Chapter Meeting: The Business of Cybersecurity: Case study of a Ransomware Attack

Cybersecurity risk is business risk.  On a daily basis, we see headlines about a new cyberattack – casinos, consumer product and cyber companies, government, and even our school districts. Security executives and risk leaders must adapt how they manage and report cyber risk, especially as regulators begin to hold boards and the C-suite accountable. Developing and maintaining a holistic risk mitigation approach from a cybersecurity perspective is no longer optional. Learning how to define these risks in business terms and tying them to business objectives is paramount.  In this session, we will talk through a case study of a ransomware cyberattack from a business perspective.

When:

Thursday, October 12th, 2023 – 12:00PM – 1:30PM

Where:

This will be an in-person event.

Standard Insurance Building

900 SW Fifth Avenue, Portland, OR 97204

Lunch is included at the event.

CPE credits:

This event qualifies for CPE credit.

Sign-up link:

https://www.eventbrite.com/e/october-2023-business-of-cybersecurity-case-study-of-a-ransomware-attack-tickets-730436293617?aff=oddtdtcreator

Speaker:

Traci Esteve

As Co-Chair of Technology Association of Oregon’s Cyber Security Community and Director of IT Risk Information Security for The Standard in Portland, Oregon, Traci Esteve is committed to protecting the confidentiality, integrity, and availability of information and processing resources. She began her career as a developer and infrastructure engineer. This led to her rise to a premier technical architect at Accenture and to expanding the practice in Asia and Europe. Her journey includes staying home to raise her two sons and serving as an advisor to organizations to increase profitability, maximize customer value, and effectively meet regulatory requirements. She holds a BS in Applied Science, MBA certification from Miami University, and certifications in Cybersecurity Risk Management and Data Privacy from Harvard University. Traci enjoys cooking with her family, skiing, hiking, and encouraging high-school students to believe in themselves.

Posted in Uncategorized | Comments Off on Chapter Meeting: The Business of Cybersecurity: Case study of a Ransomware Attack

Chapter Meeting: CISO cyber worldview: “Threats, Challenges, Opportunities, and Future Vision”

Christopher Paidhrin, SISO for City of Portland, will share CISO priorities and perspectives on the realm of cybersecurity and will invite deep-dive conversations with membership on all topics of interest. Topics we may explore: Generative AI; cybersecurity priorities threat landscapes; quantum security; a world without passwords, and topics of concern to you. Please join your Portland ISSA peers for an engaging presentation and active dialog.

When:

Thursday, May 11th, 2023 – 12:00PM – 1:30PM

Where:

This will be an in-person event.

Standard Insurance Building

900 SW Fifth Avenue, Portland, OR 97204

Lunch is included at the event.

CPE credits:

This event qualifies for CPE credit.

Sign-up link:

https://www.eventbrite.com/e/may-2023-chapter-meeting-ciso-cyber-worldview-tickets-626362897287

Speakers:

Christopher Paidhrin

Christopher Paidhrin, is the Chief Information Security Officer for City of Portland, Oregon. For the past 21 years, Christopher has been a nationally recognized Information Security authority, having received recognition, nominations and awards for service excellence, including Network World, ISE, SC Magazine, Information Security magazine’s 2011 “Security 7” Award, and Oregon SIM CISO of the Year Award for 2021. Christopher is an advocate of IT Service Management (ITSM) best practices and process improvement, including learning organizations and knowledge management.

Posted in Announcements, Chapter Meetings, Events, News | Comments Off on Chapter Meeting: CISO cyber worldview: “Threats, Challenges, Opportunities, and Future Vision”

April 2023 Chapter Meeting: Cybersecurity for Shepherds- Securing your organization wherever your workforce isApril 2023 Chapter Meeting:

When:

Thursday, April 13th, 2023 – 11:30AM – 1:00PM

Where:

This will be an in-person event. A virtual attendance option will be provided.

The Standard building

900 SW 5th Ave, Portland, OR 97204

Lunch is included at the event.

