Held Wednesday, December 16, 2020  | 8:30 AM - 4:00 PM CT  |  Fee: $249
Recording available.
Register: https://attendee.gotowebinar.com/

CyberRiskNOW: Top Cyber Threats Summary:

This virtual conference is designed to provide interactive training and education around today's evolving cybersecurity threats and risk mitigating controls to ensure the security of your organization, customer information, and people. CyberRiskNOW: Top Cyber Threats Edition will cover today's top cybersecurity threats affecting organizations around the country, including top threats to watch out for 2021. We'll also dig into the anatomy of how exactly these threats become incidents, as well as the controls you can leverage to prevent, detect, and respond to such threats.

Not only will this virtual conference include live video from our presenters, but you’ll be able to interact with other attendees and event moderators through our Virtual Lobby in Discord, as well as share information, best-practices, and tools you’re using at your organization. An invitation to join our CyberRiskNOW Discord server will be sent to all attendees prior to the conference.

This event will also be recorded for later viewing in case you’re not able to attend live all-day or on the date.

Agenda:
Central Time
8:30 AM - Event Lobby Opens
8:50 AM - Welcome & Housekeeping
9:00 AM - Ransomware/Network Vulnerabilities
9:50 AM - 10 Minute Break
10:00 AM - Business Email Compromise
10:50 AM - 10 Minute Break
11:00 AM - Remote Working Vulnerabilities
12:00 PM - 60 Minute Lunch Break
1:00 PM - Web Application/Cloud Vulnerabilities
1:50 PM - 10 Minute Break
2:00 PM - Threats to Look Out for in 2021 
2:50 PM - 10 Minute Break
3:00 PM - Guest ISO Panel Discussion + Q&A 
3:30 PM - Event Concludes
4:00 PM - Event Lobby Closes

Register: https://attendee.gotowebinar.com/

Hear from past event attendees!

"I love the format, it would be great even in "normal" times because of the flexibility and reduced travel time/cost that a remote conference can provide. This really has enduring benefits and is easier on the training budget." - Banker from Pennsylvania

"The contents were all relevant, easy to understand, and include great examples. All presenters were knowledgeable and have good presenting skills. Poll questions were good and a great way to interact with the audience.​" - Banker from Texas

"Lots of new information and a great review of known information. It also inspired thoughts and ideas that may not have been directly related to the topic at hand. The presentation topics and presenters were engaging and kept interest. The open communication with SBS staff in Discord and Q&A after each session was nice." - Banker from North Dakota

"Perfectly executed, excellent presenters and content." - Banker from Pennsylvania​

Meet the Speakers:

Jon Waldman CISA, CRISC	Chad Knutson CISSP, CISA, CRISC
Chief People Officer SBS CyberSecurity President SBS Institute	President Chief Information Security Officer Co-founder SBS CyberSecurity
Read Bio	Read Bio

Full Topic Descriptions 

Ransomware/Network Vulnerabilities:  

Ransomware attacks are at an all-time high, and unfortunately, there's no sign of these attacks slowing down. Ransom demands are way up, thanks to today's current supply-and-demand economics (the more ransoms paid, the more attacks occur). 

The two most common ways ransomware can affect your organization are 1) phishing emails, and 2) open, unpatched network protocols (like remote desktop protocol). Is your organization doing what should be done to protect itself from a ransomware attack from these two attack vectors? 

This presentation will cover the following areas/topics:  

• The most common ransomware attack vectors, including a walkthrough of exactly how ransomware gets on your network 

• Ransomware as a data breach 

• Best practices for preventing ransomware 

• Best practices for detecting and containing ransomware 

• Best practices for recovering from ransomware 

Business Email Compromise:  

Unfortunately, this time of year is business email compromise (BEC) season for cybercriminals. Yes, that’s right – hackers have seasons as well where some attacks are more prevalent than others.  

Business email compromise occurs when your email, a customer’s email, or vendor’s email account is compromised by a cybercriminal, turning their email platform into an extension of the attacker’s arsenal of cyber weapons. A compromised email account can lead to internal compromise through “trusted” malicious files or links, initiating of fake funds transfers (invoicing fraud, pressure from the “CEO,” etc.), and/or the propagation of additional phishing email… sometimes all of the above. 

Some of the key messages we'll discuss in this session include: 

• How does BEC occur? 

• Who is affected by BEC? 

• Best practices for preventing BEC 

• Best practices for detecting and containing BEC 

• Best practices for recovering from BEC 

Remote Working Vulnerabilities:  

If COVID-19 has taught us one thing, it’s that today’s workforce is and will continue to be more remote and mobile going forward than ever before. Many organizations have allowed remote working at historic levels, and many of these remote workers will not return to a physical office in the same capacity as pre-pandemic. 

While remote working may trend back to in-office work after pandemic levels come down, many remote workers will stay remote. As organizations, we have to ensure the security of our business information, our employees, and our customers… regardless of whether someone’s working from a corporate office or their home office.  

This presentation will cover the following areas/topics:  

• Remote working threats 

• Must-have remote working governance (documentation) 

• Top controls to mitigate remote working risk 

• Remote worker training 

Web Application/Cloud Vulnerabilities: 

Each day, more organizations move towards outsourcing different parts of their organizations to the cloud – from the web applications we use every day, to our entire productivity suite (Office 365), to our entire networks. With all-new technologies, there are risks; but there’s always a way to mitigate that risk.  

It’s important for you to understand the pros and cons of cloud computing, and whether the rewards outweigh the risk. The vast majority of today’s cloud data breaches are not a result of poor technology, but rather poorly secured technology and human error.  

In this session, we will cover the following areas/topics of cloud computing: 

• Pros and cons of cloud computing and web applications 

• Top cloud computing/web application vulnerabilities and threats 

• Top cloud computing/web application security controls 

• How to test your cloud computing/web application assets 

Threats to Look Out for in 2021: 

As we discussed in our previous sessions, the top threats of 2020 aren’t that much different than previous years. While the attack vectors change over time, these threats aren’t going away next year. Hopefully, most of you have taken some action to mitigate the risk of these threats already. But what about the threats on the horizon we haven’t yet prepared for or thought through? 

In this session, we’ll break down some of the upcoming cyber threats that are just now starting to hit our radar. We’ll discuss: 

• 5G – what will it mean for cybersecurity? 

• Artificial intelligence in cyber attacks 

• Big data and privacy 

• Internet of things vulnerabilities 

• The cybersecurity talent gap 

Guest Panel Discussion