June 18, 2020 — In this talk, we’ll look at the real differences between HTTP and HTTPS traffic to illustrate just how much data is made visible on an unencrypted connection. We’ll examine real-world examples of ISPs manipulating the HTTP traffic of their users, and why it would have been impossible over HTTPS. Lastly, we’ll go over the resources available for implementing TLS on your sites, most likely for free.”
December 31, 2019 — We all take shortcuts sometimes. Whether you were swamped with client work and a corner had to be cut, or you’re stretched so thinly trying to wear every hat that something fell through the cracks, we’ve all encountered mistakes we made ourselves. While they’re mostly all forgivable, it becomes a bit of a different issue when a mistake leads to a security concern. In this talk we’ll look at three common security mistakes made by WordPress site owners every day, why they get made in the first place, and how to resolve them.
December 19, 2019 — Malicious activity is an unfortunate reality when maintaining a web presence today. Most people involved in the web industry know someone who encountered the aftermath of a disruptive attack–if they haven’t themselves. Because of this, awareness of security best practices is at an all-time high. To many, though, it may not be clear exactly why these measures are important.
To remedy that, we’ll be taking a practical look at what’s actually happening when a website gets attacked, as well as discussing the hows and whys along the way. From understanding why small sites still get hacked, to why password reuse is really as bad as everyone says, we’ll explore the rationale behind the security principles you’re always being told to follow.
November 4, 2019 — A panel discussion with members of the WordPress community exploring ethical issues that can arise when working with clients, with each other, and within the WordPress community at large.
June 26, 2019 — April 6, 2019, 10 am Horseshoe Ranch Room, University Center, College of the Canyons —
WordPress business owners have a lot to lose in the event of a successful cyberattack, and security awareness is at an all-time high as companies work to improve their security posture before the worst can happen. This is a good thing, of course, since an ounce of prevention is worth a pound of cure.
However, many of those same companies don’t have a solid plan of action for when the worst does happen. A lack of a plan in the wake of an attack will delay response, increase downtime, and ultimately cost more money.
In this talk, Mikey Veenstra will discuss the elements of incident response planning that many business owners fail to address. Whether your business needs a full manual of contingency plans or just a folder with some phone numbers in it, you’ll leave ready to draw up a solid guideline to follow in the event that something goes wrong.