Topic: Information Security

Seminar Topics

[1 CPE] Leveraging Assessment Findings to Harden Your Security Perimeter

  Presented by Fortinet

Are you regularly evaluating your network security?

Performing assessments is a tried-and-true method for improving your security posture, but they can be a daunting task for network security staff who are often short on manpower, expertise, and/or time. Regardless, the benefits of running assessments almost always outweigh any potential drawbacks. Having a security assessment in hand will increase your security situational awareness and significantly impact your organization’s risk preparedness and mitigation.

Join us as we discuss the importance of periodically validating your existing security controls and provide learnings and best practices from our experts.

[1 CPE] Real-Time Defender Velocity: Code on Code Warfare

  Presented by SentinelOne

Organizations spend more money on cyber security tools every year, yet the number of breaches and the cost of these breaches continues to increase. A new approach is needed that relies on autonomous analysis that can respond at machine speed. By embracing automation, AI, and big data analytics, organizations can better prevent threats, find, and detect what is missed, provide contextual linking for forensic and threat hunting ¬– and even more importantly – self-heal and fully recover when necessary.

[1 CPE] Dealing with Ransomware: The Past, Present, and the Future

  Presented by Erik Graham • Security Incident & Investigations Manager, Marsh & McLennan Companies

Any company or government organization of any size anywhere in the world can become a victim of ransomware at any time. Each attack is moving further up in the headlines, making it a discussion point with many people. But how did we get to this point where so many can become victims overnight to this crime? In this presentation, Erik will cover the beginnings of ransomware, how it has evolved, and what you need to do so you don’t become the next victim and headline. He will also cover what do to and not do when you become a victim and outline the long road to recovery. Because the truth of the matter is, it’s not if you will become a victim, but when. Taking the right actions now can minimize the impact of what can be an extinction-level event for a company.

Erik Graham is a manager on the Security Risk / Incident Management team at Marsh & McLennan; he is responsible for the identification, documentation, and communication of security risks as well as the analysis, eradication, and recovery of cyber incidents that affect Marsh & McLennan’s information assets.

Erik has been working in the computer industry for 25+ years with over 20+ years directly focused on computer security/information assurance. He has worked in a wide variety of both logical and physical security areas related to computer network attack (CNA) and computer network defense (CND). Currently, he is working in multiple areas such as risk identification and management, evaluating emerging technologies, malware analysis, and threat intelligence.

Erik has a Bachelor of Science from the University of Phoenix, a Master of Science in Information Assurance from Norwich University, and holds multiple industry certifications to include CISSP-ISSAP, CISM, CRISC, and CDPSE.

[1 CPE] The Evolution of Vulnerability Management

  Presented by Optiv Security & Tenable

A proactive, risk-driven Vulnerability Management approach delivers comprehensive, continuous visibility and informs technical and business decisions. Join Tenable’s Nathan Wenzler and Optiv’s Doug Drew (a respected Tenable Guardian) as they discuss real-world VM challenges and how to manage and measure your cyber risk.

[1 CPE] Surviving Phishing, Distributed Denial of Service, and Ransomware Attacks

  Presented by Curtis Carver • CIO for University of Alabama at Birmingham

This presentation examines actual phishing, distributed denial of service, and ransomware attacks against a research university in the last 24 months. In the case of the DDOS and ransomware attacks, these were multi-month attacks that morphed over time. Come learn what worked and did not work against the three most common forms of attack today and then participate in a conversation on what will work at your organization in preparing for, detecting, and defeating these attacks.

Dr. Curtis Carver was named Vice President for Information Technology and Chief Information Officer in June 2015, following a national search. In this role as a servant leader and enabler of others, he leads a team of dedicated professionals who support UAB’s mission by providing world-class IT solutions with a focus on innovation, agility, and cost-efficiency. A senior leader in higher education information technology, Dr. Carver came to UAB from his position as Vice Chancellor and Chief Information Officer for the Board of Regents of the University System of Georgia, having previously held key leadership positions at the U.S. Military Academy at West Point. Dr. Carver earned a bachelor’s degree in computer science from the U.S. Military Academy at West Point and his master’s degree and doctorate in computer science from Texas A&M University. Throughout his career, he has received numerous national and international honors and awards for military, teaching, and research excellence. Dr. Carver is a frequent keynote speaker and has published extensively.

