Loading…
Please register for each session that you plan to attend.
The registration link is included in the description of the session.
Details to access each of the sessions that you register for will be sent to the email address provided during registration.

Sign up or log in to bookmark your favorites and sync them to your phone or calendar.

Wednesday, July 22
 

8:00am EDT

Check Point & The TENEO Group: “Cover Your SaaS - Protecting Your Business in a Cloudy World”
Register for this session HERE

“Cover Your SaaS - Protecting your Business in a Cloudy World” 

Description: In this lab simulation, participants will learn about the risks involved with SaaS applications & how to protect their organization against Cyber Threats when the applications are no longer within the 4 walls of the datacenter. The lab will include protecting Office 365, One Drive, GSuite, Dropbox & SalesForce.com


Speakers
avatar for Aaron Rose

Aaron Rose

Regional Architect - Mid-Atlantic & Federal, Check Point Software Technologies

Sponsors


Wednesday July 22, 2020 8:00am - 10:00am EDT
Zoom Morning https://checkpoint.zoom.us/meeting/register/tJMlfuGvpzwsGNAlLJ9FtAKfz4Z_T4j5_sCv

8:00am EDT

DNS & Palo Alto: Ultimate Test Drive Part 1 (Morning Session)
Register for this session HERE

Overview – Jack Daniel, DNS Engineer
The VM-Series on Microsoft Azure can help prevent data loss and business disruption, allowing corporations to move at the speed of the cloud. Use this UTD workshop to demonstrate how the Palo Alto Networks VM-Series firewall and advanced threat prevention features can enhance Microsoft Azure security by providing protection from advanced attacks.
 
This hands-on workshop will:
· Provide students temporary access to Azure console and review how VM-Series is deployed in Azure
·    Demonstrate how to prevent threats while allowing certain applications
·    Showcases VM-Series integration with Azure Application Insights to publish PanOS metrics
·    Demonstrate fault tolerance to redirect the traffic to active VM-Series firewall
·    Showcases how to improve security policy by converting port-based policy to application based-policy with Policy Optimiz

Speakers
avatar for Jack Daniel

Jack Daniel

DNS Engineer, Data Network Solutions (DNS)
As the founding engineer for Data Network Solutions (DNS), Jack Daniel has spent the past 20 years working within the computer industry, currently he is a Senior Systems Engineer.  He attended the University of North Carolina in Charlotte, where he studied math and computer science... Read More →

Sponsors


Wednesday July 22, 2020 8:00am - 11:00am EDT
GoToWebinar Room A

8:30am EDT

ISSA Fayetteville-Ft. Bragg - Carlos Valencia, Managed Print Analyst, Digital Document Solns - MFD Overview, Hardening & Basics
Register for this session HERE​​​

Abstract
  • Presentation will consist of an overview of various types of Multifunction devices.
  • A review of the basic setting used for hardening activating security features to protect end user’s data.
  • Demonstrate the basic setting to utilize SMTP and SMB.
  • Presentation will provide attendees confidence in navigating the MFD menu and securing their device. 






Speakers
avatar for Carlos Valencia

Carlos Valencia

Managed Print Analyst, Digital Document Solutions


Wednesday July 22, 2020 8:30am - 10:00am EDT
GoToWebinar Room D

8:30am EDT

VerSprite Application Security Workshop: Open Technologies, Tools, and Techniques for Running a Successful InfoSec Program
Register for this session HERE​​​

About This Presentation:
When teams start considering application security, it can feel like you are being thrown into the open ocean without a lifeboat. Security threats can hit you like waves from all sides, while you are just looking for a navigation system to help guide you through each step of securing your code.
In this presentation, Tony UcedaVélez, CEO of VerSprite cybersecurity consulting and leader of OWASP Atlanta, will steer attendees through the developer benefits, helpful security guides, and break from the storm that collaboratives like OWASP offer. He will also share some trade-favorite technologies, security tools, and techniques that you and your team can use to inject security into every stage of your development lifecycle.
All attendees will receive CEUs through ISSA and receive a copy of Tony’s presentation, complete with tools and resource links you can take back to the office.

Presentation Overview:
  • Security Challenges
  • What is OWASP (Open Web Application Security Project)
  • Why There is a Need for Governance and Standardization in Software Development
  • What does OWASP have to offer?
  • The OWASP Application Security Verification Standard (ASVS) Security Assurance Methodology
  • OWASP Top Ten
  • Developer Guides
  • Security Cheat Sheets for Developers, AppSec, and InfoSec
  • Open SAMM (Software Assurance Maturity Model)
  • S-SDLC – Building Security-In
  • OWASP AntiSamy API
  • CSRFGuard
  • ESPI (Enterprise Security API)
  • Security Testing & OWASP – Prescriptive Advice for Testing
  • VerSprite’s Top Security Tools for Developers and Security Professionals
  • Open Source Tools for More Nefarious Voyages in AppSec Testing
  • Let’s Dock This Discussion & Take It Online


Speakers
avatar for Tony UcedaVélez

Tony UcedaVélez

CEO & Founder, VerSprite
Tony UcedaVélez is the CEO of VerSprite, an Atlanta based security services firm assisting global multi-national corporations on various areas of cyber security, secure software development, threat modeling, application security, security governance, and security risk management... Read More →



Wednesday July 22, 2020 8:30am - 10:00am EDT
GoToWebinar Room C

10:30am EDT

ISSA Fayetteville-Ft. Bragg Chapter - Mike Curnow, CEO, Experienced SOC Architect, Defiant Networks "Ballin On A Budget: Deploying SIEMple SecOps"
Register for this session HERE​​​

Presentation Abstract:
Hyper-connectivity is at an all-time high considering advances in Industry 4.0 coupled with increased remote workload migration in recent day. It’s safe for one to surmise that security operations has yet to catch up with some innovations that’ve been pushed out the door too fast. A lot of these innovative measures are employed by businesses to essentially save themselves by crafting new services or simply enabling more internet driven accessibility to handle an already existing service.

