Rhode Island Corporate Cybersecurity Initiative
[vc_row][vc_column][vc_column_text]
The Rhode Island Corporate Cybersecurity Initiative (RICCI) is part of the Pell Center’s Cyber Leadership Project—an ongoing effort to provide thought-leadership, policy recommendations, and in-depth research in the ever-expanding field of cybersecurity. RICCI is designed to develop senior business leaders and decision makers who can affect change and make Rhode Island’s business community and critical industries more secure and resilient to cyber incidents.
By bringing together Rhode Island senior leaders from across defense, financial services, technology, transportation, healthcare, energy, telecommunication, but also law enforcement and government agencies, this initiative intends to: address the most critical cybersecurity challenges to the private sector; encourage cybersecurity awareness and training; promote best practices, business continuity and resiliency planning; and develop approaches to share cyber threat information and assure legal and regulatory compliance.
RICCI takes advantage of New England’s outstanding academic, industrial, and research resources to develop the next generation of cyber-strategic leaders, who understand the technical, ethical, legal, and compliance issues regarding cybersecurity, and to devise innovative solutions to secure Rhode Island’s organizations and the nation’s private infrastructure.
For more information, or to register for an upcoming event, contact Francesca Spidalieri, Pell Center senior fellow for cyber leadership.[/vc_column_text][/vc_column][/vc_row][vc_row][vc_column width=”1/4″][vc_single_image image=”6112″ alignment=””][vc_column_text]
Upcoming Events
[/vc_column_text][vc_single_image image=”6112″ alignment=””][vc_column_text]October 24, 2019
Salve Regina University[/vc_column_text][vc_column_text]
Past Events
[/vc_column_text][vc_single_image image=”6112″ alignment=””][vc_column_text]June 12, 2019
Salve Regina University
[/vc_column_text][vc_single_image image=”6112″ alignment=””][vc_column_text]
March 13, 2019
Salve Regina University[/vc_column_text][vc_single_image image=”6112″ alignment=””][vc_column_inner width=”1/4″][/vc_column_inner][vc_column_text]
April 10, 2019
Salve Regina University[/vc_column_text][vc_single_image image=”6112″ alignment=””][vc_column_text]
February 6, 2019
Salve Regina University[/vc_column_text][vc_single_image image=”6112″ alignment=””][vc_column_text]January 15, 2019
[/vc_column_text][vc_column_inner width=”3/4″][vc_column_text]
Workshop: Cyber Crisis Management: how to plan, test, and exercise an effective cybersecurity simulation?
[/vc_column_text][vc_column_text]During this workshop, Mr. O’Shea Bowens, Founder and CEO of Null Hat Security, provided an overview of the cybersecurity industry and workforce needs, and discussed how to identify skills shortages within your organization and establish clear roles and skills needed to create an effective cybersecurity team (e.g., threat hunting, security analysts, DevOps, security engineers, etc.). Mr. Bowens also offered tips and advice on how to identify the right candidates to fill your current workforce gaps, how to develop and retain in-house resources, how to recruit and successfully onboard new staff, and ultimately become a leader within your cybersecurity community. Finally, he discussed some of the ways to generate heightened interest and awareness within your team, encourage in-house research, and engage with the information security community, including by participating in B-sides events, DefCon, OWASP, and other local meetups in more metropolitan areas.
[/vc_column_text][vc_column_text]
This workshop discussed whether organizations should run cybersecurity simulations and exercises, and what it takes to prepare, test, and respond effectively to significant cybersecurity incidents. The workshop also gave participants a clear understanding of how exercises and simulations should be conducted, who should be involved, and what the goals should be. Participants discovered the importance of starting with clear and achievable objectives to be on the right path to achieving an effective and memorable simulation exercise.
In this presentation, Rob Burton, CEO of PreparedEx, LLC provided his insights into how to develop, deliver, and evaluate your cybersecurity exercises. Mr. Burton and his team regularly conduct these types of exercises for Fortune 500 and Global 100 businesses around the world.
[/vc_column_text][vc_row_inner][/vc_row_inner][vc_column_inner width=”1/4″][/vc_column_inner][/vc_column_inner][vc_column_inner width=”3/4″][vc_column_text]
Cybersecurity Exchange Day Conference 2019
Salve Regina’s Pell Center hosted OSHEAN on March 13th, 2019, from 9am – 3pm, for the Rhode Island Cybersecurity Exchange! This event provided a forum to hear from and take a deeper dive into key areas of cybersecurity with security and technology leaders. This day allowed participants to exchange ideas and gain insight into maturing and elevating their organization’s security posture.
Audience:
IT and business professionals responsible for university and enterprise security, risk management, BCM and critical infrastructure. Those who oversee incident response and the investigation of security breaches:
Chief Information Officer (CIO), Chief Information Security Officer (CISO), Director of Security, IT Director / Manager, Security Analyst / Engineer, Network Administrator / Engineer, Business continuity and IT disaster recovery managers Systems Analyst / Auditor / Consultant
[/vc_column_text][vc_row_inner][/vc_row_inner][vc_column_inner width=”1/4″][/vc_column_inner][/vc_column_inner][vc_column_inner width=”3/4″][vc_column_text]
Data Security Seminar: Best Practices for SMBs in Today’s Cyber-connected World
[/vc_column_text][vc_column_text]Frank Motta, Executive Vice President for CAI Software LLC and CAI Managed IT, discussed major risks facing SMBs and how they can deploy industry best practices to keep themselves, their employees – and their data — safe from cyber threats. From hybrid, cloud-based data backups, and affordable firewall technology to employee education, Mr. Motta provided a real-world view of how local SMBs are coping with persistent cyber threats.
Register here. [/vc_column_text][/vc_column_inner][vc_row_inner][vc_column_inner width=”3/4″][vc_column_text]
Workshop: “Building a Resilient Cyber Workforce”
[/vc_column_text][/vc_column_inner][/vc_row_inner][vc_row_inner][vc_column_inner width=”1/4″][vc_single_image image=”6112″ alignment=””][vc_column_text]December 7, 2018
[/vc_column_text][/vc_column_inner][vc_column_inner width=”3/4″][vc_column_text]
Cybersecurity: Anatomy of Three Insider Threat Cases – Why Employee Education Efforts are Critical to Your Business
[/vc_column_text][vc_column_text]As more and more companies become victim to data loss through phishing campaigns and insider threats, and the loss of data becomes riskier, companies are struggling to address these risks through proper employee education efforts. Employee education has been found to be effective to reduce cyber risk, and it is a big bang for your buck. Organizations know that education is an important risk management tool to prepare employees about the risks of data loss, but often struggle to implement an effective employee education program.
Linn Freedman, Partner at Robinson & Cole and data privacy expert, and Matthew Putvinski from Wolf & Company discussed cybersecurity awareness within your organization, employee security mistakes, and insider threats.
In partnership with Tech Collective[/vc_column_text][/vc_column_inner][/vc_row_inner][vc_row_inner][vc_column_inner width=”1/4″][vc_single_image image=”6112″ alignment=””][vc_column_text]November 14, 2018
[/vc_column_text][/vc_column_inner][vc_column_inner width=”3/4″][vc_column_text]
Cybersecurity in the Commercial Drone Industry: Threats and Mitigation of Risk
[/vc_column_text][vc_column_text]Drones are becoming increasingly important for businesses of all types and sizes. Many drone applications already exist, but many more will certainly arise as drone technology continues to evolve and advance.
In this session, Kathryn Ratigan, Attorney at Robinson+Cole and privacy expert, discussed how drones can collect valuable data and increase productivity, safety, and efficiency across all industries. She went over the Federal Aviation Administration’s Part 107 regulations, waivers, the FAA “DroneZone” and the FAA’s LAANC portal. Ratigan also discussed the onslaught of cybersecurity concerns and threats that need to be addressed for better drone control as they continue to operate in the national airspace.
