Topic: Information Security

Seminar Topics

[1 CPE] How Zero-Trust Enables the Future of “Work from Anywhere” Secure Access

  Presented by Cisco & Duo Security

The perimeter-focused security model of decades past is no longer adequate for securing the modern enterprise. Now, organizations must secure a mobile workforce using a mix of corporate-owned and personal devices to access cloud-based applications and services, often from outside corporate networks — and this trend only accelerated during 2020’s global shift to remote work. Fortunately, a modern access strategy built on zero-trust fundamentals can defend today’s workforce while paving the way to a passwordless future. Attend this session to learn how the zero-trust access model works, reduce your reliance on passwords and risk of password-based attacks, and how to start planning and staging your zero-trust evolution today.

[1 CPE] 2021 State of Malware

  Presented by Malwarebytes

Over the past year, the tools and tactics of cybercrime and cybersecurity adapted against a backdrop of enormous changes to our lives and businesses.

Join us to learn how cybercrime evolved in 2020 and identify ways to safeguard your organization against what’s out there.

We’ll explore:

  • Top threats for businesses and consumers
  • Emerging cybercrime trends and tactics
  • Solutions you can employ to thwart future attacks

[1 CPE] Leveraging Assessment Findings to Harden Your Security Perimeter

  Presented by Fortinet

Are you regularly evaluating your network security?

Performing assessments is a tried-and-true method for improving your security posture, but they can be a daunting task for network security staff who are often short on manpower, expertise, and/or time. Regardless, the benefits of running assessments almost always outweigh any potential drawbacks. Having a security assessment in hand will increase your security situational awareness and significantly impact your organization’s risk preparedness and mitigation.

Join us as we discuss the importance of periodically validating your existing security controls and provide learnings and best practices from our experts.

[1 CPE] The Evolution of Vulnerability Management

  Presented by Optiv Security & Tenable

A proactive, risk-driven Vulnerability Management approach delivers comprehensive, continuous visibility and informs technical and business decisions. Join Tenable’s Nathan Wenzler and Optiv’s Doug Drew (a respected Tenable Guardian) as they discuss real-world VM challenges and how to manage and measure your cyber risk.

[1 CPE] Do We Need Our Own SOC?

  Presented by VPLS

Within a company, a SOC (Security Operations Center) is the focal point of the company’s security operations and network defense, commonly responsible for real-time monitoring, incident response, and proactive prevention of incidences. Many organizations may feel they are already doing these activities without a SOC. But SOCs vary in maturity levels and capabilities—so does your company really need one?

In this presentation, John Headley, Senior Security Engineer at VPLS, reviews the many components of a SOC to ultimately help you answer the question: “do we need our own SOC?” Join this presentation to learn:

  • The importance of cybersecurity operations within an organization, including how a typical cybersecurity operations team is organized into a SOC
  • What capabilities a SOC can provide to an organization
  • What tools the SOC uses
  • How to quantitatively self-assess if your organization should build a SOC or outsource this responsibility to a managed security services provider

[1 CPE] Developing a Vision and Strategy for Security Centric IAM Programs

  Presented by Business Partner Solutions

Learn how to defend new age data breaches through Identity Centric Security. 80% of cyber incidents stem from stolen credentials & privileged accounts. By including Identity Centric Security (ICS), organizations can proactively manage their threat landscape, ensuring better threat intelligence and breach defenses.

Topics discussed will inlcude:

  • What is ICS?
  • How does ICS enable risk-based decision-making?
  • How does ICS strengthen breach defense?
  • Approach to embracing ICS

[1 CPE] Power-Boost Ransomware Incident Response with Ransomware Kill Switch

  Presented by Airgap

Despite significant investments in security each year, cybercriminals are constantly developing new attack vectors to thwart existing security controls. The growth of connected devices, IoT, and an increasingly remote workforce has widened the enterprise attack surface, enabling cybercriminals to find new ways to breach enterprise perimeter defenses.

A new paradigm shift needs to occur in security to deal with the eventual breach and lateral movement of cyber-attacks. Implementing an enterprise zero-trust security model can help to block the lateral movement of cyber attackers and isolate attacks to where they originate, helping to dramatically reduce the enterprise-wide impact of a cyber-attack. Enterprises need to migrate to a Zero-Trust architecture, helping to gain back control and limit the damage done by cyber-attacks that occur each year. In this session, Ritesh Agrawal, CEO and Co-founder of Airgap Networks, will lead a detailed discussion on how to:

  • Maintain a continuous accurate inventory of enterprise assets.
  • Obtain true visibility and insight on how all devices communicate.
  • Generate zero false-positive alerts based on anomalous behavior.
  • Deploy scalable nano-segmentation of devices to stop lateral movement inside your network via devices (Ransomware Kill-Switch).
  • Implement Single-Sign-On and Multi-Factor Authentication(MFA) for legacy/private applications.
  • Achieve modern IAM/IDM authentication with Zero-Trust Isolation.

Through this discussion, Ritesh will build on these topics and emphasize how zero-trust principles can empower enterprises and achieve better control and response to emerging cyber-threats. Zero-Trust is not hype. Join us to find out more!

[1 CPE] Architecting for the Agentless

  Presented by Gigamon

Today’s networks are swarming with IoT, OT, and virtual devices of every size and shape. As they have proliferated, and the security attack surface has likewise increased, the market has responded with a wide variety of technologies to help understand, manage, and secure just what is on your network. This is the rise of the technologies classified as “agentless” and there is a good chance you will be looking, now or in the future, at a project that comprises such technologies. While much of what is fundamentally required to enable these technologies is not new, organizations struggle with trying to implement these on an “ad hoc” basis, with little thought to future considerations or scale.

This presentation will take about a more strategic approach to handling these implementations, what a visibility fabric is, and how today’s organizations can architect their environments for their future needs.

[1 CPE] How Salt Lake County Gained Visibility and Control of Distributed Endpoints

  Presented by Tanium

When the COVID-19 pandemic forced much of the world to stay at home overnight, state, and local government leaders swiftly pivoted their workforces remote so they could continue to deliver critical citizen services. But this rapid shift opened new cybersecurity vulnerabilities. Suddenly, attack surfaces expanded, and endpoints became widely distributed, leading to an increase in cyber threats.

Learn how Salt Lake County’s Information Technology Division:

  • Patched in a new distributed workforce
  • Managed their remote endpoints with increased critical vulnerabilities
  • Tracked their IT assets and continue to mature their Endpoint Management

[1 CPE] Security vs. Compliance: Turning InfoSec Success into Audit Wins

  Presented by Tripwire

Security and compliance teams both strive to design, establish, and enforce controls to protect an organization. But even with shared goals in place, security and compliance teams often manage business risk in relative isolation. So how can these teams set aside tension and work better together to create a winning alliance?

In this session, we explore the key differences between security and compliance initiatives. It’s crucial to understand that being fully compliant doesn’t necessarily mean an organization is fundamentally secure. We’ll cover how the two initiatives complement each other when it comes to minimizing risk and how both teams can collaborate to create efficiencies. Attendees will learn how to leverage compliance policies to set the foundation to a robust information security program, while providing true visibility and coverage, consolidating toolsets, and reducing costs. Lastly, we’ll discuss how to ensure that a successful security program can help organizations prepare for an upcoming audit to ultimately achieve and maintain continuous compliance.