Loading…

Sign up or log in to bookmark your favorites and sync them to your phone or calendar.

Wednesday, October 21
 

7:30am EDT

Breakfast & Registration
Wednesday October 21, 2015 7:30am - 8:15am EDT
General

8:15am EDT

9:00am EDT

Mika Meyers PLC: Legal Considerations for Cyber Security Compliance
Cybersecurity is as much a legal issue as it is a technical one. There are many state and federal laws and regulations which address the security and privacy of data and information.  Although there is legislation imposing specific obligations on businesses in certain industries, there is no overarching piece of legislation uniformly providing cybersecurity guidance to all U.S. businesses.

Given this fragmented legal framework, each business should take proactive measures to develop a legally compliant privacy and security plan. In this session, we will discuss how you can identify and address regulatory requirements applicable to your business, and how to establish policies and procedures that will help minimize the risk of, and respond to, security breaches.  Although every business’ plan will be unique, we will also discuss recommended best practices, and attendees will receive a checklist of important considerations that can be used in developing a plan.

Speakers
avatar for Jennifer A. Puplava

Jennifer A. Puplava

Partner and Attorney, Mika Meyers PLC
Jennifer A. Puplava, Partner and Attorney for Mika Meyers Beckett & Jones, PLC, practices primarily in the areas of intellectual property law and technology law. She helps clients protect their trade secrets, trademarks, copyrights and other intellectual property, and she assists... Read More →



Wednesday October 21, 2015 9:00am - 9:45am EDT
Executive Track (Room 215: Sections A & H)

9:00am EDT

US Signal: Top 10 Questions to Ask your Cloud Service Provider about Security

Many speak of the cloud as either secure or insecure, but cloud security is much more than a switch that is turned on or off.  We will explore the nuances of an appropriate cloud security framework including data ownership, destruction, and change control.  We will also discuss how to ensure a cloud provider is meeting their security obligations as well as the responsibilities of the consumer.


Speakers
avatar for Aaron Shaver

Aaron Shaver

Cloud Solution Architect, US Signal
Aaron is currently a Cloud Solution Architect for US Signal but formerly the Director of Research and Development.  Most recently he was the Executive Director of Information Management for Pennock Health Service.  He has a Master’s of Science in Information Security from Baker... Read More →



Wednesday October 21, 2015 9:00am - 9:45am EDT
Advanced Track (Room 215)

9:00am EDT

WMCSC: Developing a Cyber Security Plan
Just getting started in Cyber?  Join us for a quick overview of how to start mapping a plan for your business Cyber Security needs. In this session, we will discuss how to get started on a plan for protecting your critical company data by reviewing the Center for Internet Security’s handout and other tools available on the Internet, such as the FCC’s planning tool and CIS’s Cyber Hygiene Campaign steps. 

Speakers
avatar for Barbara Hiemstra

Barbara Hiemstra

Information Security Director, Kent County
Barb is responsible for leading a newer team at Kent County responsible for Information Security.  The team is implementing a security program to include incident response, secure configuration/patch management, security reviews and continue their existing work securing the data... Read More →



Wednesday October 21, 2015 9:00am - 9:45am EDT
Security 101 Track (Room 201 Auditorium)

9:45am EDT

Networking
Wednesday October 21, 2015 9:45am - 10:00am EDT
General

10:00am EDT

Spectrum Health: Deploying Microsoft's EMET
Deploying Microsoft's Enhanced Mitigation Experience Toolkit (EMET) can be an effective way to reduce the likelihood of successful exploitation of today's most commonly abused applications: browsers, Reader, Flash Player, and Java.

EMET is a low-cost (free) way to extend the security posture of your organization's Windows-based computers beyond AV, HIPS, and patch management.

We will share our experience and lessons learned from deploying EMET in a large organization, including the impact it has had on the rate of malware infection and persistence.

Moderators
avatar for Kyle Eaton

Kyle Eaton

Security Engineer, Spectrum Health
Kyle Eaton is a Security Engineer with Spectrum Health, currently working with the Security Engineering testing and Threat Modeling team.  Kyle is a graduate of Davenport University Security Program and is an active member of the West Michigan Information security community. 