This drives need to increase deployment of what’s arguably the weakest point in many security strategies (at least those I’ve consulted with), which is enacting a Security Operations Center (SOC) to enable insight to existing threats and keep constant measure of the organization’s security posture.

The hard truth is that a lot of orgs cannot afford an expensive SIEM tool or justify on boarding of a full-fledged SOC team, yet their relative security are crucial to their operations. All the while a majority of security compliance standards require “eyes on events & data” measures. This becomes a hindrance on some businesses and organizations to which they might begrudgingly employ a half-hearted attempt with minimal effort, or they might not even know where to start. This is where the introduction to open-source solutions come in. In this presentation I will cover:
  1. What is SOC? - Processes, People & Technology
  2. Open Source - Gathering proper tools to build a SIEM solution purpose-built just for you
  3. Considerations & Procedures - Tailoring the pieces to fit your use case(es)
  4. Resilience - Strategizing best practices to keep your SOC up and running through thick and thin



Speakers
avatar for Mike Curnow

Mike Curnow

CEO, Experienced SOC Architect, Defiant Networks, Inc.
Mike is a trusted cybersecurity professional with experience in the financing, health, industrial controls, and automotive sectors. Equipped with his experience as a former software engineer and skills on offensive & defensive security. He's been trusted to perform penetration tests... Read More →


Wednesday July 22, 2020 10:30am - 12:00pm EDT
GoToWebinar Room D

10:30am EDT

Versprite Threat Hunting Workshop: Utilizing Threat Intelligence to Hunt the Unknown in Your Network
Register for this session HERE​​​

In today’s world, most security teams use threat intelligence reactively, reacting to each sign compromise. While this method is common, we want to pose a question to the attendees – why? Why wait for the unknown to hit you first?

In this presentation, we will be exploring what it would mean to be proactive in your security measures. We will discuss threat hunting and utilizing Threat Intel produced by a threat library built around your environment to hunt the unknowns in your network.

All attendees will receive CEUs through ISSA and receive a downloadable copy of the presentation to take back to the office.

Speakers
avatar for Jake Niederer

Jake Niederer

Consulting Manager, VerSprite
Jake Niederer is a Managing Consultant for the Threat Intelligence Team at VerSprite. He is a decorated former Marine, awarded with the Navy Achievement Medal, a Combat Distinguishing Device V for Valor, and the Purple Heart for his actions in OEF Afghanistan. Aside from the military... Read More →
avatar for Jordan Young

Jordan Young

Jr. Security Consultant, VerSprite
Jordan Young is a Security Consultant for the Geopolitical Risk Team (GPR) of VerSprite; a team that specializes in understanding how geopolitical occurrences, such as protests, can lead to changes in threat landscapes. Jordan graduated from the University of Chicago with a Master’s... Read More →



Wednesday July 22, 2020 10:30am - 12:00pm EDT
GoToWebinar Room C

10:30am EDT

Check Point & The TENEO Group: Cyber Range “Game of Clouds”
Register for this session HERE

Afternoon- Cyber Range “Game of Clouds”
    • Use CloudGuard IaaS, Dome9 and LOG.IC and assist a game studio that has suffered a breach on its newly set up cloud infrastructure. 
        • Mutants and Chaos by YelloWork, is a once-in-a-decade success in the gaming industry. Following its sensational success YelloWorks’ Chief Architect, Kristian Lundqvist, decides to move the game infrastructure to the cloud overnight. However, following the transition they suffer a breach. You are a cloud expert called upon to save the day. The game must go on!  Part 1 – perform reconnaissance and gain a foothold in the target network.

Check Point will be providing lunch (via Gift Cards given the morning of, or by delivery arranged by our team) to participants who register and attend the training day. We will send out signup details for lunch soon. Also, we will be awarding $100 gift cards to the 2 highest scoring players of the Game of Clouds, as well as additional gift cards/prizes throughout the training day.

Speakers
avatar for Aaron Rose

Aaron Rose

Regional Architect - Mid-Atlantic & Federal, Check Point Software Technologies

Sponsors


Wednesday July 22, 2020 10:30am - 12:30pm EDT
Zoom Afternoon https://pages.checkpoint.com/virtual-cyber-range-midatlantic-july-2020.html

11:30am EDT

DNS & Palo Alto: "Ultimate Test Drive Part 2" (Afternoon Session)
Register for this session HERE

PAN Lab - Training Day  (Afternoon Session)

Overview – Daniel Stevenson, DNS Engineer
Global expansion, mobile workforces, and cloud computing are shifting the locations of your applications, data, and users. These changes introduce new opportunities, but they also introduce new vectors for cybersecurity risk. Palo Alto Networks Secure Access Service Edge (SASE) - Prisma Access delivers the networking and security that organizations need in a purpose-built cloud-delivered infrastructure. Prisma Access acts as a firewall service that protects branch offices and mobile users from threats while also providing the security services expected from a next generation firewall.
 
