Topic: Information Security

Seminar Topics

[1 CPE] The Current Threat Landscape Requires a Unique Approach

  Presented by Liran Chen, Vice President, Sales Engineering & Technical Services • Forescout

Specialized threats targeting OT environments have been around since at least 2010, with the reports of Stuxnet. Recognizing the criticality of these devices, Threat Actors have continued evolving, continuing to target OT devices, many of which are inherently insecure-by-design. Research, such as Vedere Labs’ OT:ICEFALL research project and Project Basecamp by Digital Bond from 10 years ago showed how significant the scope of vulnerable devices are that are pervasive in critical infrastructure systems. Today’s SOC needs to not only see those devices and the risks they pose while also ensuring accurate detection of the threats uniquely targeting those OT environments they’re deployed in. This session will explore this unique threat landscape and the capabilities required to combat the threats and automatically mitigate the risks specially targeting Operational Technology environments.

[1 CPE] Global Insights on Identity Security Maturity: Why it Matters? Why Now?

  Presented by Seth Garlett, Solutions Engineer • CyberArk

In our global survey of 1,500 identity-related security experts, we found only 9% of organizations have the highest level of maturity. These Transformative organizations have the most mature identity security programs as they strategically focus on four key tenets: tools, integration, automation, and continuous threat detection & response. As a result, these organizations significantly outperform their competition in driving business outcomes and reducing risk. Learn how you can mature your identity security program because the future of security starts with identity.

Key Session Takeaways:

  • Top challenges for identity security
  • The four tenets of identity security
  • How to take a holistic approach to identity security
  • Key considerations in evaluating identity security providers

Seth Garlett is an accomplished professional with experience in Sales Engineering and Software Engineering. Seth has significant experience in the development of web applications for organizations ranging from small businesses to Fortune 500 companies. His expertise lies in creating identity-based solutions and leading software development teams. Seth is now dedicated to utilizing his extensive knowledge to provide valuable insights and support in helping clients achieve their identity goals and milestones.

[1 CPE] Don’t Build a Fire Department

  Presented by Andrew Schori, Enterprise Account Executive • Arctic Wolf

Building and maintaining an internal SOC operation is hard. We’ll discuss why it’s imperative that organizations lean on 3rd party partners to provide 24×7 monitoring across your collective attack surfaces.

[1 CPE] Cyber Threats: Facts, Frauds, and Fallout

  Presented by Robert L. Kardell, Esq. • INTERFACE Advisory Council

This session will explore the current trends of cyber threats, crypto frauds, including the trading platforms, and the international aspects of the cryptocurrency exchanges. We will also review how the platforms are being used to commit fraud as well as the investigative steps necessary to identify the ultimate recipients of the trades and transfers. Finally, we will discuss the investigation and litigation steps necessary to protect consumers from cyber threats and cryptocurrency scams and the discovery and recovery processes.

Robert L. Kardell (Bob) is an attorney whose practice focuses on cyber-breach incident response, legal and technology-based risk management solutions, technology and cyber-defense policy and protections, intrusion remediation, and fraud prevention and investigation. Bob has more than 22 years of experience working for the Federal Bureau of Investigation as a Special Agent and Supervisory Special Agent, as well as a Program Coordinator for Public Corruption, Complex Financial Crime, Healthcare Fraud, and Domestic Terrorism.

[1 CPE] The Human Factor: Quantifying Human Risk

  Presented by Sara Anstey, Director of Data Analytics and Risk  • Novacoast

This talk will explore the growing field of human risk management and quantification, diving into the next step in an organization’s risk journey: quantifying people. We will discuss where the market is, how people are adopting it, and what organizations can gain from human risk management.

Join this session on the emerging and evolving field of human risk quantification, which aims to apply quantitative methods to assign risk scores to every employee at a company based on their actions and access. This space is very similar to where cyber risk quantification was about 4 years ago when there were a few start-ups in the market and a few active voices on LinkedIn advocating for the adoption of these practices. Now, human risk quantification is an organizational priority. Having done extensive research into where the players in the market are and how companies utilize these strategies, human risk quantification has become the next step of a risk journey for many companies. Over 80% of breaches involve the human element –– if organizations want to stop them, they need to understand how the people they employ affect their security posture.

