Thank you to everyone who attended the Technical Forum on Wednesday, October 6 and the Community Forum on Wednesday, October 13.
Share Your Feedback
Help us improve the event for 2022 by completing this quick survey.
Access Session Recordings
All session recordings from Cybersecurity Days 2021 are available on the Ohio State IT YouTube Channel. Check out the playlists below.
About the Event
Each October, The Ohio State University presents a multi-day conference, Cybersecurity Days. We offer sessions for all skill levels because cybersecurity awareness happens wherever humans and technology connect. Being aware of threats makes us all safer and more productive.
Cybersecurity Days Past
2021 Community Forum
During the Community Forum on Wednesday, October 13, all users of technology gained awareness of cybersecurity in their digital lives. This day presented cybersecurity in understandable ways and instilled confidence as attendees engage with technology. Attendees took away actionable steps to protect themselves and their community from cybersecurity threats.
Keynote Address | “The Mind's Lie: How our Thoughts and Actions can be Hacked and Hijacked" presented by Perry Carpenter
Perry Carpenter (author of the Cyber Canon award-winning “Transformational Security Awareness: What Neuroscientists, Storytellers, and Marketers Can Teach Us About Driving Secure Behaviors) currently serves as Chief Evangelist and Strategy Officer for KnowBe4. Previously, Perry led security awareness, security culture management, and anti-phishing behavior management research at Gartner Research, in addition to covering areas of IAM strategy, CISO Program Management mentoring, and Technology Service Provider success strategies.
With a long career as a security professional and researcher, Mr. Carpenter has broad experience in North America and Europe, providing security consulting and advisory services for many of the best-known global brands. Perry holds a Master of Science in Information Assurance (MSIA) from Norwich University in Vermont and is a Certified Chief Information Security Officer (CISO).
"Stay Ahead of Evolving Tactics by the Adversary: How New Techniques Take Advantage of Your Behavior" presented by Denis Ryan
Denis Ryan of Proofpoint exposes the tricks cybercriminals use to gain a foothold into systems by scamming users. Learn how organizations are turnings the tide, and how a vigilant workforce can play a role in the defense of our colleagues.
"You Are a Target: The Mindset of the Modern Cybercriminal" presented by Jerod Brennen
"Why would anyone want to attack me? There are much more lucrative targets for them to go after." Don't sell yourself short. The unfortunate truth is that cybercriminals are looking for the path of least resistance to a payday, and they've found ways to monetize everything from your personal information to your mobile devices to your relationship with your employer. As the technology landscape continues to evolve, so do the attack methods that these criminals employ. Jerod wants to shine a light on the mindset and methods of cybercriminals, both independent operators and organized crime organizations, while showing you the steps you can take to stay safe online.
"Get Involved with the Institute for Cybersecurity and Digital Trust" presented by Ted Allen
Learn about the institute’s mission to foster collaboration among researchers from multiple academic disciplines to develop solutions to complex cybersecurity and digital trust issues. Preparing the next generation of workers, scholars and leaders, the institute partners with educational institutions, governments, military and industry to address emerging cybersecurity threats. Attend this session to find out how to participate.
"Why Cybersecurity is Such a Hard Problem to Solve" presented by Dr. Lin Zhiqiang
A unique difference between cybersecurity and reliability (or safety) is the arms race between defenders and offenders. As practitioners of technology for our organizations, we are facing an intelligent adversary who has the resources to adapt quickly. In today’s asymmetrical conflict, defenders must be right 100% of the time. Learn how cybersecurity professionals have been addressing this imbalance, and what solutions will look like in the future.
2021 Technical Forum
During the Technical Forum on Wednesday, October 6, 2021 expert and novice technologists learned about cybersecurity as it applies to their field of expertise. This day was designed to foster curiosity and spark innovation toward a safer security posture for all.
Participation in the Technical Forum on October 6 by Ohio State employees complies with training requirements IT16.1.1 or IT16.2.1. Learn more about training requirements in the question and answer section near the bottom of this page. Contact your unit’s Security Coordinator or email SecurityAwareness@osu.edu for more details.
Keynote Address | “Behind the Scenes of a Ransomware Event: How to Prepare Your Organization” presented by Lisa Sotto
Lisa Sotto is the managing partner of Hunton Andrews Kurth’s New York office and chair of the firm’s top-ranked Global Privacy and Cybersecurity practice.
Lisa serves as Chairperson of the Department of Homeland Security’s Data Privacy and Integrity Advisory Committee.
