Topic: Information Security

Seminar Topics

Office 365 Security Best Practices: At the Office, at Home, and on the Road

  Presented by Mimecast

Cyber-hygiene has become a source of great concern of late. And while the Office 365 suite has helped communication and collaboration from multiple location points (at the office, at home, and on the road) there are still security concerns that must be mitigated. In this presentation, we will hear best practice suggestions for remaining safe while using Office 365. First, we’ll talk about security attitudes, then review CISA concerns with Office 365, and finally offer best practice suggestions and thought leadership. This presentation will be driven by J. Peter Bruzzese… cyber-security advisor and 8x awarded Microsoft MVP (Exchange/Office 365).

IoT: Additional Challenges It Poses in a Pandemic-Induced Work Environment

  Presented by Lester Godsey • CISO, Maricopa County

According to SecurityToday.com we will see an estimated 31 billion IoT devices added to the Internet in 2020 and a whopping 75 billion in 2025. While many of these devices are corporate/industrial (IIoT) in nature, there is a very large home/personal IoT market to contend with.

Now that a significant portion business is being done at home and other locations other than the office, what impact are these devices having from a cybersecurity perspective as it relates to:

  • Security vulnerabilities
  • Security controls and awareness, we typically have in corporate networks but lack in home offices
  • What data is leaving corporate systems – inadvertently and purposely
  • Ability to adhere to governmental and industry compliance standards

    • Join us for an in-depth conversation around the ‘normal’ challenges with IoT devices and solutions and how this new paradigm of working from home exacerbates them.

Master the Edge: How to Achieve Context-Aware, Zero Trust Network Access

  Presented by Structured & Aruba

Have you been tasked with implementing Zero Trust Network Access but are unsure of how to go about it? Are you confused about how to achieve “minimum access”? Are you struggling with employing “continuous adaptive risk & trust assessment” on your network? If so, attend this session. Learn how to deploy an open, multi-vendor Enterprise security framework that gives security and IT teams an integrated way to gain visibility, control, and advanced threat defense. See how security prioritization and machine learning helps organizations leverage existing third-party solutions to better protect investments and implement proactive risk controls.

It Ain’t Done ‘Til It’s Automated: Security at the Speed of DevOps

  Presented by Check Point

Have you been tasked with implementing Zero Trust Network Access but are unsure of how to go about it? Are you confused about how to achieve “minimum access”? Are you struggling with employing “continuous adaptive risk & trust assessment” on your network? If so, attend this session. Learn how to deploy an open, multi-vendor Enterprise security framework that gives security and IT teams an integrated way to gain visibility, control, and advanced threat defense. See how security prioritization and machine learning helps organizations leverage existing third-party solutions to better protect investments and implement proactive risk controls.

First Quarter of Containment

  Presented by Malwarebytes

All of us are living in the new Work from Home normal caused by the rapid transmission and spread of COVID-19. While people everywhere have been worried about stopping the spread of COVID, malicious threats have not only continued to propagate but they have exploded in new and interesting ways. During this presentation we will review some of the more creative ways hackers have targeted business and individuals during the age of Work from Home and some ways to protect yourself from them.

It Ain’t Done ‘Til It’s Automated: Security at the Speed of DevOps

  Presented by Check Point

Companies are rapidly migrating applications and workloads to the cloud. For many this is a Software as a Service for a first option, with migration to public cloud second, and only if necessary will workloads be deployed inside of the legacy data center. This is further complicated by the desire to accelerate the development lifecycle allowing devops to drive the IT migration. InfoSec is playing catchup to the business and devops constant acceleration.

In this session, you will learn strategies and best practices for allowing SecOps to keep up with the Speed of DevOps, as well as fundamental security knowledge applicable for any workload migration to any cloud provider.

Talking to the Board About the New Realities of IT Security

  Presented by ExtraHop Networks

With the sudden shift of the global workforce from in-office to remote, IT teams quickly transformed their operations to accommodate the new realities of business — including large-scale adoption of work-from-home technologies, heightened activity on customer-facing networks, and greater use of online services.

