Archives: Seminar

[1 CPE] Thinking Upstream About White House Cybersecurity Executive Order 14028

  Presented by Tidelift

A few months ago, the U.S. White House released cybersecurity executive order 14028, an attempt by the United States government to use its purchasing power to create positive changes to the way cybersecurity is addressed around the world.

Recent high-profile breaches like the Colonial Pipeline ransomware attack or the SolarWinds software supply chain attack have shown that our cybersecurity defenses are woefully inadequate. This executive order forces a higher standard of cybersecurity for any organization selling software to the federal government, which in turn makes it the de facto global standard for all software in the future.

Tidelift CEO and co-founder Donald Fischer shares his perspective on how the cybersecurity executive order impacts software supply chain security. He’ll brief attendees on the key issues addressed by the executive order, including software bill of materials (SBOM), supply chain security, and provenance requirements. He’ll outline the gaps that most organizations will need to close to stay in compliance. And he’ll share a proactive approach to addressing open-source software supply chain health and security upstream.

If you want to ensure your organization is fully prepared for the coming changes, you won’t want to miss this session.

[1 CPE] Cybersecurity Market Trends and MDR

  Presented by Bitdefender

Mobile workforces were already an increasing trend in business even before we all had to deal with sending our teams home during the pandemic. As many of us work through our return to office plans with hope in our hearts, it is clear that the remote work trend has intensified and will likely continue to do so in the future.

Remote work has challenged traditional security approaches and forced us to think harder about how we can best support the changing nature of work. Thankfully, many of the technology, process, and people changes needed to support remote workers have significant benefits in our overall security posture.

For this session, we’ll talk about trends our security operations center saw in remote work environments and their impact on security operations, discuss theories around how to plan and support these workers, and talk about technology approaches that may help your organization support these workers better while improving your overall security posture.

[1 CPE] Endpoint Systems Management: Time to Rethink

  Presented by Quest Software

See the recent changes to the endpoint environment and how these affect your infrastructure. Learn how these changes affect your network design and what this means for your daily business. Learn more about the new technologies available for managing your endpoints and see some tips and guidelines to be prepared for what’s next.

[1 CPE] Metrics That Matter: Confidence and Resilience in Your Security Program

  Presented by ReliaQuest

CISOs say that what they need most in their security program is the confidence that people, processes, and technology are working and effective, and that controls are in place to ensure resiliency in the case of a major event. “Risk” is the vocabulary of the business, yet measuring and discussing this all-important concept in an actionable way remains a unique challenge. In this session, we will discuss:

  • Actionable risk metrics, both for use inside the security function and with outside stakeholders
  • How the language and awareness of information security risk has evolved
  • How the right metrics will benefit the business and win investment for security

[1 CPE] Situational Awareness Into the Dark Web

  Presented by Check Point Software

In our journey through this session, we take you through the evolution, goals, and motivation of the Dark Web. We will share with you what and whom you can find on the platforms as well as the major conflicts individuals face while exploring this web. The session also exposes you to the syndicates and structures running on the platforms. Surprisingly, we see how those groups were among the first to embrace and implement Blockchain technology and created a major global demand for crypto currencies. This is the time to listen, learn, and be exposed to the deepest secrets of the Dark Web.

[1 CPE] Ransomware Resilience: Best Practices to Prepare, Mitigate, and Recover

  Presented by Zerto

Large organizations are still being forced to pay ransoms due to ransomware attacks. Disruptions to services and supply chains are putting ransomware victims in the news under a negative spotlight. Join recovery and resilience experts from Zerto to discuss best practices to minimize downtime and avoid paying ransoms by being prepared. In this session, you’ll learn:

  • Ransomware 101: A breakdown of a ransomware attack and how it affects systems
  • What steps you can take to reduce the likelihood of attacks on your system
  • How to best choose a recovery solution for ransomware
  • How you can best harden your recovery systems against attacks
  • How to create a recovery plan to react and recovery quickly
  • How a company hit twice by ransomware improved recovery time from weeks to minutes by planning ahead

[1 CPE] Securing the Hybrid Cloud: Visibility Best Practices

  Presented by Gigamon

With the move to cloud and the multitude of approaches, your ability to effectively monitor and secure workloads gets even more difficult. IT complexity, the rate of change, lack of skills, and organizational silos have made confidently managing security and performance nearly impossible. Visibility is critical. Join us for a discussion of the security considerations for on-prem private, public, and hybrid clouds. You’ll learn best practices and see how a little planning and design can go a long way. Achieve a secure and viable hybrid cloud implementation and get a high return on your investment.

[1 CPE] The Anatomy of a Ransomware Attack

  Presented by Red Canary

In this presentation, we walk through the Anatomy of a Ransomware Attack. Bobby Mazzotti will lead the discussion on best practices and strategies you can apply at your organization. In this webinar, security leaders will learn:

  • How to enhance your team’s abilities to identify security incidents
  • The key components of a ransomware attack
  • Effective ways to improve your security program

[1 CPE] Drive Digital Transformation with Offices of the CIO and CISO Collaboration

  Presented by Secureworks

The last 18 months have seen IT organizations rapidly move workloads to the cloud, support hybrid work, and drive end user adoption of new business applications. But without a robust security structure integrated into these new architectures, companies leave themselves at risk.

In this session, learn first-hand from the partnership between the Offices of the CIO and CISO at Secureworks on how to:

  • Align IT initiatives to security transformation programs
  • Reduce the complexity of implementing new digital initiatives by aligning security models early
  • Protect their organization’s critical data through early threat detection and response

[1 CPE] Cybersecurity Maturity Model Certification: Considerations for Compliance

  Presented by MTA Solutions

Everything You Need to Know About CMMC:

In 2007, Chinese hackers successfully targeted a Department of Defense (DoD) subcontractor leading to the creation of a powerful fighter jet. During this cyberattack, the Chinese stole enough data to make their J-20 stealth fighter jet a real threat to the USA. The reality of this attack is that it wasn’t just a one-off event—over $600 billion is lost globally due to cyber theft every year. With that in mind, the DoD knew something needed to change.

Changes to cybersecurity compliance are coming. Before the introduction of the cybersecurity maturity model certification (CMMC), any self-attesting defense contractors could say that they were compliant with specific cybersecurity guidelines—without having to prove it. This not only left room for contractors to become complacent but diminished all compliant defense contractors’ credibility. In short, contractors who were reckless with sensitive information weren’t held accountable—until now.

With the rollout of the CMMC, contracting with the DoD is more specialized than ever—especially if you’re dealing with controlled unclassified information (CUI). But these new guidelines also mean the space will become more lucrative. It’s estimated that 129,810 businesses will likely pursue CMMC certification in the first 5 years.

CMMC boils down to 3 major points:

  1. It’s mandatory. All CMMC requirements will explicitly address what level your company needs to be at to send or receive any future federal agency RFIs and RFPs.
  2. It’s verifiable. Proof of certification will be accessible electronically.
  3. It’s a long-term investment. Many organizations see between 12-18 months of continual effort to complete their compliance projects fully.

Presented by Rob Thurston, Chief Technology Officer at Ampersand, Alaska’s leading technology services provider, attendees will learn about compliance requirements, sustainability, and risks for DoD contractors.