Topic: Information Security

Seminar Topics

[1 CPE] Leveraging Actionable Threat Intelligence to Improve Your Security Posture

  Presented by Fortinet

Dealing with advanced threats requires a strategic, proactive approach, and every network security strategy is only as good as the threat intelligence it is based on. Learn how actionable global threat intelligence data can enable your organization to move toward a proactive security posture. Strategically leveraging local traffic data analyzed with AI and Machine Learning, coupled with other key cybersecurity tools is essential for building a proactive approach. Join us to learn why organizations of all sizes require an integrated security architecture, to reduce the very real risks to business continuity, brand reputation, and operational disruption.

[1 CPE] Disrupting the Means to Prevent the End: A Guide to Detecting Ransomware

  Presented by Red Canary

Ransomware has been a dominant cybersecurity threat for the better part of the last decade. However, it doesn’t walk alone. It’s almost always the eventual payload delivered by earlier-stage malicious software or activity. Luckily, if you can detect the threats that deliver the ransomware, you can stop the ransomware before it arrives.

In this talk, we’ll extensively reference Red Canary’s 2022 Threat Detection Report, examining the malware and other malicious tools that adversaries often use to deliver ransomware. While the specific trojans and strains of ransomware may change from one attack to the next, adversary tactics, techniques, and procedures are often similar across campaigns and threats. By developing robust detection coverage for the techniques adversaries abuse most often, rather than focusing on individual threats, security teams can achieve defense-in-depth against the many threats that leverage those techniques and the broader trends that dominate the infosec landscape.

Want to learn more about the prevalent adversary techniques and threats that can lead to a ransomware infection? Attendees will leave with:

  • A better understanding of the threats and tools that commonly precede a ransomware infection
  • Guidance on relevant collection and data sources that offer visibility into the threats and techniques that adversaries use to deliver ransomware
  • Actionable information on how security teams can develop the capacity to detect, prevent, and mitigate ransomware and other threats
  • Strategies for testing their ability to observe and detect common threats with free and easy-to-use tools like Atomic Red Team

[1 CPE] DevSecOps: Revolutionize Your Security

  Presented by Check Point

DevOps and continuous delivery models result in faster time-to-market. However, development, QA, and operations teams face challenges when it comes to incorporating security into the product life cycle. They are afraid of slowing things down, necessitating integrated DevSecOps best practices. Security approaches that worked in the past do not work with modern DevOps models. These outdated processes involve manual review processes of security risks at the end of product development and QA. This approach causes significant delays and does not scale with modern-day applications.

Organizations need to “shift security left” by including security and compliance controls as an integral part of the DevOps processes that manage the code being developed through to production.

Marlon is a Cloud Security Architect for Check Point Software Technologies. He is a specialist in DevSecOps and Emerging Technologies for the enterprise with over 25 years of progressive experience in Information Technology with a solid background in Cybersecurity. With his wealth of experience in Architecting and Designing solutions using Cloud (Azure, AWS & GCP), in this session, he is going to share “the challenges with DevOps Services and DevSecOps Strategy” as the enterprise adopts the modern cloud.

[1 CPE] Stopping Attacks, Not Your Business: AI & Autonomous Response

  Presented by Darktrace

With cyber-attackers continuously searching for new ways to outpace security teams, it can lead to a struggle to fight back without disrupting business operations. Join Maxwell Hopkins in this session where he explores the benefits of Autonomous Response as a must-have that goes beyond ‘defense’. Includes real-world threat finds and attack scenarios.

[1 CPE] Thinking Upstream: Avoid the Fallout of the next Log4Shell

  Presented by Tidelift

News of a zero-day vulnerability in the popular open-source project Log4j broke in December, leading many organizations scrambling to figure out the impact on their applications. Nearly every organization developing applications was impacted, and the fallout was so broad that the FTC issued guidance.

Log4Shell comes on the heels of the U.S. White House cybersecurity executive order 14028, an attempt by the United States government to use its purchasing power to create positive changes to the way cybersecurity is addressed around the world.

