Archives: Seminar

[1 CPE] Protect Your Applications and Data from Ransomware Threats

  Presented by Airgap Networks

Typical enterprise attack surface has dramatically increased post COVID19. Employees, contractors, and vendors have access to enterprise crown jewels over legacy and insecure VPN technology for their respective home environments. It is no wonder that we are witnessing a rapid increase in cybercrimes in the last 18 months. Is protecting your application and data your top priority? If so, please join us in the session to understand the threat landscape and various technology options to safeguard your assets.

We believe the fundamental issues faced by the organizations relate to excessive trust relationships over VLANs and VPNs. For better security, we must ensure that every transaction is authorized and authenticated, and we must make this happen without the need for a bunch of legwork.

Join us and learn more about our point of view on how you can protect your assets without forklift upgrades. Ritesh Agrawal, Co-Founder and CEO of Airgap Networks, will discuss industry leadership and provide a technology overview, addressing the following:

  • How does the modern Application Access approach compare to the traditional remote access VPN?
  • What’s the best method to deploy and operate Universal Secure Access Solution?
  • How to apply zero trust principles, especially for legacy protocols such as SSH, SMB, WMI, RDP, etc.?
  • What’s the importance of SSO/MFA authentication coupled with intent check?
  • Walkthrough (Demo) real-world use cases across private and public sectors.

Enjoy the INTERFACE event and we look forward to meeting you at the (virtual) booth.

[1 CPE] Endpoint Systems Management: Time to Rethink

  Presented by Quest Software

See the recent changes to the endpoint environment and how these affect your infrastructure. Learn how these changes affect your network design and what this means for your daily business. Learn more about the new technologies available for managing your endpoints and see some tips and guidelines to be prepared for what’s next.

[1 CPE] Immutable Storage: Level-Up Ransomware Readiness

  Presented by Arcserve & StorageCraft

IDC advises that a 3-2-1-1 strategy is the new best practice for effectively protecting customers against ransomware. The last 1 is the important piece of the puzzle, where a copy is also stored on immutable storage. The growing risk of compromise to your customers’ data – specifically via ransomware DEMANDS the most up to date and complete solutions arsenal.

[1 CPE] Thinking Upstream About White House Cybersecurity Executive Order 14028

  Presented by Tidelift

A few months ago, the U.S. White House released cybersecurity executive order 14028, an attempt by the United States government to use its purchasing power to create positive changes to the way cybersecurity is addressed around the world.

Recent high-profile breaches like the Colonial Pipeline ransomware attack or the SolarWinds software supply chain attack have shown that our cybersecurity defenses are woefully inadequate. This executive order forces a higher standard of cybersecurity for any organization selling software to the federal government, which in turn makes it the de facto global standard for all software in the future.

Tidelift CEO and co-founder Donald Fischer shares his perspective on how the cybersecurity executive order impacts software supply chain security. He’ll brief attendees on the key issues addressed by the executive order, including software bill of materials (SBOM), supply chain security, and provenance requirements. He’ll outline the gaps that most organizations will need to close to stay in compliance. And he’ll share a proactive approach to addressing open-source software supply chain health and security upstream.

If you want to ensure your organization is fully prepared for the coming changes, you won’t want to miss this session.

[1 CPE] What Does Identity Mean for Zero Trust? Dare I Say… Everything?

  Presented by Zirous & SailPoint

In recent years initiatives like digital transformation, business agility, and workforce continuity have increasingly forced technical decisions about how and where applications, services, and systems are hosted. As more critical applications and systems move to the cloud, identities and access are sprawled across these environments, making more sensitive data and resources available for exploitation by attackers. Amidst this increased risk and attack surface, Zero Trust has emerged as the paradigm for securing access to protected resources. At the heart of this problem is the need to know who is trying to access what and whether they should be able to, effectively making identity the new perimeter. In this presentation, we discuss how Zero Trust Security really means Identity Security and why IAM practices, like Multifactor Authentication, Identity Governance, and Privileged Access Management, play such a significant role in realizing a successful Zero Trust Security vision.

[1 CPE] Security Operations Center: Build Your Own or SOCaaS

  Presented by High Point Networks

Learn how Security Operations as a Service (SOCaaS) may be a good option for your business. In this session, we will compare and contrast many non-product specific aspects of SOCaaS and traditional Security Information and Events Management (SIEM’s) systems using first- hand real-world examples; the good, bad, and ugly. The purpose of this presentation is to equip the audience with enough knowledge so they can make a more informed decision regarding a traditional SIEM/SOC approach, or SOCaaS approach, when building a Security Operations Center. Presenter Dean Sheley recently lead an initiative to build a Central Security Operations Center for a statewide multi-university educational system while CISO for that state-wide university system.

