Topic: Information Security

Seminar Topics

[1 CPE] Taking A Data-First Approach to Cyber Risk Management

  Presented by Austin Starowicz, Director, Solutions Consulting • Mastercard Cybersecurity

Cyber Risk Management has evolved. Every new vulnerability or regulation adds further pressures on already stretched teams to predict and manage the weakest links within your internal IT infrastructure. Piling on to today’s cyber risk landscape is the ever-expanding digital supply chain, and the need to onboard, assess, and monitor third parties, fourth parties, and Nth parties.

But does it really have to be that way?

Join this session from Mastercard Cybersecurity for an exclusive presentation on how a proactive “data-first” approach to cyber risk management can help you:

  • Improve monitoring for critical vulnerabilities to determine which ones really matter
  • Identify, Prioritize and Assess affected third parties in real-time
  • Leverage objective risk data into the decision-making processes
  • Streamline workflows and scale your operations

[1 CPE] Go Hack Yourself: More War Stories from over 150,000 Pentests

  Presented by Tony Taylor, Sr Solutions Architect • Horizon3.ai

Join Tony Taylor, Senior Solutions Architect, for an engaging session on “Offense-Driven Defense.” Tony will challenge conventional risk assessment practices and unveil how focusing on real-world exploitability and impact can revolutionize your security approach. Drawing from insights gathered across more than 150,000 autonomous pentests, he’ll share compelling stories and actionable lessons that show how viewing your cyber terrain through an attacker’s lens can uncover hidden vulnerabilities, optimize resource allocation, and strengthen your defenses against advanced threats. Don’t miss this opportunity to learn from a leading industry practitioner on why it’s time to “go hack yourself” and build resilience in today’s borderless threat environment.

[1 CPE] Operation Cyber Idaho: Modernizing Cyber Defense Statewide

  Presented by Jerred Edgar • Chief Information Security Officer, State of Idaho

Operation Cyber Idaho is an initiative focused on improving Idaho’s cyber resilience through Idaho Readiness Training (IRT), cyber infrastructure services, and collective defense. This program aims to modernize infrastructure by establishing the Idaho Readiness Training program, developing a cybersecurity workforce via a statewide apprenticeship program, and offering comprehensive cyber infrastructure services such as threat detection, vulnerability scanning, and remediation efforts.

Jerred serves as the Chief Information Security Officer for the Idaho Office of Information Technology Services. Jerred has over 24 years of military service, with 20 of those years focused on managing, overseeing, and developing secure and redundant cyber capabilities for military operations within contested environments.

Before retiring, he served as the Director of Cyber Innovative Readiness Training (IRT) for the Idaho Army National Guard (IDARNG), where he established a strategic partnership across Idaho and within the Department of Defense. This partnership facilitated cyber assessments, consultations, and assistance by leveraging military readiness objectives, funding, and personnel from 2019 through 2024. Prior to this role, he held various leadership positions within the 116th Cavalry Brigade Combat Team (CBCT). His responsibilities included managing the 116th CBCT’s enterprise communication suite for numerous training exercises and modernization efforts, two National Training Center rotations, Operation Saber Guardian 2016, and participating in two combat deployments since 2001.

[1 CPE] Hacking on a Budget: Maximizing Impact with Open-Source Security Tools

  Presented by Topher Lyons, Solutions Engineer • Sprocket Security

This presentation offers an illuminating glimpse into the open-source and free tools utilized by cybersecurity professionals for comprehensive security assessments. We will walk through how tools like Masscan, Nuclei, Impacket, Roadtools, Burp Suite Community Edition, and OWASP ZAP are applied across the essential phases of ethical hacking: reconnaissance, enumeration, exploitation, credential spraying, and web application testing. This talk is designed to build awareness of the sophisticated techniques and widely respected resources employed by experts in the field, providing valuable insights into the practical aspects of offensive security without the expectation of immediate proficiency.

[1 CPE] Breaking Down Silos: Unify Assets, Minimize Attack Exposure

  Presented by Michael Rockey, Sr Sales Engineering Manager • Axonius

In today’s rapidly evolving security landscape, organizations face the challenge of managing a wide array of tools across endpoints, identities, and networks. While each tool serves a critical purpose, they often operate in isolation, creating silos that obscure visibility and expose vulnerabilities. This session will address how the fragmentation of security systems and data increases attack surfaces and how integrating a unified cyber asset management approach can significantly reduce attack exposure.