CPE credits:

This event qualifies for CPE credit.

Sign-up link:

https://www.eventbrite.com/e/copy-of-april-2023-chapter-meeting-cybersecurity-for-shepherds-tickets-611544143997

Speakers:

Chris Nolke

Chris Nolke is the founder of Skycrane and is a business leader and CISO, delivering measurable cybersecurity and technology business outcomes for customers and stakeholders. Chris has a passion for energy decarbonization and transportation electrification, is a two-time NIKE Maxim Award winner, and loves to learn new things. Chris and his family consider motorsports the best group hobby.

Posted in Past Presentations | Comments Off on April 2023 Chapter Meeting: Cybersecurity for Shepherds- Securing your organization wherever your workforce isApril 2023 Chapter Meeting:

March 2023 Chapter Meeting: Getting Involved: Cybersecurity Workforce Development in OregonMarch 2023 Chapter Meeting:

With an enormous and growing gap between the number of unfilled cybersecurity roles and the number of trained specialists produced by our education system, the need for professionals to contribute within Oregon has never been greater.

Fortunately, Federal, State, EDU, and private sector focus on addressing this problem continues to increase in the form of funding, legislation and new program starts. In this presentation, speaker Charlie Kawasaki will cover some promising developments including Oregon House Bill 2049 establishing an Oregon Cybersecurity Center of Excellence and funding several cybersecurity workforce development programs at our Universities and Community Colleges. Charlie will present progress and updates on some of these programs, including multiple ways for information security professionals to get involved and make a difference.

When:

Thursday, March 9th, 2023 – 11:30AM – 1:00PM

Where:

This will be an in-person event. A virtual attendance option will be provided.

OEG

3200 NW Yeon Ave, Portland, OR 97210

Lunch is included at the event.

CPE credits:

This event qualifies for CPE credit.

Sign-up link:

https://www.eventbrite.com/e/march-2023-chapter-meeting-cybersecurity-workforce-development-in-oregon-tickets-565820764137

Speakers:

Charlie Kawasaki

Charlie Kawasaki, CISSP has over 40 years’ experience in software engineering, cybersecurity, network engineering, and AI. For 18 years, Charlie served as a technical leader and CTO for Oregon-based PacStar (now a unit of Curtiss-Wright Defense Solutions), engineering and manufacturing tactical military networking systems. Charlie currently advises early-stage technology companies in the cybersecurity and AI industry and is a venture partner with Oregon Venture Fund.

Charlie currently serves on the board of the Technology Association of Oregon (TAO), the OSU EECS industry advisory board and executive committee, and the Mount Hood Community College industry advisory council for cybersecurity. He is currently actively involved in developing the CyberClinic at OSU (fka ORTSOC). Charlie is founder and co-manager of NW Cyber Camp, a leading cybersecurity educational camp for high school students, currently operated in collaboration between OSU, PCC, MHCC, PSU and EnergySec.

Charlie began his involvement with the community in the early 1990s, joining the board of the Software Association of Oregon (a precursor to TAO) where he served for 9 years as board member, vice-chair, and chairperson. In 2019, he received the OSU EECS Industry Collaborator of the Year award. In 2021, he received the TAO Tech Champion award.

Posted in Past Presentations | Comments Off on March 2023 Chapter Meeting: Getting Involved: Cybersecurity Workforce Development in OregonMarch 2023 Chapter Meeting:

February 2023 Chapter Meeting: Cloud Security

What Does Cloud Security Even Mean? A survey of what cloud security should entail in 2023. Based on real-world events, we will compare and contrast cloud security and more traditional on-premise requirements and practices.

When:

Thursday, February 9th, 2022 – 12:00PM – 1:30PM

Where:

This will be an in-person event.

Standard Insurance Building

900 SW Fifth Avenue, Portland, OR 97204

Lunch is included at the event.

CPE credits:

This event qualifies for CPE credit.

