[1 CPE] Incident Response & Recovery: What to do Before, During, & After the Storm

  Presented by Collin Miller • Director of Cloud Security, Structured

Responding to a security incident requires preparation, planning, and processes. When that incident occurs in a cloud environment such as Azure, not all organizations are equipped to respond. The shared responsibility model, rapid rate of change, high degree of automation, and new security tools and technologies all present challenges and opportunities when responding to incidents in the cloud. Protect your organization’s information, applications, and reputation by learning to develop an incident response infrastructure to prepare, detect, analyze, contain, eradicate, recover, and learn from security incidents when they occur. This presentation will focus on Azure environments, but many of the lessons learned are applicable across the major cloud service providers.

Collin Miller has over two decades of experience in networking and IT security. In 2015 he hiked over 2,600mi on the Pacific Crest Trail from the Mexican border into Canada. His security journey has seen him working with a wide array of cybersecurity technologies including network security, securing mobile devices, and data loss prevention. His current area of focus is cloud security.

[1 CPE] Zero-Trust Architectures

  Presented by Rubrik

Organizations have invested heavily in IT security, attempting to fortify their perimeter, network, endpoint, and application protections. Despite these investments, hackers are successfully penetrating these defenses and targeting enterprise data, including backup data. Ransomware is starting to specifically target online backups by encrypting or deleting them. If your organization was the target of an attack today, how do you know what data was impacted and where? Manually sifting through millions of files and comparing each snapshot consumes FTE time and prolongs recovery exponentially. Mass restores of the entire environment could mean high data loss and weeks’ worth of work down the drain. In this session, we will discuss how to protect your last line of defense, the backups. We will walk through the anatomy of a recovery, the best practices, and advanced tools to ensure you will not have to pay a ransom, and how to quickly recover your data to continue business operations.

[1 CPE] Who’s Attacking You?

  Presented by Critical Insight

One of the most common questions from IT Leaders and Executives is: Who would attack our organization and why?

In this discussion, we’ll examine the most common cyberattack perpetrators and their methods. From hostile Nation-States to teenagers to some threat actors you might not expect. We will discuss the methods these attackers are using to gain access to your networks, be it unpatched systems, newly found zero days, as well as other avenues into your network. Also covered will be the intent of these attacks, whether it is to steal your intellectual property, extort your cryptocurrency, or to disrupt your operation to meet strategic goals. Most importantly, we will discuss how to tell the difference, and how to protect yourself.

[1 CPE] Immutable Storage: Level-Up Ransomware Readiness

  Presented by Arcserve

Data is expected to grow to 200 ZB by the end of 2025. More data to manage, more data to protect. IDC recommends a 3-2-1-1 best practice as a mid-market data protection strategy. The addition of the new “1” is a copy of the data on immutable storage. Backup data is a key tool in business continuity & disaster recovery planning. Securing this backup data and maintaining multiple copies of it allow for a resilient recovery plan. Your cyber security plan is incomplete without a reliable recovery plan. In the event of any disaster, natural or man-made, like a ransomware attack, getting your IT systems and workloads back on their feet as fast as possible is essential. Join us as we share best practices to help keep your data protected and secure with multiple layers of defenses. We will share our perspective on how organizations can simplify the approach of incorporating guidance from NIST’s Cybersecurity Framework into their own environments.

Presented by Steve Kleis, Principle Sales Engineer

Over the past 20 years, I’ve been fortunate to know many business owners and be part of their IT management strategy. As a trusted advisor I worked to understand their business needs and design solutions that were fast and reliable. I have extensive experience with data backup, disaster recovery (DRaaS), business continuity, cloud storage, ransomware, and Network Attached Storage (NAS).

Currently, I am a sales engineer for Arcserve/Storagecraft supporting the North Central territory. As a member of a sales team, we work to help our customers protect what’s priceless, their data.

[1 CPE] Who’s Attacking You?

  Presented by Critical Insight

One of the most common questions from IT Leaders and Executives is: Who would attack our organization and why?

In this panel discussion, we’ll examine the most common cyberattack perpetrators and their methods. From hostile Nation-States to teenagers to some threat actors you might not expect. We will discuss the methods these attackers are using to gain access to your networks, be it unpatched systems, newly found zero days, as well as other avenues into your network. Also covered will be the intent of these attacks, whether it is to steal your intellectual property, extort your cryptocurrency, or to disrupt your operation to meet strategic goals. Most importantly, we will discuss how to tell the difference, and how to protect yourself.

