2020 N.C. Cybersecurity Awareness Symposium

Agenda & Materials

Day 1

Day 1

Monday, Oct. 5, 2020 (Day 1)

The two-day virtual 2020 N.C. Cybersecurity Awareness Symposium is aimed at those in state, local and academic institutions. Find the agenda below, as well as links to videos, presentations and other related materials. (Please note video and materials are limited only to certain sessions.)

 

Time Session Speaker Related Materials
10 a.m. to 11:40 a.m.

Opening Remarks

Thomas Parrish
Acting Secretary and State Chief Information Officer
N.C. Department of Information Technology
None available
Welcome Gov. Roy Cooper
Governor
State of North Carolina
None available
The Evolution of Ransomware Jason Rivera
Director, Strategic Threat Advisory Group
CrowdStrike
2020 Global Threat Report
1 p.m. to 2 p.m. Partnering Through NC 2-1-1 for Easy Reporting of Cybercrimes by North Carolinians

Heather Black
NC 2-1-1 State Director
United Way of North Carolina

Kristin Judge
CEO/President
Cybercrime Support Network

None available
1 p.m. to 3 p.m. Automation & Security: A Match Made in Heaven  Brad Dispensa
WWPS Specialist SA
AWS
None available
1 p.m. to 5 p.m. Hands-On Defending Exercise Tanium None available
2 p.m. to 3 p.m. Business Continuity & Pandemic Planning Debora Chance
IT Business Continuity/Disaster Recovery Specialist
N.C. Department of Information Technology
Session Materials (ZIP file)
2 p.m. to 3 p.m. Role of DHS Assessments in Executive Risk Decisions 

Sean McCloskey
Branch Chief, Cybersecurity Advisor
U.S. Department of Homeland Security
Cybersecurity & Infrastructure Security Agency

Roland Varriale
Cybersecurity Analyst
Argonne National Laboratory

McCloskey Slide Presentation

Day 2

Day 2

Tuesday, Oct. 6, 2020 (Day 2)

The two-day virtual 2020 N.C. Cybersecurity Awareness Symposium is aimed at those in state, local and academic institutions. Find the agenda below, as well as links to videos, presentations and other related materials. (Please note video and materials are limited only to certain sessions.)


Time Session Speaker Related Materials
9:30 a.m. to 10:35 a.m.

Public Safety Information Security – Protecting Critical Infrastructure

Greg Hauser
Statewide Interoperability Coordinator/Communications Branch Manager
N.C. Emergency Management
Slide Presentation
10:45 a.m. to 11:45 a.m. Cybersecurity: A Driving Force Behind Cloud Adoption Michael South
Principal Business Development Manager for Security
AWS
Slide Presentation
1 p.m. to 4 p.m. TTX for K-12 Incident Response

Matt Chytka
Cyber Outreach Training Officer 
N.C. National Guard

Lt. Col. Seth Barun
Cyber Branch Chief 
N.C. National Guard

Tom McGrath
Cyber Unit Manager 
N.C. ISAAC Fusion Center

Slide Presentation

MS-ISAC Ransomware Guide (September 2020)

1 p.m. to 4 p.m. Virtual Threat Hunting Challenge VMware

None available

1 p.m. to 4 p.m. Using Public Toolsets to Evaluate & Improve Your Organization’s Security Roland Varriale
Cybersecurity Analyst
Argonne National Laboratory
None available
2 p.m. to 4 p.m. Managing COVID-19-Era Third-Party Risks with Real Data Evan Tegethoff
Vice President of Consulting Engineering

BitSight Technologies
 
None available
About the Sessions

About the Sessions

Monday, Oct. 5, 2020 (Day 1)

The Evolution of Ransomware

The targeting of U.S. state and municipal governments, health care institutions, critical infrastructure providers and our nation’s universities, coupled with the rise of big game hunting, ransomware as a service and increased collaboration between adversarial state intelligence services and criminal groups, has increased the salience of ransomware. 

This brief will cover the latest trends and developments of financially motivated ransomware attacks and how they have leveraged ransomware as a powerful tool for profit generation. Hear about the latest intelligence observations on how threat actors deploy ransomware against various government targets and the latest developments in how the sophistication of ransomware continues to improve.


Partnering Through NC 2-1-1 for Easy Reporting of Cybercrimes by North Carolinians

Thousands of North Carolinians become victims of cybercrimes each year, yet few know how to report the crime or where to turn to for recovery resources. The United Way of North Carolina and Cybercrime Support Network have partnered to leverage the NC 2-1-1 information and referral system as an easily accessible access point for victims of cybercrimes to report crimes and access resources. Attend this session to learn more about this new service aimed at helping citizens respond to and recover from cybercrime.


