Archives: Seminar

[1 CPE] A Truly Statewide Strategy for Building the Collective Defense of Arizona

  Presented by ACTRA

As NATO says, an attack against one of us is an attack against all of us. Threat actors continue to victimize both government and business targets without regard to their affiliation or sector. Arizona’s unique strategic partnerships allow it to combine public sector support and private sector ingenuity to break down silos and build a truly statewide community of collaborative cyber defenders.

Speakers:

Ryan Murray, Deputy Director & Interim State CISO, State of Arizona
Frank Grimmelmann, President & CEO, Arizona Cyber Threat Response Alliance

Ryan Murray joined the Arizona Department of Homeland Security in July 2021 and currently serves as the Deputy Director over Cyber Command and as the Interim Chief Information Security Officer for the State. He also previously served as the Chief Information Security Officer for the Arizona Department of Revenue for three and a half years. In his current role, Deputy Director Murray provides tactical and operational leadership for Cyber Command, and strategic planning, facilitation, and coordination of cybersecurity efforts throughout the State.

Frank J. Grimmelmann serves as President & CEO for the Arizona Cyber Threat Response Alliance (ACTRA), a non-profit entity that was developed collaboratively with the Arizona InfraGard Program, the FBI, USDHS and law enforcement, and independently launched in 2013 to enable its private/public sector member organizations across all critical sectors to enable themselves to respond to the escalating national cybersecurity threat.

[1 CPE] How AI Can Think Like an Attacker

  Presented by Alissa Guevara, Cyber Security Technologist • Darktrace

In the face of skyrocketing cyber risk, detecting and responding to attacks is no longer enough. Organizations must take proactive steps to prevent threats before they happen and to recover if compromised. In this session, Darktrace unveil an ambitious new approach to security, with core engines powering AI technologies to prevent, detect, respond, and ultimately heal from attacks across all areas of their digital environment. Together, these engines combine to strengthen organizations’ security posture in a virtuous AI feedback ‘loop,’ which provides powerful end-to-end, bespoke, and self-learning solutions unique to each organization.

[1 CPE] Keeping Your Campus Safe with Gunshot Detection and Response

  Presented by iT1 Source & EAGL Technology

Today’s unfortunate incidents require a new mindset and improved processes to better address workplace threats. Join us to learn about gunshot technology, developed by the Department of Energy, and using technology to drive a faster response. This session will cover gunshot detection, customizing response actions such as 911 emergency dispatch, email/text notifications, locking access-controlled doors, PA broadcasts, and more.

[1 CPE] Evening the Odds of Cyber Warfare

  Presented by Michael Lettman • Cyber Security Advisor, Cybersecurity and Infrastructure Security Agency

Protecting your network and data is always a challenge. Threats can come from hackers looking to cause trouble, disgruntled employees, or users that don’t realize they are being targeted. Possibly the biggest threat now is cyber warfare. Nation States are sponsoring campaigns of disinformation and are constantly looking to disrupt any systems they can. Technology professionals have a great ally in this battle and help is available now.

In this session, you will learn about the Department of Homeland Security’s (DHS) youngest agency, the Cybersecurity and Infrastructure Security Agency (CISA), and resources available at “no cost” to State, Local, Tribal, and Territorial governments and organizations with critical infrastructure. Your enemies will use any tools they have, even drones, to attack your systems. Come get the information you need to stay on top of the current threat landscape.

Mike Lettman is the Cyber Security Advisor for Region 9 with the Department of Homeland Security. The mission of cyber security advisors is to provide direct coordination, outreach, and regional support to protect cyber components essential to the sustainability, preparedness, and protection of the Nation’s Critical Infrastructure and Key Resources (CIKR) and State, Local, Tribal, and Territorial (SLTT) governments. This is primarily accomplished with tools and assessments to test an organization’s resilience and cyber maturity. Mike has served in several capacities on many cyber and security teams, task forces, and committees over his career. He is currently sitting on the Governor’s Arizona Cyber Team (ACT), a member of the Arizona Counter Terrorism Information Center (ACTIC), and a member of the State of Arizona’s Cyber Disruption Planning Group.

Prior to becoming the Arizona CSA, Mike was the Chief Information Security Officer (CISO) for the State of Arizona for 6 years and the CISO for the State of Wisconsin for 8 years. Mike is currently only one of three people in the country that has worked as a CISO for two different state governments. During this time Mike has briefed four Governors offices, many Adjutants Generals, and policy advisors on cyber issues, adversaries, and threats, creating strategies and recommendations to improve the cyber resilience and maturity of those entities. He supported many high-level events such as the Super Bowl, state elections, inaugurations, and government officials lying in state. In addition to high-level events, Mike has organized, participated in, and successfully completed multiple cyber exercises in both states involving government entities, critical infrastructure private sector companies, and the National Guard.

[1 CPE] Panel: Retaining Your IT Staff in a Post-Pandemic Workforce, Can it Be Done?

  Presented by INTERFACE Advisory Council

“The other company is offering higher wages. I get to work remotely as much as I want, and I am getting a four-day workweek. Sorry, but I must take it.” Have you heard this just a few times? So many IT hiring managers are having to find creative ways to keep staff members in-house. While budgets and major company overhauls can’t always be achieved, some methods can help.

