Topic: Information Security

Seminar Topics

It Ain’t Done ‘Til It’s Automated: Security at the Speed of DevOps

  Presented by Check Point

Have you been tasked with implementing Zero Trust Network Access but are unsure of how to go about it? Are you confused about how to achieve “minimum access”? Are you struggling with employing “continuous adaptive risk & trust assessment” on your network? If so, attend this session. Learn how to deploy an open, multi-vendor Enterprise security framework that gives security and IT teams an integrated way to gain visibility, control, and advanced threat defense. See how security prioritization and machine learning helps organizations leverage existing third-party solutions to better protect investments and implement proactive risk controls.

First Quarter of Containment

  Presented by Malwarebytes

All of us are living in the new Work from Home normal caused by the rapid transmission and spread of COVID-19. While people everywhere have been worried about stopping the spread of COVID, malicious threats have not only continued to propagate but they have exploded in new and interesting ways. During this presentation we will review some of the more creative ways hackers have targeted business and individuals during the age of Work from Home and some ways to protect yourself from them.

Top 5 Use Cases for Endpoint Protection in Operational Technology

  Presented by VPLS

The Air Gap: A Double-edged Sword

Endpoints are frequently the target of initial compromise or attacks. It can take just minutes, if not seconds, to compromise the endpoints, putting industrial environments at risk. One recent study found that 30% of breaches involved malware being installed on endpoints.

Operational Technology (OT) endpoints are particularly vulnerable given the legacy technology powering environments like our manufacturing plants, power stations, and other critical infrastructure. Many organizations rely on an air gap for cybersecurity to protect their industrial environments.

Unfortunately, the air gap is a double-edged sword. While it may help insulate and shrink the attack surface, like all prevention measures, it is not 100%.

Join this presentation to explore how you can:

  • Stop breaches and prevent data loss and ransomware damage with no dwell time.
  • Eliminate alert fatigue and optimize operations with customizable, standardized incident response processes.
  • Ensure business continuity in the event of a security incident, keeping systems online.
  • Reduce the cost of legacy EDR solutions, enabling response and remediation without negatively impacting business.

It Ain’t Done ‘Til It’s Automated: Security at the Speed of DevOps

  Presented by Check Point

Companies are rapidly migrating applications and workloads to the cloud. For many this is a Software as a Service for a first option, with migration to public cloud second, and only if necessary will workloads be deployed inside of the legacy data center. This is further complicated by the desire to accelerate the development lifecycle allowing devops to drive the IT migration. InfoSec is playing catchup to the business and devops constant acceleration.

In this session, you will learn strategies and best practices for allowing SecOps to keep up with the Speed of DevOps, as well as fundamental security knowledge applicable for any workload migration to any cloud provider.

Talking to the Board About the New Realities of IT Security

  Presented by ExtraHop Networks

With the sudden shift of the global workforce from in-office to remote, IT teams quickly transformed their operations to accommodate the new realities of business — including large-scale adoption of work-from-home technologies, heightened activity on customer-facing networks, and greater use of online services.

While these examples of agility allowed business to continue, they also greatly increased the risk of misconfigurations and cyberthreats. Now, it’s looking like they could be here to say for a while. On top of that, bad actors have wasted no time trying to exploit new vulnerabilities. In the past several weeks, we’ve seen ransomware attacks affect several major organizations. These attacks come on the tail of a surge of attacks across the board brought on during the pandemic, as hackers scanned and took advantage of new workloads, and vulnerable VPN connections and misconfigurations left the gates to the network open.

When attacks like these make headlines, panicked board members have one question for CISOs: how can we be sure that won’t happen to us? We will share top strategies for CISOs to lead board-level conversations about risk management amidst the stark new realities of IT.

Responsible Administration: The Admin Insider (Threat)

  Presented by One Identity

System Administrators are critical people to every organization. They design, build, and maintain all the parts and pieces that enable business, whether that’s retail, healthcare, or even a government agency. Ensuring sysadmin tasks are performed as securely as possible without hampering their ability to keep our business running is a delicate balance. These “insiders” not only know how the systems operate but have the credentials and privileges to operate them.

