6th Annual Cybersecurity Summit hosted by Pelican3 and Walsh University

Earn CEUs. Leave with tangible solutions. Spots are limited to 150 registrants for this workshop format event, so act now!

7:30-8:00 a.m. Registration

8:00-8:15 a.m. Opening Remarks

8:15-8:45 a.m. Opening Session The State of Cybersecurity

In today's increasingly digital world, cybersecurity is more important than ever. Engage in this lively discussion as an overview of the current state of cybersecurity, including the major threats, challenges, and trends. This introduction will also include specific steps that individuals and organizations can take to protect themselves from cyberattacks.

8:45-9:00 a.m. Break

9:00-9:45 a.m. Using the NIST Cyber Defense Matrix Framework (CDM)

The NIST CDM improves upon the NIST Cybersecurity Framework (CSF) by providing a simple, compartmentalized approach to coverage and gaps. We will discuss this framework solution and structure the rest of the workshop around this approach.

9:45-10:00 a.m. Break

10:00-10:45 a.m. Written Information Security Program (WISP) / System Security Plan (SSP)

The WISP and SSP are descriptive tools that are used to document the expectation and details of your information security governance model. In this workshop, we will create the outline and basics of this plan. Attendees will leave with an active work-product for immediate use.

10:45-11:00 a.m. Break

11:00-11:45 a.m. Identifying IT Assets
Continuing the workshop and based on the requirements of our WISP/SSP, participants will learn the methods of identifying the threat environment using a variety of open-source tools.

11:45 a.m.-1:00 p.m. Lunch (Complimentary Lunch Provided)

1:00-1:45 p.m. Creating the Threat Register
The fundament purpose of governance is to prevent, detect, mitigate threats to an organization’s IT Assets. More specifically, "foreseeable" threats should be understood and placed on a register. Participants will discuss and design controls that can be implemented and map each action to the threat it is intended to mitigate.

1:45-2:00 p.m. Break

2:00 - 2:45 p.m. Creating the Risk Register / Identifying Known Vulnerabilities
After identifying threats, participants will now begin the critical step risk documentation and assessment, normally organized within 3 distinct categories: Confidentiality, Integrity, and Availability. Participants will discuss and examine methods to identify known vulnerabilities that threaten their organizations and systems.

2:45-3:00 p.m. Break

3:00-3:45 p.m. Mapping Controls & Calculating Risk
Mapping threats and vulnerabilities to the organization assets is a critical element to identifying the gaps and controlling risks and threats. Participant will evaluate the gaps using a standardized scoring model and prioritize next steps in securing assets.

3:45-4:00 p.m. Break

4:00-4:45 p.m. Incident Response and Cyber Resources
Regardless of steps taken to mitigate threats, no organization is immune to cyber-attacks or breaches. Participants will discuss incident response and explore resources to stay on the cutting-edge of cybersecurity protocols and respond to security incidents. Presenters will facilitate a discussion on the PICERL framework (Preparation - Identification - Containment - Eradication - Recovery - Lessons Learned), a simple process to identify and respond to incidents of all shapes and sizes. Included will be a discussion on various free open-source resources for news and threat intelligence.

4:45-5:00 p.m. Closing