Topic: Information Security

Seminar Topics

[1 CPE] Zero Trust—Let’s Dive into Security

  Presented by Kevin Heide, Director of Enterprise Networking • Cerium Networks

Spend the morning with us while we explore the world of Zero Trust Architecture—but with a twist. Instead of a high-level overview of this strategic cybersecurity approach, we’ll get hands-on and show you practical examples using tools and environments that most of us are already familiar with.

Buckle up and join us on this exciting journey as we learn how to integrate different elements and policies across our organizations. We’ll also focus on optimizing our policies and enhancing threat protection.

[1 CPE] AI, ML, and the Cybersecurity Checklist

  Presented by Paul Carugati • Global Head of Information Security, Syngenta

The dynamic threat landscape is evolving as new cyberattack methods are introduced daily. Generative Artificial Intelligence (AI) and Machine Learning (ML) algorithms are equally evolving and becoming more sophisticated. Navigating AI/ML services against your organization’s cybersecurity risk posture is a maturing discipline, but it may be more familiar than you think. Let’s discuss the practical risk elements of AI & ML in the modern enterprise and how best to protect, detect, respond, and recover from cybersecurity incidents.

Paul is a seasoned IT and Information Security leader with over 20 years of experience in Fortune 300 enterprises. An accomplished information security executive, Paul has a proven ability in the successful execution of global Cybersecurity and Risk Management programs. Paul specializes in building high-performing security teams and fostering a culture of data protection through business enablement, achieving positive, measurable behavioral change through accountability and integrity.

[1 CPE] Seeing Your Attack Surface Through the Eyes of an Adversary

  Presented by Palo Alto Networks

Modern attack surfaces are dynamic. Without clear visibility that is constantly updated, it is all too easy to have persistent exposures and unmanaged assets. Security practitioners can only be as good as the data they have, so having a strong foundation of continuous discovery and monitoring ensures you can keep up with modern, dynamic attack surfaces to find, prioritize, and mitigate exposures as they arise.

[1 CPE] Plan, React, and Recover: An Incident Response Workshop (Part 1)

  Presented by Dan Brown and Ronald Watters, Cybersecurity Advisors • Cybersecurity and Infrastructure Security Agency

Incident Management can be frequently looked at in a causal manner –– until it happens to you. Do you have the correct plan in action? Have you ever tested your incident plan? Join us for an extended workshop to discuss the parties that need to be involved in this response plan. Our speakers will also share strategies on how often you should test and update your plan.

The Cyber Risk Landscape will also be examined. While threat actors are coming from multiple areas, you will be prepared to consider the insider threat as well. Join us for this two-hour session for an extensive workshop for you to develop a thorough incident response plan.

The experts on this panel are Cyber Security Advisors for the federal agency known as CISA, The Cybersecurity and Infrastructure Security Agency. They will help you assess your environment, identify vulnerabilities, and provide education about the latest threats you will face. CISA has many resources available for you and those will be discussed as well.

Speaker Details:

Dan Brown serves as the Cybersecurity Advisor for Eastern Washington and is based in Spokane, WA. He supports CISA’s mission of leading the national effort to understand, manage, and reduce risk to our cyber and physical infrastructure.

He offers CISA resources that coordinate cyber preparedness, risk mitigation, and incident response. He provides cybersecurity resources, including assessments, to public and private stakeholders in the nations’ sixteen critical infrastructures, including auxiliary support for state, local, tribal, and territorial government entities.

Prior to joining CISA, Dan worked in information technology and cybersecurity for more than 25 years. Most recently, he worked at the Community Colleges of Spokane as their Information Security Officer (ISO). Before that, he worked for 17 years at Washington State University as an Assistant Director of Systems and Security.

His education includes an undergraduate degree in Management Information Systems (MIS) from Eastern Washington University and an M.B.A. from Washington State University. Current certifications include CISSP, CISM, and ITIL foundation.

Ron Watters serves as the Region 10 Private Sector Cybersecurity Advisor for CISA. Based in Seattle, WA, he supports the Department of Homeland Security (DHS) mission of strengthening the security and resilience of the nation’s critical infrastructure.

His program coordinates cyber preparedness, risk mitigation, and incident response, and provides cyber security resources, including assessments, to the nation’s sixteen critical infrastructure sectors and state, local, tribal, and territorial government entities.

Before joining DHS, Ron served 27 years with the U.S. Navy and Naval Reserve as a Submarine Sonar Technician and Diver. Ron interviewed and was hired as the Region X Cybersecurity advisor in June of 2017 and has filled that position presently.

[1 CPE] Go Hack Yourself: War Stories from ~20k Pentests

  Presented by Habibeh Deyhim, Director of Customer Success • Horizon3.ai

In an ecosystem where you know you’re being targeted daily, how can you prove you’re secure? Are you finding and fixing the most critical attack paths, logging the right data, and alerting on the right events? Do you know if you’re ready to respond to an incident and are your security controls configured and integrated correctly? All this effort is supposed to measurably reduce your risk, but is any of it working?