Sign-up link:

https://www.eventbrite.com/e/february-2023-chapter-meeting-cloud-security-tickets-528471461367

Speakers:

Lindsey Smith

Lindsey Smith has more than three decades of experience with software development and deployment including being a developer, a product manager and solutions architect. Alternating between security and devops, he has most recently worked at Tripwire, Puppet and has been with the Prisma Cloud group at Palo Alto Networks for the past 3 years.

Posted in Past Presentations | Comments Off on February 2023 Chapter Meeting: Cloud Security

January 2023 Chapter Meeting: Securing a distributed network with ZTNA, SASE and a Cybersecurity Mesh Architecture

Securing a connected resources and a the different pieces of a distributed network can be challenging.  Explore advantages of using SASE and a  ZTNA architecture to provide secure access application based access over traditional VPN access most enterprises use today. Also examine how employing Gartner’s Cybersecurity Mesh Architecture can simplify Network and Security operations.

When:

Thursday, January12th, 2023 – 11:00AM to 1:00PM

Where:

The Courtyard

1231 North Archor Way

Portland, OR 97217

Columbia Room

Lunch is included at the event. Please select from the following when you purchase your ticket:

  • Ham Sandwich
  • Turkey Sandwich
  • Corned Beef Sandwich
  • Salad (chef’s choice)
  • Gluten free option (chef’s choice)

This event qualifies for CPE credit.

Sign up link:

https://www.eventbrite.com/e/january-2023-chapter-meeting-securing-a-distributed-network-tickets-488851145937

Speaker/Panelist Bio:

Garrick Yeehaw Chang has been working in Networking and Cybersecurity for over 20 years. He has a passion for application security spending this beginning of his career working on Application Delivery Controller and Web Application Firewall technologies.  As a system engineer at Fortinet for the last 7 years, Garrick has been working to help numerous organizations improve the  cybersecurity posture within their networks.  He also spends much of his time educating partners about new cybersecurity trends.

Posted in Past Presentations | Comments Off on January 2023 Chapter Meeting: Securing a distributed network with ZTNA, SASE and a Cybersecurity Mesh Architecture

November 2022 Chapter Meeting: Cyber Insurance – Tips, Tricks, and Traps

Due to popular demand, ISSA Portland’s November meeting will focus on cyber insurance. The program will include presentations covering, the insurance application, what you should know about the attestation survey, types of coverage, and services that are often included as part of your policy that might be able to save you money… as well as lots of time for your questions and discussion.

When:

Thursday, November 17th, 2022 – 11:30AM – 1:00PM

Where:

This will be an in-person event.

University Place Hotel & Conference Center*

310 SW Lincoln Street, Portland, Oregon 97201 – Astoria Room

There is plenty of parking on the Hotel Property @ $3.00 an hour or $13.00 daily. Public Transportation: MAX’s Lincoln Station is just outside the Hotel’s front door and the Downtown Street Car is less than 3 blocks away

* University Place Hotel is owned, operated, and located on the campus of Portland State University

Lunch is included at the event.

Roaster Turkey & Swiss

Black Forest Ham & Cheddar Cheese

Chef Choice Salad (GF)

CPE credits:

This event qualifies for CPE credit.

Sign up link:

https://www.eventbrite.com/e/november-2022-chapter-meeting-cyber-insurance-tips-tricks-and-traps-tickets-449852479877

Speakers:

Peter Olson ARM, Property Casualty Consultant, USI Insurance Services

Peter is a sales executive in USI’s Portland commercial insurance group. Peter delivers customized client solutions with economic impact, leveraging the USI ONE Advantage®, a proprietary platform integrating analytics, networked resources and strategic planning.  Peter leads and collaborates with the USI team to design and develop a specific program; market existing coverages and introduce new product solutions; and integrate analytics, risk control and claims advocacy for clients. He is ultimately responsible for all service standards, communication and implementation. Peter provides responsive and strategic advice designed to help companies safely manage risk at the lowest net cost.