Over the last three years, IT leaders have had unique challenges develop for retaining staff. Join the INTERFACE Advisory Council for an open conversation on how to keep your IT staff intact. This panel features local area IT hiring managers and leaders that deal with these challenges in their shops. Bring your questions as there will be an opportunity to get advice on your needs.

Panelists:

  • Pamela Davis, Cyber Security Threat Intelligence, Southwest Airlines
  • George Gerardo, Director, Information Technology, West-MEC
  • Stephanie Inners, Manager, IT & Systems, R. E. Darling Co., Inc.
  • John Kullman, Sr Manager, Network, Yuma County

[1 CPE] Shattered Perimeters

  Presented by Erik Graham, Marsh & McClennan Co.

Prior to COVID, the cyber perimeter of a business was relatively well defined. The business knew what information assets held what information. With COVID, it was necessary to change the cyber perimeter quickly to keep business alive. Today many businesses cannot tell you what information assets hold their data or how that data is protected. In this presentation, Erik Graham will cover several of the major risks with work-from-home (WFH) and possible solutions to those risks.

Erik Graham is a lead incident responder on the incident response team at Marsh & McLennan; he is responsible for the identification, documentation, and communication of security risks as well as the analysis, eradication, and recovery of cyber incidents that affect Marsh & McLennan’s information assets.

Erik has been working in the computer industry for 25+ years with over 20+ years directly focused on computer security and information assurance. He has worked in a wide variety of both physical and logical security areas related to computer network attack (CNA) and computer network defense (CND). Currently, he is working in multiple areas such as risk identification and management, evaluating emerging technologies, malware analysis, supply chain analysis, and cloud security.

Erik has a Bachelor of Science from the University of Phoenix, and a Master of Science in Information Assurance from Norwich University, and holds multiple industry certifications including CISSP-ISSAP, CISM, CRISC, and CDPSE.

[1 CPE] Open Source Developers Are Security’s New Front Line

  Presented by Austin Steffes, Sales Engineer • Sonatype

Bad actors have recognized the power of open source and are now beginning to create their own attack opportunities. This new form of assault allows hackers to poison the well, where OSS project credentials are compromised, and malicious code is intentionally injected into open source libraries. In this session, Sonatype will explain how both security and developers must work together to stop this trend or risk losing the entire open source ecosystem.

  • Analyze and detail the events leading to today’s “all-out” attack on the OSS industry.
  • Define the future of open source in today’s new normal.
  • Outline how developers can step into the role of security to protect themselves and the millions of people depending on them.

[1 CPE] Hybrid Cloud: Empowering IT with Resiliency, Multicloud Strategies, Optimal Spend, & Sustainability

  Presented by Michael Donahue, Sr Director, Hybrid Cloud and XaaS  • Hitachi Vantara

The hybrid cloud has emerged as a game-changing paradigm for modern IT infrastructure, offering IT Leaders and above a wealth of opportunities to drive innovation and efficiency. With the ever-increasing demand for cyber resiliency, flexibility, and sustainability, it is crucial for IT constituents to grasp the intricacies of the hybrid cloud, including key concepts such as security, multicloud, nearcloud, cloud spend optimization, data refactorization, and sustainability practices.

Throughout the session, real-world case studies and examples will be shared from Day 0, Day 1, and Day 2 customers.

  • Day 0 means you want to take advantage of this new framework but are still working through how to adopt hybrid cloud, how to secure it, and how to recruit proper talent to maximize it.
  • Day 1 means your organization took the first step and has a minimum spend commit they must meet. However, you’re still unsure of how to meet it because you’re still determining which applications to refactor, which containerized microservices to adopt, how to reskill existing talent, and how to implement your compliance and governance strategy.
  • Day 2 means your organization has already overcome these hurdles. Nice work! Instead of worrying about hitting a minimum spend commit, you’re now focused on optimizing your environment to limit sprawling cloud costs and looking towards data repatriation efforts.

Participants will have the opportunity to engage in interactive discussions and pose questions, fostering a collaborative learning environment. By the end of this session, IT Leaders will have the knowledge and tools necessary to evaluate, plan, and implement hybrid cloud solutions that align with their organization’s goals, including sustainability. Afterall, Hitachi is committed to providing solutions that are exclusively carbon-neutral or zero-carbon, ensuring a sustainable and environmentally friendly approach.

[1 CPE] Exploring the Anatomy of Modern-Day Breaches

  Presented by Tim Medin, CEO • Red Siege

Join this presentation for a comprehensive overview of modern cybersecurity threats and how breaches occur. We will highlight the various methods used by cybercriminals, including phishing, social engineering, and ransomware attacks, and emphasize the importance of identifying and addressing vulnerabilities before they can be exploited. Throughout the presentation, we’ll discuss the importance of a proactive approach to cybersecurity, including regular security assessments, penetration testing, and vulnerability scanning, as well as education and training for employees to recognize and report suspicious activity. There are a lot of vulnerabilities in the wild, and IT administrators and security professionals often focus on the wrong issues because they are easier to monitor or measure. By the end of the presentation, you will have gained valuable insights into the latest cybersecurity threats and how to protect against them.