Topic: Information Security

Seminar Topics

[1 CPE] 2023: The Year AI Went Mainstream

  Presented by Randy Lariar, Practice Director, Big Data & Analytics • Optiv

AI is accelerating the risk of fraud, but it can also be used to prevent and detect fraud. Companies need to be aware of both the risks and the benefits of AI and develop an offensive and defensive strategy to protect themselves from fraud. During the talk, we’ll touch on:

  • The recent history and latest developments in Generative AI, Large Language Models, ChatGPT, GPT-4, Google Bard, and more
  • How AI is increasing Risk already
  • How AI introduces new kinds of Risk
  • How AI can help solve some of the problems AI creates
  • Approaches for building an offensive & defensive Data and AI strategy

[1 CPE] Defend Today, Secure Tomorrow

  Presented by John Bryant • Cybersecurity Advisor, CISA

Join John Bryant, CISA Cybersecurity Advisor, for a discussion of the evolution of Ransomware, beginning with the first reported incident to the present. Bryant will provide a high-level overview of one incident followed by a look at the lessons learned. Learn about the Department of Homeland Security’s (DHS) youngest agency, the Cybersecurity and Infrastructure Security Agency (CISA), and resources available at “no cost” to State, Local, Tribal, and Territorial governments and organizations with critical infrastructure.

John Bryant serves as a Cybersecurity Advisor for Region 7 (IA, KS, MO, and NE) for CISA in the Integrated Operations Division. Based in Kansas City, Missouri he supports the Department of Homeland Security’s mission of partnering with industry and government to understand and manage risk, strengthening the security and resilience of the nation’s critical infrastructure. He is the lead in Region 7 for DHS/CISA’s K12 cybersecurity working group. Mr. Bryant provides Cybersecurity resource briefings, Cybersecurity assessments, and Incident Response planning to the nation’s sixteen critical infrastructure sectors and state, local, tribal, and territorial government entities.

Bryant holds a Master of Business Administration with an emphasis in Organizational Development and a Bachelor of Science in Computer Information Technology from Upper Iowa University. He is a member of (ISC)2 and is a Certified Information System Security Professional (CISSP) in good standing for the past 10 years.

[1 CPE] Threat Actors “Living off the Land” Techniques and Response Review

  Presented by Rob Bennett, Security Expert • InfraGard Kansas City

The recent advisories from multiple cyber agencies of threat actors utilizing “Living off the Land” techniques present a different challenge in cyber defense for organizations. We will cover techniques covered by Volt Typhoon and other threat actors with organization response on how to verify detected activity, logging that will need to be in place to monitor the activity, and how to respond when your organization has evidence that they may be infiltrated.

Rob Bennett has served in a variety of leadership positions in multiple industries focusing on Security and Business Continuity over 3 decades while also assisting organizations with compliance initiatives and strategic direction. Rob currently resides at the Lake of the Ozarks with his retired racing greyhound Otis.

[1 CPE] Panel Discussion: Risk… What Risk?

  Presented by INTERFACE Advisory Council

Every day more stories are circulating about cyber-attacks and breaches causing significant harm to organizations. As an IT leader, you know there is constant risk to your network, data, and ultimately the checkbook. Even when certain risks are known, communicating this effectively to C-suite decision-makers is a significant challenge. Is your company reacting too much and not planning properly? Are you hitting roadblocks in attempting to quantify risk?

Join the INTERFACE Kansas City Advisory Council for an open conversation about Risk Management. Local IT leaders will share some insight on strengthening relationships with the decision-makers that ultimately control your organization’s budget. Bring your specific questions to get some advice about the challenges you have. The panel conversation will look to help you navigate the waters of managing risk in your company while providing some alternatives to the approaches you may have taken already.

Panelists

  • Britney Kennedy, Business Information Security Officer, Cardinal Health
  • Jason Kentner, Chief Information Security Officer, KCAS Bioanalytical & Biomarker Services

[1 CPE] Supply Chain Attacks: Who’s at Risk and How Can You Stop Them

  Presented by EverFast & High Wire Networks

Supply chain attacks are increasingly in the news as more businesses are impacted by third-party vendors being used to circumvent the businesses’ defenses to propagate ransomware and digital extortion. Most companies today leverage some type of third-party software for business operations. Join us as we discuss the risk of supply chain attacks, recent breaches and how you can defend your enterprise.

