2020 Triad of NC ISSA Security Summit: Full Schedule

Please register for each session that you plan to attend.
The registration link is included in the description of the session.
Details to access each of the sessions that you register for will be sent to the email address provided during registration.

8:00am EDT

Check Point & The TENEO Group: “Cover Your SaaS - Protecting Your Business in a Cloudy World”

Register for this session HERE

“Cover Your SaaS - Protecting your Business in a Cloudy World”

Description: In this lab simulation, participants will learn about the risks involved with SaaS applications & how to protect their organization against Cyber Threats when the applications are no longer within the 4 walls of the datacenter. The lab will include protecting Office 365, One Drive, GSuite, Dropbox & SalesForce.com

Speakers

Aaron Rose

Security Architect, Office of the CTO, Check Point Software Technologies

Aaron Rose is a Cyber Security Evangelist, Security Architect & Member of the Office of the CTO at Check Point Software Technologies. A subject matter expert in Cloud, Internet of Things, and Application security; Aaron has focused his career on securing organizations & their resources... Read More →

Sponsors

Check Point Software Technologies

The Teneo Group

Wednesday July 22, 2020 8:00am - 10:00am EDT
Zoom Morning https://checkpoint.zoom.us/meeting/register/tJMlfuGvpzwsGNAlLJ9FtAKfz4Z_T4j5_sCv

Training Session, 2 Hours

8:00am EDT

DNS & Palo Alto: Ultimate Test Drive Part 1 (Morning Session)

Register for this session HERE

Overview – Jack Daniel, DNS Engineer
The VM-Series on Microsoft Azure can help prevent data loss and business disruption, allowing corporations to move at the speed of the cloud. Use this UTD workshop to demonstrate how the Palo Alto Networks VM-Series firewall and advanced threat prevention features can enhance Microsoft Azure security by providing protection from advanced attacks.

This hands-on workshop will:
· Provide students temporary access to Azure console and review how VM-Series is deployed in Azure
· Demonstrate how to prevent threats while allowing certain applications
· Showcases VM-Series integration with Azure Application Insights to publish PanOS metrics
· Demonstrate fault tolerance to redirect the traffic to active VM-Series firewall
· Showcases how to improve security policy by converting port-based policy to application based-policy with Policy Optimiz

Speakers

Jack Daniel

DNS Engineer, Data Network Solutions (DNS)

As the founding engineer for Data Network Solutions (DNS), Jack Daniel has spent the past 20 years working within the computer industry, currently he is a Senior Systems Engineer. He attended the University of North Carolina in Charlotte, where he studied math and computer science... Read More →

Sponsors

DNS (Data Network Solutions)

Palo Alto

Wednesday July 22, 2020 8:00am - 11:00am EDT
GoToWebinar Room A

Training Session, 3 Hours

8:30am EDT

ISSA Fayetteville-Ft. Bragg - Carlos Valencia, Managed Print Analyst, Digital Document Solns - MFD Overview, Hardening & Basics

Register for this session HERE

Abstract

Presentation will consist of an overview of various types of Multifunction devices.
A review of the basic setting used for hardening activating security features to protect end user’s data.
Demonstrate the basic setting to utilize SMTP and SMB.
Presentation will provide attendees confidence in navigating the MFD menu and securing their device.

Speakers

Carlos Valencia

Managed Print Analyst, Digital Document Solutions

Wednesday July 22, 2020 8:30am - 10:00am EDT
GoToWebinar Room D

Training Session, 1.5 Hours

8:30am EDT

VerSprite Application Security Workshop: Open Technologies, Tools, and Techniques for Running a Successful InfoSec Program

Register for this session HERE

About This Presentation:
When teams start considering application security, it can feel like you are being thrown into the open ocean without a lifeboat. Security threats can hit you like waves from all sides, while you are just looking for a navigation system to help guide you through each step of securing your code.
In this presentation, Tony UcedaVélez, CEO of VerSprite cybersecurity consulting and leader of OWASP Atlanta, will steer attendees through the developer benefits, helpful security guides, and break from the storm that collaboratives like OWASP offer. He will also share some trade-favorite technologies, security tools, and techniques that you and your team can use to inject security into every stage of your development lifecycle.
All attendees will receive CEUs through ISSA and receive a copy of Tony’s presentation, complete with tools and resource links you can take back to the office.

