Archives: Seminar

[1 CPE] Educating Your Guesses: How to Quantify Risk and Uncertainty

  Presented by Novacoast

Asking for a budget and justifying spending in cybersecurity departments can be a difficult task due to limited data and high uncertainty of future events. This talk will dive into quantitative risk analysis as it relates to cybersecurity: how to model uncertain events and understand financial risk. Attendees will see a first-hand demonstration of how quantitative modeling can be used to communicate risk and understand ROI. Attendees will walk away with the tools needed to present cyber risk as a dollar amount that can be easily understood by other business decision-makers at their company.

[1 CPE] Panel Discussion: The More Things Change…

  Presented by INTERFACE Advisory Council

For the last two years, there has been no shortage of change in how IT departments are organized. The structure in your shop likely looks nothing like it did in 2019. With the permanence of remote work, how have you evolved? Has your company kept up with the new landscape?

Please join the INTERFACE Kansas City Advisory Council for a discussion on the current landscape of leadership in the IT industry. We’ll discuss retaining employees, hiring workers remotely, dealing with the “great resignation,” and other topics of relevance to your IT career. Finally, the panel will address the challenge of keeping local Kansas City IT talent from exploring remote opportunities with out-of-state companies. Bring your questions for this open conversation with area leaders who will share their experiences and insights.

  • Britney Kennedy, Business Information Security Officer, Cardinal Health
  • Michael Nixon, Director, Information Security, Stormont Vail Health
  • Altaf Uddin, Director, Information Systems, University of Kansas School of Pharmacy
  • Adam Wasserman, Director, Information Technology, Paris Brothers

[1 CPE] Digital Transformation is Built on a Foundation of APIs – But are Your APIs Secure?

  Presented by 42Crunch

APIs are the core building block of every enterprise’s digital strategy, yet they are also the number one attack surface for hackers. Traditional security and management approaches are failing every day as the scale and reach of API attacks increase. The time is now right for enterprises to consider a new end-to-end continuous approach to protecting their APIs. In this talk, you will learn how Global 2500 enterprises are embracing a positive security model combining shift-left and shield-right methodologies to protect their APIs throughout the API lifecycle.

[1 CPE] The Future of Object Storage: Where Do We Go from Here?

  Presented by Hitachi Vantara

While object storage has surged in popularity as an alternative to NAS due to the technological limitations of NAS, customers are now pushing the limits of object storage as well. Where do we take the technology from here to remain relevant and continue to address the needs of modern AI and ML workloads? We will look at the roots of object storage and what needs to happen to the technology to continue forward with today’s modern workloads. Using flash technology and highly parallelized workloads, we will take an in-depth look at some of the directions we expect the unstructured data storage landscape to take. Do we see a world of all flash storage leading the pack or will we continue to utilize hybrid technologies to optimize the economics of storage? Join us for an in-depth look at the current landscape of unstructured data storage and where we go from here to address modern data workloads.

[1 CPE] The State of the Cyber Insurance Market: How to Plan for Uncertain Future

  Presented by Arctic Wolf

Organizations have come to rely on cyber insurance to mitigate the impact of increasingly sophisticated, disruptive, and widespread cyber-attacks. As a result, insurers are issuing more policies, and the amounts of protection available are increasing. In 2020, the global insurance community saw the first cyber insurance program that exceeded $1 billion in coverage.

Join this session to hear why:

  • Insurers are rethinking cyber coverage and claims in the wake of increasingly aggressive cyber-attacks.
  • Businesses are likely to see their cyber insurance premiums increase, or even see some cyber security coverage dropped entirely.
  • Leaders should consider risks and mitigation strategies as they assess their readiness and liability when it comes to breaches or attacks.

[1 CPE] The Future of Observability

  Presented by Cribl

Digital transformations, cloud migrations, and persistent security threats turned observability from a niche concern to an essential capability in today’s organizations. We’re still in the early days of observability maturity, but early stumbles point to where observability must go in the future. This talk discusses where observability is today and the three critical areas necessary for observability to deliver on its promises throughout the enterprise.