[/vc_column_text][/vc_column_inner][/vc_row_inner][vc_row_inner][vc_column_inner width=”1/4″][vc_single_image image=”6112″ alignment=””][vc_column_text]October 17, 2018
[/vc_column_text][/vc_column_inner][vc_column_inner width=”3/4″][vc_column_text]
Half-day Conference: Educating for a Career in Cybersecurity & Raising Cybersecurity Awareness within your Organization
[/vc_column_text][vc_column_text]On the occasion of the 15th annual National Cybersecurity Awareness Month (NCSAM) – a far-reaching awareness campaign and education initiative led by the National Cyber Security Alliance (NCSA) and the U.S. Department of Homeland Security – the Pell Center partnered with Anomali, Tech Collective, and Tevora to offer a half-day conference on the growing market for cybersecurity jobs and the need to build a culture of cybersecurity across organizations.
The event shined a spotlight on the critical need to build a strong, cyber-secure workforce, addressed the cybersecurity skills gap, and encouraged every workplace to create a culture of cybersecurity from the boardroom to the server room.[/vc_column_text][/vc_column_inner][/vc_row_inner][vc_row_inner][vc_column_inner width=”1/4″][vc_single_image image=”6112″ alignment=””][vc_column_text]September 25, 2018[/vc_column_text][/vc_column_inner][vc_column_inner width=”3/4″][vc_column_text]
Securing Your Cloud Services – Clouds can Rain, Bring an Umbrella
[/vc_column_text][vc_column_text]This Cloud security seminar provided an overview of the different cloud services available in the marketplace, discussed why your organization may want to consider moving into the Cloud, and explained the main security risks involved with using the Cloud. Dan Gortze, Senior Manager of Information Security at Cumberland Farms, discussed what kinds of data should and shouldn’t be committed to the Cloud and why, and shed some light on the gaps in cybersecurity that this migration could introduce into your organization. He also offered some recommendations on meaningful questions to ask your Cloud provider before purchasing their services or migrating your data, and help you understand the roles and responsibilities between you and your Cloud provider. In addition, this non-technical and highly-interactive seminar discussed privacy protection and legal compliance issues associated with cloud computing.[/vc_column_text][/vc_column_inner][/vc_row_inner][vc_row_inner][vc_column_inner width=”1/4″][vc_single_image image=”6112″ alignment=””][vc_column_text]September 10, 2018
[/vc_column_text][/vc_column_inner][vc_column_inner width=”3/4″][vc_column_text]
Overcoming the Threats to Mass Destruction
[/vc_column_text][vc_column_text]Infragard Rhode Island explored sustainability and regional terrorist threats to mass destruction. Every organization is challenged to sustain performance through critical events, yet many are chartered to serve during crisis. They explored the key elements which bring resiliency to programs and explored the FBI Bomb Tech Program and the Operation Zero Patience Case.[/vc_column_text][/vc_column_inner][/vc_row_inner][vc_row_inner][vc_column_inner width=”1/4″][vc_single_image image=”6112″ alignment=””][vc_column_text]June 16, 2018
[/vc_column_text][/vc_column_inner][vc_column_inner width=”3/4″][vc_column_text]
Social Engineering – Rhode Island (SE-RI)
[/vc_column_text][vc_column_text]The conference was held in partnership with Social Engineering Rhode Island and Salve Regina University’s Pell Center. The two-day conference offered workshops on social engineering, open source intelligence gathering (OSINT) and ethical hacking. Experts in the field of social engineering presented on how hackers use social engineering to get the information they want, and how you can defend against social engineers.
[/vc_column_text][/vc_column_inner][/vc_row_inner][vc_row_inner][vc_column_inner width=”1/4″][vc_single_image image=”6112″ alignment=””][vc_column_text]May 8, 2018[/vc_column_text][/vc_column_inner][vc_column_inner width=”3/4″][vc_column_text]
Seminar: “Pentesting in the Real World — Why does your organization need one?”
[/vc_column_text][vc_column_text]Let’s face it, it’s terrible to hear someone call your baby ugly. In the context of keeping your network secure, that’s kind of what the suggestion of a pen-test feels like. Entire days, weeks, years, and even careers are spent dedicated to securing your organization’s IT infrastructure. You think the i’s are dotted and the t’s are crossed, but you still have that paranoid feeling – are the hackers still able to get in? How? Where? This is where a pen-test can help.
In this presentation, Mr. Laverty, a Security Consultant for Rapid7, took people through the process of a penetration test and explained some common findings and vulnerabilities, with a real-world story or two mixed in.[/vc_column_text][/vc_column_inner][/vc_row_inner][vc_row_inner][vc_column_inner width=”1/4″][vc_single_image image=”6112″ alignment=””][vc_column_text]April 10, 2018
[/vc_column_text][/vc_column_inner][vc_column_inner width=”3/4″][vc_column_text]
Seminar & Panel Discussion: “Security Transformation and Cyber Risk Management”
[/vc_column_text][vc_column_text]Cyber threats are ever evolving and our organizations must constantly adjust to the new threat environment. Security protection used to start (and often end) with firewalls to create an impenetrable outside that would not let anyone or anything in. After several breaches, however, this mindset shifted from no longer having a “hard coated outside and a soft delicious inside,” to the next evolution of comprehensive vulnerability management. 2017 was an inflection year for cybersecurity with a plethora of large-scale breaches and significant cyber attacks, such as Equifax, Wanna Cry, and NotPetya. What’s next? What is our next step in the evolution to protect our most valuable digital assets? During this seminar, Mr. Nicholas Hayden, Director of Threat Intelligence at Anomali, broke down cyber risk and what it means to the overall security posture of an organization, and what the next evolution in security should be.
[/vc_column_text][/vc_column_inner][/vc_row_inner][vc_row_inner][vc_column_inner width=”1/4″][vc_single_image image=”6112″ alignment=””][vc_column_text]February 20, 2018
[/vc_column_text][/vc_column_inner][vc_column_inner width=”3/4″][vc_column_text]
Seminar: Beyond the CISO – Corporate Leadership’s Proactive Role in Cybersecurity
[/vc_column_text][vc_column_text]Recent cyber attacks, whether against random victims or focused on a single target, can have an impact that exceeds the CISO’s span of control, solution sets, and expertise. Today’s cyber crisis management require comprehensive leadership from the company’s senior executive team; a new kind of leadership that orchestrates public information campaigns, solution development, and ensures synchronization of horizontal and vertical business functions. However, until recently, business education did not include cybersecurity topics as part of the training that senior leaders received to lead successfully in the 21st Century. Today, corporate leadership cares less about data loss for the sake of information and more about information for the sake of decision making. Regulatory directives protecting information can be meaningless against rapidly evolving threats. Organizations must strike a balance between information privacy and security.
Mr. John Bone, Planet Defense LLC, discussed how the public and private sectors can approach cybersecurity from a new and more effective perspective, and how they can create a dynamic security environment that contributes to an end-to-end cyber resiliency.[/vc_column_text][/vc_column_inner][/vc_row_inner][vc_row_inner][vc_column_inner width=”1/4″][vc_single_image image=”6112″ alignment=””][vc_column_text]February 12, 2018
AMICA[/vc_column_text][/vc_column_inner][vc_column_inner width=”3/4″][vc_column_text]
Audit and Security for Cloud-Based Services
[/vc_column_text][vc_column_text]The ISACA Rhode Island Chapter hosted a seminar on audit and security for cloud-based security. This session explored the current state of cloud computing and its common architecture, and examined the major SaaS, PaaS, and IaaS providers in the market today.
This seminar covered key risks and audit concerns, identifed key controls and mitigation strategies, cloud-based risk analysis models: ENISA, NIST, CSA, security best-practices, models for cloud-based services, audit techniques and tests in a cloud-based environment.