Recent high-profile breaches like Log4Shell, the Colonial Pipeline ransomware attack, or the SolarWinds software supply chain attack have shown that our cybersecurity defenses are woefully inadequate. This executive order forces a higher standard of cybersecurity for any organization selling software to the federal government, which in turn makes it the de facto global standard for all software in the future.

Tidelift CEO and co-founder Donald Fischer shares his perspective on how the Log4Shell vulnerability and the cybersecurity executive order impact software supply chain security. He’ll brief attendees on the key issues addressed by the executive order, including software bill of materials (SBOM), supply chain security, and provenance requirements. He’ll outline the gaps that most organizations will need to close to stay in compliance. And he’ll share a proactive approach to addressing open-source software supply chain health and security upstream.

If you want to ensure your organization is fully prepared for the coming changes, you won’t want to miss this session.

[1 CPE] Leveraging Assessment Findings to Harden Your Security Perimeter

  Presented by Fortinet

Are you regularly evaluating your network security?

Performing assessments is a tried-and-true method for improving your security posture, but they can be a daunting task for network security staff who are often short on manpower, expertise, and/or time. Regardless, the benefits of running assessments almost always outweigh any potential drawbacks. Having a security assessment in hand will increase your security situational awareness and significantly impact your organization’s risk preparedness and mitigation.

Join us as we discuss the importance of periodically validating your existing security controls and provide learnings and best practices from our experts.

[1 CPE] Defending Against Common Microsoft 365 Attacks

  Presented by Blumira

For organizations that use Microsoft 365, it’s a cornerstone of their business. Users rely on it to log in, receive and send email, and store and share sensitive data.

Microsoft 365 is also the most targeted software for cyberattacks, according to Statista.

These factors alone make Microsoft 365 a critical piece of technology to monitor. Adversaries tend to reuse techniques, tactics, and procedures (TTPs) to launch their attacks — and there are some common Microsoft 365 attacks that you’ll want to watch out for. You’ll learn:

  • How to detect threat actors’ favorite techniques for Microsoft 365 attacks
  • Why Microsoft 365’s built-in security settings aren’t enough protection
  • Easy ways to protect yourself against the rise in Microsoft 365 attacks

Matt Warner is CTO and Co-Founder of Blumira, a leading cybersecurity provider of automated threat detection and response technology. At Blumira, he leads the security and engineering efforts to provide actionable insights into cybersecurity risks at scale. Matt has over 10 years of experience in IT and development, focusing on business strategy, development, compliance, threat detection, and penetration testing. Previously, he was Director of Security Services, Development & Security at NetWorks Group, responsible for defensive information security and services.

[1 CPE] Fast and Furious Attacks: Using AI to Surgically Respond

  Presented by Darktrace

Fast-moving cyber-attacks can strike at any time, and security teams are often unable to react quickly enough. Join Brianna Leddy, Director of Analysis, to learn how Autonomous Response takes targeted action to stop in-progress attacks, without disrupting your business. Explore today’s threats and challenges and learn how advances in AI have been leveraged to allow for very surgical actions to be taken autonomously – where humans can no longer react fast enough. Includes real-world threat finds, case studies and attack scenarios.

[1 CPE] Ransomware – Who, What, Why & How…

  Presented by Check Point

Over the last 12 months, ransomware attacks surged by 93% with a devastating impact on businesses and industries worldwide. In today’s hybrid IT environment, preventing ransomware attacks seems like an impossible feat. But is it?

In this session, we will cover the latest ransomware trends and how you can protect your organization from falling victim to sophisticated ransomware attacks.

[1 CPE] Leveraging Assessment Findings to Harden Your Security Perimeter

  Presented by Fortinet

Are you regularly evaluating your network security?

Performing assessments is a tried-and-true method for improving your security posture, but they can be a daunting task for network security staff who are often short on manpower, expertise, and/or time. Regardless, the benefits of running assessments almost always outweigh any potential drawbacks. Having a security assessment in hand will increase your security situational awareness and significantly impact your organization’s risk preparedness and mitigation.

Join us as we discuss the importance of periodically validating your existing security controls and provide learnings and best practices from our experts.