Topic: Information Security

Seminar Topics

[1 CPE] Challenge the Threat of Ransomware: Best Practices to Prepare, Mitigate, and Recover

  Presented by Zerto

Ransomware attacks continue to rise in volume, severity, and costs to businesses attacked while cyber criminals continue inventing new and unexpected methods to spread malware and encrypt critical data. As attacks continue to specialize, no organization is immune to ransomware. So how do you avoid being forced to pay a ransom, disruptions to services and supply chains, and damage to your brand in the news? Join recovery and data protection experts from Zerto to discuss best practices for when – not if – ransomware strikes. Be prepared to minimize downtime, data loss, and mitigate the risks of ransomware. In this session, you’ll learn:

[1 CPE] Automate or Die: DevSecOps in the Age of Software Supply Chain Attacks

  Presented by Sonatype

As nimble organizations deliver new innovations, adversaries are also upping their game; something we’ve seen in recent high-profile and devastating cyber-attacks. Bad actors have the intent and ability to exploit security vulnerabilities in the software supply chain – and in some cases plant vulnerabilities themselves. They have increased scale through automation and improved breach success through precision targeting. If we don’t fight back by doing the same – automating security directly in the DevOps pipeline – then we’ll always be at the hackers’ mercy. This session will provide new research on the above and details on how to get started.

[1 CPE] Rethinking Your Data Strategy with Zero Trust Privacy

  Presented by Dr. Lisa McKee Ph.D., CISA, CDPSE, CRISC • Director of Governance, Risk, Compliance, and Privacy, Hudl

At the foundation of Zero Trust Privacy, should be data – and for good reason! Organizations that have visibility into their data and the activities around it are better equipped to implement a successful privacy program using the principles of zero trust. Many believe identity is the core principle of zero trust, but how does one implement effective access controls without knowing the data they are granting permissions to? Zero Trust Privacy supports privacy compliance while enabling the implementation of proper access controls to detect suspicious behavior, even when other security controls have been compromised.

The key points covered in this presentation will be as follows:

  • Understand what Zero Trust Privacy is and why data should be the foundation of any security and privacy program.
  • Identify methods for coordination and collaboration between privacy and security within a Zero Trust strategy.
  • Execute techniques for implementing and overcoming challenges of integrating Zero Trust Privacy.
  • Initiate discussions with organizational stakeholders on steps for creating a Zero Trust Privacy strategy for their organization.

Lisa McKee Ph.D., CISA, CDPSE, CRISC, has 20 years of industry experience in Cybersecurity, Privacy, Information Technology, Vendor Management, Software Development, IT Audit, Compliance, PCI, and GRC. McKee assists companies in conducting security and privacy assessments, program implementation, and managing compliance. She is a highly regarded privacy expert and a regularly featured speaker at conferences and events locally, nationally, and globally for IAPP, ISACA, IIA, ISC2, NEbraskaCERT, and RSAC. McKee is a member of the Accredited Standards Committee X9 providing input on industry standards. She is a member of several professional association boards and an adjunct instructor for security and privacy courses. She is passionate about privacy and security.

[1 CPE] Open-Source Developers Are Security’s New Front Line

  Presented by Sonatype

Bad actors have recognized the power of open source and are now beginning to create their own attack opportunities. This new form of assault, where OSS project credentials are compromised and malicious code is intentionally injected into open-source libraries, allows hackers to poison the well. In this session, Sonatype will explain how both security and developers must work together to stop this trend or risk losing the entire open-source ecosystem.

[1 CPE] Navigating Today’s Threat Landscape: A Current State of Cybersecurity

  Presented by Fortinet

Join Fortinet for comprehensive look at the current state of cybersecurity. Today’s ever-evolving threat landscape requires an integrated, automated approach to security. Learn how you can mitigate risk in your organization, optimize your security team’s operations, and gain best practices to integrate and consolidate your security tools; whether you’ve taken a multi-vendor or single-vendor approach.

After leaving our session, you will understand:

  • More about the current state of cybersecurity and how it relates to your business
  • How to scale company growth while securing against constantly evolving threat vectors
  • How your security tools should ideally be integrating with each other and automating security functions
  • Best practices to optimize security
  • How to consolidate security controls to improve your security posture

[1 CPE] Securing Layer 8

  Presented by Synack

One of the most difficult challenges globally is securing the human element and as such, it tends to be neglected. The current solution of training with “gotcha” emails is not successful and tends to cause unintended negative consequences. We will investigate a more global approach to securing businesses by taking on the “business of hacking.” We’ll show how we can harden the human element and expand our footprint by using a better way to learn and widening our defenses. The key is to ensure we also harden society to help drive the ROI for attackers up enough that business is no longer profitable, forcing them into the technology fight in which, as an industry, security professionals have much more secure footing.

[1 CPE] How AI Can Think Like an Attacker

  Presented by Darktrace

In the face of skyrocketing cyber risk, detecting and responding to attacks is no longer enough. Organizations must take proactive steps to prevent threats before they happen and to recover if compromised. In this session, we’ll unveil an ambitious new approach to security, with core engines powering AI technologies to prevent, detect, respond, and ultimately heal from attacks. Together, these engines combine to strengthen organizations’ security posture in a virtuous AI feedback ‘loop,’ which provides powerful end-to-end, bespoke, and self-learning solutions unique to each organization.

[1 CPE] Challenge the Threat of Ransomware: Best Practices to Prepare, Mitigate, and Recover

  Presented by Zerto

Ransomware attacks continue to rise in volume, severity, and costs to businesses attacked while cyber criminals continue inventing new and unexpected methods to spread malware and encrypt critical data. As attacks continue to specialize, no organization is immune to ransomware. So how do you avoid being forced to pay a ransom, disruptions to services and supply chains, and damage to your brand in the news? Join recovery and data protection experts from Zerto to discuss best practices for when – not if – ransomware strikes. Be prepared to minimize downtime, data loss, and mitigate the risks of ransomware. In this session, you’ll learn:

  • Ransomware 101: A breakdown of a ransomware attack and how it affects systems
  • Steps you can take to reduce the likelihood of attacks on your system
  • How to choose a best-in-class recovery solution for ransomware
  • How you can best harden your recovery systems against attacks
  • How to create a recovery plan to react and recover quickly
  • Real example of a company hit twice by ransomware and how they improved recovery time from weeks to minutes by planning ahead

[1 CPE] PCI-DSS 4.0: How to Become and Stay Compliant

  Presented by Structured

This presentation will discuss the difficulties of becoming and staying compliant with Payment Card Industry (PCI) requirements. The venerable version 3.2.1 is well on the way to retirement, and the updated Data Security Standard (DSS) 4.0 is loaded with numerous changes and enhancements that must be complied with. Whether you are just beginning with PCI for your organization or have many years of experience, there are many challenges — both old and new — that can create roadblocks to compliance. With emerging technologies such as zero-trust architecture ready for implementation, find out how to best use these controls for your organizational goals. The presentation will cover the requirements, trouble areas to be aware of, and how you can utilize specific technology in your compliance effort.

[1 CPE] How AI Can Think Like an Attacker

  Presented by Darktrace

In the face of skyrocketing cyber risk, detecting and responding to attacks is no longer enough. Organizations must take proactive steps to prevent threats before they happen and to recover if compromised. In this session, we’ll unveil an ambitious new approach to security, with core engines powering AI technologies to prevent, detect, respond, and ultimately heal from attacks. Together, these engines combine to strengthen organizations’ security posture in a virtuous AI feedback ‘loop,’ which provides powerful end-to-end, bespoke, and self-learning solutions unique to each organization.