Workshop Wednesdays
Solar Winds: Attacking the Digital Supply Chain. The most recent escalation in the Cyber Arms Race
February 24, 2021 | 10am - 12pm PT (1pm - 3pm ET)
Alex Sharpe | CEO | Sharpe Management Consulting LLC
Penetration of the Digital Supply Chain turned Solar Winds into a backdoor into major corporations and Government Agencies. The nature of the attack allowed the attackers to ignore many of the common defenses and highlighted weaknesses that exist in many enterprises today. Unfortunately, Digital Supply Chain attacks are nothing new. They have been written about and practiced for many years. This is just the latest escalation in the Cyber Arms Race. But why now? Come learn the history of attacks on the digital supply chain, its impact, and probably most importantly, what you can do to prevent future attacks. Come learn how complying why the plethora of laws, regulations, guidelines, and frameworks is not sufficient, and overreliance can actually cause the very problem you are trying to prevent
Learning Objectives:
Upon completion of this workshop, the attendee/ student will be able to:
- describe the motivation, tools, techniques, and objectives of undertaking an attack on the digital supply chain.
- articulate how conforming to regulations, laws, and standards is not sufficient to fully protect against attacks on the digital supply chain.
- describe the history or attacks on digital supply chains, implications to Critical Infrastructure Protection and project what is next.
Who Should Attend: Anyone involved in defending critical infrastructure information networks and systems, those in information technology risk mitigation, or organizational technology and cyber risk management leaders and managers
Registration Link: https://attendee.gotowebinar.com/register/4508471976363535887
Certified Cyber Security Architect (CCSA) Certification Training
March 3 & 10, 2021 | Two Wednesday Sessions | 10am - 12pm PT (1pm - 3pm ET)
Uday Ali Pabrai | CEO | ecfirst
CCSA is an instructor-led 2-day program. The program validates knowledge and skill sets in cybersecurity with focus on the N 1ST Cybersecurity Framework, and the U.S. DoD cybersecurity mandate, CMMC. Core topics emphasized include establishing a credible, evidence-based enterprise cybersecurity program and developing a comprehensive incident response plan.
Learning Objectives:
Upon completion of this workshop, the attendee/ student will be able to: 1. Examine how to establish a cybersecurity program based on the NIST Cybersecurity Framework. 2. Step through key areas that must be addressed in a credible incident response plan. 3. Walk through core components, organization and CMMC Maturity Levels. 4. Examine CMMC domains and CMMC capabilities required for organizations.
Who Should Attend: Anyone involved in designing, implementing, or defending critical infrastructure information networks and systems, those in information technology risk assessment, or organizational technology and cyber risk management leaders and managers.
Registration Link:
Emerging Technological Threats to U.S. Nuclear Power Plants
March 17, 2021 | 10am - 12pm PT (1pm - 3pm ET)
Michael Cohen | INMA NSSRP National Sector Chief | Nuclear Reactors, Materials, and Waste Sector
Dr. Terry Dorn | Senior Strategist | Gryphon Technologies Jackson Wynn, CSEP, CISSP, Principal Systems Security Engineer, MITRE Corporation
This workshop will address two emerging technological threats to U.S. nuclear power plants: 1. The first presentation, entitled “A Phenomenological Examination of the Vulnerability of U.S. Nuclear Power Plants to Attack by UAS,” will examine the vulnerability of U.S. nuclear power plants against attack by UAS via the perceptions and experiences of twenty current and former managers, scientists, and contractors employed by the federal government and nuclear industry. 2. The second presentation will present CICAT, a modeling and simulation tool for evaluating the effects of cyberattack on critical infrastructure. CICAT was developed in conjunction with MITRE’s participation in an International Atomic Energy Agency (IAEA) research program to improve capabilities at nuclear facilities for preventing, detecting, and responding to cyber security incidents. We will present the application of CICAT to model a cyber-physical attack at a U.S. Pressurized Water Reactor.
Learning Objectives:
Upon completion of this workshop, the attendee/ student will be able to:
1. Increase awareness of the threat posed by unmanned aerial systems
2. Increase the understand that it is only through a community effort that we will be able to defeat the unmanned system threat posed by aerial, surface, and undersea systems
3. Increase awareness that Cyber-attacks can have potentially dangerous physical impacts on nuclear power pressurized water reactor plants and therefore the need to improve Cybersecurity at such plants.
