Session Name: Are you ready for a ransomware attack?

This session will provide a walkthrough of a ransomware event using readily available attack tools and common techniques. Following a technical demonstration, a sample Incident Response Plan will be distributed and reviewed. A tabletop exercise will be facilitated, with roles such as Business Owner, Technical Expert, Legal Counsel, Crisis Communication, and Insurance Broker filled by attendees. Questions and activities will be available to support a single group session, or breakout rooms of teams comprising 4 or 5 members. Where possible, logs, reports, and other evidence will be available to inform analysis, decision making, and communications. Wrap-up activities will include an evaluation of the Incident Response Plan and supporting artifacts to identify improvement opportunities and priorities to better prepare for the next event.

When: Thursday, January 13^th, 2022 – 11:10AM to 1:00PM.

20 minutes – networking

60 minutes – speakers

15-30 minutes – Q&A

This event qualifies for 1.5 CPEs.

Sign up link:

https://www.eventbrite.com/e/january-2022-chapter-meeting-ramsomware-attack-simulation-tickets-234014372287

Speaker/Presenter Bio:

Dennis Allen is a Senior Security Consultant at Stratascale, where he helps organizations assess and improve their cybersecurity posture to address the ever-evolving cyber threat landscape. Dennis received his B.S. degree in Computer Science from St. John Fisher College, and a M.S. in Information Assurance from Norwich University. With more than 25 years of information technology and security experience, Dennis has helped fortune 500 companies, governmental agencies, the U.S. military, and many small businesses develop solutions to prevent, detect, and respond to the most advanced cyber challenges. He has also delivered numerous professional training classes, presented at industry conferences, and taught at both the undergraduate and graduate-level.

The pandemic period has seen changes in the cybersecurity threat landscape. As opportunities for threat actors increased due to the prevalence of work-from-home restrictions and increases in ransomware attacks, insurance companies paid out record amounts in 2020 for cyber related claims. The downstream effects are here: higher premiums, changes in coverage limits and hesitancy of insurance companies to underwrite cyber risk. At our November meeting, we are please to welcome Matthew T. Denielak who is a Cyber/E&O insurance broker and Jonathan Davies who is a cyber risk consultant. Our guests will present on the current issues affecting the cyber insurance market place.

When: Thursday, November 18^th, 11:10AM to 1:00PM.

20 minutes – networking

60 minutes – speakers

15-30 minutes – Q&A

This event qualifies for 1.5 CPEs.

Sign up link:

https://www.eventbrite.com/e/november-2021-chapter-meeting-cyber-insurance-marketplace-20212022-tickets-207686013457

Matthew T. Danielak – Director, Broking FINEX Cyber/E&O Midwest Region Lead

Matt leads the Midwest Region for Willis Towers Watson’s FINEX Cyber/E&O team. In addition to running a team of 13, he focuses on delivering expertise in privacy, information technology, E&O and media, including dedicated cyber claim advocates. As part of his role, he regularly speaks on industry panels, handles market relationships, creates risk transfer strategies with clients, oversees the placement of insurance programs, and provides client service throughout the course of the year. Matt has more than 12 years’ experience in building successful technology E&O, professional liability, media and cyber insurance books of business as both an underwriter and broker.

Matt holds a B.S. in Communications from Indiana University (Bloomington).

Jonathan Davies, C|CISO, CISSP, CCSP – Cyber Risk Consultant, North America – FINEX

Jonathan Davies is based in Las Vegas and has developed and implemented cybersecurity programs for several large clients in the global gaming and hospitality industry. He specializes in identifying, quantifying and mitigating key organizational cyber risks and then developing consensus-based, cost-effective solutions that align with the organization’s overall business goals. He emphasizes a cross-functional approach, involving key stakeholders and business units across the organization, to ensure that a comprehensive, organization-wide strategy is developed to manage the people, technical and financial risks impacting an organization’s cyber resilience.

Jonathan’s cybersecurity career is underpinned by a twenty-year military intelligence background. He holds a number of advanced industry certifications, including Certified Chief Information Security Officer (C|CISO), Certified Information Systems Security Professional (CISSP), and Certified Cloud Security Professional (CCSP).

