Topic: Information Security

Seminar Topics

[1 CPE] Automating the Analyst

  Presented by Darktrace

Alongside the rise of today’s dynamic workforce, the speed and scale of sophisticated cyber-attacks are rapidly increasing. As the cybersecurity industry continues to endure an ongoing skills shortage, over-worked and under-resourced teams urgently need augmentation in order to defend against evolving, sophisticated threats.

For over three years, Darktrace experts have been working to meet this challenge, investigating whether they could teach AI to think like a cybersecurity analyst. It takes subtle, nuanced skills and implicit knowledge for an analyst to detect genuinely threatening activity, and the creation of the world-first Cyber AI Analyst took analyzing over one hundred of the world’s top threat analysts and complex machine learning algorithms. Join Darktrace as we discuss the Cyber AI Analyst in action.

[1 CPE] Incredible Ways to Hack Email & How to Stop the Bad Guys

  Presented by KnowBe4

Email is still a top attack vector the bad guys use. A whopping 91% of cyberattacks start with a phishing email, but email hacking is much more than phishing and launching malware! Join us as we explore some of the ways hackers use social engineering to trick your users into revealing sensitive data or enabling malicious code to run. We will also share a special treat – a (pre-recorded) hacking demo by Kevin Mitnick.

You will learn:

  • How silent malware launches, remote password hash capture, and how rogue rules work.
  • Why rogue documents, establishing fake relationships and getting you to compromise your ethics are so effective.
  • Details behind clickjacking and web beacons.
  • Actionable steps on how to defend against them all.

If all you were worried about were phishing attempts, think again!

[1 CPE] How Zero-Trust Enables the Future of “Work from Anywhere” Secure Access

  Presented by Cisco & Duo Security

The perimeter-focused security model of decades past is no longer adequate for securing the modern enterprise. Now, organizations must secure a mobile workforce using a mix of corporate-owned and personal devices to access cloud-based applications and services, often from outside corporate networks — and this trend only accelerated during 2020’s global shift to remote work. Fortunately, a modern access strategy built on zero-trust fundamentals can defend today’s workforce while paving the way to a passwordless future. Attend this session to learn how the zero-trust access model works, reduce your reliance on passwords and risk of password-based attacks, and how to start planning and staging your zero-trust evolution today.

[1 CPE] Stay Ahead: Prep and Protect Your Enterprise for a Post-Pandemic World

  Presented by Check Point Software

Organizations worldwide transformed their ways of working with the onset of the COVID-19 pandemic. Now, we’re all forced to face new uncertainties as we transition to a post-pandemic world. Meanwhile, threat actors and cybercriminals are evolving their tactics to take advantage of these hazy times and the pandemic’s disruption as seen by recent surges in attacks across all industry sectors. This new phase of the modern workforce threatens more disruptive change and unpredictability. Join us to better understand what organizations such as yours should be focusing on to avoid being the next victim and stay a step ahead of the world’s leading cybercriminals.

[1 CPE] Understanding the Cybersecurity Maturity Model Certification

  Presented by AT&T

This presentation will cover key details of the recently released Cybersecurity Maturity Model Certification (CMMC). This includes details on the CMMC’s creation and enforcement, along with the key requirements of the certification process itself. The presentation will also include definitions to help attendees identify the different types of data covered by the CMMC and how they relate to the maturity levels. Additionally, Zach Curley, Senior GRC Consultant, will provide guidance on how to prepare for pre-assessments and audits. The end of the session will include time for Q&A so attendees can ask questions related to the presentation or related topics.

[1 CPE] Cybersecurity & the Resilient Organization

  Presented by Verizon

Aside from cyber-crime, business leaders have plenty to worry about, from transforming how they serve customers during a pandemic to evaluating the impact that new technologies will have on their industry and the competitive landscape. Verizon’s research shows that because they face so many daily challenges, some business leaders de-prioritize cybersecurity and simply hope for the best. But cybersecurity doesn’t have to be an overwhelmingly complex, time-consuming, or expensive task: implementing some basic “cyber-hygiene” into your organization and knowing about the most relevant threats can reduce the risk of a cyberattack. Verizon Security Evangelist David Grady will draw on data from Verizon’s world-class research – including the annual Data Breach Investigations Report – and share some tips on how to get started.

