Name: Using the Cyber Table Top (CTT) Process to Perform a Cyber Risk Assessment
Start: 2021-11-03T18:00:00Z
End: 2021-11-03T18:01:00.000Z
Location: BrightTALK
Rating: 5

Women in CyberSecurity (WiCyS) is a community where the recruitment, retention and advancement of women in cybersecurity doesn’t just happen—it's actively supported and celebrated. Join our channel to connect with industry leaders, gain valuable insights and elevate your career through our network of industry professionals and technical mentors dedicated to building a robust cybersecurity workforce.



Join us for an in-depth look at the WiCyS GRC - Governance, Risk & Compliance program, a 14-week intensive training for early to mid-career women professionals in cybersecurity. This program uses the NIST Risk Management Framework (RMF) to teach the fundamentals of GRC, covering policy writing, control implementation, evidence gathering, and risk identification. The course will show you how a strong GRC program serves as the essential foundation for an effective cybersecurity strategy and helps enhance an organization’s overall maturity.

The program is highly practical, including hands-on experience with Compyl, a SaaS GRC solution, to allow students to apply what they learn immediately. By the end of the course, you will be equipped to write policies, draft control statements, clearly articulate risks and their impacts, and deliver a final presentation on an organization's security posture, demonstrating a comprehensive understanding of aligning cybersecurity with business objectives.

WiCyS GRC Intensive Training Program Webinar

This WiCyS webinar will dive into UNC3944, also famously known as Scattered Spider has earned a reputation for aggressive social engineering, SIM swapping and identity based intrusions and their web footprints stretches deep into cloud environments. They have been known to exploit Azure AD, Microsoft 365 and other identity platforms to escalate privileges, maintain persistence and laterally move up without detection. 

In this session, Varsha will unravel the tactics, techniques and procedures (TTPs) UNC3944 uses to compromise and abuse cloud platforms. Either as a beginner or mid-career professional interested in threat hunting, we'll talk through how to prepare a threat hunt methodology and hunt for their activity by correlating Azure AD sign-in data, M365 Unified Audit Logs, OAuth app grants and endpoint telemetry based off of open source threat intelligence data.

--

WiCyS is proud to provide members the opportunity to earn CPE/CEU credits for attending WiCyS Webinars live.

To earn CPE/CEU credits with the following providers, you must meet the minimum requirements:
- GIAC/(ISC)2: attend for a minimum of 45 minutes or the entirety of the webinar
- CompTIA: attend for a minimum of 60 minutes or the entirety of the webinar (webinar topic must relate to the certificate being renewed)

Attendees who meet the requirements can log into BrightTALK to print out their attendance certificates to submit for CPE/CEU credits.

Spider in the Web: UNC3944 in your Cloud Identity Fabric

Join the WiCyS Educational and Training Affiliate for an informative webinar on how and why to facilitate a training at DefCon. Learn the career growth opportunities that on-site training can offer and how to best showcase your expertise to the DefCon community. This session will be joined by SeeYew Mo, Director of Training for DefCon training, and will equip attendees with the knowledge on how to develop this new skill, DefCon’s training pay structure, and the submission process. Lynn Dohm, WiCyS executive director, will moderate the session.

Elevate your Career through paid DefCon Training Opportunities

Join us for an informational webinar on the WiCyS Talent Assessment Powered by skillrex! Presented by Dr. Sasha Vanterpool, Sr. Cyber Workforce Consultant, this session will take place on Wednesday, December 17th at 1:00 PM CT. Learn how this collaborative, research-based assessment—open to members from December 1–31, 2025—is designed to better understand the background, skills, and professional development needs of WiCyS members. This is not a test or certification exam, but a tool to identify current skill trends across the community. Completion takes approximately 60 minutes online (desktop/laptop recommended), and all responses are securely stored and anonymized. As a participant, you will receive a personal report detailing your performance on a knowledge-based quiz aligned with industry frameworks like NIST-NICE, helping you pinpoint specific areas of expertise and identify potential skill gaps.

The WiCyS Talent Pathway Powered by skillrex

High profile cases capture headlines, but behind the scenes are professionals whose preparation shapes the outcome. In this WiCyS webinar, Heather will share her path from teaching and training with SANS to applying those skills in a nationally recognized investigation. You will learn how research, practice, and professional discipline positioned me to contribute meaningfully and how you can take similar steps to prepare for your own career journey. If you are asking yourself what it takes to be ready for an opportunity of this scale, this session will give you insight and guidance.

WiCyS is proud to provide members the opportunity to earn CPE/CEU credits for attending WiCyS Webinars live.