The workshop will showcase how to:
·    Protect remote networks and mobile users in a consistent manner, wherever they are
·    Provide connectivity and security in order to access all your applications
·    See the flexibility and cloud scalability to handle your changing requirements
 

Speakers
avatar for Daniel Stevenson

Daniel Stevenson

DNS Engineer, Data Network Solutions (DNS)
Daniel brings over 10 years of hands-on experience in IP-based network and security solutions.  Now in his 7th year on the DNS engineering team, he has focused his time designing and implementing security technologies across the enterprise for our customers.  Daniel is a two-time... Read More →

Sponsors


Wednesday July 22, 2020 11:30am - 2:30pm EDT
GoToWebinar Room A

12:30pm EDT

BlueTeamAssess – OSINT “Sorting Through Breadcrumbs to Determine Your Internet Exposure"
Register for this session HERE​​​

Open Source Intelligence (OSINT)
Sorting through the breadcrumbs on the Internet to Determine Your Exposure

How much data can be found on you or your company on the Internet? The unfortunate answer in today’s world is often far too much. Further, this data can often be used by malicious actors to cause damage to individuals or organizations through cyber attacks or social vendettas.

This short workshop will give attendees an introduction to OSINT by walking through the OSINT Framework available on GitHub. As part of that introduction, we’ll see examples of how tools like SHODAN, Google Dorks, and Recon-ng can be used to collect data on your target. Even better, how can you defend against a potential attackers efforts to find stuff on you?

The instructor will help frame the exposure and risk that the different types of information present, and attendees will have an opportunity to perform some investigation of a subject of their choosing during the hands-on exercises that make up the majority of the workshop.

Among the topics covered during this workshop include:
•    Goals of OSINT
•    OSINT Frameworks
•    Free tools to perform OSINT investigations
•    Searching for data on companies
•    People searching on social media
•    Monitoring to protect you and your business
•   Where to go for more extensive application

Conducting an OSINT exercise should be an expected part of the preparation for any vulnerability assessment or penetration test. It is through these queries that the potential aggressor learns about possible chinks in the armor worn by the target. At the completion of this workshop, the attendees should have a much deeper appreciation of how very true is the statement – “Nothing is ever really deleted from the Internet.”

Cybersecurity specialists and business owners should pay close attention to the amount of information about an organization or individual that exists on the web. This information is often exploited by hackers and other malicious actors bent on doing damage to the reputations of individuals or the integrity of business organizations.



Speakers
avatar for Mike Parsons

Mike Parsons

Senior CyberSecurity Architect and Mentor, BlueTeamAssess LLC
Mike holds the CISSP, PCIP, IAM, IEM and is HIPAA certified.  He is a 6 year veteran of USMC and resides in eastern North Carolina. Mike is the principal at BlueTeamAssess LLC and is a Senior CyberSecurity Architect and Mentor. He believes information security has a tactical and... Read More →



Wednesday July 22, 2020 12:30pm - 2:00pm EDT
GoToWebinar Room F

12:30pm EDT

Netwrix – AD Changes/Best Practices for Securing Sensitive Data

Speakers
avatar for Jeff Melnick

Jeff Melnick

Director, Global Solutions Engineering, Netwrix



Wednesday July 22, 2020 12:30pm - 2:00pm EDT
GoToWebinar Room C

12:30pm EDT

Teneo and Silver Peak – De-Risk Your SD-WAN Project: Technology Workshop
Register for this session HERE​​​

Technology Workshop Abstract:
There are three big considerations that often go unnoticed in SD-WAN projects. They’re linked to technology fit, people and process. Failure to select the best technology fit, align the right people and execute a smooth process are the reasons why over 50% of IT projects fail.

Leveraging Silver Peak Unity EdgeConnect™ SD-WAN and Teneo Inc.’s years of technical SD-WAN knowledge, practical and real-life experience, this workshop will give you a clear look inside the adoption of a secure SD-WAN.  Teneo Inc. will discuss the why, when and how to adopt a secure SD-WAN taking in to consideration the challenges that other organizations have faced in regards to people and process. In regards to selecting the technology, Teneo Inc. will introduce the best in class, Silver Peak Unity EdgeConnect™ SD-WAN.

Silver Peak will allow to look inside their Silver Peak Unity EdgeConnect™ SD-WAN. The demo will give an overview of architecting and operating an SD-WAN, as well as dive into core features, capabilities and security components of Silver Peak Unity EdgeConnect™ SD-WAN.

Still have questions? We will save time to answer your questions during the workshop or we will be happy to arrange a time to discuss your organization’s secure SD-WAN project.

De-risk your SD-WAN project by learning directly from Teneo Inc. and Silver Peak’s years of experience and best in class technology.


Speakers
avatar for Steve Evans

Steve Evans

Senior VP of Solutions Engineering, Teneo, Inc.
Steve Evans is Sr. VP of Solutions Engineering globally for Teneo Inc. He has over 20 years of experience in network and security engineering, architecture and design. Steve came to Teneo from the public sector where he was the network administrator for 10 years for a 60- site, 30,000... Read More →
avatar for John Campbell

John Campbell

Senior Systems Engineer, Silver Peak
John Campbell is a Senior Systems Engineer and trusted technical advisor for the Silver Peak Software Defined WAN (SD-WAN) and WAN optimization solutions.  John is an advocate for all things SD-WAN for customers currently evaluating Silver Peak and other WAN technologies.  His... Read More →

Sponsors

Wednesday July 22, 2020 12:30pm - 2:00pm EDT
GoToWebinar Room D

2:30pm EDT

ISSA Fayetteville-Ft. Bragg: Nia Luckey, Security Operations Manager, Cisco, "Not Another Framework: Cutting Through the Noise"
Register for this session HERE​​​

Not Another Framework: Cutting Through the Noise

In the world of cybersecurity, we love our frameworks: ISO, NIST, RMF, SOC1, SOC2, COBIT, HITRUST, and many more.  But these different frameworks often complicate areas like maturity modeling, operational readiness, and threat modeling! The struggle is finding the common areas of overlap.  So instead of doing that, the question becomes, how do we elevate all of them under a simplified process? By leveraging common language cutting through the minutiae, we can start to build progress. 


