Archives: Seminar

[1 CPE] Shifting Cloud Architecture Left – Best Practices for Securing Cloud Deployments

  Presented by Trend Micro

As Infrastructure as Code becomes the norm for new cloud deployments, how can you accelerate your teams in building better? The AWS Well-Architected Framework is a great place to start for your planning but what if there was a way to continuously monitor how your deployment stacks up?

In this session, you’ll hear from Jason Dablow, a senior cloud security advisor with Trend Micro, on resources and tips to not only increase the security of your cloud deployments but also easy integration tips to move this implementation left into your teams using infrastructure as code. Automated. Integrated. Flexible.

[1 CPE] Zero-Trust Architectures

  Presented by Rubrik

Organizations have invested heavily in IT security, attempting to fortify their perimeter, network, endpoint, and application protections. Despite these investments, hackers are successfully penetrating these defenses and targeting enterprise data, including backup data. Ransomware is starting to specifically target online backups by encrypting or deleting them. If your organization was the target of an attack today, how do you know what data was impacted and where? Manually sifting through millions of files and comparing each snapshot consumes FTE time and prolongs recovery exponentially. Mass restores of the entire environment could mean high data loss and weeks’ worth of work down the drain. In this session, we will discuss how to protect your last line of defense, the backups. We will walk through the anatomy of a recovery, the best practices, and advanced tools to ensure you will not have to pay a ransom, and how to quickly recover your data to continue business operations.

[1 CPE] Protect Your Applications and Data from Ransomware Threats

  Presented by Airgap Networks

Typical enterprise attack surface has dramatically increased post COVID19. Employees, contractors, and vendors have access to enterprise crown jewels over legacy and insecure VPN technology for their respective home environments. It is no wonder that we are witnessing a rapid increase in cybercrimes in the last 18 months. Is protecting your application and data your top priority? If so, please join us in the session to understand the threat landscape and various technology options to safeguard your assets.

We believe the fundamental issues faced by the organizations relate to excessive trust relationships over VLANs and VPNs. For better security, we must ensure that every transaction is authorized and authenticated, and we must make this happen without the need for a bunch of legwork.

Join us and learn more about our point of view on how you can protect your assets without forklift upgrades. Ritesh Agrawal, Co-Founder and CEO of Airgap Networks, will discuss industry leadership and provide a technology overview, addressing the following:

  • How does the modern Application Access approach compare to the traditional remote access VPN?
  • What’s the best method to deploy and operate Universal Secure Access Solution?
  • How to apply zero trust principles, especially for legacy protocols such as SSH, SMB, WMI, RDP, etc.?
  • What’s the importance of SSO/MFA authentication coupled with intent check?
  • Walkthrough (Demo) real-world use cases across private and public sectors.

Enjoy the INTERFACE event and we look forward to meeting you at the (virtual) booth.

[1 CPE] Endpoint Systems Management: Time to Rethink

  Presented by Quest Software

See the recent changes to the endpoint environment and how these affect your infrastructure. Learn how these changes affect your network design and what this means for your daily business. Learn more about the new technologies available for managing your endpoints and see some tips and guidelines to be prepared for what’s next.

[1 CPE] Immutable Storage: Level-Up Ransomware Readiness

  Presented by Arcserve & StorageCraft

IDC advises that a 3-2-1-1 strategy is the new best practice for effectively protecting customers against ransomware. The last 1 is the important piece of the puzzle, where a copy is also stored on immutable storage. The growing risk of compromise to your customers’ data – specifically via ransomware DEMANDS the most up to date and complete solutions arsenal.

[1 CPE] Thinking Upstream About White House Cybersecurity Executive Order 14028

  Presented by Tidelift

A few months ago, the U.S. White House released cybersecurity executive order 14028, an attempt by the United States government to use its purchasing power to create positive changes to the way cybersecurity is addressed around the world.

Recent high-profile breaches like the Colonial Pipeline ransomware attack or the SolarWinds software supply chain attack have shown that our cybersecurity defenses are woefully inadequate. This executive order forces a higher standard of cybersecurity for any organization selling software to the federal government, which in turn makes it the de facto global standard for all software in the future.

Tidelift CEO and co-founder Donald Fischer shares his perspective on how the cybersecurity executive order impacts software supply chain security. He’ll brief attendees on the key issues addressed by the executive order, including software bill of materials (SBOM), supply chain security, and provenance requirements. He’ll outline the gaps that most organizations will need to close to stay in compliance. And he’ll share a proactive approach to addressing open-source software supply chain health and security upstream.

If you want to ensure your organization is fully prepared for the coming changes, you won’t want to miss this session.

[1 CPE] What Does Identity Mean for Zero Trust? Dare I Say… Everything?

