Skip to main content


{Virtual Conference} Cyber Risk NOW: Incident Response Edition

CyberRiskNOW: Incident Response Edition

Held Wednesday, June 3, 2020  | 8:30 AM - 4:30 PM CT  |  Fee: $249
Recording available.
Download event flyer.

CyberRiskNOW: Incident Response Edition Summary:

This virtual conference is designed to provide interactive training on evolving cybersecurity threats and how your organization can build a strong Incident Response Plan that helps protect against these threats. CyberRiskNOW: Incident Response Edition will identify components of a comprehensive Incident Response Plan that enables your organization to identify, protect, detect, respond to, and recover from today’s modern cyber attacks, as well as minimize your risk from these real-world threats. This seminar will also walk you through the anatomy of a modern cyberattack, show you around the Dark Web and how cybercrime-as-a-service works, provide you with security suggestions for Office 365, and discuss how to implement the most impactful controls to mitigate your cyber risk.  

Not only will this virtual conference include live video from our presenters, but you’ll be able to interact with other attendees and with event moderators through our Virtual Lobby in Discord, as well as share information, best-practices, and tools you’re using at your organization. An invitation to join our CyberRiskNOW Discord server will be sent to all attendees prior to the conference. 

This event will also be recorded for later viewing in case you’re not able to attend live all-day or on the date. 


Agenda (full descriptions below):
Central Time
8:30 AM - Event Lobby Opens
8:50 AM - Welcome & Housekeeping
9:00 AM - Anatomy of a Cyber Attack
9:50 AM - 10 Minute Break
10:00 AM - Incident Response Planning Best Practices
10:50 AM - 10 Minute Break
11:00 AM - Dark Web/Cybercrime-as-a-Service
12:00 PM - 60 Minute Lunch Break
1:00 PM - Office 365 Security
1:50 PM - 10 Minute Break
2:00 PM - Controls to Prevent/Detect/Respond
2:50 PM - 10 Minute Break
3:00 PM - SBS Panel Discussion + Q&A
3:30 PM - Event Concludes
4:00 PM - Event Lobby Closes

Download event flyer.


Customer Testimonial

Hear from past event attendees!

"The use of Discord was very well done!  Was great to be able to interact with presenters and other attendees there." - Banker from Utah

"Lots of new information and a great review of known information. It also inspired thoughts and ideas that may not have been directly related to the topic at hand. The presentation topics and presenters were engaging and kept interest. The open communication with SBS staff in Discord and Q&A after each session was nice." - Banker from North Dakota

"Perfectly executed, excellent presenters and content." - Banker from Pennsylvania​


Meet the Speakers:

  • Jon Waldman and Chad Knutson, are two co-founders of SBS CyberSecurity and have been working in the cybersecurity field for the last 15 years.
  • Buzz Hillestad leads the SBS DFIR Team and has helped organizations of all shapes and sizes recover from incidents ranging from ransomware to insider threats.
  • Dylan Kreutzfeldt is one of SBS' most technical IT Auditors and helped build out our Office 365 testing program.
Jon Waldman Chad Knutson Buzz Hillestad Dylan Kreutzfeldt

Jon Waldman

Chad Knutson
Buzz Hillestad

Dylan Kreutzfeldt

Executive Vice President, IS Consulting and Co-founder
SBS CyberSecurity

SBS Institute

Chief Operating Officer
Chief Information Security Officer
SBS CyberSecurity
SVP Information Security Consulting
Incident Response Team Lead
SBS CyberSecurity

IT Auditor
SBS CyberSecurity
Read Bio Read Bio
  Read Bio




Anatomy of a Cyber Attack - Buzz Hillestad:

We all know what cyber criminals are capable of today, and we’ve read the news stories about the cyber attacks that happen every day. But how does a cyber attack REALLY happen to an organization and on a network in today’s online world? Join us in this session as we walk through the exact steps of a cyber attack – including reconnaissance, weaponization, delivery, exploitation, installation, command & control, and actions on objectives. 

In this session, you’ll walk through two (2) different cyber attacks we’ve dealt with first-hand and understand how attackers leverage people, process, and technology to get into networks or online accounts, maintain persistence, and walk away with money, information, or both. 