Presentation Overview:

Security Challenges
What is OWASP (Open Web Application Security Project)
Why There is a Need for Governance and Standardization in Software Development
What does OWASP have to offer?
The OWASP Application Security Verification Standard (ASVS) Security Assurance Methodology
OWASP Top Ten
Developer Guides
Security Cheat Sheets for Developers, AppSec, and InfoSec
Open SAMM (Software Assurance Maturity Model)
S-SDLC – Building Security-In
OWASP AntiSamy API
CSRFGuard
ESPI (Enterprise Security API)
Security Testing & OWASP – Prescriptive Advice for Testing
VerSprite’s Top Security Tools for Developers and Security Professionals
Open Source Tools for More Nefarious Voyages in AppSec Testing
Let’s Dock This Discussion & Take It Online

Speakers

Tony UcedaVélez

CEO & Founder, VerSprite

Tony UcedaVélez is the CEO of VerSprite, an Atlanta based security services firm assisting global multi-national corporations on various areas of cyber security, secure software development, threat modeling, application security, security governance, and security risk management... Read More →

Wednesday July 22, 2020 8:30am - 10:00am EDT
GoToWebinar Room C

Training Session, 1.5 Hours

10:30am EDT

ISSA Fayetteville-Ft. Bragg Chapter - Mike Curnow, CEO, Experienced SOC Architect, Defiant Networks "Ballin On A Budget: Deploying SIEMple SecOps"

Register for this session HERE

Presentation Abstract:
Hyper-connectivity is at an all-time high considering advances in Industry 4.0 coupled with increased remote workload migration in recent day. It’s safe for one to surmise that security operations has yet to catch up with some innovations that’ve been pushed out the door too fast. A lot of these innovative measures are employed by businesses to essentially save themselves by crafting new services or simply enabling more internet driven accessibility to handle an already existing service.

This drives need to increase deployment of what’s arguably the weakest point in many security strategies (at least those I’ve consulted with), which is enacting a Security Operations Center (SOC) to enable insight to existing threats and keep constant measure of the organization’s security posture.

The hard truth is that a lot of orgs cannot afford an expensive SIEM tool or justify on boarding of a full-fledged SOC team, yet their relative security are crucial to their operations. All the while a majority of security compliance standards require “eyes on events & data” measures. This becomes a hindrance on some businesses and organizations to which they might begrudgingly employ a half-hearted attempt with minimal effort, or they might not even know where to start. This is where the introduction to open-source solutions come in. In this presentation I will cover:

What is SOC? - Processes, People & Technology
Open Source - Gathering proper tools to build a SIEM solution purpose-built just for you
Considerations & Procedures - Tailoring the pieces to fit your use case(es)
Resilience - Strategizing best practices to keep your SOC up and running through thick and thin

Speakers

Mike Curnow

CEO, Experienced SOC Architect, Defiant Networks, Inc.

Mike is a trusted cybersecurity professional with experience in the financing, health, industrial controls, and automotive sectors. Equipped with his experience as a former software engineer and skills on offensive & defensive security. He's been trusted to perform penetration tests... Read More →

Wednesday July 22, 2020 10:30am - 12:00pm EDT
GoToWebinar Room D

Training Session, 1.5 Hours

10:30am EDT

Versprite Threat Hunting Workshop: Utilizing Threat Intelligence to Hunt the Unknown in Your Network

Register for this session HERE

In today’s world, most security teams use threat intelligence reactively, reacting to each sign compromise. While this method is common, we want to pose a question to the attendees – why? Why wait for the unknown to hit you first?

In this presentation, we will be exploring what it would mean to be proactive in your security measures. We will discuss threat hunting and utilizing Threat Intel produced by a threat library built around your environment to hunt the unknowns in your network.

All attendees will receive CEUs through ISSA and receive a downloadable copy of the presentation to take back to the office.

Speakers

Jake Niederer

Consulting Manager, VerSprite

Jake Niederer is a Managing Consultant for the Threat Intelligence Team at VerSprite. He is a decorated former Marine, awarded with the Navy Achievement Medal, a Combat Distinguishing Device V for Valor, and the Purple Heart for his actions in OEF Afghanistan. Aside from the military... Read More →

Jordan Young

Jr. Security Consultant, VerSprite

Jordan Young is a Security Consultant for the Geopolitical Risk Team (GPR) of VerSprite; a team that specializes in understanding how geopolitical occurrences, such as protests, can lead to changes in threat landscapes. Jordan graduated from the University of Chicago with a Master’s... Read More →

Wednesday July 22, 2020 10:30am - 12:00pm EDT
GoToWebinar Room C

Training Session, 1.5 Hours

10:30am EDT

Check Point & The TENEO Group: Cyber Range “Game of Clouds”

Register for this session HERE

Afternoon- Cyber Range “Game of Clouds”

Use CloudGuard IaaS, Dome9 and LOG.IC and assist a game studio that has suffered a breach on its newly set up cloud infrastructure.