Who Should Attend:
Anyone involved in defending energy sector critical infrastructure information networks and systems, those who want to understand more about the risks posed by unmanned arial systems (UAS) information technology risk mitigation, or organizational technology and cyber risk management leaders and managers.
Registration Link: https://attendee.gotowebinar.com/register/1208390080175700491
Getting Ahead of Supply Chain Insider Threats
March 24, 2021 | 10am - 12pm PT (1pm - 3pm ET)
Brett Tucker | Technical Manager | Software Engineering Institute
Randy Trzeciak | Director | CERT National Insider Threat Center, Carnegie Mellon University, Software Engineering Institute
An effective cybersecurity program and related insider threat practice is constructed on a foundation of robust risk management. This includes the third-party risk management practices required to mitigate the supply chain risks. This talk explores how CERT’s recently released OCTAVE FORTE risk management model can be applied to enterprise and supply chain risk management in the interest of responding to potential insider risks that may come with partner organizations.
Learning Objectives:
Upon completion of this workshop, attendees will be able to:
1. Identify common risks related to their supply chain.
2. Discuss the various steps of building a risk program to address supplier related risks using OCTAVE FORTE.
3. Discuss aspects of insider threat as it relates to partner organizations.
Who Should Attend:
Anyone involved in defending critical infrastructure supply chains, those in supply chain risk assessment or mitigation, or critical infrastructure supply chain leaders and managers.
Registration Link: https://attendee.gotowebinar.com/register/3660089903899720203
Taking an APPSECond to understand security vulnerabilities in mobile application development
April 7, 2021 | 10am - 12pm PT (1pm - 3pm ET)
Mike Muscatell | Senior Manager, Information Security | Krispy Kreme
This presentation will show how mobile applications are being utilized to stand up parallel businesses by exploiting weaknesses in those applications. These exploits go unseen in most cases however, through a series of live demonstrations, will show how the exposures can be detected and mitigated
Learning Objectives:
Upon completion of this workshop, the attendee/ student will be able to:
1. Learn the methodologies utilized by cyber criminals to create businesses using exploited mobile applications
2. How the business activity is hiding in plain sight.
3. Learn what steps can be taken to mitigate and potentially disrupt the cyber criminal’s business at the expense of your company’s applications.
Additional take-aways:
- See How and Where the “activity” is conducted to perform these criminal acts.
- How to identify malicious activity associated with mobile applications “beyond the scan”.
-Enhance current security practices on what controls are bypassed by utilizing existing company resources.
Who Should Attend:
Anyone involved in defending critical infrastructure information networks and systems, those developing software for critical infrastructure systems, or organizational information technology leaders and managers.
Registration Link:
https://attendee.gotowebinar.com/register/4492503769013565709
The American Terrorist
April 14, 2021 | 10am - 12pm PT (1pm - 3pm ET)
Dr. Terry Oroszi | Professor | Wright State University Boonshoft School of Medicine
This research identifies the attributes of an American terrorist by studying the patterns within 50 demographic variables and exploring their correlation with the motivation to commit crimes related to terrorism. We believe that such an understanding will help to halt the recruitment of American citizens by providing a profile that will quickly identify a person that is susceptible to radicalization and offer tools on to intervene. Not only did this study confirm the previous findings, but it also expanded upon them by examining 519 U S citizens convicted of crimes related to terrorism since Sept. 11, 2001. Additional characteristics collected include the location of residence, crime and imprisonment, religion, organizational alliances, race, heritage and path to citizenship, field of study and occupation, social status, military, mental health, marriage and family, conviction, punishment, and target.
Learning Objectives:
Upon completion of this workshop, the student will be able to:
1. Improved Communication:
• Speak with confidence on several aspects of terrorism in the United States.
• Educate others on the true aspects of terrorism and terrorists, based on real data/statistics.
2. Enhanced Response:
• Recognize and appropriately respond to potential threats related to terrorism, including the subtle signs.
• Summarize and apply the fundamentals of terrorism to other aspects of violent behaviors.
3. Crisis Decision-Making:
• Recommend a strategy based on your interpretation of the data presented and communicate that strategy with others.
• Identify markers of a developing extremist and the tools to help steer them down a better path.
Who Should Attend:
Anyone involved in defending critical infrastructures from acts of terrorism, or critical infrastructure physical security leaders and managers.