[/vc_column_text][/vc_column_inner][/vc_row_inner][vc_row_inner][vc_column_inner width=”1/4″][vc_single_image image=”6112″ alignment=””][vc_column_text]January 17, 2018
[/vc_column_text][/vc_column_inner][vc_column_inner width=”3/4″][vc_column_text]
Lecture: “The Verizon Data Breach Investigations Report (DBIR) and Beyond — Understanding the threats you face is the key to effective cybersecurity”
[/vc_column_text][vc_column_text]Most organizations find keeping up with the changing cyber threat landscape tough. The Verizon Data Breach Investigations Report (DBIR) is a widely respected report that provides detailed information on the threats organizations face and how they can mitigate them. There are lots of misconceptions about IT security, and the DBIR is a fantastic resource to improve understanding of what’s really going on and help organizations spend their security dollars more wisely.
Where many other reports are based on surveys, the DBIR is based on analysis of real security incidents—over 40,000 in the 2017 edition, almost 2,000 of which had confirmed loss of data.
Mr. Josh Costa is a member of the Verizon Threat Research Advisory Center | Investigative Response Team, serving as a Senior Investigative Response Consultant. In this capacity, Josh responds to a wide array of cyber-security incidents, performs digital forensic examinations, and assists organizations in implementing incident response policies and procedures. He is also responsible for delivering incident response, digital forensics, and security focused training and presentations to executive management and technical personnel.
[/vc_column_text][/vc_column_inner][/vc_row_inner][vc_row_inner][vc_column_inner width=”1/4″][vc_single_image image=”6112″ alignment=””][vc_column_text]December 12, 2017
[/vc_column_text][/vc_column_inner][vc_column_inner width=”3/4″][vc_column_text]
Infragard Quarterly Meeting: “Threat Hunting – Leaning Forward into Risk”
[/vc_column_text][vc_column_text]We have heard all too often over the last five years of data beaches where investigators discovered indicators of compromise, dating back years before the declared incident. A new “system” for event monitoring and incident response is needed. It is time to go Threat Hunting and Lean Forward into Risk before you feel a similar impact.
During this quarterly meeting of the Infragard Rhode Island Members Alliance (RI IMA), experts from Salve Regina, the US Department of Homeland Security, and Leidos explored techniques to kill the chain of events prevalent in today’s cyber landscape. Speakers discussed new roles, processes, and technologies to get organizations ahead of activating that breach notification process, and identify the key private and public-sector organizations that can provide actionable intelligence and assist in your cyber incident response playbook.[/vc_column_text][/vc_column_inner][/vc_row_inner][vc_row_inner][vc_column_inner width=”1/4″][vc_single_image image=”6112″ alignment=””][vc_column_text]December 6, 2017
[/vc_column_text][/vc_column_inner][vc_column_inner width=”3/4″][vc_column_text]
Conference: “Navigating the Cyber Clause: A Practical Guide to Implementing NIST SP 800-171”
[/vc_column_text][vc_column_text]The deadline for DoD contractors to comply with DFARS 252.204-7012 is December 31st, 2017. The conference was centered on how to approach and implement the NIST SP 800-171 requirements in your organization. The panelists demystified some of the common misconceptions, shared best practices and discussed continuing compliance and incident response.
Dr. Ronald Ross of NIST discussed the content of the NIST publication and how the 800-171 requirements can be implemented as part of an organization’s cybersecurity and risk management programs.
[/vc_column_text][/vc_column_inner][/vc_row_inner][vc_row_inner][vc_column_inner width=”1/4″][vc_single_image image=”6112″ alignment=””][vc_column_text]November 29, 2017
[/vc_column_text][/vc_column_inner][vc_column_inner width=”3/4″][vc_column_text]
Conference: “Is Your Organization Ready for the Blockchain, Bitcoin and Crypto-currencies Revolution?”
[/vc_column_text][vc_column_text]The blockchain revolution – which is the base for Bitcoin and other cryptocurrencies – is set to completely disrupt the way business and transactions are carried out online. Whether you’re in the financial or insurance industries, healthcare, government, retail, and even farming or manufacturing sectors – blockchain technologies promise to revolutionize the way we conduct business and most likely disrupt your field.
This conference addressed the future of blockchain technologies and their expected impact on different industries and governmental services from world renowned experts from Israel and the U.S.
[/vc_column_text][/vc_column_inner][/vc_row_inner][vc_row_inner][vc_column_inner width=”1/4″][vc_single_image image=”6112″ alignment=””][vc_column_text]November 15, 2017[/vc_column_text][/vc_column_inner][vc_column_inner width=”3/4″][vc_column_text]
Seminar: “Countering Ransomware: Attack Analysis & Lessons Learned”
[/vc_column_text][vc_column_text]During this seminar, Ms. Jessica Stanford, Director of Product Marketing at CyberReason, discussed the ransomware epidemic that spread around the world in 2017 and explored various outbreaks, such as WannaCry and NotPetya that caused monumental harm to millions of people and organizations worldwide. She also shared lessons learned from the field and provided practical advice on how to protect legacy systems, understand the vulnerabilities that expose organizations to ransomware threats, and prevent future attacks.[/vc_column_text][/vc_column_inner][/vc_row_inner][vc_row_inner][vc_column_inner width=”1/4″][vc_single_image image=”6112″ alignment=””][vc_column_text]October 20, 2017[/vc_column_text][/vc_column_inner][vc_column_inner width=”3/4″][vc_column_text]
RI Board of Elections Cybersecurity Summit
[/vc_column_text][vc_column_text]The summit brought together the RI Secretary of State Nellie Gorbea, the RI Board of Elections, and state electoral officials for a Cybersecurity Summit on best practices, national perspective on the elections, congressional activities in cybersecurity and elections and Rhode Island voting systems.[/vc_column_text][/vc_column_inner][/vc_row_inner][vc_row_inner][vc_column_inner width=”1/4″][vc_single_image image=”6112″ alignment=””][vc_column_text]October 17, 2017[/vc_column_text][/vc_column_inner][vc_column_inner width=”3/4″][vc_column_text]
Lecture: “The Hacked World Order and Geopolitics of Cyberspace”
[/vc_column_text][vc_column_text]Adam Segal, Ira A. Lipman Chair in emerging technologies and national security and Director of the Digital and Cyberspace Policy Program at the Council on Foreign Relations (CFR), discussed his latest book,The Hacked World Order, in a riveting lecture on the geopolitics of cyberspace, the era of ‘fake news’, and the future of the Internet.[/vc_column_text][/vc_column_inner][/vc_row_inner][vc_row_inner][vc_column_inner width=”1/4″][vc_single_image image=”6112″ alignment=””][vc_column_text]October 16, 2017[/vc_column_text][/vc_column_inner][vc_column_inner width=”3/4″][vc_column_text]
Workshop: “National Cybersecurity Awareness Month – A Practical Approach to Managing and Reducing Cyber Risks”
[/vc_column_text][vc_column_text]Sr. Fellow Francesca Spidalieri appeared along Congressman Jim Langevin at a dedicated cybersecurity event for the RI Society of CPAs (RISCPA). The seminar provided an overview of both the opportunities and threats of doing business in an era of hyper-mobility and hyper-connectivity, and addressed different approaches to improve the overall security posture of any organization operating in the digital age.[/vc_column_text][/vc_column_inner][/vc_row_inner][vc_row_inner][vc_column_inner width=”1/4″][vc_single_image image=”6112″ alignment=””][vc_column_text]October 11, 2017[/vc_column_text][/vc_column_inner][vc_column_inner width=”3/4″][vc_column_text]
Seminar: “Connecting the Boardroom to the Server Room – Current Issues and Practical Guidance”
[/vc_column_text][vc_column_text]The seminar focused on cyber risks and threats in the healthcare industry, and especially the challenges and emerging security issues that healthcare leaders are currently struggling with. Specifically it addressed some of the lessons learned from the Cybersecurity and Healthcare Sector tabletop exercise conducted in May 2017, and explored ways to address the cybersecurity skills gap and develop new approaches to improve practices and relations between boards of directors and security leaders. The seminar was followed by a moderated conversation with senior leaders from Lifespan on how good internal relationships can enable organizations to better prevent, respond to, and recover from incidents, and help mitigate cyber-risks.[/vc_column_text][/vc_column_inner][/vc_row_inner][vc_row_inner][vc_column_inner width=”1/4″][vc_single_image image=”6112″ alignment=””][vc_column_text]October 3, 2017[/vc_column_text][/vc_column_inner][vc_column_inner width=”3/4″][vc_column_text]