Check Point will be providing lunch (via Gift Cards given the morning of, or by delivery arranged by our team) to participants who register and attend the training day. We will send out signup details for lunch soon. Also, we will be awarding $100 gift cards to the 2 highest scoring players of the Game of Clouds, as well as additional gift cards/prizes throughout the training day.

Speakers

Aaron Rose

Security Architect, Office of the CTO, Check Point Software Technologies

Sponsors

Check Point Software Technologies

The Teneo Group

Wednesday July 22, 2020 10:30am - 12:30pm EDT
Zoom Afternoon https://pages.checkpoint.com/virtual-cyber-range-midatlantic-july-2020.html

Training Session, 2 Hours

11:30am EDT

DNS & Palo Alto: "Ultimate Test Drive Part 2" (Afternoon Session)

Register for this session HERE

PAN Lab - Training Day (Afternoon Session)

Overview – Daniel Stevenson, DNS Engineer
Global expansion, mobile workforces, and cloud computing are shifting the locations of your applications, data, and users. These changes introduce new opportunities, but they also introduce new vectors for cybersecurity risk. Palo Alto Networks Secure Access Service Edge (SASE) - Prisma Access delivers the networking and security that organizations need in a purpose-built cloud-delivered infrastructure. Prisma Access acts as a firewall service that protects branch offices and mobile users from threats while also providing the security services expected from a next generation firewall.

The workshop will showcase how to:
· Protect remote networks and mobile users in a consistent manner, wherever they are
· Provide connectivity and security in order to access all your applications
· See the flexibility and cloud scalability to handle your changing requirements

Speakers

Daniel Stevenson

DNS Engineer, Data Network Solutions (DNS)

Daniel brings over 10 years of hands-on experience in IP-based network and security solutions. Now in his 7th year on the DNS engineering team, he has focused his time designing and implementing security technologies across the enterprise for our customers. Daniel is a two-time... Read More →

Sponsors

DNS (Data Network Solutions)

Palo Alto

Wednesday July 22, 2020 11:30am - 2:30pm EDT
GoToWebinar Room A

Training Session, 3 Hours

12:30pm EDT

BlueTeamAssess – OSINT “Sorting Through Breadcrumbs to Determine Your Internet Exposure"

Register for this session HERE

Open Source Intelligence (OSINT)
Sorting through the breadcrumbs on the Internet to Determine Your Exposure

How much data can be found on you or your company on the Internet? The unfortunate answer in today’s world is often far too much. Further, this data can often be used by malicious actors to cause damage to individuals or organizations through cyber attacks or social vendettas.

This short workshop will give attendees an introduction to OSINT by walking through the OSINT Framework available on GitHub. As part of that introduction, we’ll see examples of how tools like SHODAN, Google Dorks, and Recon-ng can be used to collect data on your target. Even better, how can you defend against a potential attackers efforts to find stuff on you?

The instructor will help frame the exposure and risk that the different types of information present, and attendees will have an opportunity to perform some investigation of a subject of their choosing during the hands-on exercises that make up the majority of the workshop.

Among the topics covered during this workshop include:
•   Goals of OSINT
•   OSINT Frameworks
•   Free tools to perform OSINT investigations
•   Searching for data on companies
•   People searching on social media
•   Monitoring to protect you and your business
• Where to go for more extensive application

Conducting an OSINT exercise should be an expected part of the preparation for any vulnerability assessment or penetration test. It is through these queries that the potential aggressor learns about possible chinks in the armor worn by the target. At the completion of this workshop, the attendees should have a much deeper appreciation of how very true is the statement – “Nothing is ever really deleted from the Internet.”

Cybersecurity specialists and business owners should pay close attention to the amount of information about an organization or individual that exists on the web. This information is often exploited by hackers and other malicious actors bent on doing damage to the reputations of individuals or the integrity of business organizations.

Speakers

Mike Parsons

Senior CyberSecurity Architect and Mentor, BlueTeamAssess LLC

Mike holds the CISSP, PCIP, IAM, IEM and is HIPAA certified. He is a 6 year veteran of USMC and resides in eastern North Carolina. Mike is the principal at BlueTeamAssess LLC and is a Senior CyberSecurity Architect and Mentor. He believes information security has a tactical and... Read More →

Wednesday July 22, 2020 12:30pm - 2:00pm EDT
GoToWebinar Room F

Training Session, 1.5 Hours

12:30pm EDT

Netwrix – AD Changes/Best Practices for Securing Sensitive Data

Register for this session HERE

Speakers

Jeff Melnick

Director, Global Solutions Engineering, Netwrix

Wednesday July 22, 2020 12:30pm - 2:00pm EDT
GoToWebinar Room C

Training Session, 1.5 Hours

12:30pm EDT

Teneo and Silver Peak – De-Risk Your SD-WAN Project: Technology Workshop

Register for this session HERE

Technology Workshop Abstract:
There are three big considerations that often go unnoticed in SD-WAN projects. They’re linked to technology fit, people and process. Failure to select the best technology fit, align the right people and execute a smooth process are the reasons why over 50% of IT projects fail.