Automation & Security: A Match Made in Heaven 

Now more than ever, it’s important to embrace automation of your security practices to reduce operational burden to your staff and to better safeguard your customers. This session will be a demonstration and lecture on the use of automation for security services in AWS.  Learn how to automatically remediate issues like non-compliance, vulnerability and also how you can quickly perform a point in time assessment of your AWS account using AWS tooling and open-source projects. 


Hands-On Defending Exercise

Recommended for IT operations, desktop and system administrators and cybersecurity professionals, this session integrates IT and security in a hands-on workshop where users are oriented to cyber tools that facilitate network cyber hygiene. The session will cover:

  • Discovery and ownership of unmanaged devices
  • Creating an unstoppable asset register and integrating it with other solutions
  • Keeping endpoints patched and updated
  • Policy enforcement and remediation
  • Endpoint performance troubleshooting
  • Mapping your network to understand data flow
  • Creating an IT hygiene graphical dashboard to visualize data

     


Business Continuity & Pandemic Planning

Learn how to expand business continuity resilience strategies to prepare for and adapt to unconventional threats.


Role of DHS Assessments in Executive Risk Decisions 

This session will discuss the role of assessments in executive risk decisions.  Assessments serve a comparative analysis that quantifies security and resilience gaps and enables a conversation about the consequence of loss in an effort to improve both security and resilience of the logical and physical environment.

 

Tuesday, Oct. 6, 2020 (Day 2)

Public Safety Information Security – Protecting Critical Infrastructure

Over the past few years, public safety information security has become directly exceedingly important to the safety of first responder professionals and, in turn, the citizens of North Carolina. The use of publicly accessible smartphone apps allows for live monitoring of law enforcement’s tactical movements when responding to high-profile events. This session will briefly discuss high-level vulnerabilities and the obstacles that first responders face to providing adequate InfoSec.


Cybersecurity: A Driving Force Behind Cloud Adoption

There are four common challenges that CISOs and their security teams struggle with, even in the most secure and mature organizational datacenters: visibility, resilience, defense-in-depth and automation. Learn how these challenges become benefits of using the AWS Cloud and why cybersecurity is becoming a driving force behind commercial cloud adoption. This is an executive-level presentation that covers key technical concepts and capabilities to meet business security and compliance objectives. Intended audience includes CIOs, CISOs, technical managers, senior architects and engineers new to AWS, and technically savvy business managers.


TTX for K-12 Incident Response

The N.C. National Guard Advise and Assist Team will conduct a virtual tabletop exercise for school systems focused on incident response to a ransomware attack.


Virtual Threat Hunting Challenge

In today’s changing environment, it is even more important to protect your organization from destructive attacks. The Virtual Threat Hunting Challenge offers hands-on threat-hunting experience with VMware Carbon Black's latest products to protect your organization from destructive attacks. During this event, you will:

  • Learn how to find attacks used in actual incidents
  • Advance your skills with the latest threat knowledge
  • Get hands-on with VMware Carbon Black Cloud and discover why real-time device assessment and remediation are key for a remote workforce
  • Talk to experts individually about how to uplift your organization's security operations strategy

Players accrue points based on response accuracy and speed. Follow your progress with the group leaderboard updates in real time. 

You must have Firefox or Chrome to participate.


Using Public Toolsets to Evaluate & Improve Your Organization’s Security

This session is a discussion of toolsets and methods used by security professionals to identify and evaluate possible vulnerabilities within an organization, both internally and externally. This will include techniques for identifying devices and assets on a network, scanning for services and identifying vulnerabilities within those devices and services. The session will include the use of virtual machines within a sandbox environment to gain hands-on experience with some of tools in a live, but safe, environment. Finally, the session will focus on some technical, security measures that may mitigate some risk associated with common vulnerabilities.


Managing COVID-19-Era Third-Party Risks with Real Data

The COVID-19 era has brought many new challenges to third-party risk. Trends such as increased work from home and the changing ways we interact with vendors have driven a greater need for immediate data. 

This presentation will include a demonstration of a data-driven approach to third-party risk using BitSight. Additionally, various facets of the threat environment will be discussed, highlighting the changing nature of third-party risk.

FAQs

FAQs

What platform will be used for the 2020 N.C. Cybersecurity Awareness Symposium sessions?

Most sessions will be held via WebEx, GoToMeeting or Amazon Chime.  Prior to each session, you will receive a notification with information on how to join the event.

Will the sessions be recorded?

Many sessions will be recorded and made available on this webpage following the event. Some sessions, however, will not be available.

What do I do if I need to change my registration?

If you must change your registration, send a message by noon on Friday, Oct. 2. Changes received after this time might not be fulfilled.

What if I can’t attend a session?

Because some sessions are limited to a certain number of participants, please send a message if you are no longer able to attend a session. Letting us know will also help us keep an accurate count of who is attending.

Past Symposiums