Panel Discussion: “Real Estate in an Age of Persistent Cyber Threat: A Practical Approach to Managing Cyber Risks”
[/vc_column_text][vc_column_text]During this seminar, a panel of senior leaders and expert practitioners discussed specific cyber risks to the real estate industry, and addressed disclosure obligations and notification requirements as well as pre- and post-breach best practices. Panelists also explored the current state of the cyber insurance market and available coverage.[/vc_column_text][/vc_column_inner][/vc_row_inner][vc_row_inner][vc_column_inner width=”1/4″][vc_single_image image=”6112″ alignment=””][vc_column_text]May 23, 2017[/vc_column_text][/vc_column_inner][vc_column_inner width=”3/4″][vc_column_text]
Cybersecurity Incident Response Preparedness Workshop
[/vc_column_text][vc_column_text]SecureWorks facilitated a day-long workshop designed to assist participants in building a Cybersecurity Incident Response Plan (CIRP) for their organization. This interactive CIRP development workshop walked participants through a series of discussions and exercises designed to flesh out the key elements of a response plan. Participants left the workshop with a draft CIRP to continue building upon with other stakeholders in their organization and a better understanding of how to refine and improve their plan.[/vc_column_text][/vc_column_inner][/vc_row_inner][vc_row_inner][vc_column_inner width=”1/4″][vc_single_image image=”6112″ alignment=””][vc_column_text]May 10, 2017[/vc_column_text][/vc_column_inner][vc_column_inner width=”3/4″][vc_column_text]
Cybersecurity & Healthcare Tabletop Exercise
[/vc_column_text][vc_column_text]The tabletop exercise ran a series of cyber intrusion scenarios to identify weaknesses common in the healthcare industry, showed how different cyber threat vectors can infiltrate even the most sophisticated computer systems and networks, and explored possible remedies and incident responses. This was a unique opportunity for healthcare providers, practitioners, and insurers in Rhode Island to explore the challenges and potential responses to growing cyber threats to the healthcare industry, and to interact with all relevant stakeholders in the state, including the RI Department of Health and law enforcement agencies.
Partners: SecureWorks, PreparedEx, Newport County Chamber of Commerce[/vc_column_text][/vc_column_inner][/vc_row_inner][vc_row_inner][vc_column_inner width=”1/4″][vc_single_image image=”6112″ alignment=””][vc_column_text]April 11, 2017[/vc_column_text][/vc_column_inner][vc_column_inner width=”3/4″][vc_column_text]
Panel Discussion: Cybersecurity Risk Management Solutions
[/vc_column_text][vc_column_text]Speakers:
Jerry Alderman, President, New England Region Property & Casualty Marsh & McLennan Agency LLC (Moderator)
Matt Cullina, CEO, CyberScout
Christopher O’Connell, Vice President, Financial Lines, Chubb
James Prendergast, Partner, Mullen Coughlin
Our panel of senior leaders addressed disclosure obligations and notification requirements under current security laws, including new regulations for 2017, and discussed pre- and post-breach best practices. Panelists also explored the current state of the cyber insurance market and available coverages to help navigate this increasingly growing but still very young market.[/vc_column_text][/vc_column_inner][/vc_row_inner][vc_row_inner][vc_column_inner width=”1/4″][vc_single_image image=”6112″ alignment=””][vc_column_text]February 23, 2017[/vc_column_text][/vc_column_inner][vc_column_inner width=”3/4″][vc_column_text]
Incident Response Preparedness Workshop
[/vc_column_text][vc_column_text]Your security staff has just informed you that they have found evidence of a potential data breach… How confident are you in how your team will respond and mitigate the effects? Do you suddenly fear the worst? How will your organization endure the potentially devastating effects of a data breach? The future growth, success, and existence of your organization may depend on how well you handle the situation. During this workshop, Tony Kirtley, Sr. Incident Response Consultant at SecureWorks, shared best practices and lessons learned from the field on must-have’s for incident response in the private sector and in government.[/vc_column_text][/vc_column_inner][/vc_row_inner][vc_row_inner][vc_column_inner width=”1/4″][vc_single_image image=”6112″ alignment=””][vc_column_text]January 26, 2017[/vc_column_text][/vc_column_inner][vc_column_inner width=”3/4″][vc_column_text]
Data Privacy Day: How to Create a Culture of Privacy & Security Within Your Organization
[/vc_column_text][vc_column_text]Speaker: Linn F. Freedman, Chair of the Data Privacy & Security Team at Robinson & Cole LLP
The Pell Center joined the 2017 national Data Privacy Day (DPD) campaign, an international effort held annually to raise awareness about the importance of privacy and data protection. As part of this effort, we partnered with data privacy & security expert Linn Freedman to host a special seminar on “How to Create a Culture of Privacy & Security within your Organization.”
This session focused on practical tips and a roadmap on how to address the increasing risk of data management, how to build data privacy and security into the company culture, and how to engage employees to be part of the process. Ms. Freedman, a leading lawyer in cybersecurity, brought her industry leadership and experience counseling global corporations to discuss how to protect an organization’s brand, value, and assets in the face of growing data breaches and ransomware attacks. She also provided practical questions for senior executives to ask IT and HR departments and vendors about policies and processes in place to protect company data and clients’ information.[/vc_column_text][/vc_column_inner][/vc_row_inner][vc_row_inner][vc_column_inner width=”1/4″][vc_single_image image=”6112″ alignment=””][vc_column_text]December 14, 2016[/vc_column_text][/vc_column_inner][vc_column_inner width=”3/4″][vc_column_text]
Identity Fraud Happens to Everyone: So What Do You Do When It’s Your Turn?
[/vc_column_text][vc_column_text]Keynote: Adam Levin, Chairman and Founder of IDT911 and Author of “Swiped”
Increasingly, identity theft is a fact of life. We might once have hoped to protect ourselves from hackers with airtight passwords and aggressive spam filters, and those are good ideas as far as they go. But with the breaches of huge organizations like Target, JPMorgan and even the US Office of Personnel Management, more than a billion personal records have already been stolen, and chances are good that you and your organization may already be in harm’s way. This doesn’t mean there’s no hope. Your identity and those of your employees and customers may get stolen, but it doesn’t have to be a life-changing event. Mr. Levin provided a method to help organizations and individuals keep hackers, phishers, and scammers from becoming what will keep you up at night.[/vc_column_text][/vc_column_inner][/vc_row_inner][vc_row_inner][vc_column_inner width=”1/4″][vc_single_image image=”6112″ alignment=””][vc_column_text]November 29, 2016[/vc_column_text][/vc_column_inner][vc_column_inner width=”3/4″][vc_column_text]
Understanding Cyber Threats – from the Boardroom to the Workforce
[/vc_column_text][vc_column_text]Session I “Cybersecurity and Corporate Leadership: Connecting the Server Room and the Boardroom”
Scott Baron, Chief Information Security Officer at Finance of America Holdings
Information security is both a business risk management and governance issue that connects technology, business management, and the boardroom. Senior leaders can no longer ignore the clear link between cyber attacks and their impact on customers’ trust, brand value, revenue, and profits. Plausible deniability, lack of awareness about information risk, and treating cybersecurity as a mere ‘IT problem’ are no longer acceptable options. CEOs and company boards are accountable for the health of their organizations and for setting levels of risk for their companies. They are also responsible for building a team of trusted information security professionals able to implement a security program that meets risk and governance requirements and that routinely report to the C-suite on the company’s cybersecurity posture.