Rick Rosenberry – Property and Casualty Consultant, USI Insurance Services

Rick specializes in helping clients position themselves in the Cyber and Tech E&O marketplace. Based in Portland he works with Manufacturers in Defense, Aerospace, Healthcare and Technology as well as MSSPs. Featured as a regular speaker on the Pacific Northwest Defense Coalition’s Cyber Security Forum he works with clients to address evolving cyber threats and risk within manufacturing supply chains. USI is one of the largest insurance brokerage and consulting firms in the world providing solutions to large risk management clients, middle market companies, smaller firms and individuals. Utilizing the USI ONE Advantage® a proprietary platform integrating analytics, networked resources and strategic planning, they help clients identify risk and close coverage gaps.

Frank X. Curci is a Shareholder in Buchalter’s Portland office and a member of the Firm’s Corporate Practice Group.

His practice focuses on the representation of high-tech companies (ranging from emerging growth companies to global companies), bioscience industry companies, universities/research institutions, global technology consortia, technology accelerators, and other technology-based companies.  He counsels these clients concerning a range of matters, including patent/technology licensing, technology collaborations & consortia (including technology standards), research matters, technology transfer, the overall protection, commercialization, and use of the client’s intellectual property rights. Mr. Curci has a recognized bioscience practice representing universities/research institutions and bioscience companies regarding licensing, technology transfer, collaborations, research, and other technology commercialization matters.  He has earned a national reputation in the high tech industry for his work regarding the formation, structuring, and ongoing operations of global technology consortia and other technology collaborations (including standards organizations).  Mr. Curci is active with high technology and bioscience-related associations. For several years he has been an Adjunct Professor of Law teaching intellectual property law courses at Oregon, Arizona and California law schools.  He has received The Best Lawyers in America® (2009-2023) recognition in the Technology Law and Biotechnology Law fields. In 2017 and 2018 Frank was named to the Oregon Super Lawyers list.  He also has an AV Rating® from Martindale-Hubbell®. More at https://www.buchalter.com/attorneys/frank-x-curci/#bio

Posted in Past Presentations | Comments Off on November 2022 Chapter Meeting: Cyber Insurance – Tips, Tricks, and Traps

October 2022 Chapter Meeting: Managing Information Security

ISO 27001:2022 standard update is to be release in October. Find out about ISO 27001 and what is changing.

Managing information security is a combination technical capabilities and a trained work force, both paired with management processes intended to assure confidentiality, integrity and availability of information assets. ISO 27001 is the globally recognized standard for Information Security Management System (ISMS) design and operation. This month a long awaited updated to the standard will be release, the new ISO 27001:2022. In this presentation, obtain an overview of ISO 27001, discover best practices in how to implement it and find out what new in the 2022 revision of the standard.

This meeting marks our return to in person chapter meetings. There will not be a live virtual participation option.

When:

Thursday, October 20th, 2022 – 11:30AM to 1:00PM

20 minutes – networking

60 minutes – speakers

15-30 minutes – Q&A

Where:

Embassy Suites Portland Washington Square

9000 SW Washington Square Rd

Tigard, OR 97223

Lunch is included at the event. Please select from the following when you purchase your ticket:

  • Tri-Tip Sandwich – Tri tip Beef, Arugula, Heirloom Tomatoes, Tillamook Cheddar Brioche Bun
  • Roast Chicken Breast Sandwich – Chicken, Arugula, Basil, Roma Tomato, Fresh Mozzarella, Ciabatta
  • Veggie Wrap – Roasted Shaved Vegetables, Baby Lettuce, Vine Ripened Tomatoes, Micro Greens, Hummus, Sundried Tomato Tortilla
  • Lunch Salad (gluten free) – Chef’s choice

This event qualifies for CPE credit.

Sign up link:

https://www.eventbrite.com/e/october-2022-chapter-meeting-managing-information-security-tickets-436122162127

Speaker/Panelist Bio:

Matt Olson – Senior Security Architect, Higher Logic

With 20 years of experience running large software as a service (SaaS) operations at scale, Matt brings both a product and enterprise operations focus to information security and compliance for Higher Logic’s 200 million+ end users. He has experience in security leadership, security operations management, security architecture, risk assessments, incident response, vendor management, secure software development life cycle (SDLC) best practices, establishment of policy, certification under ISO 27001 and managing audits under SOC 2. Matt currently serves as Portland ISSA chapter Technology Chair.

