Archives: Seminar

[1 CPE] The Foundation of Strong Security

  Presented by Nick McGillivray, Sr Sales Engineer  • Axonius

Tired of compliance that doesn’t translate into actual risk reduction? This session brings CIS Controls 1 & 2 to life with practical, actionable steps that strengthen your security foundation.

Learn how to improve asset visibility, enforce configuration discipline, and drive measurable security outcomes beyond simply checking compliance boxes. Today’s environments change faster than traditional tools can track —new servers, SaaS apps, AI software, IoT/OT, and NHIs constantly appear, creating blind spots where risk hides.

We’ll cover how to aggregate and correlate data from all your security and IT tools to deliver a single source of truth for your entire attack surface. The result: complete asset intelligence, clear ownership, and the ability to proactively remediate & spot exposures before they become incidents.

[1 CPE] Doing Digital Transformations Better

  Presented by Brook Conner • CIS Lecturer & PhD Candidate, University of Hawaii at Manoa

Every organization is trying to improve itself with new technology. Today, that technology is artificial intelligence. But it isn’t working nearly as well as it is supposed to. The problem isn’t the technology, or the hype around it. The problem is that large organizations undergoing change are complicated. There is no magic wand, no silver bullet, no hammer for the nail, that will work for everyone, not even AI. You need to describe what’s going on, past, present, and future. This description needs to include the technology, but also the people, the processes, the information, the world around you, everything. By incorporating diverse fields, including enterprise architecture, organizational behavior, programming language theory, semiotics, psychology, and more, even the most baroque organizations can be described, and their roadblocks and opportunities be revealed. See how, with examples both from past successes and from current trends.

Currently earning his PhD from the University of Hawaii, Conner is an experienced cross-industry CIO. He serves as a faculty instructor at the University of Hawaii at Manoa. His dissertation is tentatively titled “A system architecture approach to digital transformations.” It builds on both work experience and prior research and publications. Prior research included some of the earliest and formative papers on interactive 3D graphics, the relationship of programming language mechanisms to interactive systems, 3D user interface design, and a redesign of the undergraduate computer science curriculum.

Previous work includes five years at the Chief Information Officer (CIO) for the Hawaiʻi State Department of Education, where his team replaced the Department’s core accounting system, modernized collaboration for all staff and students, and managed the educational technology needed to support distance learning during the COVID pandemic. Prior to that, Conner was the Chief Information Security Officer (CISO) for Estee Lauder Companies, a Fortune 500 global retailer and manufacturer. He built the vulnerability management program for Morgan Stanley in response to a nation-state cyberattack, and re-architected core parts of the Bloomberg Terminal Service. Conner has an AB in art, an ScB in Math/Computer Science, and an MSc in Computer Science, all from Brown University. He is conversational in French and Hawaiian and enjoy stand-up paddling, role-playing games, video games, and wargaming.

[1 CPE] Speaking the Language of Risk

  Presented by Tom Ruoff, Principal Consultant • ImageSource

Organizations face rapidly evolving cyber threats, yet many still view technology as a cost center rather than a strategic partner. This presentation reframes the conversation by translating technical risks into business and financial terms leaders understand. Attendees will learn how to identify Business Essential Functions (BEFs), quantify operational and financial impacts, and apply practical risk‑estimation methods. By establishing a common language of risk, leaders can align priorities, invest where it matters most, and meaningfully reduce enterprise exposure. The session equips both executives and IT teams with tools to build consensus and drive smarter, outcome‑based cybersecurity decisions.

Tom Ruoff serves as Principal Consultant for ImageSource, Inc. providing cybersecurity consulting services (risk assessments, threat hunting, pen testing, breach remediation, security architectures, policies, business impact assessment) to commercial clients including Native American Tribes and Tribal Casinos, he is also a founder and current CEO of Zorse Cyber. Tom retired from the Dept of Homeland Security (DHS), Cybersecurity and Infrastructure Security Agency (CISA) in June 2023, as Chief, Methodology Branch, supervising vulnerability assessments for elections, power generation/distribution, and pipelines, and Federal Government IT systems. Before DHS, Tom was the Director of Systems Division at Northrop Grumman, developing cross domain solutions (CDS) for National Security Agency (NSA) and Central Intelligence Agency (CIA). Air Force veteran with tours at NSA, CIA element of the National Geospatial-Intelligence Agency, and Defense Intelligence Agency He is a Level III Federally Certified Program Manager, PMP, CISSP, CMMI Associate, MS/BS degrees in physics and electrical engineering.

Advisory Council Roundtables

Join us during the lunch hour for Advisory Council Roundtables, an interactive opportunity to connect with council members and peers on a variety of timely industry topics. Move freely between tables, share your perspective, and gather practical insights you can take back to your organization. These conversations are informal, high-value, and designed to spark ideas and connection.

Topics:

  • Data Protection in the Age of AI
  • Ensuring Security and Compliance with 3rd Parties
  • IT Staffing: Onboarding for Success
  • Get More Out of Your IT Spending
  • Managing Infosec for the Small/Medium Business
  • Security Approach in Public Sector
  • Security Awareness: What Methods Work to “Secure the Human”
  • Zero Trust Strategy: Challenges & Lessons Learned

[1 CPE] Bridging Zero Trust and SASE: A Unified Approach to Modern Cybersecurity

  Presented by Fortinet

This will be a panel discussion on how organizations can effectively bridge Zero Trust and SASE to create a unified, adaptive cybersecurity architecture that meets the demands of today’s hybrid workforce and threat landscape.

Key Takeaways:

  • Understand the core principles of Zero Trust and SASE, and how they complement each other.
  • Learn practical strategies for implementing a unified approach without adding complexity or disrupting operations.
  • Gain insights into real-world use cases and lessons learned from organizations successfully integrating these frameworks.

[1 CPE] Presentation Details Soon

  Presented by Check Point Software

The details of this presentation will be available soon. Please check back for updates!

Check Point is a leading provider of cyber security solutions to governments and corporate enterprises globally. Its solutions protect customers from 5th generation cyber-attacks with an industry leading catch rate of malware, ransomware and other types of attacks.

[1 CPE] From Initial Access to Full Control: Live Hacking, Remote Shells, and Command & Control

  Presented by Wayne Johnson, Chief Executive Officer • Stellar

Step into the attacker’s perspective in this live, unscripted demonstration of real-world hacking techniques. We’ll walk through every phase of a modern intrusion: crafting initial payloads to gain foothold, establishing resilient remote shells, and building robust command and control (C2) channels that blend into normal network traffic.

This session will showcase:

  • Methods for delivering and executing payloads without triggering defenses.
  • Techniques for spawning and managing reverse shells on Windows and Linux.
  • Approaches to encrypting and obfuscating C2 communications.
  • Tips for evading detection and maintaining persistence.

Whether you’re defending enterprise environments or learning to think like an adversary, you’ll leave with practical insights into how attackers operate—and how you can detect and disrupt them. Live Q&A will follow, so bring your questions and curiosity.

[1 CPE] Ransomware Resilience: Navigating Threats in a Hybrid-Cloud World

  Presented by Ken Smallwood, Systems Engineer, Data Services and Storage • HPE

This presentation explores how organizations are navigating rising cyber threats, evolving workloads, and stricter regulations while managing legacy environments. We will discuss the growing risk of ransomware, fragmented data across cloud and edge, and the need for unified, resilient data protection strategies.