In this keynote speech, Mr. Baron discussed why corporate leaders must understand how cyber risks are being addressed within the company and what the information security staff should be doing to communicate issues, solutions, and progress in addressing those risks. He also discussed legal liability issues for board members and executive management, and delved into the skills and knowledge needed to be an effective Chief Information Security Officer (CISO). Going forward, senior leaders need to understand their increasing role and visibility in their organization’s overall cybersecurity risk posture; while information security professionals will be required to provide meaningful and actionable information to leadership so that effective risk-based actions can be taken.
Session II “Profiles in Cybercrime: Understanding the Adversary”
Joe Provost, CEO, Syncstate
There have been numerous studies written about the psychology of a hacker or cyber criminal. Rather than trying to profile a specific group or individual, companies should be reviewing the information they already have that may be of value and try to understand how the adversary may manipulate their system or computer network to infiltrate it, so that they can put the right measures in place to safeguard it.
In this talk, Mr. Provost examined three case studies of cybercrime and cyber-enabled crime to better understand the adversary and their particular “how-to.” This approach can help companies profile their own security environment and deploy specific lines of defense that may interrupt the adversary’s mission.
Session III “When Good Tech Goes Bad”
Dan Gortze, Security Manager – SRC Incident Response & Forensics Consulting at SecureWorks
You have spent significant financial and human resources to configure and protect your network and digital assets, purchased several new security tools and software, and now you’re wondering if those technologies will be able to protect your organization against potential cyber intrusions.
In this talk, Mr. Gortze examined real-life scenarios in which security technologies failed, and even worst cases where threat actors used an organizations’ own security technologies against them. Dan will not focus on the pros and cons of particular technologies, but rather examine the need for proper security architecture and the residual risk posed by the required pervasive visibility of many security technologies. He will also share experience and insights from the field.[/vc_column_text][/vc_column_inner][/vc_row_inner][vc_row_inner][vc_column_inner width=”1/4″][vc_single_image image=”6112″ alignment=””][vc_column_text]October 24, 2016[/vc_column_text][/vc_column_inner][vc_column_inner width=”3/4″][vc_column_text]
Panel Discussion: “Hacking the Election”
[/vc_column_text][vc_column_text]In recent years, state-sponsored hackers and proxies have breached targets from the White House to the State Department to the Office of Personnel Management (OPM) to the DNC, and attacks against electoral candidates and the parties they represent are likely to continue up until the presidential election in November and beyond. More troubling is the possibility that foreign governments may seek to manipulate election results directly or indirectly by affecting turnout, disrupting election sites, and ultimately undermining confidence in the US electoral system itself.
A panel of distinguished experts discussed these and other timely issues on the ability of the US government and local state jurisdictions to maintain the confidentiality, availability, and integrity of our most sensitive information systems and networks.[/vc_column_text][/vc_column_inner][/vc_row_inner][vc_row_inner][vc_column_inner width=”1/4″][vc_single_image image=”6112″ alignment=””][vc_column_text]October 5, 2016[/vc_column_text][/vc_column_inner][vc_column_inner width=”3/4″][vc_column_text]
Seminar: “Most Pressing Cybersecurity Challenges & the Evolution of the CISO”
[/vc_column_text][vc_column_text]Today’s cyber threats are growing in complexity, scope, and intensity. The pressure on organizations and their CISOs to protect every aspect of their business line is likewise increasing. This can often result in the CISO becoming distracted, losing focus, and missing the point of their role. On top of those challenges, the role of a CISO is evolving under his/her feet. Organizations and their CISOs need to evolve to keep pace with this dynamic and changing landscape. From tactical focus areas to meeting Boardroom-level requirements, this seminar will identify today’s most pressing cyber threats and the common pitfalls faced by CISOs and their IT department. It will also provide a roadmap to ensure CISOs can succeed in their efforts to protect their organization’s most sensitive digital assets, and discuss the steps they should take to understand their business environment and execute their mission.[/vc_column_text][/vc_column_inner][/vc_row_inner][vc_row_inner][vc_column_inner width=”1/4″][vc_single_image image=”6112″ alignment=””][vc_column_text]May 3, 2016[/vc_column_text][/vc_column_inner][vc_column_inner width=”3/4″][vc_column_text]
Executive Seminar: Understanding Cyber Threats in the Boardroom
[/vc_column_text][vc_column_text]This Executive Leadership Seminar focused on issues at the intersection of cyber risks to the private sector, cyber preparedness, resilience, cyber liability insurance, workforce development, and regulations and compliance issues. This seminar was designed to help boards of directors ask the right questions of their chief information security officer, technology partners and vendors.[/vc_column_text][/vc_column_inner][/vc_row_inner][vc_row_inner][vc_column_inner width=”1/4″][vc_single_image image=”6112″ alignment=””][vc_column_text]April 14, 2016[/vc_column_text][/vc_column_inner][vc_column_inner width=”3/4″][vc_column_text]
Panel Discussion: Risks and Cyber Threats to the Healthcare Industry
[/vc_column_text][vc_column_text]A panel of experts discussed cyber risks and threats to the healthcare sector. Speakers shared tips and advice on how to prevent, respond, and mitigate cyber threats to the healthcare industry, and provided a unique perspective on the overall costs of failed compliance and compromises and on the development of holistic cybersecurity and privacy plans.[/vc_column_text][/vc_column_inner][/vc_row_inner][vc_row_inner][vc_column_inner width=”1/4″][vc_single_image image=”6112″ alignment=””][vc_column_text]March 23, 2016[/vc_column_text][/vc_column_inner][vc_column_inner width=”3/4″][vc_column_text]
Seminar: Crisis Communications for Data Breach Incidents: Exploring Recent Events, the Value of Crisis Communications for Reputation Management, and the Nuance of Messaging to Prevent Litigation
[/vc_column_text][vc_column_text]The escalation of data breach incidents has brought crisis communications to the forefront of regulatory compliance, legal, and brand protection issues. The bottom-line is that cyber incidents are going to happen and your organization must be prepared for this type of events and have a clear, practiced response and crisis communication plan in place in order to survive a cyber incident and minimize the damages to its value and brand. Melanie Thomas discussed recent data breach incidents and the best ways to help clients and stakeholders prepare for these types of events.[/vc_column_text][/vc_column_inner][/vc_row_inner][vc_row_inner][vc_column_inner width=”1/4″][vc_single_image image=”6112″ alignment=””][vc_column_text]February 10, 2016[/vc_column_text][/vc_column_inner][vc_column_inner width=”3/4″][vc_column_text]
Seminar: When Good Tech Goes Bad
[/vc_column_text][vc_column_text]You have spent significant financial and human resources to configure and protect your network and digital assets, purchased several new security tools and software, and now you’re wondering if those technologies will be able to protect your organization against potential cyber intrusions.