To earn CPE/CEU credits with the following providers, you must meet the minimum requirements:
- GIAC/(ISC)2: attend for a minimum of 45 minutes or the entirety of the webinar
- CompTIA: attend for a minimum of 60 minutes or the entirety of the webinar (webinar topic must relate to the certificate being renewed)

Attendees who meet the requirements can log into BrightTALK to print out their attendance certificates to submit for CPE/CEU credits.

Beyond the Classroom: Turning Skills into Real-World Impact

Tired of making critical security decisions with a tangled mess of inconsistent, unnormalized risk data? This webinar with WiCyS Strategic Partner, Google, will be your practical playbook for taming that chaos. You'll learn how to harness LLMs to automate classification, transforming raw data into actionable insights to drive remediation. We'll share "in-the-trenches" tips on model selection

WiCyS is proud to provide members the opportunity to earn CPE/CEU credits for attending WiCyS Webinars live.
To earn CPE/CEU credits with the following providers, you must meet the minimum requirements:
- GIAC/(ISC)2: attend for a minimum of 45 minutes or the entirety of the webinar
- CompTIA: attend for a minimum of 60 minutes or the entirety of the webinar (webinar topic must relate to the certificate being renewed)
Attendees who meet the requirements can log into BrightTALK to print out their attendance certificates to submit for CPE/CEU credits.

Risk Classification with LLMs

Ready to boost your cybersecurity career? Start with networking—the essential cybersecurity skill!

In this introductory webinar, Bob Cunningham, a renowned Fortinet trainer, will provide a high-level explanation of next-generation firewalls. You will learn the importance of understanding technologies like: IP addressing, layer 4 protocols and ports, routing, switching, and other foundational technical concepts. This one-hour webinar will provide you with the introduction needed to further your education with the more in-depth training provided in the Fortinet Networking Bootcamp, which is kicking off for WiCyS members in 2026. The Fortinet Networking Bootcamp is free and is exclusive to WiCyS members! 

Not a member yet? Join today to unlock access to this incredible, career-boosting program.
https://www.wicys.org/benefits/

WiCyS is proud to provide members the opportunity to earn CPE/CEU credits for attending WiCyS Webinars live.
To earn CPE/CEU credits with the following providers, you must meet the minimum requirements:
- GIAC/(ISC)2: attend for a minimum of 45 minutes or the entirety of the webinar
- CompTIA: attend for a minimum of 60 minutes or the entirety of the webinar (webinar topic must relate to the certificate being renewed)
Attendees who meet the requirements can log into BrightTALK to print out their attendance certificates to submit for CPE/CEU credits.

Networking Fundamentals: Foundational Skills for Cybersecurity Success

As organizations increasingly deploy agentic AI systems, understanding and mitigating security threats is crucial to prevent vulnerabilities in autonomous operations. This webinar with WiCyS Strategic Partner, ServiceNow, on "Threat Modeling Agentic AI Systems" will provide a high-level overview of AI security, explore common threats and controls for agentic AI, and break down the 7-layer architecture of these advanced systems. Participants will learn the basics of threat modeling, examine the shortcomings of existing frameworks, and discover the innovative new MAESTRO Threat Modeling Framework designed specifically for agentic environments. Through practical insights and structured guidance, you'll gain tools to identify, assess, and address risks effectively. Whether you're new to AI security or enhancing enterprise defenses, this session equips you with actionable strategies to build resilient, secure agentic AI solutions.

WiCyS is proud to provide members the opportunity to earn CPE/CEU credits for attending WiCyS Webinars live.
To earn CPE/CEU credits with the following providers, you must meet the minimum requirements:
- GIAC/(ISC)2: attend for a minimum of 45 minutes or the entirety of the webinar
- CompTIA: attend for a minimum of 60 minutes or the entirety of the webinar (webinar topic must relate to the certificate being renewed)
Attendees who meet the requirements can log into BrightTALK to print out their attendance certificates to submit for CPE/CEU credits.

Threat Modeling Agentic AI Systems

The cybersecurity industry faces a critical talent shortage, yet countless individuals with high potential struggle to find their entry point. How can we bridge the gap between aptitude and opportunity?

Join WiCyS for this informational webinar introducing: The WiCyS Talent Pathway, Powered by CyberGen.IQ.

This initiative is designed to move beyond traditional resumes and interviews. It focuses on identifying the core cognitive aptitude for success in cybersecurity, providing a clear path for aspiring professionals to get assessed, matched, and connected with employers seeking their unique skills.