With hundreds of Information Security frameworks available, which one should you choose? What are the advantages to using a framework, and what are the risks for not having one?

Please join ISSA Portland for an interactive leadership panel discussion. You are invited to engage with local leaders on framework lessons learned and best practices.

If you’ve wanted to know more about the value of information security frameworks, from selection, integration, and their alignment with compliance domains, come engage and learn, and bring your questions for the panel!

Register here: https://www.eventbrite.com/e/may-2021-security-frameworks-leadership-panel-discussion-tickets-151748743577 Registration is free for ISSA Members and $10 for non-members.

Framework examples we may discuss:

• NIST Cybersecurity Framework
• Center for Internet Security (CIS)
• Cybersecurity Maturity Model Certification (CMMC)(DOD)
• MITRE ATT&CK
• ISO 27001
• Microsoft
• PCI DSS
• COBIT
• HIPAA

Speaker bios:

TRACI ESTEVE – Director IT Risk and Compliance, The Standard Insurance Company
As Director of Technology Governance and Risk for The Standard in Portland, Oregon, Traci Esteve is committed to protecting the confidentiality, integrity, and availability of information and processing resources. She began her career as a developer and infrastructure engineer. This led to her rise to a premier technical architect at Accenture and to expanding the practice in Asia and Europe. Her journey includes staying home to raise her two sons and serving as an advisor to organizations to increase profitability, maximize customer value, and effectively meet regulatory requirements. She has a BS in Applied Science, MBA certification from Miami University, and a certification in Cybersecurity Risk Management from Harvard University. Traci enjoys cooking with her family, drawing, hiking, and encouraging high-school students to believe in themselves.

LEO HOWELL – Chief Information Security Officer, University of Oregon
Leo Howell is a visionary information technology leader who is passionate about the “I” in IT as he believes that data leveraged as a strategic asset is a competitive benefit to any organization. Leo currently serves as the chief information security officer for the University of Oregon where he practices his balanced approach to cybersecurity – stop the bad guys and empower the good guys to carry out the organization’s mission. Previously, he served in cybersecurity and audit leadership at NC State University. Leo received his B.Sc. in Computer Science and Electronics from the University of the West Indies, and his MBA from NC State University. Leo is a Certified Information Security Professional (CISSP), Certified Information Systems Auditor (CISA) and a proud member of the international honor society Beta Gamma Sigma.

SHANE PERRY – Information Security & Risk Officer, Oregon Public Employees Retirement System (PERS)
In his 7th year at Oregon PERS, Shane Perry is leading the agency’s Information Security and Risk Management Program(s), focused on protecting its member’s data in an ever-changing environment. As the Information Security and Risk Officer, Mr. Perry leads a small team which oversees the security, continuity, and risk challenges for Oregon’s Public Employees Retirement System. Prior to joining Oregon PERS, Mr. Perry lead and managed Information Technology and Cybersecurity functions across various industries including semi-conductor manufacturing, higher-education, private education, and most recently in the public sector. In total, Mr. Perry has over 20 years’ experience in Information Technology and Security Management. Mr. Perry maintains his CISSP certification and holds a Master’s degree in Management of Information Systems from the Westminster College of Salt Lake City, and a Bachelor of Arts degree in Speech Communications from the University of Utah (Go Utes!).

ITZIK KOTLER – CTO and Co-Founder, SafeBreach
A former member of the elite Israel 8200 Intelligence unit, Itzik Kotler served as CTO of Security Art, and led SOC activities and research for Radware (RDWR). He is a well-known security researcher and a frequent speaker at security conferences.

ESTEBAN GUTIERREZ – VP, Information Security & CISO, New Relic, Inc.
Throughout his career, Esteban Gutierrez has approached security challenges with the goal of enabling people to work safely and securely and to help organizations protect what they value. In early roles, he helped create the first enterprise network architecture for the US Army Corps of Engineers, solved security challenges in an e-commerce start-up, and while at Intel worked on cloud security strategy, enterprise risk mitigation, and research on emerging threats. Esteban joined New Relic in 2016 where he is leading the organization as the CISO on a path to cyber-resilience. Esteban is an initial founder of Security BSides Portland (a volunteer driven regional security conference) and is a long-time lead volunteer with Def Con. He is a proud father and lives with his daughter in Portland.