Leveraging Silver Peak Unity EdgeConnect™ SD-WAN and Teneo Inc.’s years of technical SD-WAN knowledge, practical and real-life experience, this workshop will give you a clear look inside the adoption of a secure SD-WAN. Teneo Inc. will discuss the why, when and how to adopt a secure SD-WAN taking in to consideration the challenges that other organizations have faced in regards to people and process. In regards to selecting the technology, Teneo Inc. will introduce the best in class, Silver Peak Unity EdgeConnect™ SD-WAN.

Silver Peak will allow to look inside their Silver Peak Unity EdgeConnect™ SD-WAN. The demo will give an overview of architecting and operating an SD-WAN, as well as dive into core features, capabilities and security components of Silver Peak Unity EdgeConnect™ SD-WAN.

Still have questions? We will save time to answer your questions during the workshop or we will be happy to arrange a time to discuss your organization’s secure SD-WAN project.

De-risk your SD-WAN project by learning directly from Teneo Inc. and Silver Peak’s years of experience and best in class technology.

Speakers

Steve Evans

Senior VP of Solutions Engineering, Teneo, Inc.

Steve Evans is Sr. VP of Solutions Engineering globally for Teneo Inc. He has over 20 years of experience in network and security engineering, architecture and design. Steve came to Teneo from the public sector where he was the network administrator for 10 years for a 60- site, 30,000... Read More →

John Campbell

Senior Systems Engineer, Silver Peak

John Campbell is a Senior Systems Engineer and trusted technical advisor for the Silver Peak Software Defined WAN (SD-WAN) and WAN optimization solutions. John is an advocate for all things SD-WAN for customers currently evaluating Silver Peak and other WAN technologies. His... Read More →

Sponsors

Silver Peak

Teneo

Wednesday July 22, 2020 12:30pm - 2:00pm EDT
GoToWebinar Room D

Training Session, 1.5 Hours

2:30pm EDT

ISSA Fayetteville-Ft. Bragg: Nia Luckey, Security Operations Manager, Cisco, "Not Another Framework: Cutting Through the Noise"

Register for this session HERE

Not Another Framework: Cutting Through the Noise

In the world of cybersecurity, we love our frameworks: ISO, NIST, RMF, SOC1, SOC2, COBIT, HITRUST, and many more. But these different frameworks often complicate areas like maturity modeling, operational readiness, and threat modeling! The struggle is finding the common areas of overlap. So instead of doing that, the question becomes, how do we elevate all of them under a simplified process? By leveraging common language cutting through the minutiae, we can start to build progress.

Speakers

Nia Luckey

Security Operations Manager, Cisco

Nia Luckey is a true innovator. She doesn't see obstacles but rather opportunities for growth, improvement, and alignment. As an industry leader, she has established two 501c3 affiliate chapters in her local area of North Carolina. The Information Systems Security Association of Fayetteville... Read More →

Not Another Framework pptx

Wednesday July 22, 2020 2:30pm - 4:00pm EDT
GoToWebinar Room D

Training Session, 1.5 Hours

2:30pm EDT

TCDI - IT Security Changes During Quarantine: Leveraging Existing Infrastructure against Remote Cyber Threats

Register for this session HERE

Description:

The remote work that began as a temporary solution to various stay-at-home orders has now become the new normal for many organizations. While this transition can be beneficial in many ways, it does create further complications for IT departments tasked with maintaining the security and integrity of critical systems.
During this presentation, cybersecurity experts from TCDI will dive into issues and solutions related to remote access and incident response investigations, as well as how organizations can leverage their existing infrastructure to protect data while supporting their remote employees.