  • What is a Supply Chain attack?
  • How do they work – postmortem
  • Who is at risk?
  • What’s the current threat condition?
  • How can you stop supply chain attacks from impacting your business?

[1 CPE] Cybersecurity is a Big Data Problem: How XDR Solves for Risk

  Presented by EverFast & High Wire Networks

Today’s connected business and the digital transformation has led to massive improvement in the customer experience and business agility. The flip side is a massive expansion of your attack surface that is increasingly difficult to get your arms around. Join the discussion on the impact digital transformation has had on business risk and how more businesses are turning to XDR services to reduce risk exposure and improve cyber resilience.

  • Trends in cyber security attacks
  • What has changed in the threat state
  • What is XDR and how does it reduce risk
  • What is driving growth of XDR services among business today
  • Is XDR right for your business, vetting an XDR offering

[1 CPE] The Ransomware Recovery Puzzle

  Presented by Peter Martinson, Sr Security Engineer • Sanity Solutions

We all hear about ransomware on the news but are we prepared to deal with it? Join us as we talk through real-life case studies of companies that have gone through ransomware attacks and learn how the process works.

  • Timeline of an attack
  • Recovery of Systems
  • To pay or not to pay
  • Legal concerns
  • Cyber Insurance

We will look at all the pieces of the puzzle and see if we can’t form a picture.

[1 CPE] Building a Ransomware Resilience Strategy

  Presented by 11:11 Systems & Zerto

Ransomware attacks are affecting every industry and every size organization with the threats of downtime, data loss, reputation damage, and more. You can protect your organization from these threats by building ransomware resilience into your IT infrastructure. As ransomware threats evolve, so do the available technologies to protect your organization, and having a ransomware resilience strategy is more important than ever. In this session, we will discuss how:

  • The threat of ransomware has become systemic in data recovery planning
    • Prevention alone is not enough, and recovery alone is not enough
  • A ransomware resilience strategy relies on early detection to be effective
  • Air-gapped and isolated recovery are critical for ransomware resilience
  • Speed of recovery and minimal data loss recovery prevent ransom payments

[1 CPE] Open Source Developers Are Security’s New Front Line

  Presented by Austin Steffes, Sales Engineer • Sonatype

Bad actors have recognized the power of open source and are now beginning to create their own attack opportunities. This new form of assault allows hackers to poison the well, where OSS project credentials are compromised, and malicious code is intentionally injected into open source libraries. In this session, Sonatype will explain how both security and developers must work together to stop this trend or risk losing the entire open source ecosystem.

  • Analyze and detail the events leading to today’s “all-out” attack on the OSS industry.
  • Define the future of open source in today’s new normal.
  • Outline how developers can step into the role of security to protect themselves and the millions of people depending on them.

[1 CPE] Shattered Perimeters

  Presented by Erik Graham, Marsh & McClennan Co.

Prior to COVID, the cyber perimeter of a business was relatively well defined. The business knew what information assets held what information. With COVID, it was necessary to change the cyber perimeter quickly to keep business alive. Today many businesses cannot tell you what information assets hold their data or how that data is protected. In this presentation, Erik Graham will cover several of the major risks with work-from-home (WFH) and possible solutions to those risks.

Erik Graham is a lead incident responder on the incident response team at Marsh & McLennan; he is responsible for the identification, documentation, and communication of security risks as well as the analysis, eradication, and recovery of cyber incidents that affect Marsh & McLennan’s information assets.

Erik has been working in the computer industry for 25+ years with over 20+ years directly focused on computer security and information assurance. He has worked in a wide variety of both physical and logical security areas related to computer network attack (CNA) and computer network defense (CND). Currently, he is working in multiple areas such as risk identification and management, evaluating emerging technologies, malware analysis, supply chain analysis, and cloud security.

Erik has a Bachelor of Science from the University of Phoenix, and a Master of Science in Information Assurance from Norwich University, and holds multiple industry certifications including CISSP-ISSAP, CISM, CRISC, and CDPSE.