When: Thursday, March 11th, 2021 from 11:30 AM – 1:00 PM – Networking opens at 11:10 AM, presentation begins at 11:30 AM. A link to the online event will be provided before the event begins.

Registration: Free for ISSA members (you do not have to be a Portland Chapter member), $10 for non-members.

Register here: https://www.eventbrite.com/e/mar-2021-leverage-the-right-technology-people-to-build-the-best-ir-team-tickets-142699376677

Event Description:

With the massive network breaches we have seen lately Incident Response is more important than ever. With the shortage of capable cybersecurity talent incident response teams are facing overload and diminishing effectiveness.

This presentation will speak to methods that address this dilemma leveraging technology and human assets working together to meet the rising level of demands on cybersecurity teams.

Speaker Bio:

BRETT L. SCOTT – Director, Security Enablement and Training, Tech Data

Brett serves as the director of Security Enablement and Training, Americas for Tech Data. In this role, he is responsible for accelerating the security expertise of their partners and building security solutions for the Tech Data partner ecosystem to deliver to their customers.

Brett’s current project is the Tech Data Cyber Range (TDCR). A multi-million-dollar effort, the TDCR is part of Tech Data’s next-generation distributor strategy. Brett is the co-founder of the National Cyber Warfare Foundation (NCWF), a 501(c)(3) non-profit organization leading the country in teaching hands-on cybersecurity skills in a real-world environment. The primary purpose of the NCWF and the Tech Data Cyber Range is to develop real competence in cybersecurity.

Brett’s career began professionally in 1987 and he remains hands-on, but he also has many years of experience leading technical teams. During his career, he has worked in many different industries and has a great deal of in-depth knowledge on cybersecurity issues facing companies today.

What: ISSA Portland February 2021 Membership Meeting – MITRE ATT&CK®

When: Thursday, February 11th, 2021 from 11:30 AM – 1:00 PM – Networking opens at 11:10 AM, presentations begin at 11:30 AM, see note below. A link to the online event will be provided before the event begins.

Registration: Free for ISSA members (you do not have to be a Portland Chapter member), $10 for non-members. Register here:

https://www.eventbrite.com/e/issa-portland-february-2021-membership-meeting-mitre-attck-tickets-138866640861

Event access:

https://www.eventbrite.com/x/138866640861/

Format Change: ISSA Portland is now opening Zoom meetings 20 minutes early so we can catch up with you and give you the opportunity to grow your network. Over the coming program year we will be experimenting with Zoom features to expand the networking component of our meetings. We welcome your feedback and suggestions – contact us at ISSA-Board@portland.issa.org.

Event Description: MITRE ATT&CK® has become widely adopted in the community as a way to understand adversary behaviors and improve defenses. In use across governments, private sector, and security solutions providers, ATT&CK helps to focus defenses against known threats, provides an effective tool for measuring security improvements, and drives innovation. The presentation will cover an intro to ATT&CK and several use cases for how it can be applied, including cyber threat intelligence, behavioral analytics, and adversary emulation.

Speaker bio:

Mike Hartley
Lead Cybersecurity Engineer – The MITRE Corporation

Mike works in MITRE’s adversary emulation capability area, where he helps conduct adversary research, builds adversary emulation plans, and studies behavior-based detections. Mike also helps lead efforts such as ATT&CK® and ATT&CK Evaluations.

Join us on Thursday, January 14th for a panel discussion on vulnerability management – challenge our speakers with your toughest questions!

What: ISSA Portland January 2021 Membership Meeting – Vulnerability Management Panel Discussion

When: Thursday, January 14th, 2021 from 11:30 AM – 1:00 PM – Networking opens at 11:10, presentations begin at 11:30, see note below. A link to the online event will be provided before the event begins.

