurity posture. It outlines actionable tips for businesses to not only fortify their defenses against cyber threats but also to positively influence their cyber insurance rates. Through a blend of expert insights and practical guidance, the audience will learn about the significance of regular risk assessments, the adoption of multi-factor authentication, encryption, endpoint security, and the development of robust incident response plans. We’ll discuss:

  • Insights into the evolving cyber threat landscape in 2024.
  • Common pitfalls leading to cyber insurance claim denials.
  • Strategies for enhancing cybersecurity measures to favorably impact insurance rates.
  • The future outlook of cyber insurance and the role of emerging technologies.

By the conclusion of this presentation, attendees will be equipped with the knowledge to navigate the complexities of cyber insurance and implement comprehensive cybersecurity strategies. This will not only prepare them to mitigate the risks of cyber threats but also optimize their insurance coverage in the face of an ever-changing digital threat landscape.

[1 CPE] Go Hack Yourself: More War Stories from ~50k Pentests

  Presented by Jake Mickley, Sr Sales Engineer • Horizon3.ai

Join Jake Mickley, Senior Sales Engineer at Horizon3.ai, for an eye-opening session where he’ll discuss real-world examples of what NodeZero discovered in networks just like yours. You’ll hear about how fast and easy it is to compromise some of the largest networks in the world – with full domain takeover – often in minutes, and sometimes, without even exploiting a CVE. Discover how autonomous pentesting helps find unknown weaknesses in your infrastructure that could quickly result in ransomware exposure.

During this session, you’ll learn how attackers:

  • Use OSINT and password spraying to takeover systems without ever targeting CVEs.
  • Land and expand with legitimate credentials, then poison assets to take over domains.
  • Find cloud credentials and use them to compromise cloud services.

[1 CPE] Security Trends and Predictions

  Presented by Peter Ingebrigtsen, Sr Technical Marketing Manager • Arctic Wolf

In a dynamic cybersecurity landscape and fast-paced market, organizations grapple with ever-changing threats. Uncertainty abounds as they seek to benchmark themselves against their peers and prioritize initiatives. Join Arctic Wolf Senior Technical Marketing Manager, Peter Ingebrigtsen, as he explores key areas organizations are focusing on, top threat concerns, and responses by established organizations to emerging threats. Leveraging Arctic Wolf research, Peter further presents five critical security predictions for the next 12 months.

[1 CPE] A Pragmatic Approach to Implementing a Cloud Service Operating Model

  Presented by Tristan Todd, Solutions Architect • Pure Storage & Structured

For almost 10 years now, future-focused datacenter teams have been trying to evolve to a more cloud-like operating model. Some of us have succeeded, some of us have failed. During this fun-filled, example-heavy session, Solutions Architect Tristan Todd will share patterns of failure, patterns of success, some practical examples, and recipes for success on how organizations have succeeded in realizing success in adapting to a cloud ops model. This will be a fun, interactive, high-energy session that you won’t want to miss!

[1 CPE] Cybersecurity and Compliance For 2024

  Presented by Rob Wayt, Director of Governance, Risk, and Compliance • Structured

The cybersecurity regulatory compliance landscape has never been more complicated, and this presentation will provide information and updates to CMMC, GLBA, PCI, TSA, generative AI and security best practices. This discussion will focus on security solutions to these challenges, including penetration testing and zero trust implementations. Rob Wayt, Director of Governance, Risk, and Compliance at Structured will be the presenter.

[1 CPE] Modern Cloud Security Beyond the Buzzwords

  Presented by Palo Alto Networks & Structured

Get up to date with the rapidly evolving world of cloud and container security without the buzzword bingo. In a sea of acronyms (CNAPP! CSPM! CIEM!) it can be hard to know what it all means and what really matters. And because of the rapid pace of advancement, what was state of the art a couple of years ago underperforms today. We will catch you up and as a bonus, we’ll also talk about the opportunity to improve security while reducing costs (that’s right, reducing costs) through proactive and preventative collaboration with your dev teams.

[1 CPE] Securing East/West Traffic in a Modern Data Center

  Presented by HPE Aruba Networking & Structured

While data center networking has evolved over the past decade to address the volume and velocity of emerging application architectures, security and services architectures have not kept up with the explosion of East/West traffic. These services have all been different appliances or VMs bolted onto the network, leading to many challenges for IT teams including complexity, different vendors to manage, and network chokepoints. With a new category of data center switches powered by embedded DPU technology, we can run stateful services such as firewall, telemetry, and encryption directly on the switches themselves. With these stateful services delivered at wire-rate on every port, we can solve some of the biggest challenges with East/West traffic such a scale, performance, micro-segmentation, visibility, and automation.