Posted in Past Presentations | Comments Off on October 2022 Chapter Meeting: Managing Information Security

April 2022 Chapter Meeting: Security Frameworks, compliance and risk management

What is a framework? Why do I follow a framework? Which one is best? How many do I need? Can I build my own? How do compliance requirements fit in and am I mitigating the right risks?

There are many questions around how to build and maintain an Information Security program. Security frameworks are designed to answer these questions and provide assurance. In this talk we will discuss how frameworks, compliance and risk management work together. We will also show how to map between various solutions, including measuring and reporting maturity.

When: April 21st, 2022 – 11:10-AM to 1:00PM.

20 minutes – networking

60 minutes – speakers

15-30 minutes – Q&A

This event qualifies for 1.5 CPEs.

Sign up link:

https://www.eventbrite.com/e/april-2022-chapter-meeting-security-frameworks-tickets-312487397217

Speaker/Presenter Bio:

Brian Ventura

Brian Ventura is a information security consultant and teaches Information Security topics through SANS. Brian focuses on building sustainable security programs. Brian volunteers on the ISSA Portland board and Oregon CyberSecurity Advisory Board.

Posted in Past Presentations | Comments Off on April 2022 Chapter Meeting: Security Frameworks, compliance and risk management

March 2022 Chapter Meeting: Cybersecurity and Infrastructure Security Agency (CISA)

We are pleased to welcome Theresa Masse, Cyber Security Advisor in Region 10 (Oregon) for the US Department of Homeland Security -Cybersecurity and Infrastructure Security Agency (CISA), for a presentation on CISA and services that it provides. Created in 2018 as a part of the U.S. Department of Homeland Security, CISA’s mission is to provide threat reduction to U.S. physical and cybersecurity infrastructure. CISA is a bright spot in the cybersecurity community in recent years and is leading the way in facilitating national public/private cybersecurity resiliency.

When: March 10th, 2022 – 11:10-AM to 1:00PM.

20 minutes – networking

60 minutes – speakers

15-30 minutes – Q&A

This event qualifies for 1.5 CPEs.

Sign up link:

https://www.eventbrite.com/e/march-2022-chapter-meeting-dhs-cisa-tickets-274485923787

Speaker/Presenter Bio:

Theresa Masse – Cyber Security Advisor in Region 10, US Department of Homeland Security – Cybersecurity and Infrastructure Security Agency (CISA)

Ms. Masse is a Cyber Security Advisor in Region 10 (Oregon) for the US Department of Homeland Security -Cybersecurity and Infrastructure Security Agency (CISA). Prior to that, she served as the Chief Information Security Officer (CISO) for the Port of Portland for 5+ years. Theresa was the first CISO for the State of Oregon and served in that capacity for 10 years. Previous to that, she worked in the private sector as the Senior Director for Information & Corporate Security at Cummins Inc., an international Fortune 500 company.

Ms. Masse is on the advisory committee for the Oregon State University – Oregon Research & Teaching Security Operations Center, and a participant on several state committees and working groups. She is a member of the Portland ISSA, ISC2, and InfraGard chapters. Theresa also serves on the Cyber Security Advisory Board at Mount Hood Community College. She is a former member of the executive committee for the State, Local, Tribal and Territorial Government Coordinating Council and was chair of the Cyber Security subcommittee. She is a past member of the executive committee of the Multi-State-Information Sharing and Analysis Center (MS-ISAC) and served as a co-chair of the mentoring program. Theresa has a CISSP and a Master’s degree with a major in Management.

Slide presentation:

Posted in Past Presentations | Comments Off on March 2022 Chapter Meeting: Cybersecurity and Infrastructure Security Agency (CISA)