Topic: Information Security

Seminar Topics

[1 CPE] Navigating the Post-Quantum Encryption Landscape in Data Management Technologies

  Presented by Mauricio Daher, Technical Expert, Data Intelligence and Content Solutions • Hitachi Vantara

Post Quantum Encryption, and how products need to adapt in this brave new world. There is a lot of talk about Generative AI, LLMs, GTP, but if we cannot secure our data – confidentiality, integrity, and availability – perimeter, then nothing else matters. This session will dive into security topics relevant to the landscape of data management technologies we have on-hand today from the top storage solution companies. The challenges for the next five years will require game-changing innovation to keep up with an exponentially expanding threat surface. The winner will be the one to secure the future for the rest until the next bubble comes along.

Currently, Mauricio is a Technical Expert for Data Intelligence and Content: A technical leader in support of Hitachi Vantara’s content business for the Americas. This involves providing technical guidance, and solutions crafting to the sales teams across the organization, working hand in hand with the solution sales specialists.

Before joining HDS, Mauricio was the Regional Solutions Advisor for Dell in the Northeast, focusing on Compellent and EqualLogic storage solutions, and supporting 5 systems engineers from a knowledge management, measurement, and orientation perspective. Prior to Dell, Mauricio was AVP of Data Protection for RBS Citizens Bank based in Rhode Island where he provided strategic leadership in the bank’s data protection architecture and the creation of a service catalog and storage economics model for production storage and BURA. Before RBS Citizens, Mauricio was a Principal Consultant with Glass House during which time he delivered some two dozen strategic engagements in storage and data protection to companies spanning segments like government, airlines, healthcare as well as financial institutions. Before Glass House, Mauricio ran a delivery practice at McData that implemented SAN-based storage and tape virtualization solutions to a variety of enterprise clients such as Wells Fargo, Bank of New York, and a dozen smaller companies.

Mauricio holds an S.M. in Civil and Environmental Engineering with a focus on Information Systems from M.I.T. and a B.S. in Mechanical Engineering from Boston University.

[1 CPE] Global Insights on Identity Security Maturity: Why it Matters? Why Now?

  Presented by Jed Knopf, Solutions Architect • CyberArk

In our global survey of 1,500 identity-related security experts, we found only 9% of organizations have the highest level of maturity. These Transformative organizations have the most mature identity security programs as they strategically focus on four key tenets: tools, integration, automation, and continuous threat detection & response. As a result, these organizations significantly outperform their competition in driving business outcomes and reducing risk. Learn how you can mature your identity security program because the future of security starts with identity.

Key Session Takeaways:

  • Top challenges for identity security
  • The four tenets of identity security
  • How to take a holistic approach to identity security
  • Key considerations in evaluating identity security providers

[1 CPE] The Current Threat Landscape Requires a Unique Approach

  Presented by Todd Bertchume, Technical Marketing Engineer • Forescout

Specialized threats targeting OT environments have been around since at least 2010, with the reports of Stuxnet. Recognizing the criticality of these devices, Threat Actors have continued evolving, continuing to target OT devices, many of which are inherently insecure-by-design. Research, such as Vedere Labs’ OT:ICEFALL research project and Project Basecamp by Digital Bond from 10 years ago showed how significant the scope of vulnerable devices are that are pervasive in critical infrastructure systems. Today’s SOC needs to not only see those devices and the risks they pose while also ensuring accurate detection of the threats uniquely targeting those OT environments they’re deployed in. This session will explore this unique threat landscape and the capabilities required to combat the threats and automatically mitigate the risks specially targeting Operational Technology environments.

Todd Bertchume is a Technical Marketing Engineer at Forescout. He brings over 23 years of experience in the networking industry working on the partner, customer, and manufacturer side of the business. He holds many industry certifications in networking and security. Over the years, he has helped many customers building data centers and spent the last few years specializing in securing assets in the health care industry.

[1 CPE] The Current Threat Landscape Requires a Unique Approach

  Presented by Todd Bertchume, Technical Marketing Engineer • Forescout

Specialized threats targeting OT environments have been around since at least 2010, with the reports of Stuxnet. Recognizing the criticality of these devices, Threat Actors have continued evolving, continuing to target OT devices, many of which are inherently insecure-by-design. Research, such as Vedere Labs’ OT:ICEFALL research project and Project Basecamp by Digital Bond from 10 years ago showed how significant the scope of vulnerable devices are that are pervasive in critical infrastructure systems. Today’s SOC needs to not only see those devices and the risks they pose while also ensuring accurate detection of the threats uniquely targeting those OT environments they’re deployed in. This session will explore this unique threat landscape and the capabilities required to combat the threats and automatically mitigate the risks specially targeting Operational Technology environments.

Todd Bertchume is a Technical Marketing Engineer at Forescout. He brings over 23 years of experience in the networking industry working on the partner, customer, and manufacturer side of the business. He holds many industry certifications in networking and security. Over the years, he has helped many customers building data centers and spent the last few years specializing in securing assets in the health care industry.

[1 CPE] Cybersecurity and Compliance For 2024

  Presented by Rob Wayt, Director of Governance, Risk, and Compliance • Structured

The cybersecurity regulatory compliance landscape has never been more complicated, and this presentation will provide information and updates to CMMC, GLBA, PCI, TSA, generative AI and security best practices. This discussion will focus on security solutions to these challenges, including penetration testing and zero trust implementations. Rob Wayt, Director of Governance, Risk, and Compliance at Structured will be the presenter.

