June 13, 2018 Chapter Meeting – Sustain Yourself!

Sustain Yourself! – and vote for 2018/19 ISSA Portland Board 

When: June 13,2018 from 11:30 AM to 1:00 PM  (Lunch will be provided…)

Where: Columbia Square Bldg., 111 SW Columbia, 8th floor conference room – Portland, OR 97201

Vote: June is our last meeting of the presentation year. We use this meeting to vote in the next year’s board. If you are interested in participating, let the current board know and we will put your name on the ballot. Please come and vote in our new board!

Please register using the calendar widget at right.

Abstract: 

Using neuroscience and biology along with a sense of humor, in this talk Robin shares the four necessary components required to sustain accurate discernment, vibrant energy and focused resilience, essential to sustain professionals working in stressful situations or work environments.
Learn what you can do to have a remarkedly better day. Not only to maintain career satisfaction, be exceptional professionals, but also to enhance your health and sense of humor, on the job and at home.
Come away with ah-has, skills and insights that you will repeatedly use and want to pass on to others.

About the Speaker:

Robin Rose is an accomplished trainer, speaker and consultant with over thirty years’ experience. With a background in counseling and education, she translates the latest developments in brain-based research into practical, learnable skills. Robin’s expertise is in teaching people how to stay calm, professional, and effective, especially during high-stress, high-pressure situations. She delivers information, training, and tools that help you understand how your brain works, how to think clearly, and how to communicate effectively. People leave her trainings with new skills and renewed energy!

Robin has an uncommon ability to make it safe for individuals and groups to learn new ways to work together, build trust, and move forward. She holds a Master’s degree in Counseling Psychology from Lewis & Clark College. After fifteen years as college faculty, she formed her own company and moved into the public, government agency, non-profit, and business sectors.
Her latest book, Shifting Gears: A Brain Based Approach to Engaging Your Best Self, has been field tested on over 100,000 people and is packed with tools for clear thinking, improved relationships, and renewed enthusiasm for life. Robin has trained thousands of professionals who wanted to learn how their brain works, so they could think, act, and communicate at their highest proficiency.

To see Robin in action (video), please go to: http://www.robinrose.com

Posted in Uncategorized | Comments Off on June 13, 2018 Chapter Meeting – Sustain Yourself!

May 17, 2018 Chapter Meeting – Cyber Deception

Cyber Deception – Legacy Challenges and New Techniques to Supplement Your Cyber Defenses

When: May 17,2018 from 11:30 AM to 1:00 PM  (Lunch will be provided…)

Where: Formaltech, 421 SW 6th Avenue, Suite 950 – Portland, OR 97204

Please register using the calendar widget at right.

Abstract: 

Speakers will discuss all things cyber deception including why legacy and high interaction honeypots don’t scale, are expensive and add attack surface, what technologies organizations can implement for host, protocol and Active Directory deception, as well as how to best integrate those technologies into existing cyber defenses.

 About the Speakers:

 Charlie Kawasaki, CISSP, VP of Business Development, Formaltech

Charlie has over 35 years of experience working in technology, primarily in venture-backed start-ups, early stage and spin-out companies innovating in the cybersecurity, software, and network industries. He currently serves as the VP of Business Development at Formaltech, CTO for PacStar, and Entrepreneur in Resident at Galois. Charlie is highly involved in the local technology community by serving as a Board Member of Technology Association of Oregon, Co-chair of TAO Cyber Lab, Vice-chair of Oregon Cybersecurity Advisory Council, and Founder and Manager of NW Cyber Camp.

Clayton Fields, Vice President, Javelin Networks

As a security specialist, Clayton has helped clients improve security programs across the world. A thorough understanding of business drivers coupled with the ability to diagnose risk has allowed Clayton to help companies avoid being a headline. Also with this unique skill set, Clayton has helped executives understand the breakdown that exists between the business executives and cybersecurity professionals regarding risk assignment and prioritization that has caused so many newsworthy events. Experiences with incident response and threat hunting have also allowed Clayton to help companies choose unique solutions to mitigate risk.

