Details

What’s happening at RIMM 2024?

Are you looking forward to RIMM 2024? We are! The planning committee has finalized a rich lineup of presentations, panels, and activities at the 2024 REN-ISAC Member Meeting.

RIMM 2024 Agenda

7:00 to 7:55      Check-in / Breakfast Buffet

8:00 to 8:10      Welcome

8:10 to 9:00      REN-ISAC Updates

9:00 to 9:45     Presentation: “Attack Surface Management”

The presentation will cover attack surface management, specifically how you can get started using data and tools that you already have (Zeek, firewall, and NetFlow logs) to identify services running on their network. I will provide examples from the National Center for Supercomputing Applications where we use Zeek, Splunk, and a custom scanner available on GitHub.

9:50 to 10:10    Morning Break

10:10 to 10:55   Presentation: “The Increasing Complexity of the Cybersecurity Regulatory Environment in Federal Research”

With the National Security Presidential Memorandum 33 (NSPM-33) and Cybersecurity Maturity Model Certification (CMMC) requirements upon us in the federally funded research space, it is critical that we have a firm grasp of what they are, what they mean, and the level of effort to become compliant. The presentation will introduce the NSPM-33 and the CMMC, discuss their current status, and share how Georgia Tech Research Institute is preparing to meet the challenge of becoming compliant.

11:00 to 11:45   Presentation: “Security as a Service: A Consolidated Approach for Cybersecurity”

In this interactive, engaging session we will describe how we are delivering comprehensive cybersecurity for 4 Universities of Wisconsin institutions. We will dive into each of the services: cyber defense, risk & compliance and awareness. We will also cover how we provide integrated strategic security support (BCISO) to our campus partners. We will illustrate how the central IT team is providing complimentary IT as a Service services.

11:45 to 12:45    Lunch

12:45 to 1:30     Open Spaces Facilitated Discussions

1:35 to 2:20       Presentation: “Data Source Priority and Threat Hunting; Unveiling Best Practices and Lessons Learned”

This session focuses on how OmniSOC has matured over the last 5 years-going from IDS analysts to empirical based threat hunting utilizing endpoint logs and threat intelligence. Attendees will be introduced to concepts such as top techniques, chokepoints as well as how OmniSOC has utilized the MITRE ATT&CK framework to guide prioritization efforts.

2:20 to 2:40     Afternoon Break

2:40 to 3:25      Presentation: “Vulnerability Management: The Art of Effective Nagging”

Beginning in September 2022, the University of Waterloo launched a new Vulnerability Management Initiative. This process uses information from the Qualys IT Security platform and other sources, along with a defined escalation procedure, to ensure the remediation of IT security vulnerabilities across the institution. This initiative has also proved an exercise in balancing friction with campus IT groups while standardizing security best practices. This talk will discuss the philosophy and history behind the Vulnerability Management program at the University of Waterloo, technical details of the vulnerability reporting process, as well as its successes, failures, tribulations, and future.

3:30 to 4:25      Panel: “Best Practices for Obtaining Executive and Board-Level Commitment to Information Security”

Cybersecurity represents a critical risk to universities as data breaches, fraud-scams, and identity theft are on the rise; however, many organizations struggle to justify, much less obtain, information security investments until a major incident occurs. This panel will discuss changes at New Mexico State University and Washington University in St. Louis to successfully invest in maturing their information security programs. Attendees will be able to

• • • • Formulate, update, and communicate short- and long-term organizational cybersecurity strategies and policies to the board.
      • Gain practical tips on how to establish a comprehensive risk-based cybersecurity information security program to brief the board.
      • Prioritize early success to build board and executive confidence in the IT organization’s ability to deliver.

4:30                      Closing Remarks

 

Register for RIMM 2024 before April 30! This year’s REN-ISAC Member Meeting (RIMM) will be held from 7:00am – 4:30pm on Tuesday, April 30 at the Hyatt Regency in Minneapolis, MN. Please note that RIMM registration is independent of CPPC registration this year; CPPC registration does not constitute as being registered for RIMM. For more information, visit the REN-ISAC RIMM page.

We would like to thank our sponsors Artic Wolf, Domain Tools, SANS, and Shadowserver for helping support RIMM 2024.

We look forward to seeing you all at RIMM 2024!

Go Back