Please note: Registration Sign-in: 11:30-12:00pm, with Lunch from 12:00pm - 1:00pm
Topic 1: The Coming Cyberspace Cold War with Russia - 1:00pm - 3:00pm
Speaker: Morgan WrightPresentation Summary: There’s a very good reason Russia has not deployed their latest cyber weapons against Ukraine. They’re saving them for the United States in what may be the beginning of a modern cold war played out in cyberspace. NATO has declared cyber to be an operational domain, and subject to Article 5 in case of a “massive” cyber-attack. But what does “massive” mean? Russia will play the fringes in the gray space of policy to conduct low-intensity warfare, using their tools and tactics refined against adversaries like Ukraine. The result? Unrestricted warfare against our critical infrastructure, espionage operations targeting the software supply chain, and new cyberweapons.
Topic 2: Building a Cross Sector Information Sharing Partnership to Resiliency
Speaker: Donna Gomez, Security Risk and Compliance
No matter what industry or sector you work, we are all fighting the same battles, and trying to solve the same problems. In a connected world, if one organization is a victim of an attack, another may soon be impacted yet we do not share information soon enough.
If you can’t prevent something from happening, maybe your detective measures fail you, you want to make sure your recovery and response activities help you rebound.
We have a common enemy and need to build a common strategy to protect, defend and respond so we all may be resilient. In this session, we will cover:
- Bad Practices
- Good Cyber Hygiene – What Cyber Insurers and CISA Recommend
- Readiness Assessments – How Resilient and Ready Are You for An Event?
- Incident Response Plans and Exercises – Plans Should Be Readily Available and Exercised.
- Information Sharing & Partnerships
Morgan Wright is an internationally recognized expert on cybersecurity strategy, cyberterrorism, national security and intelligence. He currently serves as a Senior Fellow at The Center for Digital Government, Chief Security Advisor for SentinelOne, and is the chief technology analyst for Fox News and Fox Business. Morgan's landmark testimony before Congress on Healthcare.gov changed how the government collected personally identifiable information. Previously Morgan was a Senior Advisor in the US State Department Antiterrorism Assistance Program, the Senior Law Enforcement Advisor for the 2012 Republican National Convention, taught behavioral analysis at the National Security Agency and spent a year teaching the FBI how to conduct internet investigations. In addition to 18 years in state and local law enforcement as a highly decorated state trooper and detective, Morgan has developed solutions in defense, justice and intelligence for the largest technology companies in the world including Cisco, SAIC, Unisys and Alcatel-Lucent/Bell Labs.
Gomez, CRISC, is a Security Risk and Compliance Analyst for the Johnson County (KS) Park & Recreation District and previously served as the Critical Infrastructure Protection Senior Manager and Risk Compliance Analyst for a municipally owned utility. Donna has been an information security professional since 1999, where she began documenting processes for IT and customer support staff, then training people to not click on suspicious attachments in emails.
She currently serves as President of InfraGard Kansas City Members Alliance, is past President of the Greater Kansas City Chapter of ISACA and serves on several of the MS-ISAC Working Groups including the Metrics Subcommittee, Security Awareness, and Business Resiliency. Donna also serves as a member of the MARC Cybersecurity Task Force and a #SheLeadsTech volunteer for One in Tech, an ISACA Foundation to mentor youth and promote diversity and inclusion in the profession. She previously served as a member of the ASIS Professional Standards Board, on the drafting team developing the Security Awareness Standard published in 2020. Her passion is to continue expanding the information sharing community and build partnerships to help strengthen the security resiliency and awareness of anyone responsible for protecting the critical infrastructure.