Agenda:
• Remote Work Considerations
• Remote Incident Response Investigations
• Supporting Remote Employees
• Common Cybersecurity Attacks and Strategies
• Key Takeaways

Speakers

Eric Vanderburg

Vice President, Cybersecurity, TCDI

Eric Vanderburg is considered a thought leader in the industry and is a continual learner who has earned over 40 technology and security certifications. He is the author of several books and he frequently writes articles for magazines, journals, and other publications.Eric regularly... Read More →

Bogdan Salamakha

Senior Cybersecurity Engineer, TCDI

Bogdan Salamakha is an experienced cybersecurity professional who helps protect companies from cyber threats, comply with regulations, test security controls, and gain assurance in their information security. He serves as a cybersecurity subject matter expert in penetration testing... Read More →

Sponsors

TCDI

Wednesday July 22, 2020 2:30pm - 4:00pm EDT
GoToWebinar Room B

Training Session, 1.5 Hours

2:30pm EDT

Triaxiom – Matt Miller, Principal Security Engineer, “An Introduction to Pen Testing & Red Teaming”

Register for this session HERE

Whether you are considering a career as a penetration tester, if your organization would benefit from a penetration test, or just want to learn more this workshop is for you. This workshop will serve as an introduction to penetration testing, what separates a penetration test from a vulnerability scan, an overview of the different types of penetration testing, and the pros and cons of a red team engagement. Finally, we will be sure to include plenty of stories from past penetration tests to keep it interesting.

Speakers

Matt Miller

Principal Security Engineer, Triaxiom Security

Matthew Miller began his career in information security as a Cyberspace Control Officer in the United States Air Force. His first tour was to the United Kingdom as part of Europe’s special operations tactical communication unit. In this role, Matt would often lead a team to deploy... Read More →

Wednesday July 22, 2020 2:30pm - 4:00pm EDT
GoToWebinar Room F

Training Session, 1.5 Hours

4:30pm EDT

TEKsystems – CyberSecurity Careers: Securing Your Path

Register for this session HERE

“Teron Foster and Nolan Myrick from TEKsystems will provide insights (and opinions) regarding career mapping & development, interview skills, resume writing and job market data.”

Speakers

Nolan Myrick

Infrastructure Optimization, Risk & Security Services Division Lead, TEKsystems

Nolan Myrick – BizTech geek. Family man. Lover of Basketball & Golf.Nolan currently serves as a Division Lead for TEKsystems, the leading IT Services & Staffing company in North America. His external focus is working with clients to evaluate and address a broad spectrum of Risk... Read More →

Teron Foster

University Relations Recruiter, TEKsystems

Teron Foster is a native of Reidsville, NC, and currently resides in Greensboro NC. Teron graduated from North Carolina Agricultural & Technical State University with a Bachelor’s degree in Marketing and Sales in 2016. After graduation he joined TEKsystems where he worked as a Technical... Read More →

Sponsors

https://www.teksystems.com/en

Wednesday July 22, 2020 4:30pm - 6:00pm EDT
GoToWebinar Room A

Training Session, 1.5 Hours

8:00am EDT

Keynote Speaker – Check Point / The TENEO Group "The Good, Bad and Ugly Migrating to the Cloud"

Register for this session HERE

Title: The Good, Bad and Ugly (migrating to the cloud)

Views from Cyber Security integrator on what we see when customers succeed or fail with their cloud migration

Speakers

Craig Johnson

VP Business Development, The Teneo Group

Craig Johnson has over 30 years of experience in the technology field. Starting in the mid 1980’s with H. Ross Perot’s Electronic Data Systems. Craig spent 20+ years at Check Point Systems where he held several key positions in the Mid-Atlantic region before joining Teneo as VP... Read More →

Sponsors

Check Point Software Technologies

The Teneo Group

Thursday July 23, 2020 8:00am - 9:00am EDT
GoToWebinar Room F

Keynote, 1 Hour

9:30am EDT

ARMIS - Agentless Device Security

Register for this session HERE

The exponential increase in the number of unmanaged and IoT devices connected to enterprise networks provide an ever-expanding attack surface for malicious actors to exploit in order to disrupt production, impact patient care, or inflict financial loss. What is the best way to keep your enterprise safe from these attacks?

Join this discussion to learn:

Examples of unmanaged and IoT devices that can’t be protected by traditional systems
Challenges associated with traditional security systems and methods
How Armis can help protect your unmanaged and IoT devices from cyber attack

Speakers

Ryan Aleman

Solution Architect, Armis

Ryan Aleman is a Director of Solutions Architecture at Armis. As a Director of Solutions Architecture at Armis, Ryan is at the forefront of the developing landscape of unagentable devices. With an extensive background in security and technical environment management, Ryan has worked... Read More →

Sponsors

Armis

Thursday July 23, 2020 9:30am - 10:20am EDT
GoToWebinar Room D

Breakout, 50 Minutes

9:30am EDT

Bitglass - Secure Access Services Edge (SASE) - A Comprehensive Security Solution for Digital Transformation

