Topic: Information Security

Seminar Topics

[1 CPE] One Click Away: Lateral Movement Stemming from Office 365 Compromises

  Presented by Christine Davis, Director of Marketing • Stellar Technologies

In the rapidly evolving digital age, the security of cloud-based platforms like Office 365 is paramount for businesses worldwide. “One Click Away: Lateral Breaches Stemming from Office 365 Compromises” delves into the hacker’s mindset, unveiling how the hack occurs (LIVE DEMONSTRATION) and how a seemingly minor compromise can trigger a cascade of security breaches with profound implications for businesses. This presentation will explore the multifaceted threat landscape of Office 365, Active Directory, SAML, and SSLVPN, illuminating the pathways through which a simple breach can spread across an organization’s digital ecosystem. Attendees will gain insight into the initial indicators of compromise, empowering them with the knowledge to detect early signs of infiltration. By emphasizing preventative measures and best practices, the session aims to equip participants with robust strategies to safeguard businesses from everyday threats. Furthermore, it will outline effective incident response and mitigation strategies, providing a blueprint for responding to breaches with precision and agility. The presentation will also underscore the far-reaching consequences of breaches, from operational disruptions to severe financial and reputational damage, highlighting the critical need for a proactive and informed approach to cybersecurity in the era of cloud computing.

[1 CPE] Adversaries for Hire!

  Presented by Steven Massey, Regional Sales Manager • Secureworks & Dell

By exploring modern threat tactics, tooling, and anonymized cases from Healthcare, Critical Infrastructure, and Finance sectors, this talk aims to equip participants with insights into how adversaries operate, enhancing their ability to secure their organizations against breaches and cyber-attacks.

By incorporating various skillsets from active operations, Secureworks has amassed a wealth of offensive knowledge and tradecraft that allows our operators to perform complex offensive security engagements and provide remediation advice and controls to businesses of all types and technologies.

[1 CPE] How to Build a High Confidence Cyber Recovery Plan

  Presented by Bharath Nagaraj, Sr Technical Field Director  • Cohesity

In an era where data is both a prime asset and a target, the global cybercrime cost is expected to soar to $10.5 trillion USD by 2025, with ransomware attacks becoming more frequent. Despite this, 80% of organizations doubt their cyber resilience strategies. The importance of being prepared for “black swan” cyber events, which exploit new vulnerabilities and can cause overwhelming damage, is highlighted. Cohesity emphasizes the role of Generative AI in bolstering a company’s security by automating threat detection, ensuring compliance, and promoting collaboration across departments. This approach not only mitigates risks but also aligns with strategic IT resilience planning. In an upcoming discussion led by Cohesity’s Senior Technical Field Director, Bharath Nagaraj, insights into overcoming large organizational challenges, effective response strategies, stakeholder roles, and steps for integrating cyber resilience into IT strategies will be explored, aiming to instill confidence in recovery without succumbing to ransoms.

[1 CPE] The Intersection of AI and Cybersecurity

  Presented by Robbie Elliott, Head of Engineering, West & Eric Darancette, Security Engineer • Check Point

As artificial intelligence (AI) permeates our lives, it’s crucial to address the cybersecurity challenges it presents. In this dynamic landscape, AI will be utilized by both attackers and defenders. We will explore the opportunities of leveraging AI to enhance your business and defenses while acknowledging the potential risks. AI-powered attacks, opaque AI systems, and a lack of standardized security practices demand proactive measures, rigorous protocols, and transparent designs to ensure a secure AI ecosystem.

[1 CPE] Panel: Help is Here to Govern AI in Your Workplace!

  Presented by INTERFACE Advisory Council

Is generative AI a true hope, or is it all hype? Are you struggling to keep your end users protected from using AI tools that could cause security concerns? Is your data being protected from entering the AI space? These are just a few of the questions occupying the IT workforce today. While it may seem like a daunting task with no end in sight, there are others facing your challenges and wanting to share their experiences.

Our panel of local IT experts will share their experiences in what it takes to have a smart AI posture. We will discuss data governance, cyber security, and privacy concerns when it comes to AI in your workplace. Please bring your questions as well so you can get some guidance on the challenges you face today. Our esteemed panelists are some of the most experienced IT leaders in Hawaii and they want to share their experiences.

Panelists:

  • Rebecca Cal, Chief Data Officer, State of Hawaii
  • Randy Faatau, Vice President, Cybersecurity Architecture & Operations, First Hawaiian Bank
  • Vince Hoang, Chief Information Security Officer, State of Hawaii
  • Jodi Ito, Chief Information Security Officer, University of Hawaii

[1 CPE] Intelligent SSE: Secure Everything from Anywhere

  Presented by Matt Senechal, Regional Sales Manager • Netskope

This session will provide a technical overview of Security Service Edge (SSE), focused on the following topics:

  • Unintentional or unapproved data movement
  • Data protection for internal and external threats
  • Conditional and contextual access to safely enable cloud & SaaS applications
  • Protection from cloud-enabled SaaS and web threats
  • Work from anywhere with a secure, fast experience

You will walk away understanding the fundamentals of SSE and how it will benefit your business.