Tune in on Wednesday, November 12th, at 1:00 PM CT to hear from our featured speaker, Crystal Hartman, CEO of Haystack Solutions.

In this session, you will learn:

How the CyberGen.IQ assessment identifies your innate strengths for specific cyber roles (like digital forensics, penetration testing, risk analysis, and more).

How WiCyS members can leverage this pathway to connect with hiring partners.

How employers can partner with WiCyS to find and hire diverse, qualified talent based on proven potential, not just experience.

Whether you are a student, a professional looking to pivot into cyber, or an employer committed to building a diverse team, this webinar will provide the map to the future of cybersecurity talent. Register today!

WiCyS is proud to provide members the opportunity to earn CPE/CEU credits for attending WiCyS Webinars live.
To earn CPE/CEU credits with the following providers, you must meet the minimum requirements:
- GIAC/(ISC)2: attend for a minimum of 45 minutes or the entirety of the webinar
- CompTIA: attend for a minimum of 60 minutes or the entirety of the webinar (webinar topic must relate to the certificate being renewed)
Attendees who meet the requirements can log into BrightTALK to print out their attendance certificates to submit for CPE/CEU credits.

Unlock Your Cyber Potential: Introducing the WiCyS Talent Pathway

Starting your first job is equal parts exciting, confusing, and a little overwhelming. From the unexpected surprises on day one to figuring out which skills actually matter (hint: it’s not always the ones listed on your resume), the journey from “new hire” to confident contributor is full of lessons that no one really teaches you.

In this panel with WiCyS Strategic Partner, Bloomberg, we’ll dive into real stories and insider advice that professionals wish they had when starting out. We’ll talk about the skills that make the biggest difference, how to adapt quickly to a new organization, team and culture, as well as the roles that mentors, managers, and peers play in shaping your growth. Most importantly, we’ll unpack the unspoken rules of the workplace — those things you won’t find in an onboarding guide but which can define your career trajectory.

Whether you’re about to start your first role or already navigating early career challenges, this conversation will give you a candid, relatable look at what it really takes to thrive in today’s workplace.

WiCyS is proud to provide members the opportunity to earn CPE/CEU credits for attending WiCyS Webinars live.
To earn CPE/CEU credits with the following providers, you must meet the minimum requirements:
- GIAC/(ISC)2: attend for a minimum of 45 minutes or the entirety of the webinar
- CompTIA: attend for a minimum of 60 minutes or the entirety of the webinar (webinar topic must relate to the certificate being renewed)
Attendees who meet the requirements can log into BrightTALK to print out their attendance certificates to submit for CPE/CEU credits.

Dear Day One: Real Talk from First Jobs and Beyond

AI is accelerating both innovation and attacks. Security must keep pace—blocking threats, using AI for defense, enabling safe adoption, and staying compliant. This panel will share how LinkedIn InfoSec is meeting these challenges to secure AI development and usage. Join us to explore how women in cybersecurity are shaping AI security strategies that prevent attacks, uphold trust, and simplify secure development at scale.

WiCyS is proud to provide members the opportunity to earn CPE/CEU credits for attending WiCyS Webinars live.
To earn CPE/CEU credits with the following providers, you must meet the minimum requirements:
- GIAC/(ISC)2: attend for a minimum of 45 minutes or the entirety of the webinar
- CompTIA: attend for a minimum of 60 minutes or the entirety of the webinar (webinar topic must relate to the certificate being renewed)
Attendees who meet the requirements can log into BrightTALK to print out their attendance certificates to submit for CPE/CEU credits.

Securing AI: Keeping Promises, Blocking Threats & Building Smart

What really happens when a company faces a cyberattack? In this interactive webinar with WiCyS Strategic Partner SentinelOne, the audience will step into the middle of a fictional cyber crisis and take part in key decisions through live polls. Along the way, the presenters will bust common myths, share real-world insights, and highlight the teamwork and skills that go into handling these situations. Whether attendees are students, early talent, or professionals looking to transition into cybersecurity, they will gain a clearer picture of what incident response looks like and why people from all backgrounds have an important role to play.

WiCyS is proud to provide members the opportunity to earn CPE/CEU credits for attending WiCyS Webinars live.
To earn CPE/CEU credits with the following providers, you must meet the minimum requirements:
- GIAC/(ISC)2: attend for a minimum of 45 minutes or the entirety of the webinar
- CompTIA: attend for a minimum of 60 minutes or the entirety of the webinar (webinar topic must relate to the certificate being renewed)
Attendees who meet the requirements can log into BrightTALK to print out their attendance certificates to submit for CPE/CEU credits.