Register for this session HERE

Secure Access Services Edge (SASE) - A Comprehensive Security Solution for Digital Transformation

With the rise of the remote workforce we continue to see data move off premise and beyond conventional tools like firewalls, and enterprises need to think differently to identify how to best secure it. Secure Access Service Edge (SASE) is an emerging concept that consolidates many security solutions into a single safe cloud environment that is fully integrated into the network, designed to protect data wherever it goes

Speakers

Ben McGucken

AVP, South US & LATAM, Bitglass

As AVP of Sales at Bitglass, Ben McGucken leads Bitglass' US Southeastern, LATAM and US Federal sales teams. Ben has more than twenty years of experience leading sales and system engineering teams in IT security and network communications. Prior to Bitglass, Ben held sales and... Read More →

Thursday July 23, 2020 9:30am - 10:20am EDT
GoToWebinar Room B

Breakout, 50 Minutes

9:30am EDT

Netwrix - Calculating ROI for Security: Why This Is So Difficult? Do You Need IT?

Register for this session HERE

The ongoing stream of data leaks and other breaches of consumer trust is a top concern for executives at organizations around the world. To make sound decisions about cybersecurity strategy, especially during challenging times like these, when budgets are tight, they need accurate assessments of the effectiveness of proposed security investments. However, providing those estimates of ROI can be extremely difficult for CISOs, who often struggle to quantify the expected impact of security measures.

Join us for this educational session to learn the 4 key benefits of a security investment — and how to effectively communicate the associated value to senior decision makers. Armed with this information, you will be well positioned to convince them to make cybersecurity investments right now.

Speakers

Ilia Sotnikov

Vice President of Product Management, Netwrix Corporation

Ilia Sotnikov is responsible for Netwrix product vision and strategy. He has over 15 years of experience in IT management software market. Prior to joining Netwrix in 2013, he was managing SharePoint solutions at Quest Software (later acquired by Dell).

Thursday July 23, 2020 9:30am - 10:20am EDT
GoToWebinar Room C

Breakout, 50 Minutes

9:30am EDT

TCDI – Not All Pen Tests are Created Equal: Choosing the Right Vulnerability Management Program for Your Organization

Register for this session HERE

Description:
A robust vulnerability management program should be an essential part of every organization’s cybersecurity strategy. Having one in place allows IT departments to identify and remediate vulnerabilities before they can be discovered and exploited by cybercriminals. As with many things, getting an apples to oranges comparison between third-party vendors and their service offerings can be difficult, and not every pen test is created equal.
Join us for this critical discussion where cybersecurity and penetration testing experts from TCDI discuss how to choose the right pen test for your organization, the pitfalls of only conducting automated vulnerability scans, and how to separate the apples from the oranges during vendor selection.
Agenda:
• Choosing the Right Type of Pen Test
• Why Vulnerability Scans Alone Don’t Make the Cut
• Building Out a Holistic Vulnerability Management Program
• Identifying Red Flags When Selecting Your Third-Party Vendor

Speakers

Eric Vanderburg

Vice President, Cybersecurity, TCDI

Bogdan Salamakha

Senior Cybersecurity Engineer, TCDI

Christopher Kolezynski

Cybersecurity Engineer, TCDI

Chris Kolezynski is a Certified Ethical Hacker and licensed attorney in the state of Ohio. This combination of technical and legal expertise makes him uniquely qualified to assist organizations in protecting the confidentiality and integrity of their critical systems. Chris serves... Read More →

Field Chief Technology Officer, Cortex XDR, Palo Alto Networks

Bruce Hembree, Field Chief Technology Officer, Cortex XDRBridging the gap between security practitioners, development, and operations for Palo Alto Network’s Cortex division. Researching compelling data points in the information security world and discovering interesting points... Read More →

Sponsors

DNS (Data Network Solutions)

Palo Alto

Thursday July 23, 2020 11:30am - 12:30pm EDT
GoToWebinar Room F

Keynote, 1 Hour

1:00pm EDT

Dr. Scott Toth, Information Security Officer, Security, Privacy & Compliance Manager, Global Digital Solutions & IT, Volvo Financial Services “Privacy & Security for the Modern Era”

Register for this session HERE

So often we think of security as a technical problem that is meant to be solved by new hardware appliances or innovative software packages; however, enabling good security is a broad endeavor that involves everyone in an organization in many different ways. Given the spate of new laws in different states and countries around the world, and considering the various privacy regulations that can have an impact on the development of a security program, we will explore those and other factors that can influence a company’s ability to change and adapt to the current business climate and maintain a strong security posture.