Join Habibeh Deyhim, Director of Customer Success at Horizon3.ai, to learn a proven way to find, fix, and verify that you’re secure. Habibeh will discuss several real-world examples of what autonomous pentesting discovered in networks just like yours. And you’ll hear more about how fast and easy it was to safely compromise some of the biggest (and smallest) networks in the world – with full domain takeover in a little more than a few hours. Learn how you can safely do the same in your own network today!

[1 CPE] How I Really Feel About ChatGPT from an IP Lawyer’s Perspective

  Presented by Bradlee Frazer Esq., Partner, Hawley Troxell Law Firm  • INTERFACE Advisory Council

Everyone wants to use artificial intelligence to increase productivity. AI is a great way to maximize employee efficiency in the enterprise environment. But, in this interactive session, IP lawyer Brad Frazer will give you his perspectives on the legal risks of the unrestrained use of AI in the workplace. He’ll also give you some best practices for using it safely and correctly, to minimize your legal risks.

Bradlee Frazer is a partner with Hawley Troxell and is Chair of the firm’s Intellectual Property & Internet practice group. In addition to emphasizing and focusing on all facets of Internet law, Intellectual Property law, and Information Technology law, he also helps clients with related transactional work and litigation.

Brad is a published novelist, and he has also written extensively for national legal publications and law blogs. He is also a frequent speaker on internet, intellectual property, and computer law topics and is a regular guest lecturer at Boise State University on those subjects.

A Boise native, Brad began his legal career in 1989 as an intellectual property attorney and commercial litigator at a Boise-based law firm. In 1997 he accepted an in-house position as Senior Intellectual Property Counsel with Fortune 1000 company, Micron Electronics, Inc., and remained there through the company’s merger with Interland, Inc. (now Web.com), then the nation’s largest Web hosting company. He eventually became Deputy General Counsel for Micron Electronics, Inc., and Interland, Inc. From June 2003 to February 2006, Mr. Frazer served as Deputy General Counsel to MPC Computers, LLC, in Nampa, Idaho.

[1 CPE] Why is Critical Data Being Compromised?

  Presented by Matthew Olive, Partner Solutions Architect • Thales Group

Securing critical data and information was where this industry started a long time ago, but it became more challenging with the rapid growth of enterprise data in an interconnected world. The pandemic forced organizations to support a remote workforce and expose critical systems that were once only accessible from inside the company’s network. We’ve increased the attack surface and the number of vulnerabilities which has led to more data breaches. With the technology advancements in access management, data discovery and encryption we can once again shift the focus to securing our data and information. In this presentation, we will discuss a unified data-centric security approach and strategy to protecting your most critical data and information.

Matt Olive is a data security professional with over 20 years of technical cybersecurity experience. In his role at Thales Cloud Protection & Licensing, Matt is dedicated to providing customers with high-quality data security solutions that address security priorities and make the connected world more secure.

[1 CPE] Zero Trust—Let’s Dive into Security

  Presented by Kevin Heide, Director of Enterprise Networking • Cerium Networks

Spend the morning with us while we explore the world of Zero Trust Architecture—but with a twist. Instead of a high-level overview of this strategic cybersecurity approach, we’ll get hands-on and show you practical examples using tools and environments that most of us are already familiar with.

Buckle up and join us on this exciting journey as we learn how to integrate different elements and policies across our organizations. We’ll also focus on optimizing our policies and enhancing threat protection.

[1 CPE] Adding VX to Your LAN: A Primer on Overlay Networks

  Presented by CompuNet

As network infrastructure evolves, overlay networks are gaining popularity due to their ability to enhance network availability, security, and flexibility. Our presentation will offer a comprehensive overview of overlay network protocols and architectures, along with their role in enterprise networks. Join us to discover how overlay networks can benefit your organization and learn more about their implementation and management.

[1 CPE] Zero Trust Framework as a Baseline for Identity Management

  Presented by Andrew Massi, Digital Security Consultant, Identity • Entrust

With the recent increase in cyber-attacks that involve the use of weak / compromised credentials, it is critical for organizations to secure their environment and resources with a Zero Trust framework and a Phishing resistant RBA in mind. Organizations can establish trust through verifiable, phishing-resistant, certificate-based identities across users, devices, and apps to implement a secure first line of defense against cyberattacks.

Today’s technology leaders must navigate different tools and methodologies yet remain confident they’re quantifying risk effectively. During this session, we’ll be discussing emerging digital security trends and how your peers are shaping the way the market approaches cybersecurity and risk management.

Specifically, we will discuss:

  • How to establish trust across users, devices, and apps that secure a first line of defense
  • How to support the Zero Trust framework through the adoption of Phishing resistant passwordless authentication