  Presented by Zirous & SailPoint

In recent years initiatives like digital transformation, business agility, and workforce continuity have increasingly forced technical decisions about how and where applications, services, and systems are hosted. As more critical applications and systems move to the cloud, identities and access are sprawled across these environments, making more sensitive data and resources available for exploitation by attackers. Amidst this increased risk and attack surface, Zero Trust has emerged as the paradigm for securing access to protected resources. At the heart of this problem is the need to know who is trying to access what and whether they should be able to, effectively making identity the new perimeter. In this presentation, we discuss how Zero Trust Security really means Identity Security and why IAM practices, like Multifactor Authentication, Identity Governance, and Privileged Access Management, play such a significant role in realizing a successful Zero Trust Security vision.

[1 CPE] Security Operations Center: Build Your Own or SOCaaS

  Presented by High Point Networks

Learn how Security Operations as a Service (SOCaaS) may be a good option for your business. In this session, we will compare and contrast many non-product specific aspects of SOCaaS and traditional Security Information and Events Management (SIEM’s) systems using first- hand real-world examples; the good, bad, and ugly. The purpose of this presentation is to equip the audience with enough knowledge so they can make a more informed decision regarding a traditional SIEM/SOC approach, or SOCaaS approach, when building a Security Operations Center. Presenter Dean Sheley recently lead an initiative to build a Central Security Operations Center for a statewide multi-university educational system while CISO for that state-wide university system.

[1 CPE] Building Your Network: Role Models, Mentors, Coaches, and Sponsors

  Presented by Terri-Anne Wallen • Chief Risk Officer, CSG

In this presentation on building your network, we will provide an overview of the individuals you should connect with to support, develop, coach, and sponsor you. You will learn the unique differences between each of these roles and hear about real-life examples of the power that each can provide. Participants will then have the ability to identify these people in their own network. Further, the discussion will highlight the interconnection with imposter syndrome and illustrate how imposter syndrome exists for every single human. Terri-Anne and Andy will share their experiences to guide participants in understanding how they can approach individuals to be a mentor, coach, or sponsor and realize that asking is a form of flattery!

Terri-Anne Wallen:

Terri-Anne “TA” Wallen leads CSG’s Enterprise Risk Management organization with responsibility for Risk, Compliance, and Internal Audit. In her role as Chief Risk Officer, she provides support and guidance to the business to achieve accelerated growth through risk assessment, analysis, and various audits. She joined CSG in 2005 and established CSG’s Internal Audit and Risk Management functions. In her role, she increased capabilities and implemented efficiencies to meet dynamic business risks and the evolving needs of customers, built a strong, functioning team, and monitors risk mitigation across CSG’s global, growing business. Before CSG, TA spent time with Protiviti performing Internal Audit outsourcing projects, assisting in establishing the Internal Audit function for both eBay and PayPal, and is a KPMG alumnus. She has 25+ years of experience in building and maintaining Internal Audit and 15+ years of experience in Risk Management program development and facilitation. TA graduated from the University of Nebraska – Omaha with a Bachelor of Science in Business Administration – Accounting. She obtained her CPA certification and is a member of the IIA. TA serves as an Executive Sponsor in CSG’s first employee resource group, Women Engaged in Leadership, Education and Development (WE LEaD).

Andy Hinton:

Andy Hinton focuses on building relationships and providing value through independent and objective feedback on managing uncertainty; striving to turn risk into opportunity. In his current role at CSG, Andy leads a team of IT audit professionals through risk assessment, technology audits, and consulting.

Prior to CSG, Andy held audit roles at Bank of the West, TD Ameritrade, and Deloitte, where he performed IT, financial, and operational audits. With over 15 years of audit and information security experience, Andy has established himself as a trusted advisor to management. Andy holds Bachelor of Science in Business Administration and Master of Professional Accountancy degrees from the University of Nebraska – Lincoln and maintains several audit and security certifications. Andy has taught cybersecurity at Bellevue University, volunteers for the local ISACA chapter, and is a member of the Supervisory Committee at Centris Federal Credit Union.

[1 CPE] The Office of Tomorrow May Be Here Already

  Presented by INTERFACE Advisory Council

Since the start of the pandemic, your workflow and office structure have shifted tremendously. The way any firm operates now has adapted to the change in remote workers. We have seen return-to-office plans constantly changed, pushed backed, or completely scrapped. Has your company returned employees to the office? Are those plans on hold?

Join the INTERFACE Advisory Council for an open discussion about these items and more. Will your company have a large amount of staff permanently working remotely? Do you need more shared space workstations for employees? We will discuss some tips for preparing your IT staff for all the possible scenarios that will come your way.

Panelists

  • Rick Haugerud, Assistant Vice President, Information Technology Services, University of Nebraska
  • Matt Morton, Board Member, NebraskaCERT
  • Andrew Munger, Vice Chairman, Verterent
  • Jim Navin, Chief Information Officer, The Gavilon Group, LLC
  • Amber Roberts, Sr IT Support Analyst, The Gavilon Group, LLC