Welcome Kickoff

Rohit Tandon, CISO, Minnesota and Carlos Kizzee, MS-ISAC Stakeholder Engagement will introduce the Public Sector Summit; outlining key challenges, requirements, capabilities, and solutions being implemented to address and mitigate the cyber security concerns for this unique sector.

Public Sector Cybersecurity: The State of the States, Local Governments, Tribes, and Territories

Eugene Kipniss, MS-ISAC Federal Engagement and SLTT Assessments will keynote the Public Sector Summit with critical observations from this year’s Nationwide Cybersecurity Review (NCSR); an anonymous cybersecurity maturity self-assessment completed by thousands of SLTT governments and presented to Congress bi-annually. His presentation will include a brief on the threats and trends currently observed by the MS-ISAC and impacting SLTT governments; providing a summary threat landscape of the community. He will explore what the NCSR data can tell us about our risk reduction priorities in light of increasing threats to SLTT, and help the audience consider how we can best leverage the NCSR to communicate those priorities to our law makers.

Why Your Organization’s Endpoint Data Is Your Greatest Source of Risk

Government agencies and Educational institutions are challenged to secure and manage a new kind of hybrid network. Not on-prem and cloud, but work in the office, work from home, work from anywhere. Your organization is more dispersed than ever — leaving you with an incomplete picture of your cyber and data risk. Start by focusing on one of the greatest challenges you face: endpoint devices. Endpoints have expanded beyond your organization’s perimeter and are operating in the badlands of the outside world. This makes them and the data that is on them ideal targets for cyber attackers. Traditional risk scoring systems do not factor endpoint data and may create a false sense of security. Your organization needs visibility to help break down the data silos and close the accountability, control and resiliency gaps to improve your cyber risk. This webinar will discuss why it is critical to move beyond basic vulnerability and threat data and calculate a dynamic risk score using key metrics across operational, security and regulatory domains.

Critical Success Factors in Cybersecurity

Irrespective of whether the organization is public or private sector, any information security management program relies on several requirements and expectations at the organizational level to be successful. The degree of success is dependent upon the extent that these success factors are supported by the organization. This presentation will discuss the nature of these success factors.

How to collaborate Cyber Intelligence and Sharing Cyber Resources

How someone working at a city and county level can better collaborate across the State and Nation.

Grant Funding to Protect Technology From Cyber Threats

Integrating cyber practices for both givers and receivers of funding. Funding is generally associated with services for residents of your community. Technology plays a critical role in delivering critical services and protecting that technology from cyber threats also requires investment. What are some of the approaches to seek out investment opportunities that defend the technology and protect recipients data around social services.

Cybersecurity: Finding Common Ground in the Political Landscape

Cyber Zeros and Ones should not be red or blue. Explaining to your legislatures how technology has a corner stone impact to all citizens. Consumers have a choice to interact with private sector and provide personal data, however in the public sector the data collected is not optional for residents. This should place a higher burden on public sector to protect the sensitive data. There are also public disclosure expectations. (In the event of a data breach – how does the state rebuild confidence). Purpose – describe the why, and suggest how

Smart Cities / Safe Cities

Protecting citizens, service programs, infrastructure. How can we prepare for the smart cities that both public and private entities are responsible for defending? What are some strategies to ensure there is a good foundation to build on to protect privacy and defend the way of life.

Find. Build. Keep. Opening a Cyber Shop in the Public Sector

How can the public sector find, attract, develop, and retain cyber talent in this competitive market? This session will cover how the Minnesota Judicial Branch and Montana have built their cyber security programs from the ground up, incorporating novel approaches to find talent and cost-effective ways to develop skills, while retaining employees by providing meaningful work in a diverse culture.

Public Sector Cyber Insurance

Presentation on cyber risk insurance in general and how public sector entities are approaching this issue. Attendees will learn the different approaches public entities can consider for insurance and how some select states and groups work together to share the cost and reduce the risk of cyber incidents.

