Archives: Seminar

[1 CPE] Technology Drives Our Clean Energy Future

  Presented by Dave Worth • Divisional CIO, Portland General Electric

The challenges facing the electrical grid are well known, and well publicized. How will energy be produced? How will it be distributed? How do customers realize the value of their renewable investments? How do we keep it equitable? These are significant challenges, but PGE engineers, technicians, and technologists have converted many challenges into opportunities in our 134-year history, and we feel no different about these. The first step is to orchestrate the activities of each participant and improve the ability to operate our grid using automation. Simultaneously, we are called on to implement, maintain and replace a large amount of infrastructure to support the transition to electricity as an energy source efficiently. The virtuous cycle is a grid that is easier to maintain, more reliable, safer, and equitable to all stakeholders and is being driven through close IT/OT collaboration and cross-functional implementation.

Dave Worth is the Divisional CIO for Advanced Energy Delivery and Utility Operations at Portland General Electric. He leads the technology effort to modernize PGE’s capabilities, in service of its mission to drive Oregon’s energy transformation. Dave’s team focuses on outcomes for customers by delivering, maintaining, and modernizing technology associated with asset & work management, mobile, grid operations, emergency operations, and bulk management systems within PGE’s utility operations. Prior to this role, Dave was the Director of PGE’s Customer Engagement Transformation, which modernized PGE’s billing and metering systems, and is the largest IT project executed by PGE to date. Beyond software delivery and support, Dave’s management and technical expertise include customer service operations, marketing and sales, business development, and telecommunications. Dave lives with his family in Portland, Oregon where he enjoys gardening, playing guitar, and experiencing the outdoors by hiking and camping. Dave has been with PGE for 22 years, and in the IT industry for twenty-five. He graduated Magna Cum Laude from Linfield College with a BS in Business Information Systems (a mixed computer science/finance program).

[1 CPE] How You Communicate Risk Might Just Be Your Biggest Risk of All

  Presented by Meghan Maneval, Director of Technical Product Management • Reciprocity

It’s no secret that recent years have seen an uptick in malware attacks, data exfiltration, and vulnerability exploitation. And likely your Executive Leaders and the Board want to know, “Are we doing enough to protect ourselves?” As professionals, we need to be prepared to respond to difficult questions. But all too often, we see risk through the lens of “how” we are protecting our organization instead of “how well” it is protected. Seeing risk through different lenses can skew how risk is communicated resulting in a false sense of security and heightened risk for your organization.

Join this session to learn about the three types of “glasses” CISOs and Information Security professionals often wear: Rose Colored Glasses, Blinders, and Magnifying Glasses. Learn about the “right” glasses that can help you proactively monitor and communicate risk in a context your organization will understand. Wearing these glasses enables organizational leadership to prioritize investments and agree on a level of protection to enable company success and mitigate your biggest risk of them all.

[1 CPE] Open Source Developers Are Security’s New Front Line

  Presented by Neel Thakkar, Sales Engineer • Sonatype

Bad actors have recognized the power of open source and are now beginning to create their own attack opportunities. This new form of assault allows hackers to poison the well, where OSS project credentials are compromised, and malicious code is intentionally injected into open source libraries. In this session, Sonatype will explain how both security and developers must work together to stop this trend or risk losing the entire open source ecosystem.

  • Analyze and detail the events leading to today’s “all-out” attack on the OSS industry.
  • Define the future of open source in today’s new normal.
  • Outline how developers can step into the role of security to protect themselves and the millions of people depending on them.

[1 CPE] Cybersecurity Threats & Best Practices for Information & Operational Technology

  Presented by Leslie Kainoa and Theresa Masse • CISA

The Cybersecurity and Infrastructure Security Agency (CISA) leads the national effort to understand, manage, and reduce risk to our cyber and physical infrastructure. We connect our stakeholders in industry and government to each other and to resources, analyses, and tools to help them build their own cyber, communications, and physical security and resilience, in turn helping to ensure a secure and resilient infrastructure for the American people.

This presentation will feature two local Oregon CISA leaders, Cybersecurity Advisor Leslie Kainoa and Cybersecurity State Coordinator Theresa Masse. It will focus on general cyber threats and, more specifically, on operation technology cybersecurity best practices and current threats. It also will outline cyber services CISA provides at no charge.

[1 CPE] Modern Segmentation Architectures

  Presented by Tyler Conrad and Jeremy Georges • Arista Networks

In this presentation, we will explore the different network segmentation models available, including VLANs, VRFs, and group-based segmentation models.