Registration Link: https://attendee.gotowebinar.com/register/1404801339825196813
NIST Cybersecurity Framework = Prescriptive Standard for HIPAA
April 21, 2021 | 10am - 12pm PT (1pm - 3pm ET)
Uday Ali Pabrai | CEO | ecfirst
NIST Cybersecurity Framework is the framework that executives can trust to base their HIPAA compliance program. This framework can be used by organizations that may be small or large, including business associates, physician practices, hospitals, IT firms, government agencies, and other healthcare entities. The Cybersecurity Framework provides your organization with an opportunity to build a credible cybersecurity plan. The Cybersecurity Framework enables an organization like yours to determine your current cybersecurity capabilities and set enterprise goals for a target state. It helps you to establish a plan to improve and maintain your cybersecurity program. The Cybersecurity Framework comprises of three primary components: Profile, Implementation Tiers, and Core.
Learning Objectives:
In this session you will learn about:
1. Establishing an evidence-based HIPAA compliance program based on the NIST Cybersecurity Framework
2. Mapping between HIPAA mandates and the NIST Cybersecurity Framework
3. Key updates in the NIST Cybersecurity Framework including the requirement for managing cybersecurity within the supply chain (business associates)
4. Build a prioritized roadmap towards enhanced cybersecurity practices.
Who Should Attend:
Anyone involved in defending healthcare and public health critical infrastructure information networks and systems, those involved in cyber risk assessment and mitigation, or healthcare and public health leaders and managers.
Registration Link: https://attendee.gotowebinar.com/register/6270875866013071629
Top Twenty Excuses why individuals and organizations do not take cyber security seriously: How to change the corporate mindset to overcome this
April 21, 2021 | 10am - 12pm PT (1pm - 3pm ET)
Scott Augenbaum
During Retired Supervisory Special Agent Scott Augenbaum’s 30-year career with the FBI he responded and interviewed over 1,000 Cybercrime victims and conducted an equal number of awareness presentations with the goal of preventing future Cybercrime victimization. Over the years he discovered the global cost of Cybercrime continued to increase all while organizations also increased spending on products and services. As he was providing his awareness briefings to organizations, he noticed he kept hearing the same excuses day in about why they were not concerned with the increasing Cyber Threat. Scott is going to share these excuses with you and explain how they lead to an increase in Cybercrime victimizations and share with you specific techniques to overcome these common obstacles in order to change the mindset of your executive team.
Learning Objectives:
Upon completion of this workshop, the attendee/ student will be able to:
1. Discover the commonalities in over 1,000 Cybercrime victimizations.
2. What are the top twenty excuses provided by organizations and how to destroy these limiting beliefs.
3. How to train your employees to take the Cybercrime problem seriously.
Who Should Attend:
Anyone involved in defending critical infrastructure information networks and systems, those in information technology risk mitigation , or organizational technology and cyber risk management leaders and managers.
Registration Link: https://attendee.gotowebinar.com/register/1546066593759823373
Open Source Intelligence for Critical Infrastructure Protection
April 28, 2021 | 10am - 12pm PT (1pm - 3pm ET)
James McDowell | Securities Analyst | Alabama Securities Commission
Attendees will learn the applications of OSINT in protecting critical infrastructure, discuss use-cases of OSINT in criminal investigations, and identify OSINT resources.
Learning Objectives:
In this session you will learn about:
1. Understand the applications of OSINT in protecting critical infrastructure.
2. Analyze use-cases of OSINT in criminal investigations.
3. Identify OSINT resources.
Who Should Attend:
Anyone involved in critical infrastructure protection intelligence and investigations, risk management, insider threat detection, or critical infrastructure leaders and managers.
Registration Link: https://attendee.gotowebinar.com/register/1999252301382428941
Browser Betrayal and Conducting Online Investigations without Attribution
May 5, 2021 | 10am - 12pm PT (1pm - 3pm ET)
Matt Ashburn | Head of Strategic Initiatives | Authentic8
Adam Huenke | OSINT Tradecraft Training Specialist | Authentic8
We all know that our online activity can be tracked for targeted advertising. Many of us have received friend suggestions on social media for long lost acquaintances. Now more than ever, your online activity is tracked, monitored, and brokered for a variety of reasons. However, did you know that your online research activity can negatively affect your investigations? The same tracking mechanisms can uncover investigators’ intent and identity, potentially spoil investigations, and even enable retaliation by criminals. In this workshop, we will cover:
- How commercial browsers continue to betray your privacy
- How your investigations can be put at risk - Methods to work smarter (and safer), not harder
- How to safely access untrusted websites without infecting your agency
- Why you should care about the dark web and how to access it
Learning Objectives:
Upon completion of this workshop, the student will be able to:
1. Help others understand how using a commercial browser undermines any expectation of privacy and security
2. Conduct online investigations while managing attribution
3. Apply open source intelligence tradecraft to their current workflows as means of blending in with average site visitors to prevent tipping off suspects
4. Leverage data capture, storage, and collaborative techniques to improve caseload productivity
Who Should Attend:
Anyone involved in defending critical infrastructure information networks and systems, application development, cybersecurity risk mitigation, or cyber risk management leaders and managers.
