Archives: Seminar

[1 CPE] IT and the Future of Work

  Presented by Michael Dietrich • Chief Technology Officer, Greater Nevada Credit Union

We keep hearing about the “new normal.” The pandemic brought about many changes. Demand for digital services increased. Remote work became the rule rather than the exception. And as more and more workers decide to pursue other passions it has become increasingly difficult to recruit qualified candidates, resulting in businesses offering worker flexibility and accommodations to expand the talent pool. This sea change has prompted businesses to rethink the workplace permanently. The idea of the “office” or the “campus” as defined physical space is becoming an archaic idea.

Technology professionals were the enablers of this change. During the pandemic, we solved problems to keep business and commerce running – because we were the only ones who could. Now that the new ways of working that were necessary for continuity of business are being permanently adopted, technology shops need to continue to adapt quickly. We no longer have the luxury of reduced budget and resource constraints to make things happen quickly during a crisis. As speed was the priority over quality during that time, we now need to mitigate gaps in the solutions provided. Most importantly, our teams are not simply supporting these changes. Our ways of working have changed dramatically as well. We as technology leaders need to adapt to new leadership, culture, and engagement challenges.

Greater Nevada Credit Union Chief Technology Officer Mike Dietrich discusses what this means to us as IT leaders, and the implications on IT support, security, and ways of working within technology support organizations.

Michael is currently the Chief Technology Officer for Greater Nevada Credit Union. In his 30-year career as a technology professional and leader, he has served as Chief Information Officer for the State of Nevada and held senior leadership roles at Microsoft, LinkedIn, Rackspace, and Ericsson. He has contributed to industry-changing innovations in media delivery, gaming, open hardware platforms, and AV communications.

Michael’s passion is finding the truly meaningful ways that technology can lead to better business outcomes and enhance our lives. To this end he is often heard using the phrase, “Know what done looks like,” which means seeing the result from the point of view of the customer, regardless of their technical skill level, to ensure that a technology solution delivers what is needed seamlessly and effortlessly.

In his words “IT has elevated from a basic requirement to a business enabler. It is now evolving from a business enabler to becoming the core of the business model itself regardless of the industry – an idea further solidified during the pandemic. As such, any conversation about the benefits of a solution should not be about the technology itself, but about what the solution can do for us. The technology we use impresses no one. What we accomplish with it is everything.”

[1 CPE] Defending Against Common Microsoft 365 Attacks

  Presented by Blumira

For organizations that use Microsoft 365, it’s a cornerstone of their business. Users rely on it to log in, receive and send email, and store and share sensitive data.

Microsoft 365 is also the most targeted software for cyberattacks, according to Statista.

These factors alone make Microsoft 365 a critical piece of technology to monitor. Adversaries tend to reuse techniques, tactics, and procedures (TTPs) to launch their attacks — and there are some common Microsoft 365 attacks that you’ll want to watch out for. You’ll learn:

  • How to detect threat actors’ favorite techniques for Microsoft 365 attacks
  • Why Microsoft 365’s built-in security settings aren’t enough protection
  • Easy ways to protect yourself against the rise in Microsoft 365 attacks

Matt Warner is CTO and Co-Founder of Blumira, a leading cybersecurity provider of automated threat detection and response technology. At Blumira, he leads the security and engineering efforts to provide actionable insights into cybersecurity risks at scale. Matt has over 10 years of experience in IT and development, focusing on business strategy, development, compliance, threat detection, and penetration testing. Previously, he was Director of Security Services, Development & Security at NetWorks Group, responsible for defensive information security and services.

[1 CPE] Thinking Upstream: Avoid the Fallout of the next Log4Shell

  Presented by Tidelift

News of a zero-day vulnerability in the popular open-source project Log4j broke in December, leading many organizations scrambling to figure out the impact on their applications. Nearly every organization developing applications was impacted, and the fallout was so broad that the FTC issued guidance.

Log4Shell comes on the heels of the U.S. White House cybersecurity executive order 14028, an attempt by the United States government to use its purchasing power to create positive changes to the way cybersecurity is addressed around the world.

Recent high-profile breaches like Log4Shell, the Colonial Pipeline ransomware attack, or the SolarWinds software supply chain attack have shown that our cybersecurity defenses are woefully inadequate. This executive order forces a higher standard of cybersecurity for any organization selling software to the federal government, which in turn makes it the de facto global standard for all software in the future.