[1 CPE] Encrypted and Exfiltrated: Navigating the Worst-Case Scenario

  Presented by ThinkGard

ThinkGard recently had the opportunity to assist an organization that found itself in a situation that nobody wants to. Their network had been infiltrated by bad actors who then exfiltrated over 400GB of sensitive client and employee data just before encrypting all the machines on their network with ransomware. The exfiltrated data was subsequently released to the dark web where it was located by a cyber security website that wrote an article about it. This situation is just about as bad as you can imagine. Our presentation is a deep-dive case study of what happened, how it happened, how it could have been prevented, and how they ultimately recovered, complete with timelines, screenshots from the hackers, info from the ISP, and more. The twists and turns in this story are incredible. You don’t want to miss it.

[1 CPE] Preparing Your Security Program

  Presented by Peter Gallinari • Enterprise Information Security Officer, State of Tennessee

Join Peter Gallinari for a “how-to” in building your program. He will begin by identifying key components for the foundation of a security program:

  • Security Awareness
  • Security Frameworks: NIST, ISO as an example
  • Vulnerability Management
  • Incident Response Tabletops / Disaster Recovery

Also covered: moving data to the cloud and all the preparations needed, including custom security controls. Finally, Peter will provide a recap of security issues dealt with during the pandemic and key takeaways.

Regardless of where you are in your IT career, learn from an established IT veteran who has insights to share!

Peter Gallinari has over 44 years of experience in Information Technology, with 25+ years as a professional leader in the field of Data Privacy, Cyber Security & Compliance. Industry expertise in Financial Services, Health Care and Government Sectors. He has held positions as Chief Data Privacy Officer (Government), Domain Information Security Officer (Government), former Chief Security Officer at GE Capital and GE IT Director of Operations, and former Chief Security Officer supporting 3 hospitals in New York. Regulatory compliance leader for GLBA, SOX, HIPAA, FISMA, FERPA, FTI, CJIS, SSA, EU Privacy Directive (GDPR), Commercial compliance for PCI. Subject matter participant in support of Cloud innovative solutions (how to prepare to meet compliance). Keynote speaker for cybersecurity conferences, both public and private sector audiences.

[1 CPE] The Evolution of Vulnerability Management

  Presented by Optiv Security & Tenable

A proactive, risk-driven Vulnerability Management approach delivers comprehensive, continuous visibility and informs technical and business decisions. Join Tenable’s Nathan Wenzler and Optiv’s Doug Drew (a respected Tenable Guardian) as they discuss real-world VM challenges and how to manage and measure your cyber risk.

[1 CPE] How Zero-Trust Enables the Future of “Work from Anywhere” Secure Access

  Presented by Duo Security

The perimeter-focused security model of decades past is no longer adequate for securing the modern enterprise. Now, organizations must secure a mobile workforce using a mix of corporate-owned and personal devices to access cloud-based applications and services, often from outside corporate networks — and this trend only accelerated during 2020’s global shift to remote work. Fortunately, a modern access strategy built on zero-trust fundamentals can defend today’s workforce while paving the way to a passwordless future. Attend this session to learn how the zero-trust access model works, reduce your reliance on passwords and risk of password-based attacks, and how to start planning and staging your zero-trust evolution today.

[1 CPE] Ransomware In Focus: How AI Surgically Contains the Threat

  Presented by Darktrace

In the immediate aftermath of a ransomware attack, executives too often face a difficult dilemma: either pay a ransom or shut down critical systems and services. In today’s increasingly complex digital ecosystems, the collateral damage that ensues from ransomware attacks can be broad-ranging and destructive, with organizations taking days, weeks, or even months to recover.

But what if there was another way out – a way to surgically contain ransomware in its earliest stages, without disrupting normal business operations? Join this presentation to learn how Cyber AI is helping thousands of organizations fight back against ransomware. We’ll discuss:

  • The impact of ‘double-extortion’ ransomware and ‘ransomware-as-a-service’
  • Real-world examples of ransomware detected by Cyber AI
  • How self-learning AI responds proportionately to ransomware, thanks to its deep understanding of an organization’s pattern of life