Speakers
avatar for Abraham Jones

Abraham Jones

Supervisor, Information Services (InfoSec), Spectrum Health
Abraham is an Information Services Supervisor with Spectrum Health, he lead an elite internal group of business solutions architect types! Delta Force team of internal web application, penetration and threat modeling consultants assigned to protect the entry points to our organization... Read More →


Wednesday October 21, 2015 10:00am - 10:45am EDT
Advanced Track (Room 215)

10:00am EDT

Varonis: Data-Driven Social Engineering
Target lost 40,000,000 records in 2014 in a breach that cost them $148 million dollars. Ouch. They had lots of fancy tools watching the perimeter but fell short when it came to securing insider access. Protecting against insider threats, whether malicious or accidental, is extremely difficult, especially when 71% of employees say that they have access to information they aren’t supposed to see. Join us for a live presentation where you’ll learn 6 tactics for preventing insider threats

Speakers
avatar for Dan Post

Dan Post

Senior Systems Engineer, Varonis
Dan Post is a Senior Systems Engineer with Varonis. Dan joined Varonis this year and brings with him over 18 years of experience, with a large share of that time managing the global storage and backup operations for Chrysler LLC. He got his start as an Intelligence Analyst for the... Read More →



Wednesday October 21, 2015 10:00am - 10:45am EDT
Security 101 Track (Room 201 Auditorium)

10:00am EDT

WMCSC: Social Engineering

The field of cyber security is often presented as highly technical, full of jargon, and beyond the influence of executives (with the exception of budget authorizations). While there are still highly technical aspects, the area of social engineering is one where anyone can make a difference, even a business executive. This presentation will give an overview of social engineering in general, and cite specific examples. Business executives should leave with some concrete ideas of what they can do to decrease the vulnerability of their organization to social engineering attacks.


Speakers
avatar for Ray Davidson, PhD

Ray Davidson, PhD

Threat Intelligence Specialist, WMCSC
Dr. Davidson received his academic training at Georgia Tech and Purdue University in Engineering. He spent two decades in the pharmaceutical industry as both a scientist and IT leader. More recently, he taught networking and security at Purdue University and served as the Dean of... Read More →



Wednesday October 21, 2015 10:00am - 10:45am EDT
Executive Track (Room 215: Sections A & H)

10:45am EDT

Networking
Wednesday October 21, 2015 10:45am - 11:00am EDT
General

11:00am EDT

Gordon Foods: Using Security Baselines
Security Baselines can provide an important checklist to avoid common configuration errors.  This talk will go over using various security baseline tools, and integrating those baselines into your server deployment and management systems.


Speakers
avatar for Steve Miller

Steve Miller

System Administer, Gordon Foods
Steve Miller is a Systems Administrator for the Gordon Food Service Stores division.  His 12+ years of experience cover a wide variety of Linux, Unix and Windows administration in the public and private sectors.  His background also covers various virtualization, storage, and backup... Read More →



Wednesday October 21, 2015 11:00am - 11:45am EDT
Advanced Track (Room 215)

11:00am EDT

Trivalent Group: Intro to Defenses

As our world becomes increasingly digital, it also, increasingly, puts our personal data at risk. Every day we hear of additional date theft in the news or online, and many of these breaches can be prevented through the use of some basic security concepts. This session will feature some 100 and 200 level IT security concepts for business professionals and IT Pros alike. Some topics covered include, password best practices, secure systems management, social media security, and current trends in the industry.  

 


Speakers
avatar for Andy Syrewicze

Andy Syrewicze

Senior Cloud Services Engineer/Microsoft Most Valuable Professional (MVP), Trivalent Group
Andy has spent the last 12+ years providing technology solutions across several industry verticals including, education, fortune 500 manufacturing, healthcare and professional services. Andy’s skills include VMware, Linux, and Network Security, but his focus over the last 8 years... Read More →



Wednesday October 21, 2015 11:00am - 11:45am EDT
Security 101 Track (Room 201 Auditorium)

11:00am EDT

Varnum LLP: EMV Payment Standard Update

EMV stands for Europay, MasterCard, and Visa, the three companies which originally created the standard. EMV is a technical standard for smart payment cards and for payment terminals and automated teller machines which can accept them. EMV cards are cards which store their data on integrated circuits (chips) rather than magnetic stripes.  

As of October 1, 2015, nine major payment networks began shifting liability for card fraud from the card issuer to merchants that are not EMV-compliant.  What does this mean to merchants?  Do all cards have chips?  Does EMV impact online payments? Are all terminals EMV ready? Do consumers have any idea what EMV is and why they are receiving a new card?  In this session, we will discuss these questions and how and when the "liability shift" really impacts merchants.