Inside a Cyber Crisis: An Interactive Experience

As organizations increasingly adopt agentic AI solutions, security considerations have become paramount in ensuring these autonomous systems operate safely at enterprise scale. This webinar with WiCyS Strategic Partner, Amazon, will explore comprehensive strategies for building, deploying, and securing AI agents on Amazon Web Services (AWS), leveraging the latest security frameworks and best practices tailored for cybersecurity professionals. With the introduction of Amazon Bedrock AgentCore and the open-source Strands Agents SDK, AWS has established new standards for secure AI agent deployment. This session will provide practical insights with a live demo on implementing robust security mechanisms while maintaining the operational efficiency that makes AI agents valuable for enterprise automation and decision-making. Whether you're building your first AI tool or scaling secure systems in production, this session will equip you with practical strategies for creating trustworthy, transparent, and secure AI.

WiCyS is proud to provide members the opportunity to earn CPE/CEU credits for attending WiCyS Webinars live.
To earn CPE/CEU credits with the following providers, you must meet the minimum requirements:
- GIAC/(ISC)2: attend for a minimum of 45 minutes or the entirety of the webinar
- CompTIA: attend for a minimum of 60 minutes or the entirety of the webinar (webinar topic must relate to the certificate being renewed)
Attendees who meet the requirements can log into BrightTALK to print out their attendance certificates to submit for CPE/CEU credits.

Building Secure AI Agents on AWS: Best Practices and Implementation

As artificial intelligence reshapes the cybersecurity landscape, organizations face unprecedented challenges in balancing innovation with responsibility. This comprehensive webinar with WiCyS Strategic Partner, ServiceNow, explores how AI is fundamentally transforming both cyber defense and attack strategies, while introducing critical questions about integrity, ethics, and decision-making authority in cybersecurity.

WiCyS is proud to provide members the opportunity to earn CPE/CEU credits for attending WiCyS Webinars live.
To earn CPE/CEU credits with the following providers, you must meet the minimum requirements:
- GIAC/(ISC)2: attend for a minimum of 45 minutes or the entirety of the webinar
- CompTIA: attend for a minimum of 60 minutes or the entirety of the webinar (webinar topic must relate to the certificate being renewed)
Attendees who meet the requirements can log into BrightTALK to print out their attendance certificates to submit for CPE/CEU credits.

AI & Cybersecurity: Risk, Integrity, and Enterprise Resilience

Ever wondered what really goes on behind the scenes in cyber threat intelligence? Threat intelligence is more than just data—it's the strategic lens through which defenders anticipate, understand, and counter adversarial behavior. This webinar with WiCyS Strategic Partner Adobe offers a sneak peek into the layered world of threat intel, where researchers decode attacker behavior, track malicious campaigns, and uncover geopolitical motivations. Attendees will dive into the multifaceted landscape of threat intelligence, from tactical indicators to strategic insights, exploring key domains like actor profiling, infrastructure tracking, and strategic reporting. Whether you're curious about the field or considering a career shift, this session will demystify how threat intelligence connects the dots to build a proactive defense strategy.

WiCyS is proud to provide members the opportunity to earn CPE/CEU credits for attending WiCyS Webinars live.
To earn CPE/CEU credits with the following providers, you must meet the minimum requirements:
- GIAC/(ISC)2: attend for a minimum of 45 minutes or the entirety of the webinar
- CompTIA: attend for a minimum of 60 minutes or the entirety of the webinar (webinar topic must relate to the certificate being renewed)
Attendees who meet the requirements can log into BrightTALK to print out their attendance certificates to submit for CPE/CEU credits.

A Glimpse into Threat Intelligence: Mapping the Hidden Domains of Cyber Defense

Join WiCyS Founder and Program Chair Dr. Ambareen Siraj for an exclusive webinar on the WiCyS 2026 Call for Presenters. Discover HOW and WHY to submit a proposal for the highly anticipated 2026 in-person and virtual WiCyS conferences. In this webinar, Dr. Siraj outlines the benefits of contributing to the WiCyS 2026 conference and guides you through the proposal submission process. The WiCyS 2026 Call For Participation offers a unique opportunity to actively engage with the cybersecurity community through speaking engagements, scholarships and awards. Submit multiple proposals across various categories and tracks to enhance the learning experience for all conference attendees. Whether it's a workshop, lightning talk, presentation, birds-of-a-feather session, panel or student research poster, we welcome contributions from both WiCyS members and non-members. Your involvement is key to fostering a diverse and inclusive environment that will inspire and empower the next generation of cybersecurity professionals.