[1 CPE] Building Your Network: Role Models, Mentors, Coaches, and Sponsors

  Presented by Terri-Anne Wallen • Chief Risk Officer, CSG

In this presentation on building your network, we will provide an overview of the individuals you should connect with to support, develop, coach, and sponsor you. You will learn the unique differences between each of these roles and hear about real-life examples of the power that each can provide. Participants will then have the ability to identify these people in their own network. Further, the discussion will highlight the interconnection with imposter syndrome and illustrate how imposter syndrome exists for every single human. Terri-Anne and Andy will share their experiences to guide participants in understanding how they can approach individuals to be a mentor, coach, or sponsor and realize that asking is a form of flattery!

Terri-Anne Wallen:

Terri-Anne “TA” Wallen leads CSG’s Enterprise Risk Management organization with responsibility for Risk, Compliance, and Internal Audit. In her role as Chief Risk Officer, she provides support and guidance to the business to achieve accelerated growth through risk assessment, analysis, and various audits. She joined CSG in 2005 and established CSG’s Internal Audit and Risk Management functions. In her role, she increased capabilities and implemented efficiencies to meet dynamic business risks and the evolving needs of customers, built a strong, functioning team, and monitors risk mitigation across CSG’s global, growing business. Before CSG, TA spent time with Protiviti performing Internal Audit outsourcing projects, assisting in establishing the Internal Audit function for both eBay and PayPal, and is a KPMG alumnus. She has 25+ years of experience in building and maintaining Internal Audit and 15+ years of experience in Risk Management program development and facilitation. TA graduated from the University of Nebraska – Omaha with a Bachelor of Science in Business Administration – Accounting. She obtained her CPA certification and is a member of the IIA. TA serves as an Executive Sponsor in CSG’s first employee resource group, Women Engaged in Leadership, Education and Development (WE LEaD).

Andy Hinton:

Andy Hinton focuses on building relationships and providing value through independent and objective feedback on managing uncertainty; striving to turn risk into opportunity. In his current role at CSG, Andy leads a team of IT audit professionals through risk assessment, technology audits, and consulting.

Prior to CSG, Andy held audit roles at Bank of the West, TD Ameritrade, and Deloitte, where he performed IT, financial, and operational audits. With over 15 years of audit and information security experience, Andy has established himself as a trusted advisor to management. Andy holds Bachelor of Science in Business Administration and Master of Professional Accountancy degrees from the University of Nebraska – Lincoln and maintains several audit and security certifications. Andy has taught cybersecurity at Bellevue University, volunteers for the local ISACA chapter, and is a member of the Supervisory Committee at Centris Federal Credit Union.

[1 CPE] The Office of Tomorrow May Be Here Already

  Presented by INTERFACE Advisory Council

Since the start of the pandemic, your workflow and office structure have shifted tremendously. The way any firm operates now has adapted to the change in remote workers. We have seen return-to-office plans constantly changed, pushed backed, or completely scrapped. Has your company returned employees to the office? Are those plans on hold?

Join the INTERFACE Advisory Council for an open discussion about these items and more. Will your company have a large amount of staff permanently working remotely? Do you need more shared space workstations for employees? We will discuss some tips for preparing your IT staff for all the possible scenarios that will come your way.

Panelists

  • Rick Haugerud, Assistant Vice President, Information Technology Services, University of Nebraska
  • Matt Morton, Board Member, NebraskaCERT
  • Andrew Munger, Vice Chairman, Verterent
  • Jim Navin, Chief Information Officer, The Gavilon Group, LLC
  • Amber Roberts, Sr IT Support Analyst, The Gavilon Group, LLC

[1 CPE] Organizational Risk Management: Measuring Privacy Risk

  Presented by Lisa McKee, Senior Manager Security and Privacy, Protiviti

Organizations globally are obligated under legal, regulatory, and industry standards to manage risk. There are many facets to risk that organizations must manage, such as financial, security, and privacy risks. Organizations are currently able to prioritize security risk by conducting qualitative and quantitative security risk assessments based on the threat, likelihood, and impact on an organization’s ability to continue business operations. However, privacy risk assessments currently lack a clear calculation for identifying and prioritizing privacy risk.

Key Points to be covered:

  • Understand the different risk domains, specifically, what is privacy risk
  • Learn methods to identify privacy risks and minimize privacy harms to individuals
  • Develop techniques for conducting a privacy risk assessment
  • Identify approaches to include privacy in organizational risk management programs

[1 CPE] Ransomware Decoded: Understanding & Preventing Modern Ransomware Attacks

  Presented by Cybereason

It’s no secret that Ransomware presents an increasing danger to organizations–there has been a 105% increase in ransomware attacks since the beginning of COVID-19 alone, with 73% of those attacks being effective. Is your organization invested in the right defenses so that it does not fall victim to these costly and dangerous attacks?

If you’re concerned about ransomware, whether it’s beating today’s advancing attacks, stopping data exfiltration, or preventing the latest trend of “double extortion,” this session is for you. Join Cybereason’s Kraig Faulkner as he discusses the challenges faced by today’s ransomware attacks and how to stay on top of these types of threats.