Posted in Announcements, Chapter Meetings, Events | Comments Off on May 17, 2018 Chapter Meeting – Cyber Deception

April 12 Symposium – Safeguarding Your Critical Unstructured Data

Come join us at our upcoming 4 hour symposium (4 CPE credits)

When: Thursday, April 12 8:30 am – 1:30 pm (Lunch will be provided)

Location: Nike Victory (EDO), 15475 SW Koll Parkway, Beaverton OR 97006

Register by clicking on the date on the calendar widget.

Session 1 (9:00-9:45): Harden Your Unstructured Data at Scale via Classification, Redaction, Encryption, and Reporting

Abstract:  Estimates state that 80% of all data is unstructured.  It lives in documents, spreadsheets, images, and other types of files.  Inappropriate access to those files can lead to a loss of intellectual property, system crashes, and even lost application functionality. Unfortunately, we have to understand the files themselves before we can properly secure them.  This is particularly challenging at the scale and speed of modern business.  Thankfully, solutions exist to help with this.  Come learn how to:

  • Discover what data is living in your files
  • Easily determine file ownership and entitlements
  • Restrict access to critical files
  • Redact, and even encrypt, sensitive content

About the Speaker: Leo Duncan is the Analytics Practice Lead at Nordisk Systems.  Leo Duncan specializes in the intersection between analytics and information security.  He has been securing analytic platforms and their underlying content for well over a decade.  In addition to years of platform administration experience, his accomplishments also include the design, construction, and deployment of a novel security control for use with a leading relational database management system.

Session 2 (9:45-10:30): Data Loss Prevention by evaluating and addressing risk.

Abstract: Data Protection is an important consideration for all companies.  Why is Data Loss Prevention needed and how does it impact various departments like compliance and legal?  Who is after your data and why?  We will cover myths that are associated with it and how to separate myth and legend from fact.  Lastly, we will discuss how you can create a data-centric framework for your business with respect to Data Protection.

About the Speaker:  John Loya is currently the Director of Sales Engineering with Digital Guardian, providing clients with Threat Aware Data Protection solutions. John has been with Digital Guardian for 5 years. Prior to Digital Guardian, John was with McAfee for 9 years in a combination of sales and engineering positions and with Siemens for 9 years as a software developer.  John is based out of Orange County, California.

Break 10:30-10:45

Session 3 (10:45-11:30) UEBA & Insider Threat: Comprehensive Architecture for a Zero Perimeter World

Abstract: Today’s security breaches are rooted in people-based vulnerabilities.  A key set of tools are required to protect your valuable data from accidental, compromised and malicious users.  Visibility and context are key components of an enterprise level security program.  By focusing on peoples’ interactions with data, Insider Threat programs prevent behavioral-based data loss and exposes other insider threats that present risk to critical systems, such as fraudulent transactions or cyber sabotage.  Combine these tools with UEBA to deliver rich analytics and visibility into a multitude of 3rd Party channels to reduce enterprise risk in an era where threats have surpassed the perimeter.  Review large data sets and reduce risk to your organization.

About the Speaker:  Ben Bailey is a Solutions Architect based in the Pacific Northwest with Forcepoint, a Raytheon company.  An industry leader in delivering advanced analytics and security solutions to the broader market and key contributor to the development of best in class security tools to prevent sensitive data exfiltration.  Mr. Bailey has been actively engaged in the architectural design, deployment and implementation of DLP, CASB, UEBA and Insider Threat programs with large enterprise organizations.  His background is in data protection and business continuity.  Mr. Bailey has served in this capacity for 10 years working with key manufacturers and service providers in the security space.

Session 4: (11:30-12:15) Building data-centric security in a world without borders and full of uncontrollable endpoints.

Abstract: Learn how to gain control over sensitive unstructured information even when it travels beyond sanctioned on-premise cloud services using encryption, global monitoring and dynamic data control across any platform or device.

About the Speaker: Bert Grantges is the VP of Solutions Engineering at Vera. Bert is passionate about applications in the mobile space and data security. His key interests are in business development, strategic relations and architecture for internet and mobile based companies. He frequently speaks on topics mostly centering on threat landscapes and technology. Bert specializes in enterprise technology, software architecture design and development, program management and product management.

Lunch Break (12:15 – 12:30) followed by: 

Panel Discussion (12:30 – 1:30)  Moderated by ISSA Board members.