[1 CPE] Zero-Trust Architectures

  Presented by Rubrik

Organizations have invested heavily in IT security, attempting to fortify their perimeter, network, endpoint, and application protections. Despite these investments, hackers are successfully penetrating these defenses and targeting enterprise data, including backup data. Ransomware is starting to specifically target online backups by encrypting or deleting them. If your organization was the target of an attack today, how do you know what data was impacted and where? Manually sifting through millions of files and comparing each snapshot consumes FTE time and prolongs recovery exponentially. Mass restores of the entire environment could mean high data loss and weeks’ worth of work down the drain. In this session, we will discuss how to protect your last line of defense, the backups. We will walk through the anatomy of a recovery, the best practices, and advanced tools to ensure you will not have to pay a ransom, and how to quickly recover your data to continue business operations.

[1 CPE] Immutable Storage: Level-Up Ransomware Readiness

  Presented by Arcserve

Data is expected to grow to 200 ZB by the end of 2025. More data to manage, more data to protect. IDC recommends a 3-2-1-1 best practice as a mid-market data protection strategy. The addition of the new “1” is a copy of the data on immutable storage. Backup data is a key tool in business continuity & disaster recovery planning. Securing this backup data and maintaining multiple copies of it allow for a resilient recovery plan. Your cyber security plan is incomplete without a reliable recovery plan. In the event of any disaster, natural or man-made, like a ransomware attack, getting your IT systems and workloads back on their feet as fast as possible is essential. Join us as we share best practices to help keep your data protected and secure with multiple layers of defenses. We will share our perspective on how organizations can simplify the approach of incorporating guidance from NIST’s Cybersecurity Framework into their own environments.

[1 CPE] The Good, the Bad, and the Ugly of Vetting Applications

  Presented by Eric Walters • Chief Information Security Officer, Burns & McDonnell

What level of access are applications requesting and then receiving directly from your employees? Is the security team aware? Has the risk been quantified? Who is looking at the application Terms and Conditions or the End User License Agreement? Is the access overly permissive? What happens if the application vendor is hacked? Can the attacker access your data? Is the vendor liable?

Eric Walters, CISO and Director of IT Operations at Burns & McDonnell, will discuss these and many more perils and pitfalls of vetting applications and plugins.

Eric Walters is a seasoned information technology leader with over 25 years of security experience. He is capable of translating IT details into executive-level business decisions. Eric believes good compliance does not mean good security, nor does good security mean good risk management. Passionate for employee development. His experience includes healthcare compliance, software development, information security program management, cyber security managed services, global transition operations, infrastructure cloud operations, enterprise architecture, and document management, and is a retired Marine Officer.

[1 CPE] Protecting Your Critical Data

  Presented by Optiv & Rubrik

Businesses today rely heavily on technology and data. Though most organizations have developed strategies to access critical data during an outage caused by natural disasters or power disruptions, these strategies are ineffective during a cyber attack. Interconnected users, servers, cloud devices, and continuous web access results in an environment that is open for cybercriminals to significantly disrupt operations and/or take an entire network hostage.

How can you support the identification and protection of critical data that must be shielded from the impact of cyber attacks, while also enabling rapid recovery to a secure state? Join us to learn how you can automatically store backups in a malware-protected, air-gapped vault or a remote cloud-based solution that safeguards your data’s confidentiality, integrity, and availability. We’ll discuss how you can ensure your data is verified and clean before entering the vault and is maintained in an immutable state while within the vault, significantly reducing recovery time by guaranteeing that you are recovering to a known good state.

[1 CPE] Zero-Trust Architectures

  Presented by Rubrik

Organizations have invested heavily in IT security, attempting to fortify their perimeter, network, endpoint, and application protections. Despite these investments, hackers are successfully penetrating these defenses and targeting enterprise data, including backup data. Ransomware is starting to specifically target online backups by encrypting or deleting them. If your organization was the target of an attack today, how do you know what data was impacted and where? Manually sifting through millions of files and comparing each snapshot consumes FTE time and prolongs recovery exponentially. Mass restores of the entire environment could mean high data loss and weeks’ worth of work down the drain. In this session, we will discuss how to protect your last line of defense, the backups. We will walk through the anatomy of a recovery, the best practices, and advanced tools to ensure you will not have to pay a ransom, and how to quickly recover your data to continue business operations.