Join us as we explore how security professionals can move beyond disconnected tools to leverage a single, comprehensive view of their assets and threat exposures. We’ll highlight practical steps and present a preview of an end-to-end solution designed to break down silos, provide full cyber asset visibility, and enable a more holistic approach to minimizing security risks.

As technology continues to evolve, managing disparate security systems will remain a pressing challenge. This session will offer actionable insights to security professionals looking to streamline their approach and safeguard their organizations from the growing complexities of cyber threats.

[1 CPE] Securing Data Flow in the AI-Quantum Era

  Presented by Steve Riley, Vice President, Field CTO • Netskope

Sensitive data movement poses risks, but outright restriction can hinder operations. Organizations need agile security frameworks to protect data in the AI and quantum era. This session explores modern security platforms that enable secure data flow and prepare for post-quantum encryption (PQE).

Join this session to learn:

  • Choosing secure access methods for diverse use cases
  • Adapting security to risk, user behavior and AI interactions
  • Preparing for post-quantum encryption’s enterprise impact

[1 CPE] Real-Time Threat Mitigation with AI-Driven SASE: A Practical Approach

  Presented by Brian Anderson, Global Field CTO • Cato Networks

In this session, we’ll explore how a converged SASE platform combined with AI and machine learning (ML) enables real-time threat detection and mitigation, transforming network security from a reactive to a proactive model. The focus will be on how AI-driven solutions within the SASE framework can identify, analyze, and neutralize security threats in real-time across distributed environments.

Brian Anderson, Global Field CTO at Cato, has over 20 years’ experience in technology, working with networks, systems, application development, and security, specializing in automation. Brian has worked to architect, attack, integrate, and secure networks and applications for emergency notification systems, government environments, healthcare organizations, transactional and e-commerce, including multi-tier cloud-based solutions, and has had a focus on web, database, and network and infrastructure security for the past 13 years at Imperva.

[1 CPE] History of Firewall Technology: From Packet Filtering to Application Control

  Presented by Hubert Ralph Bonnell, CISSP, CCSM – Security Engineer • Check Point Software

Let’s take a stroll through memory lane as we explore the history of the network firewall. This session explores the core technology behind packet filtering, proxies, stateful inspection, and application layer controls. Also covered are some of the fundamental differences between the firewalls on the market today.

[1 CPE] Fortifying Data Resilience: When Backups Become Back Doors to Cyberthreats

  Presented by Rick Vanover, Vice President of Product Strategy • Veeam

Ransomware threats don’t discriminate. And as the industry’s leading provider of data resilience solutions, we’ve seen it all. Public sector organizations are just as likely to be targeted as those in the private sector, and the stakes can be even higher. Veeam’s latest Ransomware Trends Report exposes critical vulnerabilities and highlights why relying solely on backups is no longer enough to ensure resilience. In this session, Veeam’s VP of Product Strategy, Rick Vanover, will unpack the most common oversights that leave organizations — government, education, healthcare, and beyond — exposed to cyber threats, especially when backups become an overlooked back door in your security strategy.

Drawing from real-world incidents and hard-earned lessons, Rick will share what he wishes every IT professional knew before facing a ransomware or security breach event. You’ll leave with actionable insights, practical guidance, and research-backed recommendations to help you strengthen your data resilience. Whether you’re securing sensitive public sector data or safeguarding private enterprise information, this session will equip you to prepare for tomorrow’s threats today.

[1 CPE] In the Cloud: Fast Forward to Better Security

  Presented by Jeff Kwiat, Principal Systems Engineer • Fortinet

Migrating to the cloud offers organizations unmatched agility, scalability, and innovation potential, but it also introduces complex security risks. Misconfigurations, compliance gaps, overly permissive identities, shadow IT, and advanced threats quickly erode the benefits of cloud adoption.

This presentation examines how to securely plan and execute a cloud migration, highlighting common challenges and best practices. It will explore how modern Cloud-Native Application Protection Platforms (CNAPPs) provide unified visibility, runtime protection, and compliance enforcement across multi-cloud environments. Attendees will learn how a well-architected, integrated security strategy not only mitigates risk but also accelerates the value of cloud transformation.