Join us for a series of Secure360 webinars! This “mini-conference” is available FREE for anyone who attended Secure360 2020, and anyone who registers for Secure360 2021 between now and September. (Webinar registration links will be sent via email.)
September 22nd : GRC
8:00-9:00 a.m.,
You Need an Insider Threat Program. Now., Presented by Chris Seers
It’s 2020, insider threats are everywhere. Whether it’s foreign state actors filling the pages of APT reports chasing Intellectual property, or an engineer walking out the door with your crown jewels, you need an insider threat program. You CAN tackle the highest risk issues to your business first, from the top down if you know how and have a plan. I’ll get you started in climbing that mountain.
CHRIS SEARS
Christofer Sears is a 20 veteran in networks and security. When not evangelizing about Security Awareness Training, Threat Modeling or how to build and insider threat program at your company, you’ll find him out in his shop working on old tractors or out sailing his beach catamaran with his wife and 3yr old daughter.
9:15-10:15 a.m.,
IT Risk Framework, Presented by Daniel May and Steve Arndt
IT risk frameworks were founded on the concept to serve stakeholders and enhance business value through effective enterprise governance and management of IT risks. Risk is defined as the probability of loss, but it also impacts opportunities to benefit. Risk and opportunity go together to provide business value to stakeholders, and enterprises must engage in various activities and initiatives that carry degrees of uncertainty and, therefore, risk. IT related risk is a condition of a technology empowered businesses, and if you implement an effective IT risk framework it is an opportunity and a key strategic activity for enterprise success.
DANIEL MAY
Dan has more than 20 years of IT risk and controls experience in financial and healthcare settings. He currently works at Wells Fargo as a Business Risk & Control Officer and he represents ISACA’s Minnesota Chapter as the VP of Cyber Security where his leadership and experience promotes ISACA’s certifications and security training. Dan earned his MBA and a Master of Science in Software Management from the University of St. Thomas.
10:30-11:30 a.m.
FBI Critical Infrastructure, Presented by Josh Mayers*
Josh was the FBI case agent for the seven-year-long Sinovel Wind Group investigation and prosecution, which involved the theft of proprietary software by Sinovel, an 18% Chinese State-Owned Enterprise, and at one time the third-largest wind turbine manufacturer in the world. In 2013, Sinovel was indicted in the Western District of Wisconsin, the corporation along with three individuals were charged with conspiracy and theft of trade secrets for stealing the intellectual property of AMSC, a U.S. company headquartered in Devens, MA., with offices in Wisconsin, Beijing, and Austria. Sinovel first attempted to hack AMSC’s software in 2010, and in response, AMSC installed protective measures to include encryption and a timing limitation to protect its wind turbine control system software. In 2011, Sinovel recruited a disgruntled AMSC engineer and manager in the AMSC Austria office and offered him a $1.7 million contract. This insider stole AMSC’s software, removed the protective measures in place, and transmitted it to Sinovel R&D managers in Beijing. The economic harm to AMSC that resulted from this theft is estimated at approximately $1.2 billion and approximately 600 jobs. Sinovel was the first Chinese corporation to be tried criminally in U.S. Federal Court, and after an eleven-day jury trial in U.S. District Court, Western District of Wisconsin, Sinovel was convicted on all counts. Their conviction resulted in Sinovel paying in excess of $56 million to AMSC and other collateral victims, and over $1 million dollars in fines to the U.S. Government.
*This presentation will not be recorded.