Speakers
avatar for Jill M. Miller

Jill M. Miller

Counsel, Varnum LLP
Jill is an attorney in Varnum's Corporate Practice Team. She counsels companies in the electronic payment card processing industry on contractual and regulatory matters. Her clients include independent sales organizations (ISOs), financial institutions and merchant-acquiring businesses... Read More →


Wednesday October 21, 2015 11:00am - 11:45am EDT
Executive Track (Room 215: Sections A & H)

11:45am EDT

Lunch (Room 215)
Wednesday October 21, 2015 11:45am - 12:15pm EDT
General

12:05pm EDT

Door Prizes (Room 215)
Wednesday October 21, 2015 12:05pm - 12:15pm EDT
General

12:15pm EDT

FTC Keynote: The Importance of Having a Plan to Prepare for, Avoid, and Respond to Breaches and Intrusions (Room 215)

The Federal Trade Commission has been engaged in privacy and data security issues for well over a decade.  Since around 2002, the FTC has brought more than 130 spam and spyware cases, over 40 general privacy cases, and more than 50 data security cases.  As the amount of consumer data that is collected continues to grow exponentially, the importance of being aware of applicable laws grows at least as fast.  Come find out what the FTC is doing in these areas and what advice it offers to businesses.

Join Chris Panek, an FTC consumer protection attorney, as he discusses the FTC’s general consumer protection mission, the FTC’s recent data security and privacy cases, and business education materials and other guidance recently made available by the FTC.    

 


Speakers
avatar for Christopher D. Panek

Christopher D. Panek

Attorney, Federal Trade Commission
Chris is an attorney with the Federal Trade Commission’s regional office in Cleveland, Ohio.  He focuses on helping to fulfill the agency’s consumer protection mission by bringing civil law enforcement actions in federal court against companies engaged in unfair or deceptive... Read More →



Wednesday October 21, 2015 12:15pm - 1:00pm EDT
General

1:00pm EDT

Networking
Wednesday October 21, 2015 1:00pm - 1:15pm EDT
General

1:15pm EDT

Solutionary: Options for Security Event Monitoring
Kevin will be speaking on the benefits of a Managed Security Service Provider compared to an on-premise/in-house Security Incident and Event Management.  It will provide an overview of the financial, operational, and organizational considerations that purchasers of security solutions may wish to consider.

Speakers
avatar for Kevin Dempsey

Kevin Dempsey

Regional Technical Manager, Solutionary
Information Technology professional with more than 25 years of experience including network design and architecture, network security, management of technical personnel, and design and delivery of effective presentations for sales support and for internal training.Specialties: LAN/WAN... Read More →



Wednesday October 21, 2015 1:15pm - 2:00pm EDT
Security 101 Track (Room 201 Auditorium)

1:15pm EDT

Trivalent Group: BIASurvivor
WOULD YOU BE A SURVIVOR OR A STATISTIC?

If your organization had a major interruption and your technology assets were unavailable, what would it take for you to recover? At what cost? As a leader, acknowledging these challenges means thinking about how to service customers, assessing the safety of your physical locations, to say nothing of protecting and restoring your intangible—yet extremely valuable—digital assets. At Trivalent, we guide organizations as they mitigate continuity risk and create plans to get back on track as quickly as possible in the event of a disaster. Our comprehensive Disaster Recovery & Business Continuity Planning suite, BIASurvivor (“Be a Survivor”), leads the market in helping executives prioritize their recovery time and objectives.

 


Speakers
avatar for John Hey

John Hey

Chief Operating Officer, Trivalent Group
I am a tenured professional that has multiple layers of executive experience in building and guiding a diverse professional services organization and driving corporate strategy. My goals are to take Trivalent Group to the next level of success through efficiency, competency and c... Read More →


Wednesday October 21, 2015 1:15pm - 2:00pm EDT
Executive Track (Room 215: Sections A & H)

1:15pm EDT

Watchguard: Defending against Modern Malware

Cyber-attacks once were mainly the concern of governments, large corporations and other highly visible networks. Not anymore. The financial rewards generated from the theft of credit card information and other sensitive data gave rise to a new breed of malware, the polymorphic threat, and with it, the amount of malware has skyrocketed.

Most of today's malware is polymorphic and highly adept at changing its identity to evade standard, signature-based security platforms. Alone, these platforms will not recognize many of these threats.  Advanced persistent threats, or APTs, increase the threat level by employing sophisticated evasion capabilities to get payloads past a network's defenses where they persist, undetected. APTs are targeted to an organization or a specific technology and often leverage zero day vulnerabilities - flaws for which no patch is available and no signature has been written. Any organization can become a victim.


Speakers
avatar for Michael Pearson

Michael Pearson

Sales Engineer, WatchGuard Technologies
Michael Pearson is the Sales Engineer for the North Central Territory for WatchGuard Technologies, and brings 14+ years of experience in network security and overall information technology.  From large enterprise deployments, information technology design and consulting, Mike’s... Read More →


Wednesday October 21, 2015 1:15pm - 2:00pm EDT
Advanced Track (Room 215)

2:00pm EDT

Networking
Wednesday October 21, 2015 2:00pm - 2:30pm EDT
General