While these examples of agility allowed business to continue, they also greatly increased the risk of misconfigurations and cyberthreats. Now, it’s looking like they could be here to say for a while. On top of that, bad actors have wasted no time trying to exploit new vulnerabilities. In the past several weeks, we’ve seen ransomware attacks affect several major organizations. These attacks come on the tail of a surge of attacks across the board brought on during the pandemic, as hackers scanned and took advantage of new workloads, and vulnerable VPN connections and misconfigurations left the gates to the network open.

When attacks like these make headlines, panicked board members have one question for CISOs: how can we be sure that won’t happen to us? We will share top strategies for CISOs to lead board-level conversations about risk management amidst the stark new realities of IT.

Responsible Administration: The Admin Insider (Threat)

  Presented by One Identity

System Administrators are critical people to every organization. They design, build, and maintain all the parts and pieces that enable business, whether that’s retail, healthcare, or even a government agency. Ensuring sysadmin tasks are performed as securely as possible without hampering their ability to keep our business running is a delicate balance. These “insiders” not only know how the systems operate but have the credentials and privileges to operate them.

In this session, we will demonstrate an Active Directory breach using pass-the-hash and discuss ways to enable the System Administrators to operate in a way that not only protects the business from threats but also enables them to perform the intricate tasks they accomplish daily to keep business flowing under the covers.

Gaining Network Visibility with Application Intelligence

  Presented by Gigamon

Come discuss how gaining visibility into your network has become more of a challenge than ever before. With the evolution from the Data Center to Virtual Environments, Public and Private Clouds, our exposure has never been greater.

In this session we will cover Span vs. TAP, Traffic Aggregation, Packet Brokers, Traffic Intelligence, Virtual Environments and how to get that one view of all your data.

Learn how to maximize the ROI on your existing tools while increasing your scope of visibility.

Who knows, you might even have fun?! Heckling Encouraged!

Cyber Considerations During a Pandemic: Cyber Leaders’ Perspectives

  Presented by Jodi Ito • Chief Information Security Officer, University of Hawaii

Join us for a panel discussion, led by Jodi Ito, Information Security Officer for the University of Hawaii. This panel will cast a wide net around the multitude of cyber-related considerations and issues that society is facing with our current pandemic situation. From securing telework locations, health screening when re-opening, servicing customers during a shutdown in a secure manner, to providing equitable distance-delivered education – the panelists will engage in a lively roundtable discussion of these topics and more.

Panelists:

Jodi Ito • Chief Information Security Officer, University of Hawaii

Vince Hoang • Chief Information Security Officer, State of Hawaii
Alan Ito • Information Security Officer, Hawaii Pacific Health
Ryan Field • Sr. Vice President, Director of Technology & Architecture, American Savings Bank

Jodi Ito is the Chief Information Security Officer with the University of Hawaii (UH) System in the Office of the Vice President for Information Technology since 2000 and has been with the University since 1982.

Jodi is responsible for the security and protection of information assets across the University of Hawaii System. These responsibilities include developing and managing policies and procedures for the UH information security program, conducting risk & vulnerability analysis for critical assets, overseeing investigations into cyber incidents, & developing and conducting training on information policy & security issues across all 10 UH campuses and affiliated research & education centers. She has also organized several large scale red/blue team cybersecurity exercises on the UH cyber range involving University students, Hawaii National Guard, military, state, and federal government agencies.

Jodi is a Principal Investigator and Program Director for the NSA’s GenCyber Camps in Hawaii to introduce cybersecurity to high school students and teachers. She is also the co-PI on the NSF/NSA Scholarship For Services grants to provide full-ride scholarships for students pursuing cybersecurity degrees and the NSF Computer Science Principles for Hawaii to train high school teachers to be able to teach AP Computer Sciences Principles. She is also a member of the REN-ISAC, MS-ISAC, Educause, and Infragard. Most recently, she is an active founding member of the newly organized CyberHawaii and co-chairs the Education and Workforce Development Committee.

Jodi graduated from the University of Hawaii at Manoa with both a Bachelors of Science degree in Computer Science in 1982 and a Masters of Science degree in Information and Computer Science in 1987.