Registration Link: https://attendee.gotowebinar.com/register/5783398589745686541
Religious Facilities Protection Program: How to protect places of worship
May 12, 2021 | 10am - 12pm PT (1pm - 3pm ET)
Curtis Jones | Program Manager | INMA NSSRP Religious Facilities Protection Program
TBD
Learning Objectives:
TBD
Who Should Attend:
Anyone involved in the protection of religious or faith-based facilities, religious facility security management
Registration Link: https://attendee.gotowebinar.com/register/3009136139308763661
HITRUST CSF: A Framework of Frameworks
May 19, 2021 | 10am - 12pm PT (1pm - 3pm ET)
Uday Ali Pabrai | CEO | ecfirst
Businesses across industries must continually comply with federal and state mandates. Threats are advanced. Threats are persistent. Threats are disruptive to business operations and finance. The challenge is how to address the multitude of security, privacy, and regulatory requirements. The HITRUST® CSF harmonizes and cross references complex standards to enable organizations establish a credible cybersecurity program. So the recommendation is to establish a credible HIPAA compliance program aligned with the HITRUST CSF. Prioritize the completion of HITRUST certification. Applying the HITRUST CSF to address HIPAA mandates requires the following key steps:
1. Integrate the HITRUST Risk Management Framework into your information protection program.
2. Conduct a comprehensive HITRUST CSF Self-Assessment.
3. Perform HITRUST CSF Validation and Certification.
4. Manage and maintain HITRUST CSF Certification‒ Continually
The bottom-line recommendation for HIPAA compliance: HITRUST CSF = Credible HIPAA Compliance!
Learning Objectives:
In this session you will learn about:
1. Walk through how HITRUST CSF maps to and addresses ISO 27001, HIPAA, PCI DSS, and NIST standards
2. Evaluate basing a HIPAA Privacy and Security compliance program on HITRUST CSF
3. Step through core components of HITRUST CSF
4. Examine the prescriptive and scalable requirements of HITRUST CSF
5. Understand how to establish a credible enterprise cybersecurity program on HITRUST CSF
Who Should Attend:
Anyone involved in defending critical infrastructure information networks and systems, those in information technology risk mitigation, or organizational technology and cyber risk management leaders and managers.
Registration Link: https://attendee.gotowebinar.com/register/3043536559607109645
A White Hat Approach to Insider Threats - REMOTE WORKER
May 26, 2021 | 10am - 12pm PT (1pm - 3pm ET)
Mike Muscatell | Senior Manager, Information Security | Krispy Kreme
This presentation is designed to help individuals identify how seemingly "innocent" activity can make them an insider threat and help organizations identify existing critical controls needed to develop an Insider Threat Program using a white hat hacking methodology. Through live demonstrations will show simple techniques used to bypass various controls.
Learning Objectives:
Upon completion of this workshop, the attendee/ student will be able to:
1. Learn the methodologies utilized by individuals within the organization that would be defined as insider threat activity.
2. How to identify system based behavioral indicators.
3. Learn which existing or enhanced security layer can provide insider threat profile data.
4. Learn how areas of the organization i.e., Legal, Procurement & HR are key stakeholders in assisting to identify insider threat activity.
Additional take-aways:
-How to identify business processes which can contribute to insider threats.
-Enhance current security program on what controls are bypassed by utilizing routine IT procedures -Enhance procedures required to identify insider threat exposures.
-Enhance awareness training to include additional methods of insider threat.
-Enhance existing physical and digital security layers to better identify specific insider threat activity.
Who Should Attend:
Anyone involved in insider threat detection and mitigation, information system cyber risk management, information technology risk mitigation , or information technology leaders and managers
Registration Link: https://attendee.gotowebinar.com/register/1713957621277182477