Posted in Past Presentations | Comments Off on April 12 Symposium – Safeguarding Your Critical Unstructured Data

March 2018 Chapter Meeting

Come Join us for our upcoming Lunch Meeting:

Securing AWS Infrastructure

Presented by Derek Hill, MBA, CISSP

Where: 111 SW Columbia St., Portland, OR 97201 (8th Floor)

When: March 15th from 11:30 am to 1:15 pm (Come early we plan to start at 11:45)

The presentation slide deck can be found here:

https://github.com/derekhillhp/AWS-Security-Class/blob/master/Securing%20your%20AWS%20infrastructure-Final-ISSA.pdf

Speaker Bio:

Derek Hill has over 25 years of experience in IT and Information Security. He currently manages an Application Security Team and an Infrastructure Security Team (Blue Team) at HP Inc. in Vancouver, WA. His teams are responsible for ensuring that HP’s internally developed applications are secure as well as the AWS infrastructure that is hosting these applications  Prior to his current position, Derek held IT management and technical roles at both large and small companies.  In each role, he has focused on delivering excellent services, uptime and security for all the projects/staff he managed.

Derek holds an MBA from Willamette University and an undergraduate degree in Management Information Systems from Oregon State University. He has various security credentials including a CISSP and multiple GIAC certifications. Derek is also a member of our chapter.

Abstract:

Are you looking to move your infrastructure into the cloud, but are worried about how to secure it? Are you ready to let go of all of your physical infrastructure? You are not alone in this journey. The cloud does not have to be this scary unknown black hole. Sure, things are certainly different and not everything that you used to do in your own infrastructure is easily repeatable in the cloud; however, there are many benefits. Thing are different, but many things are the same. We will discuss how to secure your cloud environment using both AWS tools and third party tools, including some custom applications that allow you to see what you have and how you need to secure it. We are successfully managing over 120 AWS accounts with approximately 3000 instances and many other AWS services. We hope that you can take away some ideas on how to solve some of your current security problems and gain the confidence that security in the cloud can be achieved.

Posted in Past Presentations | Comments Off on March 2018 Chapter Meeting

Sticky: Winter 2018 Training update

Welcome to 2018. I can see the days getting longer and I am enjoying the sun while it lasts, here in mid-February. I completed my coursework, obtaining my GIAC GCIH in January. That gave me time to build a new-to-me bicycle and tinker on my old Land Cruiser a bit. Those are my other hobbies.

CISSP

  • James and my CISSP course this past Fall was a great success! Our community now has more certified professionals.
  • The official ISC2 CISSP study guide is provided to ISSA members at a 50% discount! This is the book we use in the course and the official ISC2 study guide. Contact Ashley Edwards at Wiley to receive the discounted price: aedwards@wiley.com. Promo Code: CSP50

College Programs

  • In previous messages I have touted Mt. Hood Community College’s (MHCC) 2-year program in Information Security. The only Oregon 2-year. cybersecurity program recognized by Department of Homeland Security (DHS). Now other local schools are getting into the game.
  • PCC is actively pursuing their DHS 2-year Certification, look for more information coming in their Fall offerings.
  • Oregon Information Technology (OIT) is also pursuing their DHS Certification, but for their 4-year program! OIT collaborates with MHCC already and will with PCC as well to provide a 2+2 cybersecurity program, or OIT will provide all 4 years for students.

These schools obtaining certified cybersecurity programs exemplify the need our industry has for more trained professionals.

Local Trainers and Conferences

  • SANS has a Security Essentials Bootcamp coming in June. I am teaching the course. This is SEC401: https://www.sans.org/community/event/sec401-portland-jun-2018. This is a 6-day intensive, hands-on Information Security course. Come join me.
  • Last year, Charlie Kawasaki and his daughter provided a summer camp for high school students focused on Information Security. The name changed to NW Cyber Camp, but they are coming back this year again: https://www.nwcyber.camp. Check them out and spread the word please.
  • The Portland OWASP chapter is working on their annual training day. This happens in early October. If you are interested in participating as a trainer or sponsor, please let me know and I will get you in touch with the OWASP Leadership team.
  • Interface Portland 2018 is coming next month: https://f2fevents.com/event/pdx18/. Every year there are some good nuggets at this local conference. If you attend, please come say hello to the board at the ISSA booth.

