1/2 Day in person seminar
Sometimes You Win Sometimes You Learn
Speaker: Don Levonius
Everyone faces setbacks, both personally and professionally. And while setbacks often feel like losses, they are also opportunities to learn valuable life lessons. Based on principles from John C. Maxwell’s book by the same title, this program includes self-assessments, small group discussions, group activities, and other real-world applications that will help you adopt the right mindset to learn from adversity, get back on track, and turn your next setback into a leap forward. Want to turn your losses into transformational lessons? This program is for you!
Incident Response Plan Audits with Table Top Activity
Speaker: Dr. Baljeet Malhotra
Historically, cybersecurity has heavily emphasized risk management through preventative techniques. In the current threat environment, it the importance of having an established and tested action plan for handling an incident. The presentation will be divided into two parts.
- A discussion on the importance and benefits of the accurate and tested incident response plan. In addition, an overview of auditing incident response plans, common weaknesses, and best practices will be provided.
- A facilitated hands-on incident response exercise reflecting a current cyber event scenario.
How to Audit APIs for Technical Due Diligence- with Hands-on Activity
Speaker: Mike Skinner
An IT audit identifies and evaluates an organization's digital systems consisting of infrastructure, software/applications, data usage and management policies, procedures, and operational preparedness against recognized industry standards and/or best practices. APIs are common glue that connects these digital systems with people and processes. Given that APIs contribute 80% or more of the web traffic by enterprises, APIs have the power to impact your organization both positively (through innovations, new business models, competitive differentiation) and negatively (due to security, business disruptions, legal, and compliance issues). These impacts are compounding with the increasing API footprint of enterprises. Therefore, auditing APIs has become an important aspect of technology due diligence. In this session, we'll go through the details of an API-audit process containing hands-on training scenarios to help compliance as well as a cyber security practitioner.
This presentation will include:
- An introduction to API Ecosystems and Auditing Process
- Mitigating potential legal exposure by uncovering public APIs, which may be available for free, but may expose your organization to certain financial and/or operational implications.
- Discovering potential legal exposures from Open Source Software libraries containing publicly available free APIs that have the potential to expose your organization to financial and/or operational risks.
- Detecting API-specific security vulnerabilities that may affect the value of your digital ecosystem.
- Determine an overall sense of the API quality and how well your digital ecosystem is managed.