Scott Toth, the Global Enterprise and Cyber Security Manager at Volvo Financial Services, will explain many of the drivers that shape a security and privacy program, discuss key relationships throughout the business that can have a positive impact on a program’s effectiveness, and relate IT-specific security and privacy challenges that will evolve as companies continue to transition to cloud-based services in a global business environment.

Speakers

Dr. Scott Toth, CISSP, CCSP

Information Security Officer, Volvo Financial Services

Dr. Scott Toth, CISSP, CCSP is a resident of Greensboro, North Carolina and has over 13 years of information security experience in infrastructure, operations, architecture, governance and management. Scott is the Information Security Officer and head of security and privacy for Volvo... Read More →

Thursday July 23, 2020 1:00pm - 1:50pm EDT
GoToWebinar Room A

Breakout, 50 Minutes

1:00pm EDT

Gary Sheehan, Director of Information Security, Elon University “Security Metrics, Not the Same Old Blah, Blah, Blah…"

Register for this session HERE

"Security Metrics: Not the Same Old Blah, Blah, Blah...."

Speakers

Gary Sheehan, CISSP, CERP, CIS LI, CTPRP

Director of Information Security, Elon University

Gary Sheehan, CISSP, CERP, CIS LI, CTPRP, and Information Security Director at Elon UniversityInformation Security Expert / GRC Expert - Vendor / Supplier / Third-Party Risk Management Expert.CISSP, CERP, CTPRP and ISO 27001 Lead Implementer certified security professional focused... Read More →

Thursday July 23, 2020 1:00pm - 1:50pm EDT
GoToWebinar Room D

Breakout, 50 Minutes

1:00pm EDT

Jeff Hoge, Information Security Engineer, Panel Discussion: “Career Advancement in Cybersecurity”

In this session, we will have a roundtable discussion with several information security leaders & veterans to speak about career advancement in cybersecurity.

The following questions will be addressed, and more:

How would someone move into cybersecurity as an entry-level IT role?
How would someone with experience in a particular IT discipline make the career change into cybersecurity?
If possible, speak a bit about your own career path. How did you build your career to get where you are now?
What traits, behaviors, and skillsets would you look for in a candidate?
What steps should one take to position themselves to have an edge in this field?
What are you reading/listening to/studying on that helps you stay sharp in your career?
The annoying question we must always ask: What keeps you up at night?

Panel guests:

Jason Cox // CISO at Elevate Textiles
Lori Cole // Security Operations Manager at Hanesbrands
Andrew Ramos // Director of IT and HIPAA Security Official at MedCost (tentative)
Courtney Leavitt // Senior Information Security Analyst at USAA
Andrew Travis // Information Security Officer at Radford University
Jonathan Cole // Senior Security Engineer at Inmar

Jeff Hoge serves as the Information Security Engineer at MedCost, a benefit solutions company based in Winston-Salem, NC. He has been in IT for the last 17 years, and though he has worked in a specific cybersecurity role for the last 4 years, security has been a major focus for his entire career. Jeff's "fictional heroes" are Curious George and Bruce Wayne -- for their curiosity and detective skills.

Register for this session HERE

Panelist

Lori Cole

Security Operations Manager, Hanesbrands

Jonathan Cole

Senior Security Engineer, Inmar

Jason Cox

CISO, Elevate Textiles

Courtney Leavitt

Senior Information Security Analyst, USAA

Andrew Ramos

Director of IT and HIPAA Security Official, MedCost

Andrew Travis

Information Security Officer, Radford University

Speakers

Jeff Hoge

Information Security Engineer, MedCost

Jeff has been working in the IT field for 17 years, with his primary background being in security, networking and systems administration. He has several industry certifications such as CISSP and is serving as the Vice-President of the Triad of NC ISSA chapter. Located in the Winston-Salem... Read More →

Thursday July 23, 2020 1:00pm - 1:50pm EDT
GoToWebinar Room C

Breakout, 50 Minutes

1:00pm EDT

Panel Discussion - Closing The Inclusion & Diversity Gap In Info Sec

Register for this session HERE

Inclusion & Diversity Panel Discussion

How have you advocated for change and some of the successes and challenges you’ve faced?
What is the one thing you do to make your company more inclusive and diverse?
Does your company have an I/D strategy?
What are the benefits?
What are the barriers to employees with a diverse background?
Who has employee resource groups in their org?
What can the audience walk away with today that is tangible and you can start doing in your organization tomorrow to make change?

