Topic: Information Security

Seminar Topics

[1 CPE] Building a Fortress: Why Allowlisting Traffic is Key to Secure Networks

  Presented by Charles Killmer, Sr Security Analyst and Solution Architect • FRSecure

In this presentation, we’ll explore the critical role of allowlisting in enhancing network security. By focusing on controlling both ingress and egress traffic, allowlisting ensures that only trusted traffic is permitted, reducing the attack surface and minimizing vulnerabilities. Learn how adopting a comprehensive allowlisting strategy can help build a secure, resilient network fortress, protecting your systems from malicious threats and unauthorized access. Whether you’re implementing it for the first time or refining your approach, this session will highlight best practices and common pitfalls.

[1 CPE] Push Your Vulnerability Management Program Forward

  Presented by Chaney Edwards, Sr Security Solutions Engineer • Rapid7

We will begin focusing on building a framework that we will dive into the elements of in greater detail later in the presentation. These elements will be:

  1. Know your leadership, user base, regulations, and requirements
  2. Building policy and procedures
  3. Scan scheduling, design, and validation
  4. Remediation and exception processes
  5. Validation of program
  6. Flexibility and the OODA loop

We will start by focusing on the importance of knowing your leadership, user base, regulations, and requirements –– and ensuring others know that Leadership and Management buy-in is critical to the success of the program. We will talk about how to interact with your user base and what you should communicate with those individuals. We will also touch on how regulations and business requirements will play a part in your program design as well. Next, we will spend time on building policy and procedures and understanding the hierarchy and differences around Information Security Policy vs. Guidelines vs. Procedures.

From there we will shift gears and focus on scan scheduling, design, and validation of the scans in place. While many feel this is the most important part of a program, getting the data is the least important part of the whole process and we will discuss why that is. We will cover topics including scan frequency, targets, and validation. We will touch on the benefits of tagging, the use of agents, and reporting. The focus will be that there is no “right way” to scan and rather several considerations to guide you to what is right for you and your environment. We will also discuss remediation methods and how to track said remediations. With any remediation process, exceptions will occur, and we will touch on best practices for not only accepting that risk into your environment but curating that list for a continual review.

Finally, we will discuss program validation, flexibility, and the OODA loop (Observer, Orient, Decide, Act) and how where you are on day one in your program will inevitably change over time. For validation we will cover reporting not only to leadership but to internal stakeholders like security and governance programs, but also the user base as well. We will discuss topics requiring your program to be flexible like new assets, mergers and acquisitions, new projects, leadership changes, and more. Leveraging the OODA loop we will discuss processes to help tackle these changes and ensure your program can survive an ever-changing landscape.

The session will then end with a live Q&A to discuss any topics had or to field any thoughts on the matter to garner a collaborative end to the talk and allow for audience participation.

[1 CPE] The Modern Kill Chain: How Attacks Have Gone from Months to Minutes

  Presented by Tony Kelly, Sr Manager, Sales Engineering • Lookout

Cloud breaches are now happening in minutes, not months. Threat actors are exploiting the fact that mobile devices are more susceptible to social engineering, enabling them to gain direct access to cloud infrastructure and swiftly compromise data. Join us for this 50-minute presentation to learn:

  • How the traditional cyber kill chain has evolved to exploit mobile users
  • Why attacks utilizing a mobile device are increasing
  • What makes your organization vulnerable to a modern-day attack
  • Why stopping breaches requires the ability to identify anomalous data movements
  • The three key capabilities you need to defend against modern breaches

[1 CPE] Real-Time Threat Mitigation with AI-Driven SASE: A Practical Approach

  Presented by Brian Anderson, Global Field CTO • Cato Networks

In this session, we’ll explore how a converged SASE platform combined with AI and machine learning (ML) enables real-time threat detection and mitigation, transforming network security from a reactive to a proactive model. The focus will be on how AI-driven solutions within the SASE framework can identify, analyze, and neutralize security threats in real time across distributed environments.

Brian Anderson, Global Field CTO at Cato, has over 20 years of experience in technology, working with networks, systems, application development, and security specializing in automation. Brian has worked to architect, attack, integrate, and secure networks and applications for emergency notification systems, government environments, healthcare organizations, transactional and e-commerce, including multi-tier cloud-based solutions, and has had a focus on web, database, and network and infrastructure security for the past 13 years at Imperva.

[1 CPE] Enhancing Security with Observability: Real-Time Threat Detection and Insights

  Presented by Kyle Kowalski, Lead Solutions Engineer • Dynatrace

In a world of complex dependencies, leveraging observability data can improve the security posture of any organization. From identifying false alarms to removing noise, to including critical context to vulnerability and anomaly detection, it helps to identify threats in real time.

