Archives: Seminar

[1 CPE] Thinking Upstream: Avoid the Fallout of the Next Log4Shell

  Presented by Tidelift

News of a zero-day vulnerability in the popular open-source project Log4j broke in December, leading many organizations scrambling to figure out the impact on their applications. Nearly every organization developing applications was impacted, and the fallout was so broad that the FTC issued guidance.

Log4Shell comes on the heels of the U.S. White House cybersecurity executive order 14028, an attempt by the United States government to use its purchasing power to create positive changes to the way cybersecurity is addressed around the world.

Recent high-profile breaches like Log4Shell, the Colonial Pipeline ransomware attack, or the SolarWinds software supply chain attack have shown that our cybersecurity defenses are woefully inadequate. This executive order forces a higher standard of cybersecurity for any organization selling software to the federal government, which in turn makes it the de facto global standard for all software in the future.

Tidelift CEO and co-founder Donald Fischer shares his perspective on how the Log4Shell vulnerability and the cybersecurity executive order impact software supply chain security. He’ll brief attendees on the key issues addressed by the executive order, including software bill of materials (SBOM), supply chain security, and provenance requirements. He’ll outline the gaps that most organizations will need to close to stay in compliance. And he’ll share a proactive approach to addressing open-source software supply chain health and security upstream.

If you want to ensure your organization is fully prepared for the coming changes, you won’t want to miss this session.

[1 CPE] Ransomware: Who, What, Why & How…

  Presented by Check Point

Over the last 12 months, ransomware attacks surged by 93% with a devastating impact on businesses and industries worldwide. In today’s hybrid IT environment, preventing ransomware attacks seems like an impossible feat. But is it?

In this session, we will cover the latest ransomware trends and how you can protect your organization from falling victim to sophisticated ransomware attacks.

[1 CPE] Changes in Ransomware, Why Companies Still Fail to Respond, & What You Can Do Now

  Presented by Trey Blalock • Chief Security Advisor, Verification Labs

In this fast-paced must-see talk, Trey Blalock will walk participants through a wide variety of new threats and attack techniques impacting organizations and discuss the tools, technologies, and tips you can implement to protect your organization. This talk will be a fun information-rich talk accessible to anyone who wants to learn more about security, ransomware, or defense techniques.

Trey Blalock is a highly respected security specialist who has performed extensive work in almost every security domain for some of the world’s largest corporations and governments. Trey has trained thousands of people on advanced security topics. He has managed all aspects of security for one of the world’s largest financial transaction hubs, performed hundreds of penetration tests for Fortune 500 companies, and has performed forensics for several high-profile cases such as “Donald Vance vs. Donald Rumsfeld.” He also specializes in defending large-scale systems from advanced threat actors. Trey currently serves on several forensic, red teaming, and penetration testing advisory boards, is a frequent guest on television, recently served as the CISO for Coinstar, and is currently the CISO of Cognira.

[1 CPE] Deploying DLP for All of the Wrong Reasons

  Presented by Proofpoint

Data Loss Prevention is a misnamed and misapplied technology – not all data is in scope, you will never cover every loss scenario, and while protecting data sounds like a great idea in theory, in practice data protection isn’t always the optimal goal. Many organizations are required to deploy DLP technology to comply with a regulatory compliance requirement or to protect specific intellectual property. Most DLP projects end up in a much different state than their original design and intent.

This session will cover a brief history of DLP, how you should go about taking a people-centric approach to designing your information protection program, and using metrics for success that matter, as well as how to communicate your program to a non-technical audience.

Speaker Bio:

Brian Reed is the Director of Cybersecurity Strategy at Proofpoint. He has 20+ years of information technology experience. Before Proofpoint, Brian was a senior director analyst at Gartner. Since 2015, he published over 50 research notes at Gartner, covering a wide range of cybersecurity and risk management topics.

Before Gartner, he spent many years in a variety of business development, product management, sales, and system engineering roles. Brian also serves as an advisory board member and holds a Bachelor of Arts degree in History from The University of Georgia and a Master’s in Business Administration from Kennesaw State University.

[1 CPE] SASE: The Power of Convergence

  Presented by Palo Alto Networks

Fueled by digital transformation and a massive shift to work-from-home, traditional enterprise networking and security infrastructures have been stretched to the breaking point. Legacy on-premises point-product approaches of yesteryear simply don’t make sense anymore. It’s time for a new model with the Secure Access Service Edge, or SASE (pronounced “sassy”).

SASE is quickly becoming the predominant network and security architecture that underpins our post-COVID world. SASE is the convergence of network services like SD-WAN, and security services like FWaaS, SWG, CASB, and ZTNA, into a single, cloud-delivered service model.

Join this presentation to learn:

  • Why networking and security must converge in the cloud
  • The key use cases driving SASE adoption
  • Real-world case studies of customers who have adopted SASE

[1 CPE] The Privacy Roadmap: What You Need to Know About Data Privacy Now and Moving Forward

  Presented by INTERFACE Advisory Council

First, GDPR came into law in the European Union. Then in January of 2020, the California Consumer Privacy Act took effect. Privacy laws are now a reality for all IT professionals to deal with. Are you sharing any data with third parties? How is your data stored? Have you verified all the needed compliance regulations for data in the cloud? These are just some of the many questions IT professionals need to be ready for when it comes to the current state of data privacy.