[1 CPE] Global Insights on Identity Security Maturity: Why it Matters? Why Now?

  Presented by Jed Knopf, Solutions Architect • CyberArk

In our global survey of 1,500 identity-related security experts, we found only 9% of organizations have the highest level of maturity. These Transformative organizations have the most mature identity security programs as they strategically focus on four key tenets: tools, integration, automation, and continuous threat detection & response. As a result, these organizations significantly outperform their competition in driving business outcomes and reducing risk. Learn how you can mature your identity security program because the future of security starts with identity.

Key Session Takeaways:

  • Top challenges for identity security
  • The four tenets of identity security
  • How to take a holistic approach to identity security
  • Key considerations in evaluating identity security providers

[1 CPE] A Small Business Journey to the NIST Cybersecurity Framework 2.0

  Presented by Daniel Eliot • National Institute of Standards and Technology

The NIST Cybersecurity Framework (CSF) 2.0 is here! This is the first major revision of the globally recognized framework since its initial publication in 2014. If that wasn’t exciting enough, NIST also published the CSF 2.0 Small Business Quick Start Guide along with it. As a supplement to the CSF 2.0, the new Small Business Quick Start Guide provides small-to medium-sized businesses (SMB) with resources and considerations to kick-start their cybersecurity risk management strategy using the CSF 2.0. During this talk Daniel Eliot, NIST’s Lead for Small Business Engagement, will provide an overview of updates to the NIST Cybersecurity Framework 2.0 and will showcase the new CSF 2.0 SMB Quick Start Guide and other free NIST small business cybersecurity resources. Eliot will also spend time sharing various ways organizations can get more engaged with NIST’s cybersecurity and privacy work.

Daniel Eliot is the lead for small business engagement within the National Institute of Standards and Technology’s Applied Cybersecurity Division. In this role, he works across NIST’s cybersecurity and privacy program to advise and support development of cybersecurity resources, communication materials, and collateral tailored for use by small businesses. He also regularly works directly with the small business community and their advocates through external outreach and engagement. Immediately prior to joining NIST, Daniel worked within MITRE Corporation’s Center for Securing the Homeland, serving as the chief communications strategist at the NIST National Cybersecurity Center of Excellence. In prior roles he has also served as the director of education for the National Cybersecurity Alliance and manager of technology business development for the University of Delaware Office of Economic Innovation and Partnerships.

[1 CPE] Securing the Future: Cyber Insurance and Cybersecurity Strategies for 2024

  Presented by Andrew Livingston, Cyber Security Specialist • Sentinel Technologies

In the dynamic and interconnected digital era of 2024, the landscape of cyber threats continuously evolves, posing unprecedented challenges to businesses worldwide. “Securing the Future: Cyber Insurance and Cybersecurity Strategies for 2024” delves into the intricacies of cyber insurance as a pivotal component of modern business risk management. This presentation offers a thorough exploration of the latest trends in cyber threats that businesses face, such as sophisticated AI-driven attacks, the proliferation of ransomware, and the vulnerabilities introduced by emerging technologies. It highlights the critical challenges that could lead to the denial of cyber insurance claims and potential loss of coverage, emphasizing the importance of compliance, accurate representation of cybersecurity measures, and prompt incident reporting.

Furthermore, the presentation shifts focus towards proactive strategies for enhancing an organization’s cybersecurity posture. It outlines actionable tips for businesses to not only fortify their defenses against cyber threats but also to positively influence their cyber insurance rates. Through a blend of expert insights and practical guidance, the audience will learn about the significance of regular risk assessments, the adoption of multi-factor authentication, encryption, endpoint security, and the development of robust incident response plans. We’ll discuss:

  • Insights into the evolving cyber threat landscape in 2024.
  • Common pitfalls leading to cyber insurance claim denials.
  • Strategies for enhancing cybersecurity measures to favorably impact insurance rates.
  • The future outlook of cyber insurance and the role of emerging technologies.

By the conclusion of this presentation, attendees will be equipped with the knowledge to navigate the complexities of cyber insurance and implement comprehensive cybersecurity strategies. This will not only prepare them to mitigate the risks of cyber threats but also optimize their insurance coverage in the face of an ever-changing digital threat landscape.

[1 CPE] Cybersecurity and Compliance For 2024

  Presented by Rob Wayt, Director of Governance, Risk, and Compliance • Structured

The cybersecurity regulatory compliance landscape has never been more complicated, and this presentation will provide information and updates to CMMC, GLBA, PCI, TSA, generative AI and security best practices. This discussion will focus on security solutions to these challenges, including penetration testing and zero trust implementations. Rob Wayt, Director of Governance, Risk, and Compliance at Structured will be the presenter.