Speakers
avatar for Nia Luckey

Nia Luckey

Security Operations Manager, Cisco
Nia Luckey is a true innovator. She doesn't see obstacles but rather opportunities for growth, improvement, and alignment. As an industry leader, she has established two 501c3 affiliate chapters in her local area of North Carolina. The Information Systems Security Association of Fayetteville... Read More →



Wednesday July 22, 2020 2:30pm - 4:00pm EDT
GoToWebinar Room D

2:30pm EDT

TCDI - IT Security Changes During Quarantine: Leveraging Existing Infrastructure against Remote Cyber Threats
Register for this session HERE​​​

Description:

The remote work that began as a temporary solution to various stay-at-home orders has now become the new normal for many organizations. While this transition can be beneficial in many ways, it does create further complications for IT departments tasked with maintaining the security and integrity of critical systems. 
During this presentation, cybersecurity experts from TCDI will dive into issues and solutions related to remote access and incident response investigations, as well as how organizations can leverage their existing infrastructure to protect data while supporting their remote employees. 


Agenda: 
• Remote Work Considerations 
• Remote Incident Response Investigations 
• Supporting Remote Employees 
• Common Cybersecurity Attacks and Strategies 
• Key Takeaways


Speakers
avatar for Eric Vanderburg

Eric Vanderburg

Vice President, Cybersecurity, TCDI
Eric Vanderburg is considered a thought leader in the industry and is a continual learner who has earned over 40 technology and security certifications. He is the author of several books and he frequently writes articles for magazines, journals, and other publications.Eric regularly... Read More →
avatar for Bogdan Salamakha

Bogdan Salamakha

Senior Cybersecurity Engineer, TCDI
Bogdan Salamakha is an experienced cybersecurity professional who helps protect companies from cyber threats, comply with regulations, test security controls, and gain assurance in their information security. He serves as a cybersecurity subject matter expert in penetration testing... Read More →

Sponsors


Wednesday July 22, 2020 2:30pm - 4:00pm EDT
GoToWebinar Room B

2:30pm EDT

Triaxiom – Matt Miller, Principal Security Engineer, “An Introduction to Pen Testing & Red Teaming”
Register for this session HERE​​​

Whether you are considering a career as a penetration tester, if your organization would benefit from a penetration test, or just want to learn more this workshop is for you. This workshop will serve as an introduction to penetration testing, what separates a penetration test from a vulnerability scan, an overview of the different types of penetration testing, and the pros and cons of a red team engagement. Finally, we will be sure to include plenty of stories from past penetration tests to keep it interesting.

Speakers
avatar for Matt Miller

Matt Miller

Principal Security Engineer, Triaxiom
Matthew Miller began his career in information security as a Cyberspace Control Officer in the United States Air Force. His first tour was to the United Kingdom as part of Europe’s special operations tactical communication unit. In this role, Matt would often lead a team to deploy... Read More →


Wednesday July 22, 2020 2:30pm - 4:00pm EDT
GoToWebinar Room F

4:30pm EDT

TEKsystems – CyberSecurity Careers: Securing Your Path
Register for this session HERE​​​

“Teron Foster and Nolan Myrick from TEKsystems will provide insights (and opinions) regarding career mapping & development, interview skills, resume writing and job market data.”

Speakers
avatar for Nolan Myrick

Nolan Myrick

Infrastructure Optimization, Risk & Security Services Division Lead, TEKsystems
Nolan Myrick – BizTech geek. Family man. Lover of Basketball & Golf.Nolan currently serves as a Division Lead for TEKsystems, the leading IT Services & Staffing company in North America. His external focus is working with clients to evaluate and address a broad spectrum of Risk... Read More →
avatar for Teron Foster

Teron Foster

University Relations Recruiter, TEKsystems
Teron Foster is a native of Reidsville, NC, and currently resides in Greensboro NC. Teron graduated from North Carolina Agricultural & Technical State University with a Bachelor’s degree in Marketing and Sales in 2016. After graduation he joined TEKsystems where he worked as a Technical... Read More →

Sponsors


Wednesday July 22, 2020 4:30pm - 6:00pm EDT
GoToWebinar Room A
 
Thursday, July 23
 

8:00am EDT

Keynote Speaker – Check Point / The TENEO Group "The Good, Bad and Ugly Migrating to the Cloud"
Register for this session HERE​​​

Title: The Good, Bad and Ugly (migrating to the cloud)

Views from Cyber Security integrator on what we see when customers succeed or fail with their cloud migration

Speakers
avatar for Craig Johnson

Craig Johnson

VP Business Development, The Teneo Group
Craig Johnson has over 30 years of experience in the technology field. Starting in the mid 1980’s with H. Ross Perot’s Electronic Data Systems. Craig spent 20+ years at Check Point Systems where he held several key positions in the Mid-Atlantic region before joining Teneo as VP... Read More →

Sponsors


Thursday July 23, 2020 8:00am - 9:00am EDT
GoToWebinar Room F

9:30am EDT

ARMIS - Agentless Device Security
Register for this session HERE​​​

The exponential increase in the number of unmanaged and IoT devices connected to enterprise networks provide an ever-expanding attack surface for malicious actors to exploit in order to disrupt production, impact patient care, or inflict financial loss.  What is the best way to keep your enterprise safe from these attacks?

