Registration open from 7:30AM - 5PM
2:00PM - 2:45PM
MAIN SESSION
Welcome to KEYS
Alexandria Fontana, Software Specialist, Tandem
Join us in the general session room for the conference kick-off! In this quick session you will learn what’s new at KEYS, how to win prizes, and how to get the most out of your KEYS experience.
3:00PM - 3:45PM
TANDEM
Admin & Global Features
Brady Cook, General Manager, Tandem
Elizabeth Weathers, Software Specialist, Tandem
Managing employee records, committees/teams, and locations in Tandem can require a lot of time and attention. But Tandem comes with multiple features to make managing this information easier, such as ADC, SSO, bulk imports, options for training, and more. Join Brady and Elizabeth, two members of the Tandem team, as they walk you through the best way to use these features in Tandem and answer your questions!
3:00PM - 3:45PM
RISK & COMPLIANCE
Building Your Information Security Team
Kecia Jackson, Talent Recruiting Coordinator, CoNetrix
Benjamin Taylor, Training Manager, CoNetrix Security
Can an organization prioritize attitude in the hiring process and then offer training for the required skills? What happens if you misjudge the new hire's attitude? We will discuss ways to identify talent within your organization and how to cultivate them into strengths. Investing in your people can lead to continuous growth and achievement across the board. This method has been applied to various teams, but today our focus is Information Security.
Take aways:
- Smart Hiring- Learn when and who to bring onto your team, optimizing your workforce for information security excellence.
- Develop for Defense- Explore why investing in your employees can fundamentally strengthen your information security posture, safeguarding your digital assets.
- Achieve Excellence- Reflect on these insights and chart a course towards achieving excellence through workforce empowerment.
3:00PM - 3:45PM
CYBERSECURITY
Cloudy with a Chance of Compromise
Kelsey Hilton, Project Manager, CoNetrix Security
Patrick Henry, Audit and Security Consultant, CoNetrix Security
The decision for cloud adoption should be based on your risk tolerance and business needs. But how do you know if the cloud is right for your business? And what kinds of risks are you tolerating? Kelsey and Patrick will share insights gleaned from designing work programs and auditing customers using Azure Services to help you identify common risks associated with cloud adoption.
4:00PM - 4:45PM
TANDEM
Business Continuity Plan
Samantha Torrez-Hidalgo, Software Specialist, Tandem
Nicolas Crittenden, Software Specialist, Tandem
Creating and managing your BCP requires a lot of time and effort from your organization. Tandem’s Business Continuity Plan product is there to help make the process easier with suggested content, an exercise and test system, and even the option to alert employees during an emergency. Join Tandem Software Specialists Samantha and Nicolas as they walk you through the best use of the Business Continuity Plan product and answer your questions!
4:00PM - 4:45PM
RISK & COMPLIANCE
Evil Generation - Adversary-in-the-Middle Phishing Services
Brian Hinze, Treasurer & VP, Member Services & Operations, NCU-ISAO
Malicious threat actors are constantly evolving their social engineering and email phishing tactics in attempts to trick users into providing their valuable enterprise usernames and passwords. However, malicious actors have long had one additional hurdle before they can compromise most of these accounts – multi-factor authentication (MFA).
Fast-forward to a new reality where technology-driven services have been designed to bypass commonly used MFA methods to compromise accounts, and the businesses they belong to. This session will focus specifically on Microsoft users to discuss how services like EvilProxy, EvilGinx and Greatness have leveled-up phishing attacks on credit unions in recent years. We’ll discuss adversary-in-the-middle phishing tactics, demonstrate how these services work to can capture authenticated user sessions and collect precious login credentials.
Most importantly, we’ll also discuss effective technological and user-based countermeasures to enhance your organization’s resilience to these attacks and what to do if a user is compromised.
4:00PM - 4:45PM
CYBERSECURITY
Not So Hidden Wireless Networks (Live Hack)
Luke Deavenport, Audit and Security Consultant, CoNetrix Security
Jackson Davies, Security Engineer, CoNetrix Security
A hidden wireless network is secure, right? How about using WPA2-Enterprise? The answer is not as secure as you’d like. And while hiding your wireless network or rolling out WPA2-Enterprise may seem secure, we argue they make your network less secure if they are not configured properly. Join us for a live demonstration of hacking wireless networks!