Join the INTERFACE Portland Advisory Council for a discussion on these topics and more. We will discuss setting up the right program for your operation. There will also be tips shared from handling the newest privacy laws and how these items differ from traditional cyber security preparations. Our panel of local IT leaders will offer their experiences from the last couple of years with the rapid growth in data privacy laws and how it affects the IT industry.

Panelists
Stephen Fitton • Technology Consultant, Providence
Steve Hankel • Vice President of Information Technology, Johanson Transportation Service
Matt Olson • Senior Director of Compliance and Security, Higher Logic
Shane Perry • Information Security and Risk Officer, OR Public Employees Retirement System

[1 CPE] Sky Lakes Case Study: Real-life Ransomware Recovery

  Presented by Cohesity

Backup is often the last line of defense against ransomware attacks, which have exponentially increased over the last year. Hear how Sky Lakes Medical Center chose a joint solution from strategic partners Cisco and Cohesity for a modern, efficient data management system to replace an aging backup solution while beating an unexpected ransomware attack. During this session, we’ll give you a brief overview of Cohesity for context and then roll into a 40-minute interview with the Sky Lakes Medical Center Team.

[1 CPE] Payment Card Industry Compliance: How to Become and Stay Compliant

  Presented by Structured

This presentation will discuss the difficulties of becoming and staying compliant with Payment Card Industry (PCI) requirements. Although currently in version 3.2.1, the updated Data Security Standard (DSS) 4.0 is coming soon and there are numerous changes and enhancements that must be complied with. Whether you are just beginning with PCI for your organization or have many years of experience, there are many challenges, both old and new that can create roadblocks to compliance. With emerging technologies such as zero-trust architecture ready for implementation, find out how to best use these controls for your organizational goals. This presentation will cover the requirements, trouble areas to be aware of, and how you can utilize specific technology in your compliance effort.

[1 CPE] Fast and Furious Attacks: Using AI to Surgically Respond

  Presented by Darktrace

Fast-moving cyber-attacks can strike at any time, and security teams are often unable to react quickly enough. Join Brianna Leddy, Director of Analysis, to learn how Autonomous Response takes targeted action to stop in-progress attacks, without disrupting your business. Explore today’s threats and challenges and learn how advances in AI have been leveraged to allow for very surgical actions to be taken autonomously – where humans can no longer react fast enough. Includes real-world threat finds, case studies and attack scenarios.

[1 CPE] Know your Leadership Compass: A Roadmap to Lead with Passion and Purpose

  Presented by Jimmy Godard • SVP, Program Manager, Bank of America

Business leaders, managers, and directors may be brilliant leaders in one situation and not have the same results in another. Management gurus agree: Anyone can lead, but not everyone can be a successful leader. The previously embraced command-and-control techniques are increasingly ineffective. Today’s business environment demands leaders to be alert, agile, enterprising, and skilled in the art of diplomacy. As a leader, it’s imperative to articulate who you are, what you stand for, and why you’re excited to lead your team.

Are these areas you feel you need to develop? Do you have a compass to guide you on your journey leading your teams through challenging times, staying flexible in dealing with them, and responding to them in ways that address their needs and interests? “Developing your Leadership Compass” is a highly-interactive, reflective process that sets a path to transformational leadership.

Jimmy J Godard is an entrepreneur, philanthropist, and one of the best at organizational IT changes. For more than 22 years, he has led global changes with diverse teams, helped non-profit organizations, coached IT leaders at leading with passion and purpose and reaching their full potential.

Jimmy’s leadership journey and professional experience over the last two decades in the worlds of information technology and business are incredible. He made his debut in the financial industry as a peak-time teller. He ascended to a Senior program, change, and service delivery manager. He implements global technology changes that have an impact on people, process, and technology.

He has a unique perspective both on the business and technology sides. He holds a Master’s Degree in Computer Information Systems, a Master’s Degree in Business Administration (MBA), is a certified goal success coach, and is currently pursuing a Doctorate of Management in Organizational Leadership with a specialization in Information Systems and Technology. He is an instigator of process improvement and innovation with an unwavering determination to bring about results. He implements global technology integration efforts for Infrastructure, End User Computing, Mergers, Acquisitions, and Divestitures.

Jimmy is very involved in philanthropist activities in the Portland and SW Washington communities. He is an active coach of soccer (2-3 teams). He also performs service projects yearly around the globe including and not limited to the countries of Haiti, Cambodia, Uganda, and Nigeria.

Today, Jimmy is a sought-after international speaker, goal success coach, project manager, program manager, and IT adviser. Jimmy is an excellent choice for businesses, nonprofits, leaders, project teams, business analysis, and boards looking for coaching and consulting on project, program, and change management.