Presented by Palo Alto Networks & Structured
Black Basta is ransomware as a service (RaaS) that first emerged in April 2022 and further evidence suggests even earlier development. The Black Basta operator(s) use speed, exfiltration, and extortion techniques to capture their victims. Join us for an insightful session on Black Basta ransomware and how you can defend like the experts!
Presented by Sherri Davidoff • Chief Executive Officer, LMG Security
Artificial intelligence is transforming the cyber battlefield. Hackers now use voice cloning, deep fakes, and AI-generated phishing attacks to steal funds, infiltrate cloud systems, and deploy malware. Join us in this cutting-edge keynote to witness the latest attack trends, including:
Cybersecurity is all about people. We’ll wrap up with top strategies for cybersecurity training and staffing, showing you how to create a “human firewall” to safeguard your organization against these evolving threats.
Sherri Davidoff is the CEO of LMG Security and the author of three books, including “Ransomware and Cyber Extortion” and “Data Breaches: Crisis and Opportunity.” As a recognized expert in cybersecurity, she has been called a “security badass” by The New York Times. Sherri is a GIAC-certified forensic analyst (GCFA) and penetration tester (GPEN) and received her degree in computer science and electrical engineering from MIT.
Presented by INTERFACE Advisory Council
Building a good team culture presents a multitude of challenges for any manager to navigate in the traditional office work environment. Different personalities can impact many elements of the day-to-day dynamic and bring both positive and negative changes to your culture. Some team members welcome praise for a job well done, while others prefer to not be recognized publicly. These hurdles were all in place well before remote working became prevalent.
With so many IT departments dealing with hybrid or fully remote workforces, how do you build bonds among your team members today? Has your company’s vision been set? Are expectations clear? Answering some of these basic questions can help build a good culture. However, more is needed to have a truly effective team.
Join the INTERFACE Montana Advisory Council for an open discussion about how to improve communication in your company. We will offer advice on what has worked well and what didn’t go as expected. We welcome your questions on how to create a positive work environment, no matter where your team members work from each day.
Speakers:
Presented by John Harmon, Chief Executive Officer • FRSecure
FRSecure (an Information Security company located in Edina, MN) took the results of +/- 400 Validated Information Security Assessments and 55 Incident Response Engagements conducted in 2022 and created an anonymized report from the data called: The State of Information Security. Full details and access to the report are available here: https://frsecure.com/2023-annual-infosec-report/
In this presentation, FRSecure Information Security Consultant Dave Tuckman will highlight key findings in the report, and what we can learn from it.
Understand how you can mitigate risk going forward to protect your business and clients in an ever-changing threat landscape. Dave will provide additional perspective on how you can leverage this information for a better understanding of your third-party (supply, vendor, contractor) relationships.
Topics include:
Presented by Tanner Harrison, Systems Engineer • Fortinet
Today’s ever-changing threat landscape challenges traditional security models. The emergence of the Zero Trust model represents a transformative approach, reshaping how organizations protect their assets. This presentation aims to demystify Zero Trust, offering a comprehensive understanding that goes beyond buzzwords. We will explore the foundational concepts of Zero Trust, emphasizing the “never trust, always verify” philosophy. By the end of this session, attendees will be equipped with the knowledge to begin their Zero Trust journey, enhancing their security posture, and protecting critical data and systems from modern threats. Whether you are a security professional, IT manager, or organizational leader, this discussion will empower you to take decisive action toward a more secure future.
Presented by Jamie Maguire, Sr Security Engineer • High Point Networks
Penetration testing, often referred to as pen testing, is the practice of testing a computer system, network, or web application to find vulnerabilities that an attacker could exploit. It involves simulating cyberattacks to identify and fix security issues before they can be exploited by malicious actors. In this session, we will review penetration tests performed by High Point Networks and discuss the specific vulnerabilities exploited, and how to remediate them.
Presented by Zach Feingold, Engineering Manager, & Susan Anderson, Vice President of Sales • Cerium Networks
In today’s digital era, AI is not just a buzzword but a robust toolset that, when wielded with precision, can unlock unprecedented value and competitive advantage. As we embark on this journey, we must anchor our strategies in the bedrock of security, ensuring that our AI systems not only enhance our capabilities but also safeguard our assets. This presentation explores practical steps to weave AI into our business fabric, turning challenges into a springboard for growth and innovation. Our goal is to present you with concepts and avenues to consider as you learn to navigate your adoption. Let’s embark on this journey to harness AI’s potential responsibly and effectively.
