Archives: Seminar

[1 CPE] Beyond Cybersecurity: Assembling Resiliency for the Inevitable Breach

  Presented by BJ Deonarain, Global Quantum and Classic Cyber Security Director • Hitachi Vantara

The Imperative for Resiliency, 100% cyber security is unachievable; breaches are inevitable, where modern threats demand a shift from reactive defense to proactive resilience. Resilience requires mindset and culture change, not just new technology, while focus can sustain operations and limit damage when security fails.

Assembling the resiliency strategic pillars and actions:

  • Risk Assessment: continuous evaluation of assets and vulnerabilities
  • Incident Response: develop, test, and update comprehensive crisis plans
  • Employee Training: ongoing education to make staff the first line of defense
  • Systems Testing: regular audits, penetration tests, and vulnerability scans
  • Partnerships: collaborate with industry experts for knowledge sharing
  • Culture: embed resiliency throughout the organization at every level

BJ Deonarain is a globally focused cybersecurity executive responsible for driving cyber security and cyber resiliency strategy at Hitachi Vantara. With a career spanning technical innovation, client solutions, and cross-functional leadership, BJ combines deep technical expertise with a client-centric approach to mitigate risk and elevate organizational security postures.

[1 CPE] State of the Union: Annual Information Security Report

  Presented by Chad Spoden, Sr Information Security Consultant, Solution Architect Manager • FRSecure

The result of over 100 incident cases handled by the FRSecure response team in the last two years, Sr Information Security Consultant Chad Spoden will dive into the latest threats and response techniques you need to know—and what you can do to minimize the risk and impact of similar events. The breakdown will cover Business Email Compromise, Ransomware, and Internal Compromise. You can’t afford to miss it!

[1 CPE] From Vibe Coding to Agentic Engineering: Agile and DevOps in Enterprise AI Development

  Presented by Mike Douglas, SVP Digital Transformation • Lunavi

Enterprises everywhere are racing to incorporate AI into their development practices to improve time to market, create competitive advantages, and avoid being left behind. The tools make it easy to get started, but building mission-critical software with AI is a different challenge entirely. Human + AI development demands security, accountability, and rigorous quality controls that isn’t part of most AI development practices.

In this talk, I’ll show how Agentic Engineering built on a foundation of Agile and DevOps, provides a process for developing software at high speed while keeping humans in the loop, delivering value incrementally, and baking quality into every step through automated security and quality gates. Attendees will leave with a clear understanding of modern AI development tools and processes, and how proven Agile and DevOps practices provide the critical human oversight that responsible AI development requires.

[1 CPE] Proving Cyber Resilience: Measuring Outcomes, Not Effort

  Presented by Tony Taylor, Sales Engineer • Horizon3.ai

Most security programs measure effort — not outcomes. Organizations patch thousands of vulnerabilities, deploy dozens of tools, and run annual tabletop exercises… but when an attacker shows up, none of that matters.

What matters is whether they can prove their defenses actually work.

In this talk, Horizon3.ai shares how leading organizations are using autonomous pentesting to see their environment through the attacker’s eyes — continuously, safely, and at scale. By shifting from assumptions to proof, they’ve learned to:

  • Prioritize what’s exploitable. Focus limited resources on the weaknesses that truly put the business at risk that are known to be abused by threat actors.
  • Quickly fix what matters. Close the loop from find → fix → verify and reduce your exploitable attack surface.
  • Reduce attacker dwell time. Use pentest results to precisely deploy honeyTokens to detect compromise early, and to continuously prove your EDR and SIEM are tuned and working as intended.

Cyber resilience isn’t about being perfect — it’s about getting better over time. And the only perspective that truly matters is the attacker’s.

[1 CPE] Identity: The Target and The Weapon

  Presented by Jeffrey Kongswangwongsa, GTM Tech Lead, Identity • Rubrik

Identity infrastructure has quietly become the most critical — and most targeted — attack surface in the enterprise. In this session, we’ll explore why today’s cyberattacks have fundamentally shifted from malware to identity, and what that means for how organizations need to think about protection and recovery.

The session covers the growing threat landscape around Identity Providers (IdPs) like Active Directory, Microsoft Entra ID, and Okta, including why detection is no longer the hard part — removal and recovery are. We’ll dig into real-world case studies, the dangerous “”domino effect”” that happens when identity systems fail during recovery, and how AI is accelerating the speed and scale of identity-based attacks.

Attendees will walk away with a clearer picture of what modern identity resilience looks like: from protecting IdPs with immutable, air-gapped backups to orchestrating clean recovery in hours instead of weeks — without losing legitimate changes or reintroducing attacker persistence.