We’ll also take a look at the impactful controls that, if properly implemented, can help you prevent, detect, or respond to a cyber incident to save you and your organization time, money, and reputation. 


Incident Response Planning Best Practices - Jon Waldman:

Hopefully, we all understand that today, Incident Response is much more than simply notifying your customers that something bad has happened; it's planning to fail well... because bad things are going to happen. 

Organizations must ensure adequate investments in security are made, not only in prevention, but in the detection of threats and effective incident response as well. With cyber attacks continuing to increase with no signs of slowing down, it’s time to sharpen your Incident Response procedures and improve your Incident Response Plan.  

In this session, the core components of a valuable Incident Response Plan will be outlined. We’ll cover: 

  • Threat Intelligence 

  • Threat Identification 

  • Escalation Procedures 

  • Key Risk Indicators 

  • Data Breach Notification Requirements 

  • Cyber Kill Chain 

  • Incident Response Playbooks 

  • And more… 


Dark Web/Cybercrime-as-a-Service - Chad Knutson:

The Internet has a seedy underbelly known as the Dark Web, where many nefarious things take place, including the sale of credit card information, drugs, guns, and even people. You might have an idea about how the Dark Web works, but you likely don’t know the half of the story. 

In this session, we’ll explore and navigate you around the Dark Web and introduce you to concepts you might not have known otherwise, including: 

  • How to access the Dark Web 

  • What’s able to be accessed on the Dark Web by anyone that knows how to look 

  • What’s only able to be accessed on the Dark Web by invite-only 

  • Who controls what you see on the Dark Web 

  • Cybercrime-as-a-Service 

  • And more… 


Office 365 Security - Dylan Kreutzfeldt:

As more organizations adopt cloud-based productivity tools, especially Microsoft Office 365, the more reliant our organizations become to being connected 24/7. With the ability to access our email, Word documents, spreadsheets, and other files anywhere, anytime comes the increased risk of cyber threats.  

The good news is that there’s almost always a way to mitigate your cyber risk significantly, and Office 365 is no exception. In fact, with the latest evolution of online productivity come a host of new and innovative controls to mitigate risk to your organization. 

In this session, we’ll dig into some of the new and advanced security controls available to be implemented in Office 365 to better protect your organization from cyber threats, including: 

  • Securing User Accounts 

  • Multi-Factor/2-Factor Authentication 

  • Audit Logging and Alerts 

  • Threat Management 

  • Data Loss Prevention 

  • Encryption 

  • SPF, DKIM, and DMARC 

  • User Education and Notifications 

  • And more… 


Controls to Prevent/Detect/Respond:

When it comes to implementing technical controls around cyber attacks, there are truly three (3) kinds of controls: those that help your organization Prevent an attack, controls that can help you Detect anomalous activity or an incident, and controls that can help you Respond to an attack.  

Most organizations spend most of their time and effort on Preventative controls, but lack strong controls to help Detect an attack (at least as important as Preventative controls, if not more) or Respond to an attack. 

In this session, we’ll break down some of the best controls to help you address each category utilizing cybersecurity industry best-practice frameworks, including: 

  • Password best-practices 

  • Multi-Factor/2-Factor Authentication 

  • Next-gen Anti-Malware 

  • Logging and Monitoring/SIEM 

  • Key Risk Indicators 

  • And more… 


SBS Panel Discussion + Q&A

Your SBS presenters will all come back together to provide some closing remarks, address any additional discussion throughout the seminar, and answer whatever questions you might have from today's session. We'll be collecting and answering questions throughout the day, but feel free to submit any additional questions during the final break that weren't answered already.



Hacker Hour webinars are a series of free webinars hosted by SBS CyberSecurity. Unlike paid webinars, Hacker Hours are aimed to meet on a monthly basis to discuss cybersecurity issues and trends in an open format. Attendees are encouraged to join the conversation and get their questions answered. SBS will also offer products and services to help financial institutions with these specific issues.

Posted: Tuesday, May 12, 2020
Categories: Blog, Webinar