Registration: Free for ISSA members (you do not have to be a Portland Chapter member), $10 for non-members. Register here: https://www.eventbrite.com/e/jan-2021-vulnerability-management-panel-discussion-tickets-128827066223

Event access: Please login to Eventbrite and go to:

https://www.eventbrite.com/x/128827066223/

Format Change: ISSA Portland is now opening Zoom meetings 20 minutes early so we can catch up with you and give you the opportunity to grow your network. Over the coming program year we will be experimenting with Zoom features to expand the networking component of our meetings. We welcome your feedback and suggestions – contact us at ISSA-Board@portland.issa.org.

Event Description: Does vulnerability management seem overwhelming? Where do you start? What tools do you use? How often should you patch? How do you sell patch management to leadership when there aren’t any visible problems? How has Covid-19 changed the vulnerability management discussion? These are a few of the questions we posed to our panelists, but this event is for YOU! Join us on January 14th and challenge our speakers with your toughest vulnerability management conundrums!

Panelists:

Shane Perry – Information Security & Risk Officer, Oregon Public Employees Retirement System (PERS)

In his 7th year at Oregon PERS, Shane Perry is leading the agency’s Information Security and Risk Management Program(s), focused on protecting its member’s data in an ever-changing environment. As the Information Security and Risk Officer, Mr. Perry leads a small team which oversees the security, continuity, and risk challenges for Oregon’s Public Employees Retirement System. Prior to joining Oregon PERS, Mr. Perry lead and managed Information Technology and Cybersecurity functions across various industries including semi-conductor manufacturing, higher-education, private education, and most recently in the public sector. In total, Mr. Perry has over 20 years’ experience in Information Technology and Security Management. Mr. Perry maintains his CISSP certification and holds a Master’s degree in Management of Information Systems from the Westminster College of Salt Lake City, and a Bachelor of Arts degree in Speech Communications from the University of Utah (Go Utes!) .

Jon Washburn – Chief Information Security Officer , Stoel Rives LLP

Jon Washburn leads Stoel’s information security and governance program, working with the COO and firm counsel to ensure policies, controls, operational processes and training programs reduce IT risk and meet client and regulatory requirements. A resource for Stoel’s Privacy and Data Security practice, he draws on his more than 20 years of experience to assist the team with risk assessments, responding to incidents, identifying policy/process improvements, and evaluating information systems architecture and security controls to determine how well they might reduce the likelihood and impact of a data breach. Outside the office, he spends considerable time volunteering with the International Legal Technology Association (ILTA) and the Legal Services Information Sharing and Analysis Organization (LS-ISAO).

Christopher Paidhrin – Senior Information Security Officer, City of Portland

Christopher’s mission for the past 20 years of information security service has been to ‘add lasting value’. Christopher has been a nationally recognized healthcare Information Security authority, having received recognition, nominations and awards for service excellence, including NetworkWorld, ISE, SC Magazine, and Information Security magazine’s 2011 “Security 7” Award. Christopher is an advocate of IT Service Management (ITSM) best practices and process improvement, including learning organizations and knowledge management.

What: ISSA Portland November 2020 Membership Meeting

Topic: Building a Home Intrusion Detection System for Fun & Learning

When: Thursday, November 12th, 2020 from 11:30 AM – 1:00 PM – Networking opens at 11:10, presentations begin at 11:30, see note below.

Register:https://www.eventbrite.com/e/nov-2020-building-a-home-intrusion-detection-system-for-fun-and-learning-tickets-127624376947

Format Change: We hear you! We all miss the networking opportunities of live meetings in pre-pandemic times. Starting in November, ISSA Portland will open Zoom meetings 20 minutes early so we can catch up with you and give you the opportunity to grow your network. Over the coming program year we will be experimenting with Zoom features to expand the networking component of our meetings. We welcome your feedback and suggestions – contact us at ISSA-Board@portland.issa.org.

Description: Are you interested in understanding what’s happening on your home network? Want to see if the attackers are already inside? Want to fiddle with the tools and configurations, without the barriers to experimentation you face at work, like change management or reams of approvals? Whether intrusion detection is your job or not, peeking under the hood of your own home network is a fun and eye-opening way to build up your security superpowers where they matter most – protecting your family and yourself.

We will explore an all-in-one, enterprise-class Intrusion Detection, packet capture and analysis system you can build in a home lab with inexpensive hardware and open-source software to impress your friends and learn along the way!

