Cybersecurity Awareness Month 2021

October is Cybersecurity Awareness Month.  During October 2021, COT is offering several ways for state staff to engage in cybersecurity events. 

COT management is sponsoring four drawings for four $25 Amazon gift cards for cybersecurity event participants. Each entry in the events described below will result in one entry in the drawings.

As a bonus, this year all persons with the highest number of entries will be eligible for a drawing for one $50 Amazon gift card!

The challenge is for state staff to get as many entries as possible by participating in the following ways:

  • Gain one entry each time you participate in one of the virtual presentations listed below on this web page.
  • Gain one entry for replying to feedback requests sent to presentation participants after each sponsored session (
  • Gain one entry for each answer to the security quiz question emailed once a week throughout October 2021.  They will come from .  The entry counts whether your answer is correct or not.​
  • Gain one entry for each report of a phishing email during the month of October 2021 by using the Report Phish/ PhishAlarm button in Outlook or by sending the suspect email as an attachment to "COT Phishing Reporting" ( 
  • Gain one entry for providing a cybersecurity suggestion to in the month of October 2021.  



Mark your calendars to attend these informative cybersecurity sessions during the month of October 2021.  These presentations are available thanks to our vendor partners. 

Scheduling of sessions is still in process.  Check back to this page for the most current list of scheduled presentations and updated details.             


Broadcom presents "Selling the Brooklyn Bridge"

WHEN:  Tuesday, October 5th from 2:00 to 3:00 EST

Every seemingly brand new twist in the threat landscape is actually an evolution of what came before it.  This talk will trace a current threat back to its origins in the 1600s.  It will also teach you how to sell someone the Brooklyn Bridge and why this 100-year-old scam provides a lesson in preventing future cybercrime.

SPEAKER:  Kevin Haley, Senior Director

Kevin Haley is Senior Director in Symantec's Security Response group where he is responsible for ensuring the security content gathered from Symantec's Global Intelligence Network is actionable for its customers.  This includes educating customers on security issues and incorporating the security content into security solutions of Broadcom Software. 

To participate

Join WebEx meeting,     ID: 1452955036.     Password: CjHR9tuV368

 Join by phone:  (US toll) +1 215-305-7603 (access code:  1452955036 )
Join using SIP:



Elastic presents "Stacking the Deck in Your Favor"

WHEN:  Thursday, October 14th from 2:00 to 3:00 EST

In a cat vs mouse game of one upsmanship, we will go over how to stack the deck in our favor for security and overall IT monitoring.  Basics can go a long way.  Let's look at what we have to work with and use it to its fullest.

SPEAKER: Neil Desai, Principal Security Strategist

Neil Desai has over two decades of information security experience. In past roles, he built Security Operations Centers (SOCs) and architected defensible and monitorable infrastructures for Fortune 500 US financial institutions. Outside of work he was a part of 1@stPlace, winners of DEFCON's CTF in 2006 and 2007, and is a current member of C3X (

To participate

Joining infoJoin Zoom Meeting (ID: 93796154943, passcode: K2pYrIaG)

Join by phone
(US) +1 888-788-0099 (passcode: 56011271)

Join using SIP (passcode: 56011271)
Joining instructions


ProofPoint presents ““Becoming a Phish-Spotting Superstar”

WHEN:  Thursday, October 21st from 2:00 to 3:00 EST

Abstract: Over 99% of attacks are human-activated threats— meaning attackers are relying on each of you (end users) to take actions in favor of them. Join us as we show you the common tactics used that you can help spot for COT and reduce our people-centric risk. 

  Sara Pan, Senior Product Marketing Manager at Proofpoint

Bio: Sara has been a product strategist in the cybersecurity industry for more than 8 years. She has presented at industry events and webinars- topics spanning across endpoint security, data security, GDPR, and email security. Sara's on top of the new wave of email threats, such as business email compromise, account takeover, and supply chain risk. 

To participate:​

Join on your computer or mobile app   Click here to join the meeting,


Or call in (audio only)    +1 502-632-6289,  United States, Louisville   Phone Conference ID: 126118455#​



TrendMicro presents "Bug Bounties and Exploit Intelligence"

WHEN:  Wednesday, October 27th from 2:00 to 3:00 EST

Nearly every organization claims to do vulnerability research and threat intelligence, but what does that really mean? As the world's largest vendor agnostic bug bounty program, the Zero Day Initiative (ZDI) is uniquely positioned to understand the latest exploits and techniques. Various marketplaces exist for such security research, and the current gray and black markets can be as robust as their white market counterparts.  At each stage of this process, information about a vulnerability equates to a monetary value, and, depending on how this information is disseminated, that monetary value can drastically change. Like any open market, various factors can spur changes in supply and demand, and market actors can shape what types of research either becomes public – or finds its way into an active exploit.

This talk will also show how bug reports submitted to the program allowed the ZDI to effectively crowd-source vulnerability intelligence by showing industry trends and state-of-the-art exploitation methodologies. It will include case studies on how these reports have influenced the broader ecosystem.  Understanding the source of threat intelligence and the exploit economy are vital for getting proactive with your network defenses rather than merely reacting to threats.

SPEAKER:  Dustin Childs

Dustin C. Childs is a part of Trend Micro's Zero Day Initiative (ZDI), which is the world's largest vendor agnostic bug bounty program. Dustin began his IT security journey in the late 1990's at the Air Force Information Warfare Center. He then transitioned from active duty to defense contractor. Following this role, Mr. Childs worked in the Microsoft Trustworthy Computing group, where he served as a case manager in the Microsoft Security Response Center (MSRC) with a focus on addressing vulnerabilities in the Windows operating system and in Microsoft's developer tools. In his current role, Mr. Childs creates, implements, and oversees communications programs, both internal and external, that promote the work of ZDI and its researchers.

To participate:  TBD

This page was last modified 10/20/2021 2:45 PM






Please contact:
Commonwealth Office of Technology
Office of the CISO
Security Administration Branch
500 Mero Street
Frankfort, KY 40601