Join this discussion to learn:
  • Examples of unmanaged and IoT devices that can’t be protected by traditional systems
  • Challenges associated with traditional security systems and methods
  • How Armis can help protect your unmanaged and IoT devices from cyber attack





Speakers
avatar for Ryan Aleman

Ryan Aleman

Solution Architect, Armis
Ryan Aleman is a Director of Solutions Architecture at Armis. As a Director of Solutions Architecture at Armis, Ryan is at the forefront of the developing landscape of unagentable devices. With an extensive background in security and technical environment management, Ryan has worked... Read More →

Sponsors


Thursday July 23, 2020 9:30am - 10:20am EDT
GoToWebinar Room D

9:30am EDT

Bitglass - Secure Access Services Edge (SASE) - A Comprehensive Security Solution for Digital Transformation
Register for this session HERE

Secure Access Services Edge (SASE) - A Comprehensive Security Solution for Digital Transformation

With the rise of the remote workforce we continue to see data move off premise and beyond conventional tools like firewalls, and enterprises need to think differently to identify how to best secure it. Secure Access Service Edge (SASE) is an emerging concept that consolidates many security solutions into a single safe cloud environment that is fully integrated into the network, designed to protect data wherever it goes

Speakers
avatar for Ben McGucken

Ben McGucken

AVP, South US & LATAM, Bitglass
As AVP of Sales at Bitglass, Ben McGucken leads Bitglass' US Southeastern, LATAM and US Federal sales teams.  Ben has more than  twenty years of experience leading sales and system engineering teams in IT security and network communications.  Prior to Bitglass, Ben held sales and... Read More →



Thursday July 23, 2020 9:30am - 10:20am EDT
GoToWebinar Room B

9:30am EDT

Netwrix - Calculating ROI for Security: Why This Is So Difficult? Do You Need IT?
Register for this session HERE​​​

The ongoing stream of data leaks and other breaches of consumer trust is a top concern for executives at organizations around the world. To make sound decisions about cybersecurity strategy, especially during challenging times like these, when budgets are tight, they need accurate assessments of the effectiveness of proposed security investments. However, providing those estimates of ROI can be extremely difficult for CISOs, who often struggle to quantify the expected impact of security measures.
 
Join us for this educational session to learn the 4 key benefits of a security investment — and how to effectively communicate the associated value to senior decision makers. Armed with this information, you will be well positioned to convince them to make cybersecurity investments right now.

Speakers
avatar for Ilia Sotnikov

Ilia Sotnikov

Vice President of Product Management, Netwrix Corporation
Ilia Sotnikov is responsible for Netwrix product vision and strategy. He has over 15 years of experience in IT management software market. Prior to joining Netwrix in 2013, he was managing SharePoint solutions at Quest Software (later acquired by Dell).



Thursday July 23, 2020 9:30am - 10:20am EDT
GoToWebinar Room C

9:30am EDT

TCDI – Not All Pen Tests are Created Equal: Choosing the Right Vulnerability Management Program for Your Organization
Register for this session HERE​​​

Description: 
A robust vulnerability management program should be an essential part of every organization’s cybersecurity strategy. Having one in place allows IT departments to identify and remediate vulnerabilities before they can be discovered and exploited by cybercriminals. As with many things, getting an apples to oranges comparison between third-party vendors and their service offerings can be difficult, and not every pen test is created equal. 
Join us for this critical discussion where cybersecurity and penetration testing experts from TCDI discuss how to choose the right pen test for your organization, the pitfalls of only conducting automated vulnerability scans, and how to separate the apples from the oranges during vendor selection. 
Agenda: 
• Choosing the Right Type of Pen Test 
• Why Vulnerability Scans Alone Don’t Make the Cut 
• Building Out a Holistic Vulnerability Management Program 
• Identifying Red Flags When Selecting Your Third-Party Vendor 


Speakers
avatar for Eric Vanderburg

Eric Vanderburg

Vice President, Cybersecurity, TCDI
Eric Vanderburg is considered a thought leader in the industry and is a continual learner who has earned over 40 technology and security certifications. He is the author of several books and he frequently writes articles for magazines, journals, and other publications.Eric regularly... Read More →
avatar for Bogdan Salamakha

Bogdan Salamakha

Senior Cybersecurity Engineer, TCDI
Bogdan Salamakha is an experienced cybersecurity professional who helps protect companies from cyber threats, comply with regulations, test security controls, and gain assurance in their information security. He serves as a cybersecurity subject matter expert in penetration testing... Read More →
avatar for Christopher Kolezynski

Christopher Kolezynski

Cybersecurity Engineer, TCDI
Chris Kolezynski is a Certified Ethical Hacker and licensed attorney in the state of Ohio. This combination of technical and legal expertise makes him uniquely qualified to assist organizations in protecting the confidentiality and integrity of their critical systems. Chris serves... Read More →

Sponsors


Thursday July 23, 2020 9:30am - 10:20am EDT
GoToWebinar Room A

10:30am EDT

Mary Siero, President, Innovative IT, ”CIS Controls Framework and Resources Overview"
Register for this session HERE​​​

Session Title: CIS Controls Framework and Resources Overview

In 2015 the Center for Internet Security (CIS) assumed management and maintenance for the SANS Top 20 Critical Security Controls and renamed them the Critical Security Controls for Effective Cyber Defense. The CIS controls were developed and enhanced over the years by industry experts and the US military and other government entities. They represent a risk-based and prioritized approach to cyber security. The controls lay out the consensus from respected industry experts as to the best way to block known attacks and the recommended approaches to find and mitigate damages resulting from successful attacks.