Panelist

Nia Luckey

Security Operations Manager, Cisco

Noureen Njoroge

Security Threat Intel Engineer at Cisco Systems, Cisco

Noureen Njoroge is a passionate Cybersecurity specialist, a global keynote speaker, award winner of Cisco 2019 Cybersecurity Champion and is listed among the Top 30 Most Admired Minority Professionals in Cybersecurity by SeQure World Magazine, UK. She currently works at Cisco Systems... Read More →

William Ogle

Manager of Cyber Security, EY

Dynamic professional engaged with enterprise transformation and increasing consumer privacy & security. Build strategies to forward organizational productivity through defined governance, risk and compliance goals. Unique skill sets to help aid the enterprise needs to understand the... Read More →

Mansi Thakar

Chief Operating Officer of Cyberjutsu, Women's Society of Cyberjutsu

Mansi Thakar is the Chief Operating Officer and has over 5 years of experience leading national nonprofits. She has a flair for sustainable innovative ideas and a history of implementing them successfully. With an undergraduate degree in chemistry, Thakar decided to get a cyber security... Read More →

Terry West

Regional Inclusion & Diversity Manager - Midwest, TEKsystems

Terry is a proven business leader with more than 20 years of experience in the world of inclusion and diversity, management, talent acquisition and business development. He has been with TEKsystems for twenty-two years and is currently the Regional Inclusion & Diversity Manager... Read More →

Sponsors

https://www.teksystems.com/en

Thursday July 23, 2020 1:00pm - 1:50pm EDT
GoToWebinar Room E

Breakout, 50 Minutes

1:00pm EDT

Tara Hunter, Sr Cloud Security Engineer, IT Security, Brighthouse Financial “Automation & Cloud – Demo of a Cloud Security Set up”

Register for this session HERE

Speakers

Tara Hunter, CISSP, CCSP

Senior Cloud Security Engineer, IT Security, Brighthouse Financial

Tara Hunter received her degree in Computer Science from the University of North Carolina at Charlotte and since then she has developed more than a decade long career in the Information and Cyber Security space. During this time, she has had the opportunity to work for a variety of... Read More →

Thursday July 23, 2020 1:00pm - 1:50pm EDT
GoToWebinar Room B

Breakout, 50 Minutes

2:00pm EDT

Keynote - CrowdStrike, THREAT ACTOR OPPORTUNISM & COVID-19

Register for this session HERE

Cyber threat actors of both the nation-state and criminal varieties are notorious for engaging in opportunistic attacks in order to achieve their malicious objectives. Unfortunately, the global COVID-19 pandemic is no different. Nation-state and criminal actors across the board have been observed leveraging COVID-19 themed lures to exploit their targets.

From Coronavirus-themed phishing emails to ransomware schemes that exploit public information websites, the global threat actor community has demonstrated their willingness to take advantage of this global pandemic. Given the recent threat, this brief will discuss high level strategic observations as well as tactical intelligence pertaining to threat actor exploitation of COVID-19.

Speakers

Roel Schouwenberg

Strategic Threat Advisory Group – US East Lead, CrowdStrike

Roel Schouwenberg has been part of the security community since the late 90s. His career has spanned many facets, with his early work primarily focused on producing cyber threat research and analysis. From there on, Roel started producing and presenting tactical and strategic threat... Read More →

Thursday July 23, 2020 2:00pm - 3:00pm EDT
GoToWebinar Room F

Keynote, 1 Hour

3:00pm EDT

Keynote – Teneo, Inc. and Silver Peak: "Securing SD-WAN in a Cloudy World"

Register for this session HERE

Abstract:

Today’s cloud-first enterprise must securely connect their workers to their applications, no matter where their applications may live. Only by transforming both the WAN edge and security architectures can the full promise of the cloud be fully realized. SD-WAN is your opportunity to re-architect, design and build a network that’s secure and fit for the future. Teneo Inc. and Silver Peak can help to make this a clear reality in our cloudy world.

In our keynote presentation, Teneo Inc. will share with you the challenges and considerations other organizations have faced based on our years of technical SD-WAN and security knowledge and real-life design and deployment experience. Learn more about Teneo Inc. and Silver Peak’s solution that enables Silver Peak’s Silver Peak Unity EdgeConnect™ SD-WAN to deliver an agile, dynamic, reliable network while easily integrating your existing security in a best of breed approach. Our solution is business-driven so business priorities are reflected in the way the network behaves to deliver the highest quality of experience in a secure environment.

Teneo Inc. and Silver Peak will your answer questions in regards to securing SD-WAN in a cloudy world including:

How should I go about integrating security into SD-WAN?
What security challenges come with an SD-WAN environment?
How can I get the best in breed SD-WAN, WAN-OP, and security solutions?

Speakers