Kyle Kowalski, Lead Solutions Engineer, will discuss how organizations can merge logs, metrics, events, and traces to create a comprehensive view of their environments. He will demonstrate the impact of AI in unifying these data points for faster, more accurate security insights.

[1 CPE] The Current Threat Landscape Requires a Unique Approach

  Presented by Liran Chen, Vice President, Sales Engineering & Technical Services • Forescout

Specialized threats targeting OT environments have been around since at least 2010, with the reports of Stuxnet. Recognizing the criticality of these devices, Threat Actors have continued evolving, continuing to target OT devices, many of which are inherently insecure-by-design. Research, such as Vedere Labs’ OT:ICEFALL research project and Project Basecamp by Digital Bond from 10 years ago showed how significant the scope of vulnerable devices are that are pervasive in critical infrastructure systems. Today’s SOC needs to not only see those devices and the risks they pose while also ensuring accurate detection of the threats uniquely targeting those OT environments they’re deployed in. This session will explore this unique threat landscape and the capabilities required to combat the threats and automatically mitigate the risks specially targeting Operational Technology environments.

[1 CPE] Incident Response: A Peek Behind the Curtain & the Solution

  Presented by Ron Pelletier, Founder and Chief Customer Officer • Pondurance, with iT1 Source

Join Ron Pelletier, Pondurance’s Co-Founder as he shares insights from the in-house Incident Response Team on current causes & trends, shortfalls on current IR Teams, and the solutions available. Learn about how Ransomware has evolved, how it’s analyzed, and what measures should be taken by security programs to keep themselves secure.

Ron has more than twenty-five years of client advisory experience in security and enterprise risk management. His expertise is centered within the enterprise risk assessment, business continuity, and governance areas. He has also provided HIPAA, HITECH, ISO 27002, and PCI DSS advisory services to large and mid-sized organizations. Ron is certified in multiple disciplines relating to information and asset protection, including Certified Information Systems Security Professional (CISSP), Certified Information Systems Security Manager (CISM), Certified Business Continuity Professional (CBCP), Certified Information Systems Auditor (CISA), Certified Computer Forensics Examiner (CCFE), and Certified Ethical Hacker (CEH).

[1 CPE] Securing Work Where It Happens with Prisma Access Browser

  Presented by Yossi Rosenboim, Manager, Solution Engineering • Palo Alto Networks & Structured

As work increasingly moves to the cloud, traditional network perimeters dissolve, and the browser becomes the new frontline for productivity and risk. This presentation explores how Prisma Access Browser is redefining security by shifting focus from network-based controls to the user’s primary workspace: the Browser. We’ll dive into how this solution uniquely protects users and data at the browser level. Join us to understand how a secure, zero-trust approach to browser activity can streamline compliance, enhance user experience, and fortify your security posture without compromising productivity. This session includes a live demo.

Yossi Rosenboim is a seasoned cybersecurity professional with over 20 years of experience. As a leader of the PNW solution consulting team at Palo Alto Networks, he specializes in guiding organizations through the evolving landscape of cyber security.

[1 CPE] Fortifying the Digital Landscape: Integrating Regulation with Cybersecurity and GRC

  Presented by Rob Wayt, Director, Governance, Risk & Compliance • Structured

In today’s digital landscape, organizations face an increasing challenge to safeguard their information assets amidst evolving cybersecurity threats, regulatory demands, and operational complexities. This presentation explores the critical interplay between cybersecurity, compliance, risk management, and governance in the protection of sensitive data and information assets. Attendees will gain insights into best practices for creating a resilient cybersecurity program that aligns with regulatory requirements and organizational goals, supporting robust governance structures. Key topics include strategies for assessing and utilizing AI, implementing compliance controls, fostering a culture of security, and leveraging governance to ensure accountability and continuous improvement. This session provides a comprehensive approach for leaders and professionals aiming to secure information assets and enhance resilience in the face of emerging cyber threats.

[1 CPE] Proactive Threat Mitigation Through East/West Traffic Isolation

  Presented by Rich Horsely, Channel Sales Engineer • HPE Aruba Networking & Structured

Ransomware and targeted cyber security threats are on the rise. A proactive prevention strategy should use both tried and proven methodologies as well as new and emerging technologies. East West traffic identification and isolation is key in preventing malicious content from spreading, both in the Data Center and at the Campus Edge of the network. We will focus on innovative approaches to address the security compliance, performance, agility, and scalability demands of today’s highly distributed, hybrid, network environments.