Sponsored by 

Cybersecurity Essentials for Long-Term Care - Protecting Yourself, Your Facility, and Your Residents

Series Description

This three-part series will help you fortify your digital fortress by focusing on cybersecurity hygiene, ransomware resilience, and defending against business email compromise. Attendees will learn to identify online behaviors that can lead to increased exposure, identify common threats, gain insights into the latest ransomware threat landscape, and develop and refine incident response plans.

Session 1: Modern Cyber Risks for 2024

The pace of cyber fraud and the number of breaches hitting the headlines has not diminished. This session will explore the current state of cyber threats, detailing how attackers progress from your social media and online exposure, through phishing and account compromises to data breaches, data theft and ransomware. We will discuss attacker motivations, common “low hanging fruit,” and strategies prevent intrusions where we can, and mitigate the impact of intrusions or breaches when they occur. We will review case studies and “in the news” examples from the last 24 months that had significant impact on businesses. Throughout the session we will examine root causes leading to breaches, and mitigation strategies to minimize likelihood and impact.

Session 2: Ransomware Preparedness

The surge in ransomware attacks over recent years has highlighted the critical importance of being prepared to defend against and respond to such threats. In this session, we will delve into real-life case studies of ransomware incidents, drawing essential lessons from each scenario. We will analyze at least two distinct ransomware attacks, exploring their origins, methodologies, and impacts on affected organizations. By dissecting these case studies, we will uncover common vulnerabilities and security lapses that contributed to the success of the attacks.

Session 3: Office 365 Breaches – Lessons Learned the Hard Way

The last two years have provided significant learning opportunities in incident response, disaster recovery and business continuity. This session will analyze case studies of MS Office 365 breaches and email compromise situations from the last 18 months that had significant impact on businesses. We will use case studies from at least two different Office 365 email compromise events to discuss common security issues, identify key security controls, and role play incident response scenarios. We will conclude with a walk through of the results from several recent MS Office 365 security reviews to highlight how real-world scenarios could have positive or negative impacts on the case studies. Through examination of the case studies, we will explore strategies to mitigate the risks related to these types of situations and attacks, and discuss the elements and structure of Incident Response plans.

Continuing Education Credit

This series is approved for 3 contact hours for:

• Activity Professionals
• Dietary
• Social Services
• Nurses (IBON provider #166)
• Department Heads
• NF Administrators
• Assisted Living Managers

No partial CEUs will be awarded for this series, you must watch all three sessions to earn credit.

Registration Fees

Members:   $99 per person
Non-Members:    $299 per person

Speaker Bios

Javier Young is a Principal within the Cybersecurity Services Group at CLA and has been in the cybersecurity field for over 14 years. Prior to joining CLA, Javier spent ten years supporting the Department of Defense as well as a financial services company in the fields of insider threat, incident response, fraud, waste and abuse, analytics, and systems engineering. Since Javier has been with CLA, he has spent the majority of his time providing IT Security, Risk, and Consulting services to clients in healthcare, higher education, and financial related institutions.

RJ Stallkamp  is a Sr. Penetration Tester within the CLA Cyber group. His specialization in social engineering and offensive cyber operation assessments continues to help secure organizations around the world including financial, manufacturing and distribution, healthcare, non-profit, insurance and government agencies. Prior to joining CLA, RJ gained experience supporting the Department of Defense with a multitude of technological issues. Since RJ has joined CLA, he has spent his time providing penetration testing and social engineering assessments, discovering previously unknown exploits (aka Common Vulnerabilities & Exploits “CVE”), developing proprietary hacking tools, contributing to popular open-source hacking tools, and speaking at local, state, and national conferences.

Luke Minniear is a Cybersecurity Consultant in the CLA Cybersecurity & Special Advisory Services Group. As a Cybersecurity Consultant for CLA, his responsibilities include working with clients to identify, evaluate, test, and exploit vulnerabilities in their environment to determine weaknesses in their IT operations, processes, systems, and related controls. This is done by performing a variety of internal and external technical assessments including network, application, and wireless penetration testing. He also conducts onsite and remote Social Engineering assessments to provide a holistic security review.

Isabella Tufaro is a Cybersecurity Controls Associate in CLA’s National Digital group and is new to the firm. She works on numerous types of cybersecurity and OISA engagements. Isabella has been involved with performing reviews and assessments including controls reviews, gap assessments, and risk assessments.

Sponsor

• Training Hours: 3.00