[1 CPE] How (Not) To Build a Fire Department

  Presented by Tom Simonis, Sr Sales Engineer, Enterprise US • Arctic Wolf

This presentation uses the analogy of building a fire department to explore the realities, risks, and misconceptions organizations face when attempting to build and operate an in-house cybersecurity function or Security Operations Center (SOC). Grounded in global research from over 1,000 security and IT professionals, the session highlights persistent trends such as rising data breaches, increasing ransomware attacks, growing attack surfaces, and the ongoing shortage of skilled cybersecurity talent. It demonstrates why cybersecurity—while mission-critical to business continuity—is not a core business function for most organizations, and why treating it as such often leads to inefficiency, burnout, wasted spend, and increased risk.

Through real-world data and practical examples, the presentation walks through what “state-of-the-art” cyber defense actually entails: 24×7 coverage, specialized skills, integrated tools, continuous improvement loops, and proactive threat intelligence. It contrasts this ideal with the common reasons in-house SOCs fail, including limited operating hours, lack of authority, underestimation of integration and tuning efforts, overreliance on point solutions, and the misconception that technology or AI alone can solve structural gaps. The session concludes with actionable insights on measuring and improving cybersecurity maturity, emphasizing the importance of people, process, and operational discipline—and reinforcing why many organizations achieve better outcomes by focusing on preparedness, resilience, and strategic partnerships rather than trying to “build their own fire department.”

Key themes addressed include:

  • Current cybersecurity and ransomware trends impacting organizations globally
  • The true cost and complexity of building and maintaining an in-house SOC
  • Why talent shortages and burnout continue to undermine security operations
  • Characteristics of mature, state-of-the-art cyber defense programs
  • Common pitfalls that cause in-house SOCs to fail
  • Practical guidance for measuring, optimizing, and continuously improving security posture

[1 CPE] Data Resilience in the Age of Attack: Protect What Matters

  Presented by Landra Pierce, Product Strategy Technologist • Veeam

Cyberattacks are no longer a distant threat; they are a reality every IT team must be prepared for. When an attack occurs, your data becomes both the primary target and the key to recovery. Many organizations still rely on backup strategies that are designed for hardware failures or accidental deletions, rather than today’s threats, like ransomware, insider risk, and automated attacks. This disconnect creates vulnerabilities, especially when backups become an overlooked entry point in your security strategy. In this session, we will address these challenges to help you better protect your organization.

This session is ideal for IT professionals who want greater confidence in safeguarding their data and peace of mind. We will examine the most common oversights that leave organizations, including those in government, education, healthcare, and other sectors, exposed to cyberthreats. You’ll discover how teams are advancing beyond basic backup to adopt a cyber-ready approach, including topics like immutability, threat awareness, rapid recovery, and intelligent automation.

Our focus will be practical and grounded in real-world scenarios, and what truly works when pressure is high and time is limited. Because when every minute counts and trust is at stake, data resilience means more than surviving an attack. It’s about protecting what matters most and emerging even stronger.

[1 CPE] Proving Cyber Resilience: Measuring Outcomes, Not Effort

  Presented by Jake Mickley, Sr Solutions Architect • Horizon3.ai

Most security programs measure effort — not outcomes. Organizations patch thousands of vulnerabilities, deploy dozens of tools, and run annual tabletop exercises… but when an attacker shows up, none of that matters.

What matters is whether they can prove their defenses actually work.

In this talk, Horizon3.ai shares how leading organizations are using autonomous pentesting to see their environment through the attacker’s eyes — continuously, safely, and at scale. By shifting from assumptions to proof, they’ve learned to:

  • Prioritize what’s exploitable. Focus limited resources on the weaknesses that truly put the business at risk that are known to be abused by threat actors.
  • Quickly fix what matters. Close the loop from find → fix → verify and reduce your exploitable attack surface.
  • Reduce attacker dwell time. Use pentest results to precisely deploy honeyTokens to detect compromise early, and to continuously prove your EDR and SIEM are tuned and working as intended.

Cyber resilience isn’t about being perfect — it’s about getting better over time. And the only perspective that truly matters is the attacker’s.

[1 CPE] From Known-Bad to Known-Normal: The Future of Threat Detection

  Presented by Patricia Titus, Field CISO • Abnormal

As email-based threats continue to evolve in speed and sophistication, traditional “known-bad” detection methods are no longer enough to protect modern organizations. This session explores the shift toward a “known-normal” security model, where behavioral AI establishes a dynamic baseline of trusted activity to identify anomalies, detect emerging threats, and stop attacks before they escalate.

Designed for executive and security leaders, this presentation will examine how behavioral-based threat detection strengthens resilience against advanced phishing, business email compromise, and AI-driven attacks. Attendees will leave with practical guidance for evaluating their current email security stack, adopting modern AI-powered defenses, and implementing key strategies to stay ahead of today’s rapidly changing threat landscape.

[1 CPE] Ransomware Resilience: Navigating Threats in a Hybrid-Cloud World

  Presented by Ken Smallwood, Systems Engineer, Data Services and Storage • HPE

This presentation explores how organizations are navigating rising cyber threats, evolving workloads, and stricter regulations while managing legacy environments. We will discuss the growing risk of ransomware, fragmented data across cloud and edge, and the need for unified, resilient data protection strategies.