Tidelift CEO and co-founder Donald Fischer shares his perspective on how the Log4Shell vulnerability and the cybersecurity executive order impact software supply chain security. He’ll brief attendees on the key issues addressed by the executive order, including software bill of materials (SBOM), supply chain security, and provenance requirements. He’ll outline the gaps that most organizations will need to close to stay in compliance. And he’ll share a proactive approach to addressing open-source software supply chain health and security upstream.

If you want to ensure your organization is fully prepared for the coming changes, you won’t want to miss this session.

[1 CPE] Leveraging Assessment Findings to Harden Your Security Perimeter

  Presented by Fortinet

Are you regularly evaluating your network security?

Performing assessments is a tried-and-true method for improving your security posture, but they can be a daunting task for network security staff who are often short on manpower, expertise, and/or time. Regardless, the benefits of running assessments almost always outweigh any potential drawbacks. Having a security assessment in hand will increase your security situational awareness and significantly impact your organization’s risk preparedness and mitigation.

Join us as we discuss the importance of periodically validating your existing security controls and provide learnings and best practices from our experts.

[1 CPE] Ransomware – Who, What, Why & How…

  Presented by Check Point

Over the last 12 months, ransomware attacks surged by 93% with a devastating impact on businesses and industries worldwide. In today’s hybrid IT environment, preventing ransomware attacks seems like an impossible feat. But is it?

In this session, we will cover the latest ransomware trends and how you can protect your organization from falling victim to sophisticated ransomware attacks.

[1 CPE] Fast and Furious Attacks: Using AI to Surgically Respond

  Presented by Darktrace

Fast-moving cyber-attacks can strike at any time, and security teams are often unable to react quickly enough. Join Brianna Leddy, Director of Analysis, to learn how Autonomous Response takes targeted action to stop in-progress attacks, without disrupting your business. Explore today’s threats and challenges and learn how advances in AI have been leveraged to allow for very surgical actions to be taken autonomously – where humans can no longer react fast enough. Includes real-world threat finds, case studies and attack scenarios.

[1 CPE] Delivering the Zero Trust Enterprise

  Presented by Palo Alto Networks

Digital transformation is accelerating due to major shifts like the expansion of the hybrid workforce and the continued migration of applications and data to the cloud. Network security teams now have the opportunity to adopt a modern Zero Trust approach that fits this transformation.

But how do you make Zero Trust principles actionable across users, applications, and infrastructure? How can you put them into practice, set priorities, and effectively rebuild security for new environments? Join this session to learn about the three pillars of Zero Trust: users, applications, and infrastructure, and how you can develop a holistic and consistent approach to Zero Trust that can be made actionable across all three of these key domains. We will review various use cases across the organization and how we can support you with our unique blend of the highest level of capabilities, an integrated platform, and extensive in-house expertise around Zero Trust.

[1 CPE] 3 Common Mistakes to Avoid When Designing Your Security Program

  Presented by Fireminds

Every organization has different requirements based on business functions, systems, geography, and resources. However, we’ve observed several key mistakes that are leaving companies and their customers at risk. In this session, we’ll share the pitfalls that we see time and time again and discuss how to avoid them.

Key takeaways include:

  • Understanding the difference between compliance and security
  • Recognizing the untapped potential of your current technology stack
  • How to shift security towards business enablement

After this session, participants should expect to leave with actionable next steps to prevent these mistakes in their organizations.

[1 CPE] Payment Card Industry Compliance: How to Become and Stay Compliant

  Presented by Structured

This presentation will discuss the difficulties of becoming and staying compliant with Payment Card Industry (PCI) requirements. The updated Data Security Standard (DSS) 4.0 has been released, and there are numerous changes and enhancements that must be complied with. Whether you are just beginning with PCI for your organization or have many years of experience, there are many challenges, both old and new that can create roadblocks to compliance. With emerging technologies such as zero-trust architecture ready for implementation, find out how to best use these controls for your organizational goals. This presentation will cover the requirements, trouble areas to be aware of, and how you can utilize specific technology in your compliance effort.

[1 CPE] Leveraging Assessment Findings to Harden Your Security Perimeter

  Presented by Fortinet

Are you regularly evaluating your network security?

Performing assessments is a tried-and-true method for improving your security posture, but they can be a daunting task for network security staff who are often short on manpower, expertise, and/or time. Regardless, the benefits of running assessments almost always outweigh any potential drawbacks. Having a security assessment in hand will increase your security situational awareness and significantly impact your organization’s risk preparedness and mitigation.

Join us as we discuss the importance of periodically validating your existing security controls and provide learnings and best practices from our experts.