During this seminar, Daniel Gortze, Dell SecureWorks Senior Manager, examined real-life scenarios in which security technologies failed, and even worst cases where threat actors used an organizations’ own security technologies against them. Dan did not focus on the pros and cons of particular technologies, but rather examined the need for proper security architecture and the residual risk posed by the required pervasive visibility of many security technologies. He also shared experience and insights from the field.[/vc_column_text][/vc_column_inner][/vc_row_inner][vc_separator][vc_separator][/vc_column][vc_column width=”3/4″][vc_row_inner][vc_column_inner][/vc_column_inner][/vc_row_inner][vc_row_inner][vc_column_inner][vc_column_text]Awaiting Revision
[/vc_column_text][vc_empty_space][vc_empty_space height=”250″][/vc_column_inner][/vc_row_inner][vc_column_text]
Navigating the 2019 New England Cybersecurity Landscape
The Pell Center hosted the seminar “Shifting the Corporate Mindset: Cyber Risk as a Business Risk,” featuring John Mumford, Chief Risk Officer at the Fellsway Group. Mr. Mumford discussed cyber risk management and how businesses can identify what processes are most vital to them and how to align those processes to a comprehensive cybersecurity program that ties back to their corporate goals and objectives.
what organizations know what it needs to build a strong cybersecurity architecture and reduce its risk to cyber threats? Did you know that all the necessary tools, products, services, and talent you may need are readily available here in New England? And how can you navigate this ever-growing field to make sound business decisions that lead to a stronger cybersecurity posture?
In 2019, Kettle Consulting Group conducted a new analysis of the New England Cybersecurity Landscape — its goal was to highlight the regional economic, employment, and local capabilities in the information security sector. Organizations are moving from awareness to action as they recruit talent, secure their supply chains, and reduce their risk. Their report findings provide a robust list of local options and providers (without advocating for any specific vendor or product). During this seminar, Mr. Matt Leathers, Senior Consultant with Kettle Consulting Group, will discuss what the New England cybersecurity landscape has to offer and how your organization can benefit from knowing what is available in the region, including how to navigate the vendors and providers on the landscape.
Excellence in orienteering and information security both require skill at navigating unfamiliar terrain at speed. Come learn from our expert speaker and fellow audience members how your organization can better take advantage of the talent and lessons learned in one of the most productive, prolific, and innovative regions in the country.
Matt Leathers is a Senior Consultant with Kettle Consulting Group, a Small Woman-Owned Business headquartered in Rhode Island. Matt has worked with different companies around the world, helping the change and respond to the challenging technology and security landscape.[/vc_column_text][vc_empty_space height=”96″][vc_column_text][/vc_column_text][/vc_column][/vc_row][vc_row][vc_column width=”1/4″][vc_separator][vc_single_image image=”6112″ alignment=””][vc_column_text]December 8, 2015[/vc_column_text][/vc_column][vc_column width=”3/4″][vc_column_text]
Tabletop Exercise: Surviving a Cyber Attack: Preparedness and Resiliency in Action.
[/vc_column_text][vc_column_text]Keynote speaker: Peter Neronha, U.S. Attorney for the District of RI
What should corporate executives, and general counsels in particular, do when their company is the victim of a cyber attack? If a client hasn’t called upon you to help them respond to a cyber incident yet, it will likely happen soon. Do you know what vulnerabilities are most critical to protect? Are you prepared to take action for a client asking for help in response to a cyber attack?
Our panel of experts took attendees through a simulated cyber attack and different possible scenarios, and provided considerations and tips for legal counsels. The panel also discussed best practices for incident response, including issues that often arise when working with law enforcement and the set of guidelines that should be followed regarding cybersecurity risks and incidents. Panelists addressed disclosure obligations under current securities laws—some of which may require a disclosure of cybersecurity risks and incidents in financial statements—and the pre- and post-breach guidance that will shape the way Boards of Directors address fiduciary obligations as part of corporate governance.
Attendees left with the road map on how to advise their clients facing a cyber attack—how to respond, remediate, and survive.
This program was approved for 4.0 Rhode Island MCLE credit hours.
.[/vc_column_text][/vc_column][/vc_row][vc_row][vc_column width=”1/4″][vc_single_image image=”6112″][vc_column_text]November 10, 2015[/vc_column_text][/vc_column][vc_column width=”3/4″][vc_column_text]
Seminar: “Cyber Liability Insurance and Regulatory Compliance: Everything your Company Needs to Know to Navigate Advanced Cyber Threat, Regulatory Impacts, and Post-breach Strategies”
[/vc_column_text][vc_column_text]Advanced cyber threats call for innovative approaches to combat data exposures or manipulation, hacks, insider threats, disruption of service, and other dangers to your company and your sensitive data. As tactics to breach a system or steal sensitive information morphs, so must a company’s strategies in order to defend itself and be prepared to respond to a significant cyber incident.
Attendees heard from local IDT911 Chief Executive Officer Matt Cullina and IDT911 Chief Privacy Officer Eduard Goodman about contemporary approaches to best defend their company from emerging cyber threats and to prepare for potential breaches. Together, the pair will led a lively discussion about the regulatory impacts of cyber security and data breaches, real-life breach scenarios as witnessed through case work with IDT911 clients, and the most advanced ways to combat threats through the use of progressive mitigation strategies and cyber insurance coverage options.
IDT911™ is the leading provider of services that help businesses and their customers defend against data breaches and identity theft, and services more than 660 client partners and 17.5 million households in the United States. Based in Scottsdale, Ariz., the company has several locations in the U.S., Canada and U.K.[/vc_column_text][/vc_column][/vc_row][vc_row][vc_column width=”1/4″][vc_single_image image=”6112″][vc_column_text]October 14, 2015[/vc_column_text][/vc_column][vc_column width=”3/4″][vc_column_text]
Panel Discussion: Cybersecurity, the Internet, and the U.S. Presidential Race
[/vc_column_text][vc_column_text]The next president will inherit leadership of a nation that it is still the most powerful in the world, but that continues to face challenges to its economic and national security of staggering proportions. Among some of the most pressing challenges are the growing scope, pace, sophistication, and impact of cyber threats. The events of the past year, including numerous breaches into major retailers, rampant theft of intellectual property, cybercrime, cyber disruption activities against United States’ top financial institutions, and destructive cyber attacks like the one against Sony Pictures Entertainment, clearly demonstrate the need to accelerate collective efforts to increase our nation’s cybersecurity and to preserve the promise of ICT investments and the Internet economy.
A panel of distinguished and internationally known experts discussed these and other timely issues on the future of U.S. cyber policy.
Read More[/vc_column_text][/vc_column][/vc_row][vc_row][vc_column width=”1/4″][vc_single_image image=”6112″ alignment=”center”][vc_column_text]
June 9, 2015
[/vc_column_text][/vc_column][vc_column width=”3/4″][vc_column_text]
Workshop: “Top 10 Cyber Threats: How Do They Work? What Are Some Of The Most Overlooked Vulnerabilities? And How Can You Protect, Prevent And Mitigate Some Of These Cyber Risks?”
[/vc_column_text][vc_column_text]You have spent many hours trying to configure and protect your network and digital assets, purchased several tools, and now you are wondering: what is next? Am I actually protected and am I looking for the right indicators of a potential cyber intrusion?
Joe Provost, CEO of Syncstate, walked participants through the use of several open source tools as part of a SOC/threat/monitoring program that you can implement. He discussed what the tools can and cannot do and how best to deploy them. The goal was to provide participants with several tools, tactics and procedures that they can use within their own organization to build confidence in their cybersecurity strategy and mitigate some of the most common risks. No technical background is needed to participate to this workshop.[/vc_column_text][/vc_column][/vc_row][vc_row][vc_column width=”1/4″][vc_single_image image=”6112″ alignment=”center”][vc_column_text]
May 19, 2015
[/vc_column_text][/vc_column][vc_column width=”3/4″][vc_column_text]
Lecture: “Cyber Risk Management: U.S. Government And Private Sector Efforts”
[/vc_column_text][vc_column_text]The U.S. government has made cyber risk management a key part of its cybersecurity efforts. The NIST Voluntary Cybersecurity Framework, a centerpiece of the Obama administration’s executive order on cybersecurity, was released in February 2014 as a tool to help companies manage their cyber risk more effectively. How has the framework been received by industry, and has it helped companies manage cyber risk in today’s threat environment? What is the status of the administration’s other cyber initiatives? How are corporate boards responding to the need to manage cyber risk? What is their responsibility to do so?