Avoid a Cyber Splash

In this session we will learn about real life examples of attacks to our utilities and SCADA systems. We hope to offer real steps on what the future holds for this important sector and what our public officials are doing to meet this real and rapidly evolving threat to our citizens.

A Better Playbook for the Public Security Cyber Team: Introduction to Programmatic Distributed Empowerment for Information Security (“PDEIS™)

The work of the public sector is always about people – people delivering services to people. And the same is true for cyber security. Our industry tends to focus on technology and threats, but people are the key to making defenses work, or not work. And whether people or technology, this is inherently a distributed problem. Like in a team sport, we need to coordinate the improvement of each person in a way that is focused on, and contributes to, a single goal. Traditional approaches to security leave the CISO playing a game he/she can’t win while those around them do their best individually, but are not organized or directed to the enterprise goal. We need to empower people and the enterprise in a way that is clear, specific, trainable, measurable, and manageable. Programmatic Distributed Empowerment for Information Security (or PDEIS™) is the method to change the game and put us all in a better position to win.

Recommendations and Best Practices for Whole of State Governance to Mitigate Cyber Risk

State government leaders must manage risk within a context where authority is distributed across sectors and levels and branches of government. Regardless of the structures and local culture that a governor and state legislature must operate within, they must establish cybersecurity governance that provides the mix of control and influence necessary and appropriate for their state, and that includes mechanisms for mitigating and responding to risk.

IT Operations: Your Cybersecurity Foundation

Public sector and healthcare sector organizations have been repeatedly targeted by nation-state and ransomware threat actors. Good tools are important, but the best protection against these attacks isn’t extra security products, but a focus on excellence in IT hygiene and IT operations.

Transforming Education and Cyber Operations

As a national leader in energy and agriculture with a significant military footprint, North Dakota’s cybersecurity strategy involves a whole-of-government approach – including training the next generation of cybersecurity professionals. The state’s “PK-20W” Initiative aims to make “every student, computer science and cybersecurity educated, Kindergarten through PHD.” Shawn will talk through a model that can be applied to any state to bring their students to 21st Century Skills while also protecting the economy of the state, data of citizens, and security of all residents.

Women in Cyber – Networking

Learn about WiCyS and how to get involved

Women in Cyber – Namaste! Meditation and Mindfulness Session

Clark Whiting, CISSP is a highly experienced and renowned information security architect with deep experience over several years across many industries. Besides his important cybersecurity work for Best Buy, Clark is also a board-certified meditation and mindfulness instructor. To mix it up this year, Clark will host a meditation and mindfulness session designed to teach beginners (and experts) about meditation and mindfulness best practices. We will even meditate as a group through Clark’s expert guidance. Namaste!

Women in Cyber – Mentorships, The Circle of Life

Panelists:

Mentorships are the circle of life throughout a cybersecurity or business career, and it is even more critical in providing support and unlocking career opportunities to advancing our profession to be the best it can be. Join this panel of impressive information security and business executive as they share stories and strategies to how mentorship helped boost their growth both as mentors and mentees.

Consider a Career in Cyber

Panelists:

The session will showcase leaders in cyber security to discuss the career opportunities, salary ranges, and broad range of industries in which you can be employed, how a non-traditional tech background can be valuable and the growth opportunity for women in this traditionally male dominated field.

Taking a People-Centric Approach to Securing the Remote Workforce

Today’s threat landscape is constantly evolving, and securing your remote workforce is critical to success. Understanding people risk and protecting your most important asset—your people— with a people-centric approach to security, should be the fundamental focus of your cybersecurity program.

Did You Just Click That!?

We are all trained in our jobs and personal lives to be weary of suspicious emails and never click links or open attachments in them. But what happens when you do? We will look at phishing emails we have received and actually click links and/or open attachments to see what they try to do to our systems and accounts. Afterwards we’ll try and answer any security questions around phishing campaigns and or phishing in general.