Presented by Todd Bertchume, Technical Marketing Engineer • Forescout
Specialized threats targeting OT environments have been around since at least 2010, with the reports of Stuxnet. Recognizing the criticality of these devices, Threat Actors have continued evolving, continuing to target OT devices, many of which are inherently insecure-by-design. Research, such as Vedere Labs’ OT:ICEFALL research project and Project Basecamp by Digital Bond from 10 years ago showed how significant the scope of vulnerable devices are that are pervasive in critical infrastructure systems. Today’s SOC needs to not only see those devices and the risks they pose while also ensuring accurate detection of the threats uniquely targeting those OT environments they’re deployed in. This session will explore this unique threat landscape and the capabilities required to combat the threats and automatically mitigate the risks specially targeting Operational Technology environments.
Todd Bertchume is a Technical Marketing Engineer at Forescout. He brings over 23 years of experience in the networking industry working on the partner, customer, and manufacturer side of the business. He holds many industry certifications in networking and security. Over the years, he has helped many customers building data centers and spent the last few years specializing in securing assets in the health care industry.
Presented by Mauricio Daher, Technical Expert, Data Intelligence and Content Solutions • Hitachi Vantara
Post Quantum Encryption, and how products need to adapt in this brave new world. There is a lot of talk about Generative AI, LLMs, GTP, but if we cannot secure our data – confidentiality, integrity, and availability – perimeter, then nothing else matters. This session will dive into security topics relevant to the landscape of data management technologies we have on-hand today from the top storage solution companies. The challenges for the next five years will require game-changing innovation to keep up with an exponentially expanding threat surface. The winner will be the one to secure the future for the rest until the next bubble comes along.
Currently, Mauricio is a Technical Expert for Data Intelligence and Content: A technical leader in support of Hitachi Vantara’s content business for the Americas. This involves providing technical guidance, and solutions crafting to the sales teams across the organization, working hand in hand with the solution sales specialists.
Before joining HDS, Mauricio was the Regional Solutions Advisor for Dell in the Northeast, focusing on Compellent and EqualLogic storage solutions, and supporting 5 systems engineers from a knowledge management, measurement, and orientation perspective. Prior to Dell, Mauricio was AVP of Data Protection for RBS Citizens Bank based in Rhode Island where he provided strategic leadership in the bank’s data protection architecture and the creation of a service catalog and storage economics model for production storage and BURA. Before RBS Citizens, Mauricio was a Principal Consultant with Glass House during which time he delivered some two dozen strategic engagements in storage and data protection to companies spanning segments like government, airlines, healthcare as well as financial institutions. Before Glass House, Mauricio ran a delivery practice at McData that implemented SAN-based storage and tape virtualization solutions to a variety of enterprise clients such as Wells Fargo, Bank of New York, and a dozen smaller companies.
Mauricio holds an S.M. in Civil and Environmental Engineering with a focus on Information Systems from M.I.T. and a B.S. in Mechanical Engineering from Boston University.
Presented by Dr. Cheryl Cooper, CISSP, President, & Naeem Babri, Vice President • WiCyS Kansas City
The convergence of business continuity, information security, and organizational resilience forms the cornerstone of cyber resilience, enabling entities to prevent, endure, and recover from cyber threats. This presentation delves into the enhancement of ransomware resilience, with a spotlight on fortifying the Lockheed Martin Cyber Kill Chain. Amidst the escalating prevalence of ransomware, which inflicts substantial financial and operational harm, the presentation will outline strategies to strengthen defenses. The emphasis will be on preemptive actions and incident management, covering backups, recovery processes, containment, and the imperative of employee training on phishing and secure password practices.
Looking ahead, the session will explore the emerging threat of AI-driven ransomware attacks and discuss strategies for future-proofing networks against these sophisticated threats.
There will be three main deliverables:
Dr. Cheryl Cooper has over 25 years of experience within the technology and cybersecurity industries, and on top of that, Dr. Cooper served in the U.S. Navy as a Telecom Technology Controller. Under her belt, she holds a doctorate in Computer Science with a concentration in Information Assurance, a Master’s of Science in Criminal Justice with a Specialization in Cybercrime, and multiple certifications– Information System Security Professional (CISSP) under the governing body of the International Information Systems Security Certification Consortium (ISC2), a Certified Data Privacy Solution Engineer (CDPSE) under the governing body ISACA, and a Certified Information Systems Security Auditor (CISSA).