[1 CPE] Sprung a Leak! Unit 42’s 2024 Leak Site Analysis

  Presented by Palo Alto Networks & Structured

Unit 42 monitors ransomware and extortion leak sites closely to keep tabs on threat activity and monitors data from dedicated leak sites (DLS) that are often only accessible through the dark web. Throughout our analysis, we compare activity results so that we are accounting for any seasonal fluctuations that can occur due to annual holidays, travel seasons and other recurring events that may impact threat activity. Here we will take a dive into those key leak site trends impacting the state of cybersecurity.

[1 CPE] Can You Prevent a Cyberattack?

  Presented by Jeff Polczynski, Director of Solutions Architecture • 11:11 Systems

Sprawling cloud infrastructure, remote and hybrid work, and ever more brazen threat actors have made it nearly infeasible to have an answer for every threat vector encroaching upon your organization. How can you withstand the onslaught of attacks?

Let’s discuss how to build a comprehensive plan for preventing bad actors and malicious insiders from compromising your systems, disrupting your business operations, and harming your company brand.

Jeff T. Polczynski is the Director of Solutions Architecture at 11:11 Systems. Previously, he was a key member of the Network Engineering team, where he helped design and build the network infrastructure for the 11:11 Cloud. Jeff has more than 20 years of experience in data center, networking and security roles across government, financial services, and service provider companies. Outside of work, he loves backpacking and is always on the lookout for the perfect spot to hang his hammock for a night under the stars.

[1 CPE] AI in Cybersecurity: Navigating the Double-Edged Sword

  Presented by Johan Bloomhart, Principal Sales Engineer • WatchGuard & BlackPoint IT

The rise of Artificial Intelligence (AI) has introduced both transformative opportunities and unprecedented risks to the cybersecurity landscape. While AI is a powerful tool for automating threat detection and enhancing security protocols, it also presents new avenues for cybercriminals to launch more sophisticated attacks. In AI in Cybersecurity: Navigating the Double-Edged Sword, we’ll explore AI’s dual impact—empowering both defenders and attackers—and discuss how to harness AI responsibly to protect against emerging threats.

This session will cover:

  • An overview of AI’s evolution and its prominence in the modern business world.
  • How malicious actors exploit AI for nefarious purposes, and the vulnerabilities that arise.
  • How cybersecurity professionals use AI to fortify defenses, identify threats, and mitigate risks.
  • Predictions for AI’s long-term influence on the security industry.
  • The latest technological tools and techniques that can mitigate the risks posed by AI.

We’ll also offer guidance on developing an artificial intelligence policy that allows your organization to leverage AI’s productivity benefits while minimizing risks to data security. Participants will walk away with actionable insights into how to implement AI securely in their business, staying ahead of both competitors and cyber threats.

[1 CPE] Moving to Agile at Gonzaga: Lessons Learned

  Presented by Borre Ulrichsen • Chief Information Officer, Gonzaga University

Gonzaga is seeing an increasing need for flexibility and agility in implementing and supporting information technology in a higher education environment that is constantly evolving. In this session, Borre Ulrichsen, Chief Information Officer, will cover the drivers behind Gonzaga’s transition to agile, how information technology worked with the community during the transition, and some of the benefits the university is reaping from this new way of working.

Borre Ulrichsen has served as the Chief Information Officer at Gonzaga University since August 2016. From 2011 to 2016 he was the Chief Information Officer and Associate Vice President for IT Services at California State University, East Bay. From 2002 to 2011, he was the Director of Information Systems Projects at San Francisco State University. Previous to that he held various IT leadership roles in the private sector. Borre completed his MBA at the Haas School of Business at UC Berkeley. He also earned a master’s degree in engineering from the Norwegian University of Science and Technology.

[1 CPE] Demystifying Zero Trust: Simplifying Network Security

  Presented by Tanner Harrison, Systems Engineer • Fortinet

Today’s ever-changing threat landscape challenges traditional security models. The emergence of the Zero Trust model represents a transformative approach, reshaping how organizations protect their assets. This presentation aims to demystify Zero Trust, offering a comprehensive understanding that goes beyond buzzwords. We will explore the foundational concepts of Zero Trust, emphasizing the “never trust, always verify” philosophy. By the end of this session, attendees will be equipped with the knowledge to begin their Zero Trust journey, enhancing their security posture, and protecting critical data and systems from modern threats. Whether you are a security professional, IT manager, or organizational leader, this discussion will empower you to take decisive action toward a more secure future.