Women in Cyber – Building & Leading Diverse Teams is an Artform

Building & Leading Diverse teams is an artform. Success means making a clear and visible commitment through recruiting, leading, and guiding team members through change and evolution while positioning your organization to pivot quickly to changing demographics, team member needs and market trends. Learn strategies and practices from this panel of proven architects of diverse teams

Cloud Email and Collaboration Vulnerabilities

Cloud Email and Collaboration tool has quickly become the go-to applications for remote work, accelerating dramatically in usage over the last year. Millions of users turned to Cloud Email and Collaboration Tools to help keep businesses going since the start of the pandemic —and hackers have noticed. As these tools are still relatively new, much is unknown about how it operates and how hackers will approach it. While the increased usage has been well-documented, what’s not been documented is whether the app is vulnerable to hacking. We will talk about discoveries that have already been made, potential risks that we see in the future, and how to best secure this relatively new communication vector. This session will walk attendees through:
The many inherent vulnerabilities in the platforms
The popular attack types
How hackers act differently within Teams than they do on email

Women in Cyber – Luncheon Keynote (separate ticketed item)

As a technology executive, Louise McEvoy likes taking risks outside of work – mountainbiking on weekends and climbing the world’s highest mountains on vacations. Louise’s personal life goal was to climb Everest and she realized that goal when she summited on May 16, 2018. Louise is dedicated to helping others reach their “summit” and has spoken to many groups and organizations on that topic, knowing that sometimes the hardest things in life are also the most fulfilling.

The Significance of AI & ML in Cybersecurity

Artificial intelligence (AI) has become a security industry buzzword so broadly applied as to become almost meaningless. When every product boasts AI capabilities, security decision makers may quickly become cynical, even in the face of the most exciting innovation shaping cybersecurity today. What is the benefit of a cybersecurity solution powered by Artificial Intelligence and Machine Learning? Why does the number of generations of AI matter? How smart is the AI machine? How does AI provide a predictive advantage to prevent breaches for my organization? How can a ‘Prevention First’ cybersecurity approach help my business?

A walk on the darkside – exposing the ransomware actors

Over the past few years, Ransomware attacks have evolved from an economic nuisance to a full-blown threat to public health, safety, and even national security. Ransomware has taken over as the malware of choice for financially motivated attacks. Ransomware groups have become professional enterprises with very profitable businesses and brands built around encrypting and holding your data hostage. While ransomware attacks are not new, many organizations are not properly prepared to handle a ransomware attack. This talk will dig into the history of ransomware, the groups and methods being used to target you, and a discussion on how to better prepare your organization to stop ransomware attacks.

Insights from Target’s Enterprise Journey to adopt FIDO

Join us to hear Target’s journey to adopt FIDO as a primary authentication capability across the Enterprise. We will share stories of some of the challenges and obstacles we had to overcome along the way. Our goal was not to drive users to our help desk so clarity of messages was key requirement in our program so we will talk about the importance of clear communication. We will share some of the key metrics that we identified along the way and how they helped to influence our program execution.

Grow Your Security Operations Metrics

CIAM in an Uncertain World

In today’s uncertain world, organizations must find ways to ensure their customers can engage with their services at any time, from any device, in a secure and safe manner. That is where customer identity and access management comes in or “CIAM”. A CIAM solution must not only meet today’s security and compliance standards, but also create frictionless customer experiences to meet customers where they are and in the ways they need. Join our sessions as we discuss CIAM in more detail, how priorities have shifted this year and what CIAM maturity looks like.

Key Challenges, Tips and Findings on Effective Risk Management Programs

Risk programs, and especially third-party risk programs, are made up of a lot of components. Based on our experience, we will talk about both the challenges and solutions we see working in the marketplace today, and give attendees some helpful ideas to help improve their risk programs in practice.

