2020 N.C. Cybersecurity Awareness Symposium

Agenda

Agenda

The virtual 2020 N.C. Cybersecurity Awareness Symposium is open only to those in state, local and academic institutions. Registration with your official organization email account by noon on Oct. 2, 2020, is required for all sessions.

Please note that session titles and scheduled speakers are subject to change without notice.

Register by Oct. 2


Day 1 (Oct. 5, 2020)

Time Session Speaker Notes
10 a.m. to 11:40 a.m.

Opening Remarks

Thomas Parrish
Acting Secretary and State Chief Information Officer
N.C. Department of Information Technology
 
Welcome Gov. Roy Cooper
Governor
State of North Carolina
 
The Evolution of Ransomware Jason Rivera
Director, Strategic Threat Advisory Group
CrowdStrike
 
11:40 a.m. to 1 p.m. Lunch    
1 p.m. to 2 p.m. Partnering Through NC 2-1-1 for Easy Reporting of Cybercrimes by North Carolinians

Heather Black
NC 2-1-1 State Director
United Way of North Carolina

Kristin Judge
CEO/President
Cybercrime Support Network

 
1 p.m. to 3 p.m. AWS Cloud Security Workshop AWS  
1 p.m. to 5 p.m. Hands-On Defending Exercise - WAITING LIST Tanium Session is full. Registering will place you on the waiting list.
2 p.m. to 3 p.m. Business Continuity & Pandemic Planning Debora Chance
IT Business Continuity/Disaster Recovery Specialist
N.C. Department of Information Technology
 
2 p.m. to 3 p.m. Role of DHS Assessments in Executive Risk Decisions  U.S. Department of Homeland Security  

Day 2 (Oct. 6, 2020)

Time Session Speaker Notes
9:30 a.m. to 10:35 a.m.

Public Safety Information Security – Protecting Critical Infrastructure

Greg Hauser
Statewide Interoperability Coordinator/Communications Branch Manager
N.C. Emergency Management
 
10:45 a.m. to 11:45 a.m. Cloud Security – A Journey to a Secure Cloud Michael South
Principal Business Development Manager for Security
AWS
 
11:45 a.m. to 1 p.m. Lunch    
1 p.m. to 4 p.m. TTX for K-12 Incident Response

Matt Chytka
Cyber Outreach Training Officer 
N.C. National Guard

Lt. Col. Seth Barun
Cyber Branch Chief 
N.C. National Guard

Tom McGrath
Cyber Unit Manager 
N.C. ISAAC Fusion Center

 
1 p.m. to 4 p.m. Virtual Threat Hunting Challenge - WAITING LIST VMware
  • Session is full. Registering will place you on the waiting list.
  • Requires Mozilla Firefox or Google Chrome
1 p.m. to 4 p.m. Using Public Toolsets to Evaluate and Improve Your Organization’s Security U.S. Department of Homeland Security  
2 p.m. to 4 p.m. Managing COVID-19-Era Third-Party Risks with Real Data Evan Tegethoff
Vice President of Consulting Engineering

BitSight Technologies
 
 
Sessions & Workshops

Sessions & Workshops

The virtual 2020 N.C. Cybersecurity Awareness Symposium is open only to those in state, local and academic institutions. Registration with your official organization email account by noon on Oct. 2, 2020, is required for all sessions.

Please note that session titles and scheduled speakers are subject to change without notice.

Register by Oct. 2


Day 1 (Oct. 5, 2020)

The Evolution of Ransomware

The targeting of U.S. state and municipal governments, health care institutions, critical infrastructure providers and our nation’s universities, coupled with the rise of big game hunting, ransomware as a service and increased collaboration between adversarial state intelligence services and criminal groups, has increased the salience of ransomware. 

This brief will cover the latest trends and developments of financially motivated ransomware attacks and how they have leveraged ransomware as a powerful tool for profit generation. Hear about the latest intelligence observations on how threat actors deploy ransomware against various government targets and the latest developments in how the sophistication of ransomware continues to improve.


Partnering Through NC 2-1-1 for Easy Reporting of Cybercrimes by North Carolinians

Thousands of North Carolinians become victims of cybercrimes each year, yet few know how to report the crime or where to turn to for recovery resources. The United Way of North Carolina and Cybercrime Support Initiative have partnered to leverage the NC 2-1-1 information and referral system as an easily accessible access point for victims of cybercrimes to report crimes and access resources. Attend this session to learn more about this new service aimed at helping citizens respond to and recover from cybercrime.