In 2018 CIS supplemented these controls by providing the CIS Risk Assessment Methodology (RAM) based on implementation of these controls. Additional focus areas provided by CIS include the applicability of these controls to Internet of Things (IoT), Mobile technologies, the Cloud and Privacy.

Please join us at this session to learn about the CIS Controls Framework and how you can use it along with the other resources available through CIS to improve the Cybersecurity posture at your organization.

Speakers
avatar for Mary Siero, CISSP, CCSP, CISM, CRISC, ITILV3

Mary Siero, CISSP, CCSP, CISM, CRISC, ITILV3

President, Innovative IT
Mary G. Siero, CISSP, CCSP, CISM, CRISC, ITILV3Mary Siero is an executive level Information Technology Consultant and the President of Innovative IT, a leading North Carolina based information technology consulting firm that specializes in IT operational, compliance and security consulting... Read More →


Thursday July 23, 2020 10:30am - 11:20am EDT
GoToWebinar Room D

10:30am EDT

Mike Muscatell, Senior Manager Security, Krispy Kreme “’ToR of the WiLD SiD3 of the Internet-Dark Web, Deep Web and Dark Net"
Register for this session HERE​​​

We always hear about the “Dark Web” and how various services advertise the use of such a resource but what does that mean? Better yet, what does it look like. This will be a full LIVE presentation demonstrating where “various” type of activity i.e. personal identifiable information, transaction information and other related content reside.

Speakers
avatar for Mike Muscatell

Mike Muscatell

Senior Security Manager, Krispy Kreme
Mike Muscatell is a seasoned IT veteran with more than 25 years in the Information Security field. He is an Offensive Security Professional and a Certified Ethical Hacker. Was honored as top 100 professionals in the Information Security Field by Strathmore's Whos Who. Member of a... Read More →


Thursday July 23, 2020 10:30am - 11:20am EDT
GoToWebinar Room B

10:30am EDT

Phillip Kerr – Manager of Information Security, Market America “Open Source Security”

Speakers
avatar for Phillip Kerr

Phillip Kerr

Information Security Manager, Market America
Phillip Kerr - Information Security Manager, Market America Experienced Information Security Analyst, Manager, Assessor and Senior Network Engineer with a demonstrated history of working in the Retail Government (DoD) and Information Technology and Services Industry. Skilled in Security... Read More →


Thursday July 23, 2020 10:30am - 11:20am EDT
GoToWebinar Room A

10:30am EDT

Rich Castor, Sr Enterprise PCI Specialist, National General Insurance “PCI Basics: Scoping & Network Segmentation”
Register for this session HERE​​​

Organizations often struggle to understand where the controls outlined in the PCI DSS are required. Proper scoping is the first step in determining which systems must be protected. Most organizations then try to reduce the scope wherever possible in an effort to reduce cost, complexity and risk. This Speaking Session will touch on two main topics; how to properly identify in-scope system components, and ways organizations can potentially reduce the scope of their PCI environments.

Speakers
avatar for Rich Castor

Rich Castor

Senior Enterprise PCI Specialist, National General Insurance
Richard Castor, Senior Enterprise PCI Specialist. Level 1 MerchantPCI isn't an acronym for Popcorn, Cake, Ice cream. That is, until your company becomes compliant and maintains compliance. Richard is a Senior Enterprise PCI Specialist for a Level 1 Merchant headquartered in NYC, National... Read More →


Thursday July 23, 2020 10:30am - 11:20am EDT
GoToWebinar Room C

11:30am EDT

Keynote – DNS/Palo Alto, Field Chief Technology Officer Cortex XDR “Automation – Threat Actors are Using It and You Should Be Too”
Register for this session HERE​​​

Please join us as we go over recent data from inside Palo Alto Networks showing how threat actors are using automation and why you should be too from Palo Alto's CTO for their Cortex division -a veteran of multiple offensive takedown operations against organized crime on the Internet.

Speakers
avatar for Bruce Hembree

Bruce Hembree

Field Chief Technology Officer, Cortex XDR, Palo Alto Networks
Bruce Hembree, Field Chief Technology Officer, Cortex XDRBridging the gap between security practitioners, development, and operations for Palo Alto Network’s Cortex division. Researching compelling data points in the information security world and discovering interesting points... Read More →

Sponsors


Thursday July 23, 2020 11:30am - 12:30pm EDT
GoToWebinar Room F

1:00pm EDT

Dr. Scott Toth, Information Security Officer, Security, Privacy & Compliance Manager, Global Digital Solutions & IT, Volvo Financial Services “Privacy & Security for the Modern Era”
Register for this session HERE

So often we think of security as a technical problem that is meant to be solved by new hardware appliances or innovative software packages; however, enabling good security is a broad endeavor that involves everyone in an organization in many different ways. Given the spate of new laws in different states and countries around the world, and considering the various privacy regulations that can have an impact on the development of a security program, we will explore those and other factors that can influence a company’s ability to change and adapt to the current business climate and maintain a strong security posture.