Speaker Bio: Brian Ventura is an Information Security Architect with the City of Portland, Oregon, he focuses on enterprise information security governance, risk and compliance. Brian is a SANS instructor for the CIS Controls, Risk Management and CISSP certification. He enjoys designing and managing technical solutions, sharing expertise and continually learning. He’s also a huge Timber’s fan!

Note: Due to the ongoing lock down restrictions in Oregon, this will be a virtual chapter meeting. Pricing for attendance has been reduced.

Join ISSA Portland for our October meeting on threat intelligence including an overview of the current threat landscape by the FBI.

About this Event

What: Portland ISSA Chapter Meeting – Threat Intelligence Symposium

When: Thursday, October 15th, 2020 from 11:00 AM – 1:00 PM. A link to the online event will be provided after completing registration.

Description: Join ISSA Portland for our October Membership meeting where we bring together experts across the field of threat intelligence to discus to discuss free and paid threat intelligence sources, how to use threat intelligence management effectively, and an overview of the current threat landscape by the FBI. A Q&A session will follow presentations.

Speaker I: Brett Scott, Director of Security Enablement and Training, Tech Data – Free & Paid Threat Intelligence Sources

Speaker II: Peter McNaull, Enterprise SE, LogRhythm – Threat Intelligence Management & How to Use it Effectively

Speaker III: SA Houle, FBI – Current Threat Landscape

SPEAKER BIOS

Brett Scott, Director of Security Enablement and Training, Tech Data

Brett Scott serves as the director of Security Enablement and Training, Americas for Tech Data. In this role, he is responsible for accelerating the security expertise of our partners and building security solutions for the Tech Data partner ecosystem to deliver to their customers. Scott’s current project is the Tech Data Cyber Range (TDCR). A multi-million-dollar effort, the TDCR is part of Tech Data’s next-generation distributor strategy. Brett is the co-founder of the National Cyber Warfare Foundation (NCWF), a 501(c)(3) non-profit organization leading the country in teaching hands-on cybersecurity skills in a real-world environment. The primary purpose of the NCWF and the Tech Data Cyber Range is to develop real competence in cybersecurity. His career began professionally in 1987 and he remains hands-on, but he also has many years of experience leading technical teams. During his career, he has worked in many different industries and has a great deal of in-depth knowledge on cybersecurity issues facing companies today.

Peter McNaull, Enterprise SE, LogRhythm

For the past 20 years Peter McNaull has been a network Security Evangelist, Sales Engineer and Director of Product Marketing. Currently, He is employed by LogRhythm, the Security Intelligence Company, as a Senior Solutions Consultant supporting both end users and channel partners. Peter has leveraged his extensive technical knowledge to help customers recognize and define their security objectives and to develop strategies to meet the challenges they face.Peter is a Northwest transplant living in Seattle with his two sons. He is an avid fan of their sporting activities – lacrosse, football, basketball. When time allows, he loves riding in the mountains.

SA Houle, FBI

SA Houle has been with the FBI for 4 years working mostly National Security and Cyber Criminal investigations. Prior to his time with the FBI he spent several years with the United States Air Force and contributed to various DoD programs.

Note: Due to the ongoing lock down restrictions in Oregon, this will be a virtual chapter meeting. Pricing for attendance has been reduced.

Register:

https://www.eventbrite.com/e/chapter-meeting-covid-19-lessons-learned-panel-discussion-tickets-117351045135

Event Link (check the day of the event):

https://www.eventbrite.com/x/chapter-meeting-covid-19-lessons-learned-panel-discussion-tickets-117351045135

Description:

Social, business and governmental response at scale to COVID-19 is unprecedented in the field of information security. Business Continuity Plans and Pandemic Plans are being activated. Organizational shifts to a remote workforce are ripe for social engineering attacks, phishing and attacks targeting work from home environments. Budgets everywhere are being put under pressure. Yet the expectation to effectively defend the organization remains constant, even in light of increased risk. How are organizations shifting their approach with staff, training, vendors and technology?

Join Portland ISSA for a panel discussion on strategic responses to COVID-19.

Note: Due to the ongoing lock down restrictions in Oregon, this will be a virtual chapter meeting. Pricing for attendance has been reduced.