Nicknamed the “Queen of Breach,” Lisa assists clients in identifying, evaluating and managing risks associated with privacy and data security practices. She speaks frequently at conferences, testifies regularly before the U.S. Congress and other U.S. and global legislative and regulatory bodies.
"One Team, One Fight" presented by Shawn Henry
Shawn Henry serves as president of CrowdStrike Services, leading a world-class team of cybersecurity professionals in investigating and mitigating targeted attacks on corporate and government networks globally. Under his leadership, CrowdStrike engages in significant proactive and incident response operations across every major commercial sector and critical infrastructure, protecting organizations’ and governments’ sensitive data and networks around the world. Henry’s work includes educating boards of directors and executives of key companies on critical proactive security measures, governance, and corporate readiness in the event of a breach. He also oversees all security aspects of global CrowdStrike facilities, personnel, executive protection, and corporate events.
Shawn’s legendary commitment to “One Team, One Fight” resonates throughout the entire organization, unifying CrowdStrike’s rapidly growing and geographically dispersed workforce. He joined CrowdStrike in 2012 after retiring from the FBI, where he oversaw half of the FBI’s investigative operations, including all FBI criminal and cyber investigations worldwide, international operations, and the FBI’s critical incident response to major investigations and disasters. He also oversaw computer crime investigations spanning the globe and received the Presidential Rank Award for Meritorious Executive for his leadership in enhancing the FBI’s cyber capabilities. Henry lectures at leading universities and is a faculty member at the National Association of Corporate Directors. He serves as a keynote speaker at major cyber security conferences around the world and is regularly interviewed on cyber security issues by major broadcast, cable, online, and print media.
"IT Resiliency: What Is It and Why It Matters" presented by Jamie Vance and Brian Waeltz
Now that we’ve talked about what a ransomware event is, and what can be done to mitigate it, the need for organizations (and their people) to be resilient is increasing. Our speakers, Jamie Vance and Brian Waeltz from Cardinal Health, will help us understand what IT resiliency is and why it's so important by sharing Cardinal Health's own journey to answer this question.
"Successful Organizations Lean Into Our Remote Future" presented by Jerod Brennen
The pandemic has driven many businesses to remote solutions, for their people and their technology. While successful CISOs are leaning into SaaS to enable their organizations, cybercriminals are flocking to these platforms as well, hoping to exploit gaps in the security team's visibility and controls. To avoid disruptive incidents and to ensure the organization is seeing the value from its investment in these platforms, everyone from the CISO to end user needs to understand how to use these technologies securely. Jerod will share how organizations are meeting these challenges and provide practical advice on how you can manage these risks given the resources you have at hand.
"Securing the Future" presented by Ohio Cyber Range and Institute (OCRI)
Not all organizations have the staff or resources to put resilient principles into practice. The University of Cincinnati partnered with the Ohio Department of Higher Education and the Ohio Adjutant General's Department to offer facilitation, support, and cybersecurity materials to upskill any workforce. As a result of this partnership, Ohio Cyber Range and Institute (OCRI) provides learning resources and virtual lab environments that attendees can leverage to improve their security posture.
"Dot the 'I' of Security" presented by Ingy Youssef
Application security is often practiced as a separate function in software development. Builders and defenders both approach the craft with the intention of quality. Security does not need to announce it is different. It can merge and disappear in the process, becoming merely another plugin. Ingy will share her vision of application security that is continuous, embedded, frictionless and can inspire teams to achieve the quality they demand while delivering at speed.
2020 Training Day
2020 Community Forum
2020 Cybersecurity Days Welcome Video
Frequently Asked Questions and Answers
Does attendance at 2021 Cybersecurity Days Technical Forum satisfy IT7.10.1 secure coding training and/or IT7.10.2 advanced secure coding training requirements?
No. Due to newly published IT7.10.1-2 language changes, Cybersecurity Days 2021 Technical Forum does not satisfy these requirements. Developers and Security Coordinators are encouraged to visit https://it.osu.edu/offerings/it-academy where they can find cost-free resources to support this need. We also welcome questions and comments about this change at firstname.lastname@example.org.
Does attendance at 2021 Cybersecurity Days Technical Forum satisfy IT16.1.1 information security awareness and IT16.2.2 role-based information security training requirements?
Yes! Attendance at 2021 Cybersecurity Days Technical Forum and Community Forum satisfies these requirements. We also welcome questions and comments about these requirements at email@example.com.
Check out photos from 2019 Cybersecurity Days hosted at the Ohio Union on Ohio State's Columbus campus.