Scott Toth, the Global Enterprise and Cyber Security Manager at Volvo Financial Services, will explain many of the drivers that shape a security and privacy program, discuss key relationships throughout the business that can have a positive impact on a program’s effectiveness, and relate IT-specific security and privacy challenges that will evolve as companies continue to transition to cloud-based services in a global business environment.

Speakers
avatar for Dr. Scott Toth, CISSP, CCSP

Dr. Scott Toth, CISSP, CCSP

Information Security Officer, Volvo Financial Services
Dr. Scott Toth, CISSP, CCSP is a resident of Greensboro, North Carolina and has over 13 years of information security experience in infrastructure, operations, architecture, governance and management. Scott is the Information Security Officer and head of security and privacy for Volvo... Read More →


Thursday July 23, 2020 1:00pm - 1:50pm EDT
GoToWebinar Room A

1:00pm EDT

Gary Sheehan, Director of Information Security, Elon University “Security Metrics, Not the Same Old Blah, Blah, Blah…"
Register for this session HERE

"Security Metrics: Not the Same Old Blah, Blah, Blah...."

Speakers
avatar for Gary Sheehan, CISSP, CERP, CIS LI, CTPRP

Gary Sheehan, CISSP, CERP, CIS LI, CTPRP

Director of Information Security, Elon University
Gary Sheehan, CISSP, CERP, CIS LI, CTPRP, and Information Security Director at Elon UniversityInformation Security Expert / GRC Expert - Vendor / Supplier / Third-Party Risk Management Expert.CISSP, CERP, CTPRP and ISO 27001 Lead Implementer certified security professional focused... Read More →


Thursday July 23, 2020 1:00pm - 1:50pm EDT
GoToWebinar Room D

1:00pm EDT

Jeff Hoge, Information Security Engineer, Panel Discussion: “Career Advancement in Cybersecurity”
In this session, we will have a roundtable discussion with several information security leaders & veterans to speak about career advancement in cybersecurity.

The following questions will be addressed, and more:
  • How would someone move into cybersecurity as an entry-level IT role?
  • How would someone with experience in a particular IT discipline make the career change into cybersecurity? 
  • If possible, speak a bit about your own career path. How did you build your career to get where you are now? 
  • What traits, behaviors, and skillsets would you look for in a candidate?
  • What steps should one take to position themselves to have an edge in this field?
  • What are you reading/listening to/studying on that helps you stay sharp in your career?
  • The annoying question we must always ask: What keeps you up at night?

Panel guests:
  • Jason Cox // CISO at Elevate Textiles
  • Lori Cole // Security Operations Manager at Hanesbrands
  • Andrew Ramos // Director of IT and HIPAA Security Official at MedCost (tentative)
  • Courtney Leavitt // Senior Information Security Analyst at USAA
  • Andrew Travis // Information Security Officer at Radford University
  • Jonathan Cole // Senior Security Engineer at Inmar

Jeff Hoge serves as the Information Security Engineer at MedCost, a benefit solutions company based in Winston-Salem, NC. He has been in IT for the last 17 years, and though he has worked in a specific cybersecurity role for the last 4 years, security has been a major focus for his entire career. Jeff's "fictional heroes" are Curious George and Bruce Wayne -- for their curiosity and detective skills.

Register for this session HERE

Panelist
avatar for Lori Cole

Lori Cole

Security Operations Manager, Hanesbrands
avatar for Jonathan Cole

Jonathan Cole

Senior Security Engineer, Inmar
avatar for Jason Cox

Jason Cox

CISO, Elevate Textiles
avatar for Courtney Leavitt

Courtney Leavitt

Senior Information Security Analyst, USAA
avatar for Andrew Ramos

Andrew Ramos

Director of IT and HIPAA Security Official, MedCost
avatar for Andrew Travis

Andrew Travis

Information Security Officer, Radford University

Speakers
avatar for Jeff Hoge

Jeff Hoge

Information Security Engineer, MedCost
Jeff has been working in the IT field for 17 years, with his primary background being in security, networking and systems administration. He has several industry certifications such as CISSP and is serving as the Vice-President of the Triad of NC ISSA chapter. Located in the Winston-Salem... Read More →


Thursday July 23, 2020 1:00pm - 1:50pm EDT
GoToWebinar Room C

1:00pm EDT

Panel Discussion - Closing The Inclusion & Diversity Gap In Info Sec
Register for this session HERE


Inclusion & Diversity Panel Discussion
  1. How have you advocated for change and some of the successes and challenges you’ve faced?
  2. What is the one thing you do to make your company more inclusive and diverse?
  3. Does your company have an I/D strategy?
  4. What are the benefits?
  5. What are the barriers to employees with a diverse background?
  6. Who has employee resource groups in their org?
  7. What can the audience walk away with today that is tangible and you can start doing in your organization tomorrow to make change?