Hacktivism: Its past, present and future and what can we learn from it

This talk will initially define the different dimensions of hacktivism and provide an overview of its history up to the present day. It will then discuss the organizational and tactical aspects of hacktivist groups and will highlight some lessons we can learn from past examples regarding dealing with hacktivism in the future.

Cheaper by the Dozen: Application Security on a Limited Budget

Everyone wants to improve application security in their organization, but what if you don’t have a million dollars to spend? How do small/medium organizations make any progress with application security? What if you could experience a catalog of application security open-source projects and receive advice on knitting them together into a program? Explore the various application security open-source projects that exist in the OWASP universe. Learn how to choose suitable projects to match your organizational needs. Training/ awareness, process/measurement, and tools are the categories available. Each project includes purpose, a plan for use, a risk rating, human resources for success, and impact. Explore how to engage your organization with a plan, experience enormous advances, and change application security forever.

Why Asset Management Fails for Cybersecurity (and How to Fix it)

Despite the fact that every major cybersecurity framework lists asset management as the most foundational element, security teams still struggle with the downstream impact of incomplete, inaccurate, and outdated asset data. Without an accurate understanding of everything in an environment, all other initiatives suffer.
But there’s good news. It doesn’t have to be this way.
Join this session to learn:
• How security frameworks like the CIS 20 and industry-specific mandates like NIST and HIPAA approach asset management requirements
• How previous approaches to solving asset management fall short
• How cybersecurity initiatives like incident response, vulnerability management, and CMDB reconciliation are impacted
• A new approach that leverages existing data to solve the asset management challenge for cybersecurity”

Welcome

Healthcare Security Threat Landscape

This session will be a high-level summary of current security threats to medical devices and healthcare, and the efforts in place to address the risks. The end result will be a general understanding of the situation, terminology and players.

What it Takes to Start a Medical Device Security Program

The healthcare industry is continuously on the bleeding edge of innovation, deploying connected medical devices that significantly improve the quality and delivery of care. With nearly 15 connected devices per bed, the need for visibility and security of these devices is more critical than ever. But, while healthcare technology management (HTM), cybersecurity, and information technology teams share a common objective, there are still barriers to building a successful medical device security program. Join Ben Stock, Director of Healthcare Product Development at Ordr, to discuss ways to build a successful medical device security program and getting HTM, IT, and cybersecurity to work together.

Why Does Cybersecurity Asset Management Matter for Healthcare?

Join this session to learn more about the emerging area of cybersecurity asset management, why all major security frameworks consider asset management to be foundational, and how healthcare organizations can use data from the tools already in place to solve asset management for cybersecurity.

Mayo Clinic Cybersecurity Resilience Program

Mayo Clinic will share its journey to develop and implement a proactive, ongoing asset “certification/validation” process spanning the life-cycle of an asset. The talk will focus on one foundational asset, Windows servers, and key deliverables: secure baseline requirements, certification program, asset drift, and risk measurement. The program measures cybersecurity risk empirically at the asset level, which is consolidated to a fleet view.

Wrangling Ransomware Worry With Words

Ransomware has been frighteningly pervasive in the news over the past months. Through the lens of medical device security, we’ll scope out what ransomware is, box in legitimate fears, and drive out uncertainty and doubt.

Legal Aspects of Incident Response

Ransomware is but one type of “incident.” Now, incidents are defined in various ways and contractual provisions can (and typically do) add a layer of complexity and urgency to getting it done right. To that end, it is necessary to begin by referencing the incident response plan and assembling the response team, which includes the company’s legal counsel. This presentation will highlight the critical legal aspects relative to an incident response and is aimed to assist in how to properly leverage legal counsel’s assistance.

Securing the Patient Journey – Lessons from the trenches

Learn practical examples of how to leverage information security data to enable improvements to clinical risk and patient safety. Extending beyond the medical device security, we will showcase insights that require a holistic approach to what security in the next 2 to 3 years will look like related to healthcare device ecosystems.