AWS Cloud Security Workshop

Learn best practices for cloud security and how to better protect yourself in the shared security model.


Hands-On Defending Exercise

Recommended for IT operations, desktop and system administrators and cybersecurity professionals, this session integrates IT and security in a hands-on workshop where users are oriented to cyber tools that facilitate network cyber hygiene. The session will cover:

  • Discovery and ownership of unmanaged devices
  • Creating an unstoppable asset register and integrating it with other solutions
  • Keeping endpoints patched and updated
  • Policy enforcement and remediation
  • Endpoint performance troubleshooting
  • Mapping your network to understand data flow
  • Creating an IT hygiene graphical dashboard to visualize data

Business Continuity & Pandemic Planning

Learn how to expand business continuity resilience strategies to prepare for and adapt to unconventional threats.


Role of DHS Assessments in Executive Risk Decisions 

This session will discuss the role of assessments in executive risk decisions.  Assessments serve a comparative analysis that quantifies security and resilience gaps and enables a conversation about the consequence of loss in an effort to improve both security and resilience of the logical and physical environment.

 

Day 2 (Oct. 6, 2020)

Public Safety Information Security – Protecting Critical Infrastructure

Over the past few years, public safety information security has become directly exceedingly important to the safety of first responder professionals and, in turn, the citizens of North Carolina. The use of publicly accessible smartphone apps allows for live monitoring of law enforcement’s tactical movements when responding to high-profile events. This session will briefly discuss high-level vulnerabilities and the obstacles that first responders face to providing adequate InfoSec.


Cloud Security – A Journey to a Secure Cloud

Description coming soon


TTX for K-12 Incident Response

The N.C. National Guard Advise and Assist Team will conduct a virtual tabletop exercise for school systems focused on incident response to a ransomware attack.


Virtual Threat Hunting Challenge

In today’s changing environment, it is even more important to protect your organization from destructive attacks. The Virtual Threat Hunting Challenge offers hands-on threat-hunting experience with VMware Carbon Black's latest products to protect your organization from destructive attacks. During this event, you will:

  • Learn how to find attacks used in actual incidents
  • Advance your skills with the latest threat knowledge
  • Get hands-on with VMware Carbon Black Cloud and discover why real-time device assessment and remediation are key for a remote workforce
  • Talk to experts individually about how to uplift your organization's security operations strategy

Players accrue points based on response accuracy and speed. Follow your progress with the group leaderboard updates in real time. 

You must have Firefox or Chrome to participate.


Using Public Toolsets to Evaluate and Improve Your Organization’s Security

This session is a discussion of toolsets and methods used by security professionals to identify and evaluate possible vulnerabilities within an organization, both internally and externally. This will include techniques for identifying devices and assets on a network, scanning for services and identifying vulnerabilities within those devices and services. The session will include the use of virtual machines within a sandbox environment to gain hands-on experience with some of tools in a live, but safe, environment. Finally, the session will focus on some technical, security measures that may mitigate some risk associated with common vulnerabilities.


Managing COVID-19-Era Third-Party Risks with Real Data

The COVID-19 era has brought many new challenges to third-party risk. Trends such as increased work from home and the changing ways we interact with vendors have driven a greater need for immediate data. 

This presentation will include a demonstration of a data-driven approach to third-party risk using BitSight. Additionally, various facets of the threat environment will be discussed, highlighting the changing nature of third-party risk.

FAQs

FAQs

What platform will be used for the 2020 N.C. Cybersecurity Awareness Symposium sessions?

Most sessions will be held via WebEx, GoToMeeting or Amazon Chime.  Prior to each session, you will receive a notification with information on how to join the event.

Will the sessions be recorded?

Many sessions will be recorded and made available on this webpage following the event. Some sessions, however, will not be available.

What do I do if I need to change my registration?

If you must change your registration, send a message by noon on Friday, Oct. 2. Changes received after this time might not be fulfilled.

What if I can’t attend a session?

Because some sessions are limited to a certain number of participants, please send a message if you are no longer able to attend a session. Letting us know will also help us keep an accurate count of who is attending.