Opportunities to help

  • ISSA Portland is always looking for good presentations for our membership. You may be doing something amazing, novel, or interesting that others want to hear about. This is a growth potential for you and a learning opportunity for the rest of the membership. Let me know if you are interested in sharing.
  • We are 1/2 way through our program year. We are looking for next-year’s leaders. Let me know if you are interested! You have a lot to offer.
  • Opportunity to teach. Each year, James and I have provided a local CISSP course. If you are interested in helping with that effort, let us know. Having a pool of instructors will benefit our membership and provide you with a career building opportunity.
  • Mentorship. ISSA has a mentorship program. It needs local leaders to help organize. Having a mentor helps us to learn how to get to the next level, how to improve professionally and how to give back to our community. If you are interested in mentorship, either as a mentor or a mentee, let me know and we will work to get the program working locally.

Happy 2018! Stay warm and I look forward to seeing you at the next event!

Posted in Events, Training | Comments Off on Sticky: Winter 2018 Training update

February 14 Chapter Meeting – Cyber Threats: Oregon

From: 11:30 am to 1:00 pm

Where: Columbia Square (8th Floor), 111 SW Columbia Street, Portland, OR 97201

Speaker Bio:

George Chamberlain, FBI Special Agent Cybersecurity Task Force

Supervisory Special Agent (SSA) George Chamberlin leads the Cyber Program and the Oregon Cyber Task Force for the Federal Bureau of Investigation (FBI), Portland Field Office.  He investigated transnational organized crime for the FBI from 1999-2005 and has investigated criminal computer intrusions and cyber national security matters since 2006.  SSA Chamberlin served as a Cyber Terrorism Threat Manager at the National Cyber Investigative Joint Task Force (NCIJTF) in Washington DC and recently returned from a three-year overseas assignment in Asia where he worked joint investigations with international law enforcement partners.

Abstract:

The FBI Cyber Program in Oregon investigates network intrusions, data theft, denial of service, insider threats and other cybercrimes.  FBI cyber agents and task force officers are experienced in cyber incident response, the collection and preservation of digital evidence, network forensics and sharing of threat intelligence.  This presentation will cover recent cyber incidents in Oregon, current threat trends, common vulnerabilities and efforts by law enforcement to increase cybersecurity awareness and data protection.

Posted in Announcements, Chapter Meetings, Events | Comments Off on February 14 Chapter Meeting – Cyber Threats: Oregon

November – BeyondCorp & Zero Trust Networking

Come Join us for our November Lunch Meeting:

Zero-Trust Networking & A New Approach to Enterprise Security

From: 11:30 am to 1:00 pm

Speaker Bio:

Ivan Dwyer, ScaleFT

Abstract:

BeyondCorp is a Zero Trust security framework modeled by Google that shifts access controls from the perimeter to individual devices and users. The end result allows employees to work securely from any location without the need for a traditional VPN.

Register on Eventbrite: https://www.eventbrite.com/e/issa-portland-november-beyondcorp-zero-trust-networking-tickets-39132108189

Posted in Uncategorized | Comments Off on November – BeyondCorp & Zero Trust Networking

October 2017 – Social Engineering recap

The October meeting hosted Christopher Paidhrin talking about Social Engineering. This talk was well attended and covered the theory behind the human element and how to improve employee engagement to combat social engineering.

Check out the slides here: Social Engineering_v3

Posted in Uncategorized | Comments Off on October 2017 – Social Engineering recap

Training Options – Fall 2017

School has started again and with that, our ISSA year begins with a great talk about hacking a hackathon, next week. If you haven’t signed up for that, I highly encourage you to do so. With fall around the corner, that also means James and my CISSP preparation course at PCC starts soon, so get signed up for that. There are many other items coming up and hopefully I can touch on those here.