[1 CPE] The Good, the Bad, and the Ugly of Vetting Applications

  Presented by Eric Walters • Chief Information Security Officer, Burns & McDonnell

What level of access are applications requesting and then receiving directly from your employees? Is the security team aware? Has the risk been quantified? Who is looking at the application Terms and Conditions or the End User License Agreement? Is the access overly permissive? What happens if the application vendor is hacked? Can the attacker access your data? Is the vendor liable?

Eric Walters, CISO and Director of IT Operations at Burns & McDonnell, will discuss these and many more perils and pitfalls of vetting applications and plugins.

Eric Walters is a seasoned information technology leader with over 25 years of security experience. He is capable of translating IT details into executive-level business decisions. Eric believes good compliance does not mean good security, nor does good security mean good risk management. Passionate for employee development. His experience includes healthcare compliance, software development, information security program management, cyber security managed services, global transition operations, infrastructure cloud operations, enterprise architecture, and document management, and is a retired Marine Officer.

[1 CPE] Chasing Cloud Security Maturity Amid Constant Headwinds of Change

  Presented by Check Point

Covid and the push to accelerated ‘remote first’ strategies have forced organizations to leverage on-demand cloud infrastructure, often without the proper design, architecture, and security strategy in place to scale safely. In addition, infrastructure as a service providers are innovating very quickly and building high-value services for us to leverage in our application architectures. Lastly, we are challenged more than ever by a lack of mature cloud skillsets available to hire. These factors add up decisions with resources, identities, and access that put our most sensitive secrets at risk. As new and innovative cloud capabilities are introduced, so too are security innovations, both in technology and process.

Grant Asplund, Growth Technologies Evangelist, will discuss the evolution of Cloud security including headwinds, issues, challenges, and concerns companies can expect to be confronted with as they pursue reaching security maturity in the Cloud.

[1 CPE] Disrupting the Means to Prevent the End: A Guide to Detecting Ransomware

  Presented by Red Canary

Ransomware has been a dominant cybersecurity threat for the better part of the last decade. However, it doesn’t walk alone. It’s almost always the eventual payload delivered by earlier-stage malicious software or activity. Luckily, if you can detect the threats that deliver the ransomware, you can stop the ransomware before it arrives.

In this talk, we’ll extensively reference Red Canary’s 2022 Threat Detection Report, examining the malware and other malicious tools that adversaries often use to deliver ransomware. While the specific trojans and strains of ransomware may change from one attack to the next, adversary tactics, techniques, and procedures are often similar across campaigns and threats. By developing robust detection coverage for the techniques adversaries abuse most often, rather than focusing on individual threats, security teams can achieve defense-in-depth against the many threats that leverage those techniques and the broader trends that dominate the infosec landscape.

Want to learn more about the prevalent adversary techniques and threats that can lead to a ransomware infection? Attendees will leave with:

  • A better understanding of the threats and tools that commonly precede a ransomware infection
  • Guidance on relevant collection and data sources that offer visibility into the threats and techniques that adversaries use to deliver ransomware
  • Actionable information on how security teams can develop the capacity to detect, prevent, and mitigate ransomware and other threats
  • Strategies for testing their ability to observe and detect common threats with free and easy-to-use tools like Atomic Red Team

[1 CPE] Data Literacy: No One is Data Literate. No One.

  Presented by John Ladley • Data Governance Author & EIM Leader

The new topic of the year is data literacy. In this session, you will learn how to use education to increase data literacy at all levels to reduce the mismanagement of data. Topics that will be covered include:

  • Fundamentals of data – leadership, management, and all areas of organizations need to accept that they need to understand some new things. No one is data literate.
  • Acting accordingly – where are we not acting correctly and how do we fix it.
  • What do I need to do – this starts with the individual.

From there, John will offer some practical steps to acquire true engagement and data literacy in the process.

John Ladley is a highly experienced practitioner, advisor, and advocate for organizations looking for sustainable value from information and data. His experience and knowledge are balanced between treating data assets as an essential component of modern business and economies, and the practical solution to business problems.

His books are the authoritative sources for data and information management and data governance. He is a recognized authority and speaker on enterprise information management, including data monetization, information and data architectures, data governance, MDM, data quality, business intelligence and analytics, data warehouse, and knowledge management. John is sometimes called the “senior statesman of data.” Currently, John is semi-retired and works with clients as an advocate for data governance and management and as a mentor to organization leadership.