Roger Cressey, partner with Liberty Group Ventures and internationally known cybersecurity and counterterrorism expert, and Kiersten Todt, president and managing partner of Liberty Group Ventures, will explore these and other important and timely issues surrounding cyber risk management in an interconnected workplace.
Registration: This is an invitation-only event and participants must be confirmed in advanced. Please RSVP on our Eventbrite page by Monday, May 18.[/vc_column_text][/vc_column][/vc_row][vc_row][vc_column][/vc_column][/vc_row][vc_row][vc_column][vc_separator][/vc_column][/vc_row][vc_row][vc_column width=”1/4″][vc_single_image image=”6112″ alignment=”center”][vc_column_text]
[/vc_column_text][/vc_column][vc_column width=”3/4″][vc_column_text]
Roundtable Discussion: “Ensuring Security When Working With Third Party Vendors”
[/vc_column_text][vc_column_text]The speakers explored some of the cybersecurity risks of working with third party vendors and discussed how to evaluate and manage them to enable business objectives. National Grid’s Michael Andreozzi, IS compliance manager, and Scott Baron, director, governance risk and compliance, examined important steps companies can take to identify risks of potentially insecure service providers, and options to mitigate those risks as part of their decision making process. They also engaged the audience in an open and frank discussion about third party management policies and strategies already in place in some of the other organizations represented in the room, from both the private and public sectors.[/vc_column_text][/vc_column][/vc_row][vc_row][vc_column][vc_separator][/vc_column][/vc_row][vc_row][vc_column width=”1/4″][vc_single_image image=”6112″ alignment=”center”][vc_column_text]
[/vc_column_text][/vc_column][vc_column width=”3/4″][vc_column_text]
Panel Discussion: “Enterprise Cybersecurity Workforce Management”
[/vc_column_text][vc_column_text]The speakers discussed ways to optimize enterprise resources, prioritize essential security tasks, and develop a comprehensive cybersecurity strategy to increase the security posture of organizations. Panelists included Francesca Spidalieri, senior fellow for cyber leadership at the Pell Center; Maurice Uenuma, senior vice president at the Center for Internet Security; Geoff Hancock, CEO for the Advanced Cybersecurity Group; and Jack Nicholas, director and general counsel at Creative Services Inc.[/vc_column_text][/vc_column][/vc_row][vc_row][vc_column][vc_separator][/vc_column][/vc_row][vc_row][vc_column width=”1/4″][vc_single_image image=”6112″ alignment=”center”][vc_column_text]
[/vc_column_text][/vc_column][vc_column width=”3/4″][vc_column_text]
Panel Discussion: “Cyber Information Sharing”
[/vc_column_text][vc_column_text]The speakers discussed how to establish and maintain effective information sharing partnerships to enhance an organization’s situational awareness, acquire the right threat feed from trusted sources and manage an organization’s exposure to intrusions and breaches through comprehensive cybersecurity programs. Panelists included Ellen Giblin, counsel at Locke Lord and Pell Center adjunct fellow; Don Ulsch, PwC managing director and cybercrime expert; and Ken Mortensen, PwC senior managing director and privacy expert.[/vc_column_text][/vc_column][/vc_row][vc_row][vc_column][vc_separator][/vc_column][/vc_row][vc_row][vc_column width=”1/4″][vc_single_image image=”6112″ alignment=”center”][vc_column_text]
[/vc_column_text][/vc_column][vc_column width=”3/4″][vc_column_text]
Seminar: “Keep Your Organization On The Winning Side Of Cybercrime In 2015”
[/vc_column_text][vc_column_text]The first workshop for 2015 featured Andy Bonillo, director of cybersecurity and public safety for Verizon, who offered a unique opportunity for participants to hear about the latest cyber threats, vulnerabilities and trends, and what to expect in 2015. He shared with the group of senior executives gathered for the seminar an overview of major cyber-attack patterns and findings from the 2014 Verizon Data Breach Investigation Report – one of the most anticipated annual computer security reports in the field.[/vc_column_text][/vc_column][/vc_row][vc_row][vc_column][vc_separator][/vc_column][/vc_row][vc_row][vc_column width=”1/4″][vc_single_image image=”6112″ alignment=”center”][/vc_column][vc_column width=”3/4″][vc_column_text]
Follow-Up Discussion: “Strengthening Rhode Island’S Data Security And Breach Notification Law”
[/vc_column_text][vc_column_text]During this follow-up meeting to the September workshop, key stakeholders around the state provided advice and guidance on the changes needed to strengthen the current Rhode Island Data Security and Breach Notification Law. Sen. Lou DiPalma chaired the meeting with representatives of the financial sector, the R.I. Attorney General’s Office, the R.I. Department of Business Regulation, and the R.I. State Police.[/vc_column_text][/vc_column][/vc_row][vc_row][vc_column][vc_separator][/vc_column][/vc_row][vc_row][vc_column width=”1/4″][vc_single_image image=”6112″ alignment=”center”][vc_column_text]
[/vc_column_text][/vc_column][vc_column width=”3/4″][vc_column_text]
Seminar: “Cybersecurity And Your Business: Security Strategies For SMBs”
[/vc_column_text][vc_column_text]Frank Motta, executive vice president of CAI Managed IT, discussed cybersecurity issues and business continuity solutions for small and medium-size businesses (SMBs), and in particular, the need for businesses to develop a holistic, company-wide methodology to minimizing their exposure to hackers and cyber criminals. He provided a list of best practices and low or no-cost solutions for SMBs to protect their systems and digital assets, from prevention and mitigation strategies to disaster recovery planning and cyber risk management.[/vc_column_text][/vc_column][/vc_row][vc_row][vc_column][vc_separator][/vc_column][/vc_row][vc_row][vc_column width=”1/4″][vc_single_image image=”6112″ alignment=”center”][vc_column_text]
[/vc_column_text][/vc_column][vc_column width=”3/4″][vc_column_text]
Seminar: “Cybersecurity And Corporate Leadership: Connecting The Server Room And The Board Room”
[/vc_column_text][vc_column_text]Steve Katz, the world’s first chief information officer and renowned cybersecurity expert, discussed the need for corporate leaders to be fully informed about how cyber-risk issues are being addressed within their companies, and outlined the skills and knowledge that chief information security officer should have, especially the ability to communicate cybersecurity issues effectively and to build relationships with the C-suite.[/vc_column_text][/vc_column][/vc_row][vc_row][vc_column][vc_separator][/vc_column][/vc_row][vc_row][vc_column width=”1/4″][vc_single_image image=”6112″ alignment=”center”][/vc_column][vc_column width=”3/4″][vc_column_text]
Panel Discussion: “Cybersecurity And Cyber Counter Strikes: Concept And Laws”
[/vc_column_text][vc_column_text]The event brought together internationally renowned experts and cybersecurity practitioners to discuss numerous key cyber-operation concepts, including the legal implications of active defense, cyber-countermeasures vis-a-vis the Tallinn Manual, and how “privatized cyber counter strikes” may influence the future of cyber deterrence.