[1 CPE] How AZ’s Collective Public/Private Defense Benefits Your Organization & the AZ Ecosystem

  Presented by Ryan Murray •  AZ DHS and Frank Grimmelmann • ACTRA

ACTRA, and the State of Arizona Department of Homeland Security, will share the objective evidence of how the entire State of Arizona, public sector, and private industry, is coming together to raise the bar for the collective defense of the community. Trust-driven collaborative integration of people, processes, and technology demonstrates the advances to be shared!

We’ll focus on the work being done to deploy defensive tools to ensure cybersecurity readiness, the sharing of actionable intelligence to ensure we all have visibility of the threats impacting our organizations, and even developing the cybersecurity workforce of tomorrow. Become part of the conversation and join us in the collaborative communication to better secure the entire state!

Speakers:
Ryan Murray, Deputy Director, Arizona Department of Homeland Security & CISO State of Arizona
Frank J. Grimmelmann, President & CEO, Arizona Cyber Threat Response Alliance, Inc. (ACTRA)

Ryan Murray joined the Arizona Department of Homeland Security in July 2021 and currently serves as the Deputy Director over Cyber Command and as the Interim Chief Information Security Officer for the State. He also previously served as the Chief Information Security Officer for the Arizona Department of Revenue for three and a half years. In his current role, Deputy Director Murray provides tactical and operational leadership for Cyber Command, and strategic planning, facilitation, and coordination of cybersecurity efforts throughout the State.

Frank J. Grimmelmann serves as President & CEO for the Arizona Cyber Threat Response Alliance (ACTRA), a non-profit entity that was developed collaboratively with the Arizona InfraGard Program, the FBI, USDHS, and law enforcement, and independently launched in 2013 to enable its private/public sector member organizations across all critical sectors to enable themselves to respond to the escalating national cybersecurity threat.

[1 CPE] Global Insights on Identity Security Maturity: Why it Matters? Why Now?

  Presented by Brian Roberts, Sr Solutions Engineer • CyberArk

In our global survey of 1,500 identity-related security experts, we found only 9% of organizations have the highest level of maturity. These Transformative organizations have the most mature identity security programs as they strategically focus on four key tenets: tools, integration, automation, and continuous threat detection & response. As a result, these organizations significantly outperform their competition in driving business outcomes and reducing risk. Learn how you can mature your identity security program because the future of security starts with identity.

Key Session Takeaways:

  • Top challenges for identity security
  • The four tenets of identity security
  • How to take a holistic approach to identity security
  • Key considerations in evaluating identity security providers

Brian Roberts is a motivated, technically-minded individual with 12 years of solutions engineering experience ranging from backup and disaster recovery to identity security. He primarily focuses on Privilege Access Management and Least Privilege Enforcement with self-hosted and cloud assets.

[1 CPE] The Current Threat Landscape Requires a Unique Approach

  Presented by Eric Vanderbur, Global Solutions Architect • Forescout

Specialized threats targeting OT environments have been around since at least 2010, with the reports of Stuxnet. Recognizing the criticality of these devices, Threat Actors have continued evolving, continuing to target OT devices, many of which are inherently insecure-by-design. Research, such as Vedere Labs’ OT:ICEFALL research project and Project Basecamp by Digital Bond from 10 years ago showed how significant the scope of vulnerable devices are that are pervasive in critical infrastructure systems. Today’s SOC needs to not only see those devices and the risks they pose while also ensuring accurate detection of the threats uniquely targeting those OT environments they’re deployed in. This session will explore this unique threat landscape and the capabilities required to combat the threats and automatically mitigate the risks specially targeting Operational Technology environments.

[1 CPE] The Current Threat Landscape Requires a Unique Approach

  Presented by Eric Vanderbur, Global Solutions Architect • Forescout

Specialized threats targeting OT environments have been around since at least 2010, with the reports of Stuxnet. Recognizing the criticality of these devices, Threat Actors have continued evolving, continuing to target OT devices, many of which are inherently insecure-by-design. Research, such as Vedere Labs’ OT:ICEFALL research project and Project Basecamp by Digital Bond from 10 years ago showed how significant the scope of vulnerable devices are that are pervasive in critical infrastructure systems. Today’s SOC needs to not only see those devices and the risks they pose while also ensuring accurate detection of the threats uniquely targeting those OT environments they’re deployed in. This session will explore this unique threat landscape and the capabilities required to combat the threats and automatically mitigate the risks specially targeting Operational Technology environments.

[1 CPE] The Human Factor: Quantifying Human Risk

  Presented by Sara Anstey, Director of Data Analytics and Risk  • Novacoast

This talk will explore the growing field of human risk management and quantification, diving into the next step in an organization’s risk journey: quantifying people. We will discuss where the market is, how people are adopting it, and what organizations can gain from human risk management.

Join this session on the emerging and evolving field of human risk quantification, which aims to apply quantitative methods to assign risk scores to every employee at a company based on their actions and access. This space is very similar to where cyber risk quantification was about 4 years ago when there were a few start-ups in the market and a few active voices on LinkedIn advocating for the adoption of these practices. Now, human risk quantification is an organizational priority. Having done extensive research into where the players in the market are and how companies utilize these strategies, human risk quantification has become the next step of a risk journey for many companies. Over 80% of breaches involve the human element –– if organizations want to stop them, they need to understand how the people they employ affect their security posture.