Don't miss your chance to shape the future of cybersecurity—visit https://www.wicys.org/events/wicys-2026//call-for-presenter/ to submit your proposal today!

*Student attendance at WiCyS is by invitation only and can be secured in one of three ways. The most common method is through a scholarship invitation, with applications due by October 15, 2025 5:00 pm CT. Alternatively, a select group of 30 students will be invited if their poster submissions are accepted for presentation. Finally, a limited number of invitations are available to students from paid sponsoring schools, with the number of invitations determined by the school's sponsorship level.

WiCyS 2026 Call for Presenters Webinar

Detecting and responding to threats is a core function of cybersecurity, but it's more complex than it sounds. While buzzwords like Extended Detection & Response (XDR), Endpoint Detection & Response (EDR), and Network Detection & Response (NDR) are often discussed, understanding how to apply them to enrich investigations is key. Every environment has unique variables and goals, but they all share one common element: endpoints. Securing these devices, whether they're on-site or remote, starts with fundamental visibility.

This session will show you how EDR serves as the cornerstone for all detection and response methodologies. We'll start with an overview of various frameworks, focusing on both the endpoint and the network. Then, we'll dive into a real-world forensic investigation of a Remote Access Trojan (RAT) called SharpRhino. Using the MITRE ATT&CK® Framework, we'll demonstrate best practices for detection and response, including a look at the tactics, techniques, and procedures used in this exploit, along with recommended mitigations.

WiCyS is proud to provide members the opportunity to earn CPE/CEU credits for attending WiCyS Webinars live. To earn CPE/CEU credits with the following providers, you must meet the minimum requirements:
- GIAC/(ISC)2: attend for a minimum of 45 minutes or the entirety of the webinar
- CompTIA: attend for a minimum of 60 minutes or the entirety of the webinar (webinar topic must relate to the certificate being renewed)
Attendees who meet the requirements can log into BrightTALK to print out their attendance certificates to submit for CPE/CEU credits.

Beyond the Buzzwords: A Quick Dive into Endpoint Detection & Response Forensics

Have you ever wondered what it's like to be a Cybersecurity Sales Engineer? This unique and dynamic role is the perfect blend of technical expertise and interpersonal skills. Join us for an in-depth discussion with WiCyS Strategic Partner, SentinelOne, where we'll explore what it takes to succeed in this exciting field.

In this webinar, you will discover:

What a Sales Engineer (SE) is and the critical role they play in the cybersecurity industry.
The typical career growth path and earning potential for an SE.
How to combine your technical knowledge with strong communication and social skills to create a successful career.
The webinar will conclude with an interactive Q&A session featuring experienced Sales Engineers at different stages of their careers, ready to answer your questions.

WiCyS is proud to provide members the opportunity to earn CPE/CEU credits for attending WiCyS Webinars live. To earn CPE/CEU credits with the following providers, you must meet the minimum requirements:
- GIAC/(ISC)2: attend for a minimum of 45 minutes or the entirety of the webinar
- CompTIA: attend for a minimum of 60 minutes or the entirety of the webinar (webinar topic must relate to the certificate being renewed)
Attendees who meet the requirements can log into BrightTALK to print out their attendance certificates to submit for CPE/CEU credits.

The Career I Never Knew I Wanted

The Cyber Table Top (CTT) process was developed in 2014 to support DoD customers who were overwhelmed by the sheer number of findings produced by traditional cybersecurity scanning tools and checklist processes. These tools and processes identify a very large number of possible vulnerabilities for a system but didn’t provide context for which vulnerabilities might truly lead to potential mission failure. Since budgets are limited, customers need methods of focusing on the most critical vulnerabilities which present the highest risk to their systems. The CTT process is focused on producing actionable cyber vulnerability data in an approachable risk matrix format to enable teams to focus resources. CTTs bring together system developers and maintainers, system users, and expert red teams to execute a multi-day wargame that focuses on the security evaluation of threats that would deny, degrade, disrupt or destroy a system and prohibit users from accomplishing their core mission. By assessing the potential mission impact of vulnerabilities as well as their likelihood/difficulty it provides a way to understand the relative risks of various vulnerabilities and focus the remediation efforts. The CTT process has been used to support DoD system cyber security evaluations in various lifecycle stages from design through long-term maintenance. It has been used to identify and mitigate threats that later were witnessed “in the wild” and caused significant negative impacts to other systems. It has become so popular that an official DoD Guidebook and training course was developed in 2018.

Using the Cyber Table Top (CTT) Process to Perform a Cyber Risk Assessment

Presented by

About this talk

WiCyS - Women in CyberSecurity