The panel included:
- Joe Provost, CEO of SYNCSTATE, a cyber threat security and intelligence analysis company
- Robert Clark, distinguished professor of law at the U.S. Naval Academy’s Center for Cyber Security Studies
- Col. James Bitzes, staff judge advocate for the U.S. Cyber Command
- Michael Schmitt, director of the Stockton Center for the Study of International Law at the U.S. Naval War College and main author of the “Tallinn Manual on the International Law Applicable to Cyber Warfare”
- Karl Wadensten, president of VIBCO, a prominent R.I. manufacturer
The five distinguished panelists explored the timely and controversial issues of commercial hacking and the lack of clearly-defined laws – whether domestic or international – to deter, punish, and/or pursue foreign hackers.[/vc_column_text][/vc_column][/vc_row][vc_row][vc_column][vc_separator][/vc_column][/vc_row][vc_row][vc_column width=”1/4″][vc_single_image image=”6112″ alignment=”center”][/vc_column][vc_column width=”3/4″][vc_column_text]
Workshop: “Strengthening Rhode Island’s Data Security And Breach Notification Law”
[/vc_column_text][vc_column_text]The invitation-only roundtable discussion brought together key players in the state to review current gaps in Rhode Island’s Data Security and Breach Notification Law, compare the R.I. law with those of other states, and propose methods to strengthen the existing law. The distinguished group of policy makers, state representatives, business leaders and law enforcement officials present at the workshop agreed that an update to the current R.I. notification of breach law is both necessary and urgent in order to raise the cost of data breaches, to better protect customers’ personal information, and to provide companies with incentive to implement better security practices. A list of their recommendations to strengthen the existing law will be published in an upcoming policy memo.[/vc_column_text][/vc_column][/vc_row][vc_row][vc_column][vc_separator][/vc_column][/vc_row][vc_row][vc_column width=”1/4″][vc_single_image image=”6112″ alignment=”center”][/vc_column][vc_column width=”3/4″][vc_column_text]
Tabletop Exercise: Rhode Island Corporate Cybersecurity
[/vc_column_text][vc_column_text]The first R.I. Corporate Cybersecurity Tabletop Exercise was a cross-industry, discussion-based exercise that provided private sector leaders the opportunity to raise their awareness and develop an understanding of the most pressing cyber threats to their organizations’ networks and sensitive information.
More than 30 industry leaders participated in the exercise demonstrating their commitment to cybersecurity and desire to build upon existing informal relationships to improve the overall security posture of the RI private sector.[/vc_column_text][/vc_column][/vc_row][vc_row][vc_column][vc_separator][/vc_column][/vc_row][vc_row][vc_column width=”1/4″][vc_single_image image=”6112″ alignment=”center”][vc_column_text]
[/vc_column_text][/vc_column][vc_column width=”3/4″][vc_column_text]
Lecture: Why American Corporations Should Care About Cybersecurity
[/vc_column_text][vc_column_text]Corporate America is constantly being targeted by cyber-attacks and cyber espionage, and its brand integrity and market advantage are increasingly at stake. Melissa Hathaway discussed several potential targets within our cyberspace—especially private sector networks—common vulnerabilities that allow cyber-attacks to succeed (i.e. poor network security postures or procedures, lack of understanding of the different/layered techniques that are being used to get to us), and what companies can do to better protect themselves.[/vc_column_text][/vc_column][/vc_row][vc_row][vc_column][vc_separator][/vc_column][/vc_row][vc_row][vc_column width=”1/4″][vc_single_image image=”6112″ alignment=”center”][/vc_column][vc_column width=”3/4″][vc_column_text]
Workshop: After-Action Report
[/vc_column_text][vc_column_text]The After-Action Report Workshop discussed lessons learned from the Corporate Cybersecurity Tabletop Exercise and further steps companies may take to better protect their organizations from cyber threats and vulnerabilities. The workshop built upon the exercise by outlining major strengths and areas of improvement, discussing how organizations currently handle situations similar to the ones simulated in the exercise, and identifying any related best practices.
The comprehensive After Action Report includes the findings and observations of this exercise and offers actionable recommendations to help organizations prioritize their cybersecurity improvement plans and cultivate information-sharing and cooperation activities.[/vc_column_text][/vc_column][/vc_row][vc_row][vc_column][vc_separator][/vc_column][/vc_row][vc_row][vc_column width=”1/4″][vc_single_image image=”6112″ alignment=”center”][/vc_column][vc_column width=”3/4″][vc_column_text]
Seminar: Cybersecurity Emerging Trends And Threats For 2014
[/vc_column_text][vc_column_text]The seminar introduced participants to the current tactics, techniques, and procedures that malicious actors are deploying against network infrastructure worldwide. Ken Bell, senior cyber intelligence analyst at Raytheon and adjunct fellow at the Pell Center, examined the emerging trends and threats related to cybersecurity for 2014 and discussed proactive measures to help organizations, regardless of their size/industry, better protect their proprietary information and assets from those emerging threats.[/vc_column_text][/vc_column][/vc_row][vc_row][vc_column][vc_separator][/vc_column][/vc_row][vc_row][vc_column width=”1/4″][vc_single_image image=”6112″ alignment=”center”][/vc_column][vc_column width=”3/4″][vc_column_text]
Workshop: “But They Said It Was Secure!” Improving Communication Between Senior Leaders And IT
[/vc_column_text][vc_column_text]The workshop focused on the often missing link in cybersecurity – plain English communication between IT people and executives, whose responsibility is to protect company assets and reputation. Subject matter experts April Lorenzen and Nat Kopcyk from Dissect Cyber led the workshop and various group exercises and activities on some of the most pressing cybersecurity topics. Participants came away with a better idea of how to infuse a stronger culture of security, proof and transparency into the protection of their organizations’ sensitive information and digital assets.[/vc_column_text][/vc_column][/vc_row][vc_row][vc_column][vc_separator][/vc_column][/vc_row][vc_row][vc_column width=”1/4″][vc_single_image image=”6112″ alignment=”center”][/vc_column][vc_column width=”3/4″][vc_column_text]
Panel Discussion: Improving Critical Infrastructure Cybersecurity: The National Cybersecurity Framework And Beyond
[/vc_column_text][vc_column_text]The panel discussion explored how Rhode Island organizations charged with providing the state and nation’s financial, energy, health care and other critical systems could use the National Cybersecurity Framework to better protect their information and physical assets from cyber attacks. The panel included Adam Sedgewick, National Institute of Standards and Technology senior information technology policy adviser; Michael Leking, the Department of Homeland Security’s cybersecurity adviser for the Northeast region; and Jamia McDonald, executive director of the state’s Emergency Management Agency. The three distinguished panelists discussed the specifics of the framework and other national and state initiatives to support its implementation. In addition, Sen. Sheldon Whitehouse (D-RI) and Rep. James Langevin (D-RI) delivered keynote speeches and acknowledged the commitment of R.I. leaders to strengthen the state’s cybersecurity posture and of institutions, like the Pell Center, that provide an excellent forum for regional efforts in this field.[/vc_column_text][/vc_column][/vc_row][vc_row][vc_column][vc_separator][/vc_column][/vc_row][vc_row][vc_column width=”1/4″][vc_single_image image=”6112″ alignment=”center”][/vc_column][vc_column width=”3/4″][vc_column_text]
Lecture: Cybersecurity and Cyber War: What Everyone Needs to Know
[/vc_column_text][vc_column_text]A generation ago, “cyberspace” was just a term from science fiction, used to describe the nascent network of computers linking a few university labs. Today, our entire modern way of life, from communication to commerce to conflict, fundamentally depends on the Internet. And, yet there is perhaps no issue that has grown so important, so quickly, and that touches so many, that remains so poorly understood. Peter Singer discussed how cybersecurity issues affect everyone from politicians, to the military, business executives, lawyers, ethicists, and individuals in general. He presented his latest book “Cybersecurity and Cyber War: What Everyone Needs to Know,” and addressed some of the main questions we all face in everything from our rights and responsibilities as citizens, to how to protect ourselves and our families from a new type of danger.[/vc_column_text][/vc_column][/vc_row][vc_row][vc_column][vc_separator][/vc_column][/vc_row][vc_row][vc_column width=”1/4″][vc_single_image image=”6112″ alignment=”center”][/vc_column][vc_column width=”3/4″][vc_column_text]
Seminar: “End User Security Awareness Doesn’t Stop With Awareness – Foster Safe Security Behavior, Evaluate And Measure Progress”
[/vc_column_text][vc_column_text][/vc_column_text][/vc_column][/vc_row][vc_row][vc_column][vc_empty_space][/vc_column][/vc_row]