2025 UEN Tech Summit

The ever-increasing scrutiny placed on areas of Cyber security and Data Privacy have served to highlight a growing tension between end users and those responsible for ensuring an organization’s data and security compliance. How do we, as IT professionals bridge the yawning chasm between end user goals/desires and effective security/privacy? IT professionals are not known for the so-called “soft skills” and often seem to speak an entirely different language. Is there a better way to approach these conversations? Is there a way to entice end users in various roles to also be part of the solution? We often hear about the importance of effective communication, but we need to go beyond that. We must find ways to encourage end user “buy-in” through collaboration and a willingness to explore alternatives. We need to become the Teddy Bear.

This workshop will take you through multiple ways in which hackers are able to compromise your systems. See real world Utah specific examples.

Become an ethical hacker to test your system resiliency. This live workshop will take participants through a series of tools that hackers use to compromise systems.

Learn about the new requirements for privacy compliance from the 2024 legislative session. 
What are the main requirements for K-12 education?
What are the new data breach reporting and notification requirements? 
What resources will we be providing to support you in accomplishing your goals?

In today's ever-expanding digital landscape, securing access to critical resources is paramount. Identity and Access Management (IAM) systems are the guardians at the gate, but even the most vigilant warriors face challenges. This presentation delves into the common struggles of IAM implementation.

In today's ever-expanding digital landscape, securing access to critical resources is paramount. Identity and Access Management (IAM) systems are the guardians at the gate, but even the most vigilant warriors face challenges. This presentation delves into the common struggles of IAM implementation, including: Balancing User Convenience with Robust Security: Simplifying logins can create vulnerabilities, while stricter controls can frustrate users. We'll explore strategies to strike a healthy balance. The Ever-Evolving Threat Landscape: New hacking techniques and insider threats require constant adaptation of IAM protocols. Discover methods to stay ahead of the curve. Application Sprawl and Siloed Systems: A complex IT environment with disparate applications makes centralized IAM a challenge. Learn how to integrate and streamline access management. The Human Factor: User Education and Compliance: Even the best IAM system hinges on user awareness. We'll discuss strategies for promoting responsible access practices. By acknowledging these struggles and exploring effective solutions, organizations can build a more robust and resilient IAM framework. This presentation equips you with the knowledge to navigate the complexities of IAM and unlock its full potential for a more secure digital future.

A communication professional's perspective regarding security incidents is on "what to say" as IT.

The vision for this is to start as an "interview" presentation where David, the security person, asks these questions of Sandra, the Communications Director, so she can answer them from the communications perspective. It would then transition into a more traditional presentation where she and I present some case studies about how other organizations have handled these types of incidents and what we can learn & What information is most critical to communicate? What level of detail is necessary / what do you really want to know? Why is it such a "big deal" legally to use the actual words to describe what was happening? What would happen if you let IT write the notification? Explain how word choice can impact public perception. Distinguish between terms like "breach," "incident," and "event." Discuss the importance of clear, concise, and accurate language

If you do not know what any of this means, and you manage domain names and email, you should come to this and learn.

Unlock the power of email authentication with DMARC, DKIM, and SPF. Learn to safeguard your organization from phishing and spoofing attacks while boosting email deliverability and trustworthiness.

In today's digital landscape, email remains a primary communication channel, making it a prime target for cyber threats like phishing and spoofing. This abstract explores the pivotal role of DMARC, DKIM, and SPF in fortifying email security. By authenticating senders, preventing unauthorized access, and enhancing email deliverability, these protocols serve as indispensable tools in safeguarding organizations against evolving cyber risks.
* We will go over the CIS Controls that these records fall under
* SPF, DKIM, and DMARC records and what they do for us
* Web Tools that help create and verify these records
* DMARC Reports and how to analyze them.

If you have access to your DNS records for your organization, that will be beneficial for this session.

Presented by a former CISO and CrowdStrike Executive Strategist, we will deliver a threat briefing that discusses the most recent intelligence around adversaries targeting the education community.This is not a sales presentation but will focus on industry-wide observations and trends from the 2024 CrowdStrike Global Threat Report.

Presented by a former CISO and CrowdStrike Executive Strategist, this presentation will focus on sharing current adversary intelligence best practices to stay ahead of modern attacks. When we know our adversaries and how they attack, we can more proactively address areas of our security program that quickly strengthen our security posture and reduce risk. This is not a sales presentation or focus on the CrowdStrike platform--it is a threat briefing based on the recently released Global Threat Report from CrowdStrike. 2024 CrowdsStrike Global Threat Report: https://www.crowdstrike.com/global-threat-report/?utm_medium=ref&utm_source=zmtg&utm_campaign=zoom-post-meeting-webpage