Speaker bio:

Dr. Travis Paakki –Senior Director, Office of Technology and Information Services, Portland Public Schools

Dr. Travis Paakki is a graduate of Colorado Technical University with a computer science doctorate with a focus on information assurance where he focused on public sector infosec challenges. During the day he is an infosec leader at Portland Public Schools, serving 50,000 students and families. He has worked in IT for 25 years and been an avid cybersecurity researcher and advocate since the age of 12. At night, he teaches masters-level networking and cybersecurity at multiple universities.

Jon Washburn – Chief Information Security Officer (CISO), Stoel Rives LLP

Jon Washburn leads Stoel’s information security and governance program, working with the COO and firm counsel to ensure policies, controls, operational processes and training programs reduce IT risk and meet client and regulatory requirements. A resource for Stoel’s Privacy and Data Security practice, he draws on his more than 20 years of experience to assist the team with risk assessments, responding to incidents, identifying policy/process improvements, and evaluating information systems architecture and security controls to determine how well they might reduce the likelihood and impact of a data breach. Outside the office, he spends considerable time volunteering with the International Legal Technology Association (ILTA) and the Legal Services Information Sharing and Analysis Organization (LS-ISAO)

Matt Olson – Senior Director of Compliance and Security, Higher Logic

Matt Olson leads the compliance and information security program at Higher Logic. With 20 years of experience running large software as a service (SaaS) operations at scale, Matt brings both a product and enterprise operations focus to information security and compliance for tens of millions of end users. He has experience in security operations management, security architecture, risk assessments, incident response, vendor management, secure software development life cycle (SDLC) best practices, establishment of policy, certification under ISO 27001 and managing audits under SOC 2. Matt currently serves as Portland ISSA chapter Vice President.

Join ISSA PDX for our annual hackathon, now an entirely virtual “Capture The Flag” event! Have fun, hone your skills, and win great prizes!

About this Event

ISSA Portland is once again partnering with Security Innovation to present our most popular annual event, the CMD+CTRL Cyber Range! Compete against your peers in a contest of hacking skills in a fun, safe, simulated environment. Win fabulous prizes, recognition, and best of all gain hands-on experience!

This event is easy to start but hard to finish! Everyone from non-coders with zero hacking experience to seasoned penetration testers will learn and grow their skills. With challenges for all levels, live proctors and a wide variety of vulnerabilities, the SI and ISSA teams will make sure everyone has a productive event.

Get Ready:

Want to start improving your skills before the event? Review Security Innovation’s free Community Site for courses, resources, success stories, and access to the InstaFriends Cyber Range.

When: July 16, 2020 – 9:00 AM to 1:00 PM – Pacific Time Zone

Where: Completely online! Note: You will be sent an event link on July 15th, 24 hours in advance of the event start time.

Cost:

ISSA Members – $10

Non-ISSA attendees – $25

Students (limited number) – Free when registering with a student email address

Register:

https://www.eventbrite.com/e/issa-portland-2020-virtual-cmdctrl-capture-the-flag-ctf-7162020-tickets-108417796548?ref=ecal

Prizes ranging from $50-$250 will be awarded for the highest score, runner up, and other top performers. In addition all attendees who stay through the event will have a 1 in 10 chance of winning a door prize! Register early, seating is limited! Note: You will be sent an event link on July 15th, 24 hours in advance of the event start time.

What you can expect:

Security Innovation will provide a brief orientation to the Cyber Range platform as well as an introduction to thinking like an attacker. Proctors will periodically provide “learning labs” with guidance on how to find a common vulnerabilities and execute exploits. Coaching, support, Q&A, and event guidance will be provided throughout the event via Slack and RingCentral channels. The only limit to the support is the questions you can think of!

Participation requirements:

1) An ISSA Portland Chapter Eventbrite order confirmation. An access code will be sent to you 24 hours prior to the start of the event.

2) Tech requirements – A modern browser and stable internet connection.

We’re looking forward to you joining us in a great learning experience!

If you have questions, please reach out to us at programs@portland.issa.org.

Regards,

Christopher Paidhrin

ISSA Portland Chapter President