In this session, we will demonstrate an Active Directory breach using pass-the-hash and discuss ways to enable the System Administrators to operate in a way that not only protects the business from threats but also enables them to perform the intricate tasks they accomplish daily to keep business flowing under the covers.

Gaining Network Visibility with Application Intelligence

  Presented by Gigamon

Come discuss how gaining visibility into your network has become more of a challenge than ever before. With the evolution from the Data Center to Virtual Environments, Public and Private Clouds, our exposure has never been greater.

In this session we will cover Span vs. TAP, Traffic Aggregation, Packet Brokers, Traffic Intelligence, Virtual Environments and how to get that one view of all your data.

Learn how to maximize the ROI on your existing tools while increasing your scope of visibility.

Who knows, you might even have fun?! Heckling Encouraged!

Cyber Considerations During a Pandemic: Cyber Leaders’ Perspectives

  Presented by Jodi Ito • Chief Information Security Officer, University of Hawaii

Join us for a panel discussion, led by Jodi Ito, Information Security Officer for the University of Hawaii. This panel will cast a wide net around the multitude of cyber-related considerations and issues that society is facing with our current pandemic situation. From securing telework locations, health screening when re-opening, servicing customers during a shutdown in a secure manner, to providing equitable distance-delivered education – the panelists will engage in a lively roundtable discussion of these topics and more.

Panelists:

Jodi Ito • Chief Information Security Officer, University of Hawaii

Vince Hoang • Chief Information Security Officer, State of Hawaii
Alan Ito • Information Security Officer, Hawaii Pacific Health
Ryan Field • Sr. Vice President, Director of Technology & Architecture, American Savings Bank

Jodi Ito is the Chief Information Security Officer with the University of Hawaii (UH) System in the Office of the Vice President for Information Technology since 2000 and has been with the University since 1982.

Jodi is responsible for the security and protection of information assets across the University of Hawaii System. These responsibilities include developing and managing policies and procedures for the UH information security program, conducting risk & vulnerability analysis for critical assets, overseeing investigations into cyber incidents, & developing and conducting training on information policy & security issues across all 10 UH campuses and affiliated research & education centers. She has also organized several large scale red/blue team cybersecurity exercises on the UH cyber range involving University students, Hawaii National Guard, military, state, and federal government agencies.

Jodi is a Principal Investigator and Program Director for the NSA’s GenCyber Camps in Hawaii to introduce cybersecurity to high school students and teachers. She is also the co-PI on the NSF/NSA Scholarship For Services grants to provide full-ride scholarships for students pursuing cybersecurity degrees and the NSF Computer Science Principles for Hawaii to train high school teachers to be able to teach AP Computer Sciences Principles. She is also a member of the REN-ISAC, MS-ISAC, Educause, and Infragard. Most recently, she is an active founding member of the newly organized CyberHawaii and co-chairs the Education and Workforce Development Committee.

Jodi graduated from the University of Hawaii at Manoa with both a Bachelors of Science degree in Computer Science in 1982 and a Masters of Science degree in Information and Computer Science in 1987.

Staying Secure While Working from Home

  Presented by Trend Micro

Working from home has become almost ubiquitous in these times of COVID-19. Quarantining your devices while away from the office is not an acceptable solution to the many risks that exist outside of your corporate network. Please join Trend Micro to discuss the many ways you can help ensure that working from home does not compromise the security posture of your organization.

Modern Applications Need Modern Network and Security Controls

  Presented by CompuNet

This discussion will present the many issues facing organizations today as applications become more mission-critical than ever. Organizations must adopt new strategies and techniques to ensure that their customer-facing applications remain available and secure, even in the face of ever-changing customer requirements, a shift to a mobile workforce, and more threats than ever before. CompuNet and F5 Networks will discuss the new ways that companies can protect their applications without a dramatic increase in complexity and budget requirements.