Panelist
avatar for Nia Luckey

Nia Luckey

Security Operations Manager, Cisco
Nia Luckey is a true innovator. She doesn't see obstacles but rather opportunities for growth, improvement, and alignment. As an industry leader, she has established two 501c3 affiliate chapters in her local area of North Carolina. The Information Systems Security Association of Fayetteville... Read More →
avatar for Noureen Njoroge

Noureen Njoroge

Security Threat Intel Engineer at Cisco Systems, Cisco
Noureen Njoroge is a passionate Cybersecurity specialist, a global keynote speaker, award winner of Cisco 2019 Cybersecurity Champion and is listed among the Top 30 Most Admired Minority Professionals in Cybersecurity by SeQure World Magazine, UK. She currently works at Cisco Systems... Read More →
avatar for William Ogle

William Ogle

Manager of Cyber Security, EY
Dynamic professional engaged with enterprise transformation and increasing consumer privacy & security. Build strategies to forward organizational productivity through defined governance, risk and compliance goals. Unique skill sets to help aid the enterprise needs to understand the... Read More →
avatar for Mansi Thakar

Mansi Thakar

Chief Operating Officer of Cyberjutsu, Women's Society of Cyberjutsu
Mansi Thakar is the Chief Operating Officer and has over 5 years of experience leading national nonprofits. She has a flair for sustainable innovative ideas and a history of implementing them successfully. With an undergraduate degree in chemistry, Thakar decided to get a cyber security... Read More →
avatar for Terry West

Terry West

Regional Inclusion & Diversity Manager - Midwest, TEKsystems
Terry is a proven business leader with more than 20 years of experience in the world of inclusion and diversity, management, talent acquisition and business development. He has been with TEKsystems for twenty-two years and is currently the Regional Inclusion & Diversity Manager... Read More →

Sponsors

Thursday July 23, 2020 1:00pm - 1:50pm EDT
GoToWebinar Room E

1:00pm EDT

Tara Hunter, Sr Cloud Security Engineer, IT Security, Brighthouse Financial “Automation & Cloud – Demo of a Cloud Security Set up”

Speakers
avatar for Tara Hunter, CISSP, CCSP

Tara Hunter, CISSP, CCSP

Senior Cloud Security Engineer, IT Security, Brighthouse Financial
Tara Hunter received her degree in Computer Science from the University of North Carolina at Charlotte and since then she has developed more than a decade long career in the Information and Cyber Security space. During this time, she has had the opportunity to work for a variety of... Read More →


Thursday July 23, 2020 1:00pm - 1:50pm EDT
GoToWebinar Room B

2:00pm EDT

Keynote - CrowdStrike, THREAT ACTOR OPPORTUNISM & COVID-19
Register for this session HERE

Cyber threat actors of both the nation-state and criminal varieties are notorious for engaging in opportunistic attacks in order to achieve their malicious objectives. Unfortunately, the global COVID-19 pandemic is no different. Nation-state and criminal actors across the board have been observed leveraging COVID-19 themed lures to exploit their targets.

From Coronavirus-themed phishing emails to ransomware schemes that exploit public information websites, the global threat actor community has demonstrated their willingness to take advantage of this global pandemic. Given the recent threat, this brief will discuss high level strategic observations as well as tactical intelligence pertaining to threat actor exploitation of COVID-19.

Speakers
RS

Roel Schouwenberg

Strategic Threat Advisory Group – US East Lead, CrowdStrike
Roel Schouwenberg has been part of the security community since the late 90s. His career has spanned many facets, with his early work primarily focused on producing cyber threat research and analysis. From there on, Roel started producing and presenting tactical and strategic threat... Read More →



Thursday July 23, 2020 2:00pm - 3:00pm EDT
GoToWebinar Room F

3:00pm EDT

Keynote – Teneo, Inc. and Silver Peak: "Securing SD-WAN in a Cloudy World"
Register for this session HERE​​​

Abstract:

Today’s cloud-first enterprise must securely connect their workers to their applications, no matter where their applications may live. Only by transforming both the WAN edge and security architectures can the full promise of the cloud be fully realized. SD-WAN is your opportunity to re-architect, design and build a network that’s secure and fit for the future. Teneo Inc. and Silver Peak can help to make this a clear reality in our cloudy world.


In our keynote presentation, Teneo Inc. will share with you the challenges and considerations other organizations have faced based on our years of technical SD-WAN and security knowledge and real-life design and deployment experience. Learn more about Teneo Inc. and Silver Peak’s solution that enables Silver Peak’s Silver Peak Unity EdgeConnect™ SD-WAN to deliver an agile, dynamic, reliable network while easily integrating your existing security in a best of breed approach. Our solution is business-driven so business priorities are reflected in the way the network behaves to deliver the highest quality of experience in a secure environment.

 
Teneo Inc. and Silver Peak will your answer questions in regards to securing SD-WAN in a cloudy world including:
  • How should I go about integrating security into SD-WAN?
  • What security challenges come with an SD-WAN environment?
  • How can I get the best in breed SD-WAN, WAN-OP, and security solutions?


Speakers
avatar for John Campbell

John Campbell

Senior Systems Engineer, Silver Peak
John Campbell is a Senior Systems Engineer and trusted technical advisor for the Silver Peak Software Defined WAN (SD-WAN) and WAN optimization solutions.  John is an advocate for all things SD-WAN for customers currently evaluating Silver Peak and other WAN technologies.  His... Read More →
avatar for Steve Evans

Steve Evans

Senior VP of Solutions Engineering, Teneo, Inc.
Steve Evans is Sr. VP of Solutions Engineering globally for Teneo Inc. He has over 20 years of experience in network and security engineering, architecture and design. Steve came to Teneo from the public sector where he was the network administrator for 10 years for a 60- site, 30,000... Read More →

Sponsors

Thursday July 23, 2020 3:00pm - 4:00pm EDT
GoToWebinar Room A