We will begin with an overview of the different segmentation models and discuss their benefits and drawbacks. VLANs provide a simple way to segment traffic but do not scale well in larger environments. VRFs offer more robust isolation but can be complex to manage. Group-based segmentation models offer a flexible and scalable way to segment traffic based on the endpoint itself rather than the network. We will discuss the implementation and configuration of each of these models and provide examples of how they can be used in different scenarios.

Next, we will discuss how EVPN with either VXLAN or MPLS transport can be used as an attachment point to allow for segmentation to cross the network device boundary and become a network-wide policy.

Finally, we will compare the different models to help you choose the best segmentation approach for your network, as well as how to layer these together to have a more complete design. By the end of this presentation, you will have a better understanding of modern segmentation architectures and be equipped to make informed decisions for your network.

[1 CPE] 40 Years in 40 Minutes – A Journey Through Cyber

  Presented by Grant Asplund, Growth Technologies Evangelist • Check Point Software

A journey through cyber – from stand-alone Apple II computers using PFS or Ashton-Tate software to today’s ubiquitous, always-on, hyper-connected, cloud-first computing. This session is a fun compilation of short stories and excerpts spanning four decades in the cyber industry. Grant will discuss the transition from single systems to networking to the internet… and how cyber security has evolved from securing virtually nothing to virtually everything. Grant will also share his thoughts on the constantly evolving threat landscape including IoT, Cloud, and the still-reigning champion, Email. Finally, Grant will offer considerations for improving your overall security posture today as well as future trends… you’ll even have a chance to win some cash.

[1 CPE] Why is Critical Data Being Compromised?

  Presented by Benjamin Longuechaud, Sr Sales Engineer, Thales Cloud Security  • Thales Group

Securing critical data and information was where this industry started a long time ago, but it became more challenging with the rapid growth of enterprise data in an interconnected world. The pandemic forced organizations to support a remote workforce and expose critical systems that were once only accessible from inside the company’s network. We’ve increased the attack surface and the number of vulnerabilities which has led to more data breaches. With the technology advancements in access management, data discovery and encryption we can once again shift the focus to securing our data and information. In this presentation, we will discuss a unified data-centric security approach and strategy to protecting your most critical data and information.

Benjamin Longuechaud is a Senior Sales Engineer for Thales Cloud Security, the world-wide leader in data security, hardware and software encryption. Benjamin started his career as a Software Engineer developing Cloud-based applications before training and supporting software development teams. He recently joined Thales to focus on creating security strategies to Discover, Protect and Control data wherever it resides.

[1 CPE] Top 5 Ransomware Myths: What the Evolution of Ransomware Means for Businesses

  Presented by Bitdefender

2021 was “the year of ransomware.” But so were 2017, 2018, 2019, and 2020 – and so far, 2022 is not very different. Ransomware is no longer a problem discussed only in the cybersecurity and tech communities – it is now a regular topic in mainstream media headlines and executive board meetings.

So why is ransomware such a menace, and why can we not seem to get rid of it? One of the reasons is that we seem to miss the continued evolution of ransomware. We keep preparing for the last war. Ransomware in 2022 is very different than ransomware in 2017, yet we still treat it the same way.

Dan Russell, Director of Engineering, will help you to learn more about:

  • Ransomware evolution and what we need to un-learn to effectively combat it
  • The most common myths, misunderstandings, and misconceptions about ransomware and the threat actors behind it
  • The most effective tips to become more cyber resilient and prevent security incidents from turning into catastrophic breaches

[1 CPE] Pen Testing Pitfalls to Avoid

  Presented by Secureworks

Why make the same mistakes others have already made? Using real-life examples of missteps made by other companies, you will learn what you can do to have a successful penetration test and maximize learnings.

[1 CPE] 4G / 5G Network Security

  Presented by Cradlepoint

Protecting organizational infrastructure, networks, and hardware devices is a never-ending pursuit these days. There is a secure network solution that offers a simple-to-manage alternative to complex VPN infrastructures for securely connecting sites, vehicles, IoT, and remote workers. This session will cover how to secure remote sites with ease, reduce attack surfaces by building undiscoverable network resources, and provide any-to-any connectivity. Learn how to unlock operational agility through built-in tunnel orchestration and simplified configuration. It’s all about end-to-end WAN and network security services that tightly integrate with routing and security devices to establish encrypted connections to access applications and resources in the cloud or data center.