Topic: Information Security

Seminar Topics

[1 CPE] Delivering the Zero Trust Enterprise

  Presented by Palo Alto Networks

Digital transformation is accelerating due to major shifts like the expansion of the hybrid workforce and the continued migration of applications and data to the cloud. Network security teams now have the opportunity to adopt a modern Zero Trust approach that fits this transformation.

But how do you make Zero Trust principles actionable across users, applications, and infrastructure? How can you put them into practice, set priorities, and effectively rebuild security for new environments? Join this session to learn about the three pillars of Zero Trust: users, applications, and infrastructure, and how you can develop a holistic and consistent approach to Zero Trust that can be made actionable across all three of these key domains. We will review various use cases across the organization and how we can support you with our unique blend of the highest level of capabilities, an integrated platform, and extensive in-house expertise around Zero Trust.

[1 CPE] 3 Common Mistakes to Avoid When Designing Your Security Program

  Presented by Fireminds

Every organization has different requirements based on business functions, systems, geography, and resources. However, we’ve observed several key mistakes that are leaving companies and their customers at risk. In this session, we’ll share the pitfalls that we see time and time again and discuss how to avoid them.

Key takeaways include:

  • Understanding the difference between compliance and security
  • Recognizing the untapped potential of your current technology stack
  • How to shift security towards business enablement

After this session, participants should expect to leave with actionable next steps to prevent these mistakes in their organizations.

[1 CPE] All’s Fair in Love and [Cyber] War

  Presented by INTERFACE Advisory Council

Russia’s invasion of Ukraine has captured the world’s attention and prompted a swift response from many nations as the threat of Cyber Warfare is brought into sharp relief. State and Federal agencies have been preparing for the reality of Cyber Warfare for years, and now many private firms are on alert.

What should you really be concerned about right now?

Join the INTERFACE Alaska Advisory Council for a discussion on the real threat of Cyber Warfare. Our panel will discuss incident response along with vulnerability and detection topics. Don’t miss this timely discussion at INTERFACE.

Panelists:

  • Chris Letterman • Chief Information Security Officer, State of Alaska
  • Mark Merchant • Chief Information Security Officer, Municipality of Anchorage

[1 CPE] Breaking Down the 5 Most Disruptive Vulnerability Types

  Presented by Arctic Wolf

A vulnerability is a weakness in your infrastructure, networks, or applications that can potentially expose you to threats, such as data theft, denial-of-service attacks, or ransomware attacks. Join us as we discuss what makes vulnerabilities truly dangerous and take a deep dive into five types of vulnerabilities that risk management programs should focus on to most effectively eliminate risks.

We will cover:

  • The five riskiest types of vulnerabilities
  • Why they are dangerous and how bad actors exploit them
  • The key to identifying and protecting against them

[1 CPE] Ransomware: Who, What, Why & How…

  Presented by Check Point

Over the last 12 months, ransomware attacks surged by 93% with a devastating impact on businesses and industries worldwide. In today’s hybrid IT environment, preventing ransomware attacks seems like an impossible feat. But is it?

In this session, we will cover the latest ransomware trends and how you can protect your organization from falling victim to sophisticated ransomware attacks.

[1 CPE] Immutable Storage: Level-Up Ransomware Readiness

  Presented by Arcserve

IDC advises that a 3-2-1-1 strategy is the new best practice for effectively protecting customers against ransomware. The last 1 is the important piece of the puzzle, where a copy is also stored on immutable storage. The growing risk of compromise to your customers’ data – specifically via ransomware DEMANDS the most up to date and complete solutions arsenal.

[1 CPE] Thinking Upstream: Avoid the Fallout of the Next Log4Shell

  Presented by Tidelift

News of a zero-day vulnerability in the popular open-source project Log4j broke in December, leading many organizations scrambling to figure out the impact on their applications. Nearly every organization developing applications was impacted, and the fallout was so broad that the FTC issued guidance.

Log4Shell comes on the heels of the U.S. White House cybersecurity executive order 14028, an attempt by the United States government to use its purchasing power to create positive changes to the way cybersecurity is addressed around the world.

Recent high-profile breaches like Log4Shell, the Colonial Pipeline ransomware attack, or the SolarWinds software supply chain attack have shown that our cybersecurity defenses are woefully inadequate. This executive order forces a higher standard of cybersecurity for any organization selling software to the federal government, which in turn makes it the de facto global standard for all software in the future.

Tidelift CEO and co-founder Donald Fischer shares his perspective on how the Log4Shell vulnerability and the cybersecurity executive order impact software supply chain security. He’ll brief attendees on the key issues addressed by the executive order, including software bill of materials (SBOM), supply chain security, and provenance requirements. He’ll outline the gaps that most organizations will need to close to stay in compliance. And he’ll share a proactive approach to addressing open-source software supply chain health and security upstream.

If you want to ensure your organization is fully prepared for the coming changes, you won’t want to miss this session.

[1 CPE] Leveraging Assessment Findings to Harden Your Security Perimeter

  Presented by Fortinet

Are you regularly evaluating your network security?

Performing assessments is a tried-and-true method for improving your security posture, but they can be a daunting task for network security staff who are often short on manpower, expertise, and/or time. Regardless, the benefits of running assessments almost always outweigh any potential drawbacks. Having a security assessment in hand will increase your security situational awareness and significantly impact your organization’s risk preparedness and mitigation.

Join us as we discuss the importance of periodically validating your existing security controls and provide learnings and best practices from our experts.

[1 CPE] Taking Control of Enterprise IoT Security

  Presented by Hillary Baron • Director of Research, Analytics, Cloud Security Alliance

Organizations rely on IoT devices to improve productivity, manage operations more efficiently, boost business opportunities, etc. To perform these functions IoT devices collect large amounts of sensitive data on the organizations, necessitating secure implementations of the entire IoT ecosystem. In this presentation, Hillary Baron, Director of Research – Analytics at CSA will cover:

  • The history and current state of IoT security
  • Leveraging and tailoring CSA’s IoT Controls Matrix
  • Future areas of research to improve IoT security

Hillary Baron is a Director of Research, Analytics for Cloud Security Alliance – a non-profit dedicated to defining and raising awareness about cloud security best practices. As a part of her role, she manages research projects on topics like blockchain/DLT, quantum-safe security, and the Internet of Things. Hillary also leads the ad-hoc survey research, including creating questionnaires, analyzing data, and reporting the findings. Formerly as a program manager, she spearheaded the creation of CSA’s webinar program, CSACloudBytes, and developed it into an award-winning series. Hillary earned a CCSK v4 and a Master’s of Science at the University of Wisconsin – Stout.

[1 CPE] Ransomware Protection Redefined: Protect, Alert, and Recover

  Presented by Veeam

Ransomware is malicious software that infects a computer and restricts access to crucial user data until a ransom is paid to unlock it. Ransomware is designed to spread through your network, exploiting technical and human vulnerabilities and leading to a significant impact on your business. Ransomware attacks were up 93% in 2021 and are no longer a question of if but when. Costs have skyrocketed to nearly two million dollars (US) per incident and have a global economic impact of over 20 billion dollars (US).

Join this session to learn how to ensure your backups are immutable, that you’ll be alerted of any possible ransomware attacks in your virtual environment, and that you’re able to recover those workloads free of any malware.