The Human Element

Healthcare and medical device companies are some of the most targeted organizations in the world. Humans, when appropriately involved in your phishing defense, can be very effective sensors against these attacks. Through empowering people, we can create a resilience not achieved by technology alone. The power of this collective is achieved through a comprehensive, positive, human-focused program looking at the issues from end to end. Join us to discuss how you can build a better employee: one who can better identify, report, mitigate and remediate zero-day attacks.

Healthcare and the Cloud, what to be prepared for when moving or consuming applications to the cloud

To be able to successfully utilize public cloud platforms with healthcare applications one has to address a number of foundations items in which we transforms the way we look at risk. Security, Risk and Compliance now spans a variety of stakeholders between the Cloud Service provider, Technology teams and the Healthcare Provider. Understanding the basic platform consumption models, your responsibilities and expectations are critical for safe and secure use of public cloud. In this session, we cover the basic tenets of using public cloud hosted healthcare solutions differentiating between IaaS, PaaS, SaaS consumption patterns and what you should be aware of.

Breaking into Medical Device Cybersecurity: Career Transition

The global demand for Cybersecurity professionals is high, and the need for experts in cyber for medical devices is at the top of that list. This panel will discuss options and opportunities for employees from a wide variety of backgrounds to transition or prepare for a career in med device cybersecurity. The conversation will include perspectives from those who have made the transition as well as hiring managers.

“Keeping together is progress. Working together is success.” – Henry Ford

The Nation’s critical infrastructure consists of industrial control systems delivering today’s essential electricity, oil, gas, agriculture, and transportation. Sophisticated threats against an expanded attack surface require government and executive teams to address risk management strategies, realign operations safety and engineering accountability, and deliver comprehensive business and cyber resiliency solutions from top to bottom.

Standards and Risks; Cybercrime and the Internet of Things

The merger of the physical and virtual worlds is underway. A confluence of technologies has made this possible under the rubric known as the Internet of Things (IoT). This merger brings sensors and devices in the billions to cyberspace, already dwarfing the Internet of People. A vast increase in hackable devices will create profound vulnerabilities in the physical world, creating new opportunities for cybercrime and a pressing need for standards and action.

A Private Sector Perspective on the OT Focused Executive Orders and Policies

What worked well, what didn’t work; and lessons learned.

OT…Not just another form of IT Security

Control system cyber security is composed of networks (IT and OT) and field devices (engineering). Cyber security is network-focused with technologies, training, and cyber logging available under the purview of the CISO. Control system devices have no cyber security, authentication, cyber logging, training for control system engineers, and engineering management is not involved. There have been almost 12 million actual control system cyber incidents that have killed more than 1,500 with more than $90Billion in direct damage. How can we reconcile the technical and cultural gaps between networking and engineering?

Vulnerability Risk Assessments Guidance on IOT Controls

In an era of increasing vulnerability depth in IOT ecosystems, risk stakeholders and technical teams are challenged with developing systems and capabilities to identify and manage IoT device security. This discussion will focus on ways to incorporate training, standards, and tools from a business-centric perspective. Attendees will walk away actionable guidance they can implement in their business within 30-60d.

Architecting a Successful Digital Transformation Solution

In order to avoid what is commonly known as pilot purgatory, companies must use an architecture that supports Industry 4.0 concepts. This presentation will cover four sections. The first will define the objectives of a digital transformation strategy. The second will provide an overview of business and manufacturing data and how it is organized. The third will introduce the concept of a unified namespace and how business and manufacturing systems will interact with it. The final section will present the steps to a successful digital transformation.

Here’s Where We Are, Don’t over Rotate

The role of cyber resilience is to avoid production disruption due to a cyber event and clearly, we are failing. Through this talk we will explore a few cases where negative bias has improperly influenced risk calculations and led to disruptions and leave you with techniques to create a whole enterprise risk strategy.