[1 CPE] The Platform Approach and the Future of Cybersecurity

  Presented by Palo Alto Networks

The cyber threat landscape continues to present challenges to security practitioners. Each passing week brings a new notification of a game-changer event that puts infosec teams on the ropes. The job of infosec teams has grown in its complexity and the need to approach security differently is at the top of mind for leaders in our space. Hear from MK Palmore, Palo Alto Networks’ Field CSO (Americas) and retired FBI Executive, on the growing demand for security that can scale to meet the challenges of the future.

[1 CPE] 2021 State of Malware

  Presented by Malwarebytes

Over the past year, the tools and tactics of cybercrime and cybersecurity adapted against a backdrop of enormous changes to our lives and businesses.

Join us to learn how cybercrime evolved in 2020 and identify ways to safeguard your organization against what’s out there.

We’ll explore:

  • Top threats for businesses and consumers
  • Emerging cybercrime trends and tactics
  • Solutions you can employ to thwart future attacks

[1 CPE] Cybersecurity Maturity Model Certification: How to Continue Working with DoD

  Presented by Structured

Companies working on government contracts in the Defense Information Base are required to protect sensitive information, including Federal Contract Information (FCI) and Controlled Unclassified Information (CUI). These requirements are changing to a more stringent framework, as the self-reporting model with NIST SP 800-171 is being replaced with the Cybersecurity Maturity Model Certification (CMMC). CMMC will require a third-party auditor to provide the certification audit in a formalized and regimented process. Join this presentation to learn more about upcoming requirements from DFARS and the transition to these additional control standards. The presenter will be Rob Wayt, Director of Governance and Compliance from Structured Communication Systems, who is listed on the CMMC Accreditation Body marketplace as a Registered Practitioner.

[1 CPE] You Are No Longer Forgotten: The Small Business Security Challenge

  Presented by Chris Roberts • Chief Security Strategist, Cynet

Most of the security industry is chasing “around” 31,000 larger enterprise sized companies for their business. The list is well known, circulated and targets are on the backs of ALL the C-Suite, most of the technical folks and the MSP/VARS that support them. The Security industry circles them like packs of hyena or vultures waiting for one of them to fall, get breached, or for a vendor to be thrown out… pouncing on the fresh kill with glee…

Meanwhile, you’re sitting there getting slaughtered by every adversary known to mankind because you ARE the forgotten, you’re too small for the multi-billion $$ cyber companies whom IF they decide to deal with you will flood you with MSA’s, SOW’s and NDA’s that would take a week’s worth of lawyer time JUST to understand, let alone realize that they’re not accountable for anything, unlikely to want to support you and in all honestly you’ll get a 1-800-YOU-AREN’T-SPECIAL number as your sole source of support.

We’re going to address the current situation, the state of play, and give you some thoughts, suggestions, ideas AND plans. We’ll provide resources on HOW to evaluate, where to look, what to do AND importantly we’ll do it because it’s what we’re doing. We live, breath and deal with this daily. We’ve sat in the meetings when the large cybersecurity companies state, “we’re done dealing with the SMB market” and we’ve got the battle scars from dealing with those subsequent consequences.

Chris is currently serving as a vCISO or advisor for a number of entities and organizations around the globe. His most recent projects are focused within the deception, identity, cryptography, Artificial Intelligence, and services space. Over the years, he’s founded or worked with a number of folks specializing in OSINT/SIGING/HUMINT research, intelligence gathering, cryptography, and deception technologies. These days he’s working on spreading the risk, maturity, collaboration and communication word across the industry. (Likely while coding his EEG driven digital clone that’s monitoring his tea and biscuit consumption!)

Since the late 90’s Chris has been deeply involved with security R&D, consulting, and advisory services in his quest to protect and defend businesses and individuals against various types of attack. Prior to that he jumped out of planes for a living, visiting all sorts of interesting countries and cultures while doing his best to avoid getting shot at too often. (Before that, he managed to get various computers confiscated by a number of European entities.)

He’s considered one of the world’s foremost experts on counter threat intelligence and vulnerability research within the Information Security industry. He’s also getting a name for himself in the transportation arena, basically anything with wings, wheels, tracks, tyres, fins, props or paddles has been the target for research for the last 10-15 years…to interesting effect.

As one of the well-known hackers and researchers, Chris is routinely invited to speak at industry conferences. CNN, The Washington Post, WIRED, Business Insider, USA Today, Forbes, Newsweek, BBC News, Wall Street Journal, and numerous others have covered him in the media.

And worst case, to jog the memory, Chris was the researcher who gained global attention in 2015 for demonstrating the linkage between various aviation systems, both on the ground and while in the air that allowed the exploitation of attacks against flight control system.