  • Of course, I have to mention our CISSP course at PCC. James and I successfully helped and guided a group through their CISSP study and passing the CISSP test! It was fun, challenging and informative. We provide this course for the local community, including the ISSA Portland Chapter. Anyone is welcome and the goal is to provide CISSP help at a reasonable cost. Please pass this along, the more people we have in the course, the more incentive James and I have to continue providing the content. The PCC class, CEU3654, is found here: https://www.pcc.edu/schedule/default.cfm?fa=dspCourse2&thisTerm=201704&crsCode=CEU3654&subjCode=CEU&crsNum=3654&topicCode=INTAX&subtopicCode=%20
  • If you are taking our CISSP course, or you want to study on your own, the official ISC2 CISSP study guide is provided to ISSA members at a 50% discount! This is the book we use in the course and the official ISC2 study guide. Contact Ashley Edwards at Wiley to receive the discounted price: aedwards@wiley.com. Promo Code: CSP50
  • OWASP Portland, our sister organization in the Portland area, is having their annual Training Day, October 4th! This year there are 6 tracks, a half-day each. Tickets go on sale 9/19 at 10AM, They will sell out fast! https://www.owasp.org/index.php/OWASP_Portland_2017_Training_Day
  • SANS has an upcoming SEC401: Security Essentials bootcamp coming to Portland in November. I am teaching this one! It will be awesome. Get signed up for this early. Get your organization to fund your attendance, touting you will save on travel expenses with a local course. https://www.sans.org/community/event/sec401-portland-nov-2017
  • Mt. Hood Community College has their 2-year programs around Information Security. Please check them out if you are interested in a program: https://www.mhcc.edu/CyberSecurity/
  • The Oregon Institute of Technology opened a campus in Wilsonville and provides 4-year IT programs. They are working on an Information Security curriculum. Kris Rosenberg is the Program Director and is one of the 6 instructors for the OWASP training day above! If you are looking for a 4-year program or know someone that might: http://www.oit.edu/academics/degrees/information-technology

Cheers

Posted in Training | Comments Off on Training Options – Fall 2017

September Lunch Meeting: Hacking a Hackathon

https://www.eventbrite.com/e/issa-portland-september-hacking-a-hackathon-tickets-36792255627

 

Date: September 14th, 2017
From: 11:30 am to 1:00 pm
Speakers: Alexei Kojenov & Alex Ivkin

Portland Building
1120 SW 5th Ave
Portland, OR 97204

Speaker Bio:
Alexei Kojenov is a Senior Application Security Engineer with years of prior software development experience. During his career with IBM, he gradually moved from writing code to breaking code. Since late 2016, Alexei has been working as a consultant at Aspect Security, helping businesses identify and fix vulnerabilities and design secure applications.

Alex Ivkin is a senior security architect with experience in a broad array of computer security domains, focusing on Identity and Access Governance (IAG/IAM), Application Security, Security Information and Event management (SIEM), Governance, Risk and Compliance (GRC). Throughout his consulting career Alex has worked with large and small organizations to help drive security initiatives and deploy various types of enterprise-class identity management and application security systems. Alex is an established and recognized security expert, a speaker at various industry conferences, holds numerous security certifications, including CISSP and CISM, two bachelor’s degrees and a master’s degree in computer science with a minor in psychology.

Abstract: Hacking a Hackathon
All modern software, but the most trivial one, relies on common libraries to perform routine work. Your software may be bastion of security, exhaustively tested and evaluated, but once a vulnerability is discovered in a library you depend on, all bets are off. These large and pervasive vulnerabilities quickly become popular targets, exploited by everybody from script kiddies, to professional hackers, to state actors. It is no surprise that the use of vulnerable libraries is included in the OWASP Top 10 list. The Australian Signals Directorate (ASD) lists patching operating systems and applications as two of their top four strategies to mitigate security incidents!

During a recent hacking game, we’ve identified and exploited a vulnerability not anticipated by the developers. One little crack in a widely used library gave us the footing we needed to construct an attack chain of remote code execution, file upload, data exfil, source code disassembly, and branching into a private network, all despite extremely high level of hardening on the target from unintended attacks. We’ll share with you how a safe and fun library exploitation can be in the confines of a hacking game, and how there are serious implications for your corporate applications where the stakes are much higher.

Have questions about ISSA Portland – September – Hacking a Hackathon? Contact ISSA Portland Chapter
Posted in Chapter Meetings, Events | Comments Off on September Lunch Meeting: Hacking a Hackathon