Topic: Information Security

Seminar Topics

[1 CPE] Educating Your Guesses: How to Quantify Risk and Uncertainty

  Presented by Novacoast

Asking for a budget and justifying spending in cybersecurity departments can be a difficult task due to limited data and high uncertainty of future events. This talk will dive into quantitative risk analysis as it relates to cybersecurity: how to model uncertain events and understand financial risk. Attendees will see a first-hand demonstration of how quantitative modeling can be used to communicate risk and understand ROI. Attendees will walk away with the tools needed to present cyber risk as a dollar amount that can be easily understood by other business decision-makers at their company.

[1 CPE] 2022 Threat Review

  Presented by Malwarebytes

The Malwarebytes 2022 Threat Review is an annual report on the latest threats, attack trends, and privacy breaches impacting individuals, organizations, and national security. Researchers detail threat intelligence across operating systems and examine how privacy has shifted and the ways that cybercriminals and crimes are evolving. With a stronger understanding of the threat landscape, organizations and individuals can make more informed security and cyber-protection decisions.

[1 CPE] Stopping Attacks, Not Your Business: AI & Autonomous Response

  Presented by Darktrace

With cyber-attackers continuously searching for new ways to outpace security teams, it can lead to a struggle to fight back without disrupting business operations. Join Maxwell Hopkins in this session where he explores the benefits of Autonomous Response as a must-have that goes beyond ‘defense’. Includes real-world threat finds and attack scenarios.

[1 CPE] Building a Modern Cyber Security Program: Zero Trust

  Presented by Sanity Solutions

Join Chad Schamberger, Director of Cyber Security at Sanity Solutions, to discuss key guidelines for incorporating Zero Trust into your existing security posture. In this session, you’ll learn about enabling controls that follow the 7 disciplines of a Modern Cyber Security Program that will establish a Zero Trust Security Model.

[1 CPE] Visibility is Key: What You Need to Know About Cloud Migrations and Security

  Presented by ReliaQuest

The pace of cloud technologies adoption has left security operations teams scrambling to keep up with the change. Many teams are unsure how best to protect their business as sensitive data and assets move beyond the traditional enterprise perimeter.

Is cloud security different from traditional on-premises security and if so, what should you be aware of? How best should you approach it?

We address these questions and more on how best to secure your cloud environment. We will explore recommendations on how best to secure the world’s top cloud platforms and providers including Amazon Web Services (AWS), Google Cloud Platform (GCP), Microsoft Azure, and multi-cloud environments.

[1 CPE] Accidentally Zero Trust

  Presented by Zscaler

Zero Trust is the latest buzz phrase in the industry that promises to be the panacea for the malware and ransomware challenges faced by enterprises today. Shifting to a Zero Trust Architecture strategy, however, can have major business operations benefits that go far beyond information security.

Join Brett James, Director of Transformation Strategy at Zscaler, as he recalls “accidentally” delivering a Zero Trust Architecture strategy for a global engineering and construction company that started life simply as a way to reduce capital expenditure and start using cloud.

[1 CPE] Zero-Trust Architectures

  Presented by Rubrik

Organizations have invested heavily in IT security, attempting to fortify their perimeter, network, endpoint, and application protections. Despite these investments, hackers are successfully penetrating these defenses and targeting enterprise data, including backup data. Ransomware is starting to specifically target online backups by encrypting or deleting them. If your organization was the target of an attack today, how do you know what data was impacted and where? Manually sifting through millions of files and comparing each snapshot consumes FTE time and prolongs recovery exponentially. Mass restores of the entire environment could mean high data loss and weeks’ worth of work down the drain. In this session, we will discuss how to protect your last line of defense, the backups. We will walk through the anatomy of a recovery, the best practices, and advanced tools to ensure you will not have to pay a ransom, and how to quickly recover your data to continue business operations.

[1 CPE] Leveraging Actionable Threat Intelligence to Improve Your Security Posture

  Presented by Fortinet

Dealing with advanced threats requires a strategic, proactive approach, and every network security strategy is only as good as the threat intelligence it is based on. Learn how actionable global threat intelligence data can enable your organization to move toward a proactive security posture. Strategically leveraging local traffic data analyzed with AI and Machine Learning, coupled with other key cybersecurity tools is essential for building a proactive approach. Join us to learn why organizations of all sizes require an integrated security architecture, to reduce the very real risks to business continuity, brand reputation, and operational disruption.

[1 CPE] Disrupting the Means to Prevent the End: A Guide to Detecting Ransomware

  Presented by Red Canary

Ransomware has been a dominant cybersecurity threat for the better part of the last decade. However, it doesn’t walk alone. It’s almost always the eventual payload delivered by earlier-stage malicious software or activity. Luckily, if you can detect the threats that deliver the ransomware, you can stop the ransomware before it arrives.

In this talk, we’ll extensively reference Red Canary’s 2022 Threat Detection Report, examining the malware and other malicious tools that adversaries often use to deliver ransomware. While the specific trojans and strains of ransomware may change from one attack to the next, adversary tactics, techniques, and procedures are often similar across campaigns and threats. By developing robust detection coverage for the techniques adversaries abuse most often, rather than focusing on individual threats, security teams can achieve defense-in-depth against the many threats that leverage those techniques and the broader trends that dominate the infosec landscape.

Want to learn more about the prevalent adversary techniques and threats that can lead to a ransomware infection? Attendees will leave with:

  • A better understanding of the threats and tools that commonly precede a ransomware infection
  • Guidance on relevant collection and data sources that offer visibility into the threats and techniques that adversaries use to deliver ransomware
  • Actionable information on how security teams can develop the capacity to detect, prevent, and mitigate ransomware and other threats
  • Strategies for testing their ability to observe and detect common threats with free and easy-to-use tools like Atomic Red Team

[1 CPE] DevSecOps: Revolutionize Your Security

  Presented by Check Point

DevOps and continuous delivery models result in faster time-to-market. However, development, QA, and operations teams face challenges when it comes to incorporating security into the product life cycle. They are afraid of slowing things down, necessitating integrated DevSecOps best practices. Security approaches that worked in the past do not work with modern DevOps models. These outdated processes involve manual review processes of security risks at the end of product development and QA. This approach causes significant delays and does not scale with modern-day applications.

Organizations need to “shift security left” by including security and compliance controls as an integral part of the DevOps processes that manage the code being developed through to production.

Marlon is a Cloud Security Architect for Check Point Software Technologies. He is a specialist in DevSecOps and Emerging Technologies for the enterprise with over 25 years of progressive experience in Information Technology with a solid background in Cybersecurity. With his wealth of experience in Architecting and Designing solutions using Cloud (Azure, AWS & GCP), in this session, he is going to share “the challenges with DevOps Services and DevSecOps Strategy” as the enterprise adopts the modern cloud.